From owner-freebsd-questions@FreeBSD.ORG Fri Aug 19 23:24:27 2011 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 737B81065672 for ; Fri, 19 Aug 2011 23:24:27 +0000 (UTC) (envelope-from dsrepel@QHRTechnologies.com) Received: from mail.quadranthr.com (mail.quadranthr.com [69.10.151.204]) by mx1.freebsd.org (Postfix) with ESMTP id 3B7C98FC1B for ; Fri, 19 Aug 2011 23:24:27 +0000 (UTC) Received: from QTMAIL2.QuadrantHR.com ([fe80::ac0f:858c:8acb:6099]) by QTKelCAS1.QuadrantHR.com ([fe80::4084:3f74:7b59:e2b4%10]) with mapi id 14.01.0289.001; Fri, 19 Aug 2011 16:13:35 -0700 From: Danny Srepel To: "'freebsd-questions@freebsd.org'" Thread-Topic: OpenOSPFd replacing network routes Thread-Index: AcxexIyMWReXGi+FSRyI3kwcSAA/lQ== Date: Fri, 19 Aug 2011 23:13:33 +0000 Message-ID: <429779FA84C25746813752F506545182A04283F9@QTMail2.QuadrantHR.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.16.32.88] Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Subject: OpenOSPFd replacing network routes X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 19 Aug 2011 23:24:27 -0000 There's a fundamental difference between OpenBSD and FreeBSD's respective n= etworking. Specifically, the kernel routing table. In OpenBSD, it is possib= le to have multiple routes to the same destination, and are differentiated = by priority. This capability does not exist in FreeBSD. Let me just get right into the details by outlining a functioning OpenBSD s= ystem, and where FreeBSD's issues are. This is my example ospfd.conf, 01|=A0router-id 0.0.0.1 02|=A0redistribute connected 03|=A0redistribute static 04|=A0area 0.0.0.0 { 05|=A0=A0 =A0 =A0 =A0 interface vlan1 06|=A0} Below is output from `netstat -rn' taken form an OpenBSD machine before the= OpenOSPFd process was started.=A0The 192.168.11.0/24 network is used to ex= change OSPF information with its neighbours. 192.168.12.0/24 is a connected= network to this host. 192.168.13.0/24 is one hop away (via 192.168.11.2, i= ts only neighbour). 07|=A0Destination =A0 =A0 =A0 =A0Gateway =A0 =A0 =A0 =A0 =A0 =A0Flags =A0 R= efs =A0 =A0 =A0Use =A0 Mtu =A0Prio Iface 08|=A0127/8 =A0 =A0 =A0 =A0 =A0 =A0 =A0127.0.0.1 =A0 =A0 =A0 =A0 =A0UGRS = =A0 =A0 =A0 0 =A0 =A0 =A0 =A00 33160 =A0 =A0 8 lo0 09|=A0127.0.0.1 =A0 =A0 =A0 =A0 =A0127.0.0.1 =A0 =A0 =A0 =A0 =A0UH =A0 =A0 = =A0 =A0 1 =A0 =A0 =A0 =A00 33160 =A0 =A0 4 lo0 10|=A0192.168.11/24 =A0 =A0 =A0link#5 =A0 =A0 =A0 =A0 =A0 =A0 UC =A0 =A0 = =A0 =A0 0 =A0 =A0 =A0 =A00 =A0 =A0 - =A0 =A0 4 vlan1 11|=A0192.168.12/24 =A0 =A0 =A0link#6 =A0 =A0 =A0 =A0 =A0 =A0 UC =A0 =A0 = =A0 =A0 0 =A0 =A0 =A0 =A00 =A0 =A0 - =A0 =A0 4 vlan2 12|=A0224/4 =A0 =A0 =A0 =A0 =A0 =A0 =A0127.0.0.1 =A0 =A0 =A0 =A0 =A0URS =A0= =A0 =A0 =A00 =A0 =A0 =A0 =A00 33160 =A0 =A0 8 lo0 And this is `netstat -rn' taken after OpenOSPFd finished negotiating with i= ts neighbour, 13|=A0Destination =A0 =A0 =A0 =A0Gateway =A0 =A0 =A0 =A0 =A0 =A0Flags =A0 R= efs =A0 =A0 =A0Use =A0 Mtu =A0Prio Iface 14|=A0127/8 =A0 =A0 =A0 =A0 =A0 =A0 =A0127.0.0.1 =A0 =A0 =A0 =A0 =A0UGRS = =A0 =A0 =A0 0 =A0 =A0 =A0 =A00 33160 =A0 =A0 8 lo0 15|=A0127.0.0.1 =A0 =A0 =A0 =A0 =A0127.0.0.1 =A0 =A0 =A0 =A0 =A0UH =A0 =A0 = =A0 =A0 1 =A0 =A0 =A0 =A00 33160 =A0 =A0 4 lo0 16|=A0192.168.11/24 =A0 =A0 =A0link#5 =A0 =A0 =A0 =A0 =A0 =A0 UC =A0 =A0 = =A0 =A0 2 =A0 =A0 =A0 =A00 =A0 =A0 - =A0 =A0 4 vlan1 17|=A0192.168.11/24 =A0 =A0 =A0192.168.11.1 =A0 =A0 =A0 UG =A0 =A0 =A0 =A0 = 0 =A0 =A0 =A0 =A00 =A0 =A0 - =A0 =A032 vlan1 18|=A0192.168.11.1 =A0 =A0 =A0 00:50:56:96:00:89 =A0UHLc =A0 =A0 =A0 1 =A0 = =A0 =A0 =A00 =A0 =A0 - =A0 =A0 4 lo0 19|=A0192.168.11.2 =A0 =A0 =A0 00:50:56:96:00:90 =A0UHLc =A0 =A0 =A0 2 =A0 = =A0 =A0 =A07 =A0 =A0 - =A0 =A0 4 vlan1 20|=A0192.168.12/24 =A0 =A0 =A0link#6 =A0 =A0 =A0 =A0 =A0 =A0 UC =A0 =A0 = =A0 =A0 0 =A0 =A0 =A0 =A00 =A0 =A0 - =A0 =A0 4 vlan2 21|=A0192.168.13/24 =A0 =A0 =A0192.168.11.2 =A0 =A0 =A0 UG =A0 =A0 =A0 =A0 = 0 =A0 =A0 =A0 =A00 =A0 =A0 - =A0 =A032 vlan1 22|=A0224/4 =A0 =A0 =A0 =A0 =A0 =A0 =A0127.0.0.1 =A0 =A0 =A0 =A0 =A0URS =A0= =A0 =A0 =A00 =A0 =A0 =A0 =A00 33160 =A0 =A0 8 lo0 Notice there are multiple entries for 192.168.11.0/24 (line #16-17). Line #= 17 was added by ospfd. Before continuing, I'm going to paste the equivalent information on FreeBSD= 's side, so that we can better compare.=A0Below is `netstat -rn' taken befo= re ospfd is started, 23|=A0Destination =A0 =A0 =A0 =A0Gateway =A0 =A0 =A0 =A0 =A0 =A0Flags =A0 = =A0Refs =A0 =A0 =A0Use =A0Netif Expire 24|=A0127.0.0.1 =A0 =A0 =A0 =A0 =A0link#3 =A0 =A0 =A0 =A0 =A0 =A0 UH =A0 = =A0 =A0 =A0 =A00 =A0 =A0 =A0139 =A0 =A0lo0 25|=A0192.168.11.0/24 =A0 =A0link#1 =A0 =A0 =A0 =A0 =A0 =A0 U =A0 =A0 =A0 = =A0 =A0 0 =A0 =A0 =A0 =A00 =A0 =A0em0 26|=A0192.168.11.1 =A0 =A0 =A0 link#1 =A0 =A0 =A0 =A0 =A0 =A0 UHS =A0 =A0 = =A0 =A0 0 =A0 =A0 =A0 =A00 =A0 =A0lo0 27|=A0192.168.12.0/24 =A0 =A0link#9 =A0 =A0 =A0 =A0 =A0 =A0 U =A0 =A0 =A0 = =A0 =A0 0 =A0 =A0 =A0 =A00 em0_vl 28|=A0192.168.12.1 =A0 =A0 =A0 link#9 =A0 =A0 =A0 =A0 =A0 =A0 UHS =A0 =A0 = =A0 =A0 0 =A0 =A0 =A0 =A00 =A0 =A0lo0 And this is `netstat -rn' taken after OpenOSPFd finished negotiating with i= ts neighbour, 29|=A0Destination =A0 =A0 =A0 =A0Gateway =A0 =A0 =A0 =A0 =A0 =A0Flags =A0 = =A0Refs =A0 =A0 =A0Use =A0Netif Expire 30|=A0127.0.0.1 =A0 =A0 =A0 =A0 =A0link#3 =A0 =A0 =A0 =A0 =A0 =A0 UH =A0 = =A0 =A0 =A0 =A00 =A0 =A0 =A0147 =A0 =A0lo0 31|=A0192.168.11.0/24 =A0 =A0192.168.1.1 =A0 =A0 =A0 =A0U =A0 =A0 =A0 =A0 = =A0 1 =A0 =A0 =A0 =A06 =A0 =A0em0 32|=A0192.168.11.1 =A0 =A0 =A0 link#1 =A0 =A0 =A0 =A0 =A0 =A0 UHS =A0 =A0 = =A0 =A0 0 =A0 =A0 =A0 =A00 =A0 =A0lo0 33|=A0192.168.12.0/24 =A0 =A0link#9 =A0 =A0 =A0 =A0 =A0 =A0 U =A0 =A0 =A0 = =A0 =A0 0 =A0 =A0 =A0 =A00 em0_vl 34|=A0192.168.12.1 =A0 =A0 =A0 link#9 =A0 =A0 =A0 =A0 =A0 =A0 UHS =A0 =A0 = =A0 =A0 0 =A0 =A0 =A0 =A00 =A0 =A0lo0 35|=A0192.168.13.0/24 =A0 =A0192.168.1.2 =A0 =A0 =A0 =A0UG =A0 =A0 =A0 =A0 = =A00 =A0 =A0 =A0 =A00 =A0 =A0em0 36|=A0192.168.13.1/32 =A0 =A0192.168.1.2 =A0 =A0 =A0 =A0UG =A0 =A0 =A0 =A0 = =A00 =A0 =A0 =A0 =A00 =A0 =A0em0 Notice there's only one entry for 192.168.11.0/24 (line #25 got replaced wi= th line #31). And that's really the cruft of the issue: in FreeBSD you can only have the = one network route, whereas in OpenBSD, you can have multiple. When a neighb= our goes away in FreeBSD, the 192.168.11.0/24 route gets deleted. In OpenBS= D, there's no negative impact, since there are multiple routes to the same = network. Using our example, line #10 still exists as line #16 in OpenBSD, l= ine #25 gets deleted and line #31 gets created in FreeBSD. This isn't really a bug, it's more a difference in capabilities between Fre= eBSD's and OpenBSD's respective networking. OpenOSPFd doesn't seem to have = any special considerations for FreeBSD. The Fix / Workaround -------------------- The concept is simple: create an IP alias where the network overlaps the ex= isting IP/network. In our example, 192.168.11.0/24 is used to exchange OSPF information. Creat= e an alias of 192.168.10.1/23. That way when the 192.168.11.0/24 route gets= deleted, the systems will be accessible to each other over the 192.168.10.= 0/23 route. In order for this to work as expected, you'll need to make a co= uple changes to your ospfd.conf file. This is the original ospfd.conf file taken from the FreeBSD system, 37|=A0router-id 0.0.0.1 38|=A0redistribute connected 39|=A0redistribute static 40|=A0area 0.0.0.0 { 41|=A0=A0 =A0 =A0 =A0 interface em0 42|=A0} And this is what it looks like after adding the IP alias, 43|=A0router-id 0.0.0.1 44|=A0no redistribute 192.168.10.0/23 45|=A0redistribute connected 46|=A0redistribute static 47|=A0area 0.0.0.0 { 48|=A0=A0 =A0 =A0 =A0 interface em0:192.168.11.1 49|=A0} The `no distribute' is critical. Could people share their comments and experiences with OpenOSPFd on FreeBSD= ?