Hi! I hope this is right list to ask. Please correct me if not. I'm trying to move from quagga to frr 7.5.1. I have existing working setup with OSPF and FreeBSD servers that have some aliases on its OSPF-enabled interfaces. In FreeBSD, if one needs several IP addresses in same IP subnet on one interfaces (for CARP etc.) then one assigns one of IPs with "real" subnet mask and others with /32 mask: igb0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 inet 192.168.49.3 netmask 0xffffff00 broadcast 192.168.49.255 inet 192.168.49.13 netmask 0xffffffff broadcast 192.168.49.13 inet 192.168.49.17 netmask 0xffffffff broadcast 192.168.49.17 And another OSPF neighbour: igb0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 inet 192.168.49.1 netmask 0xffffff00 broadcast 192.168.49.255 inet 192.168.49.10 netmask 0xffffffff broadcast 192.168.49.13 inet 192.168.49.11 netmask 0xffffffff broadcast 192.168.49.17 This worked for me for years with quagga but frr's ospfd does not form neighbourship with following errors: interface igb0:192.168.49.17: ospf_read network address is not same [192.168.49.1] interface igb0:192.168.49.17: ospf_read network address is not same [192.168.49.10] interface igb0:192.168.49.17: ospf_read network address is not same [192.168.49.11] It seems ospfd's checks cannot cope with FreeBSD-like IP aliases. Please help.
On Sun, 18 Jul 2021 at 00:57, Eugene Grosbein <eugen@grosbein.net> wrote:
I hope this is right list to ask. Please correct me if not.
*FR*Routing *O*perators *G*roup (Users List), yep. The correct list.
I'm trying to move from quagga to frr 7.5.1. I have existing working setup with OSPF and FreeBSD servers that have some aliases on its OSPF-enabled interfaces. In FreeBSD, if one needs several IP addresses in same IP subnet on one interfaces (for CARP etc.) then one assigns one of IPs with "real" subnet mask and others with /32 mask:
Could you possibly also post the configuration you are using with OSPFv2/3?
18.07.2021 18:30, Chriztoffer Hansen wrote:
On Sun, 18 Jul 2021 at 00:57, Eugene Grosbein <eugen@grosbein.net> wrote:
I hope this is right list to ask. Please correct me if not.
*FR*Routing *O*perators *G*roup (Users List), yep. The correct list.
I'm trying to move from quagga to frr 7.5.1. I have existing working setup with OSPF and FreeBSD servers that have some aliases on its OSPF-enabled interfaces. In FreeBSD, if one needs several IP addresses in same IP subnet on one interfaces (for CARP etc.) then one assigns one of IPs with "real" subnet mask and others with /32 mask:
Could you possibly also post the configuration you are using with OSPFv2/3?
Sure. vtysh.conf: service integrated-vtysh-config frr.conf: hostname col03 log syslog ! Renamed igb0 interface vm-public ip ospf cost 1 ip ospf authentication message-digest ip ospf message-digest-key 1 md5 _XXXX_ ! router ospf router-id 192.168.49.3 ospf abr-type shortcut log-adjacency-changes redistribute connected route-map MYNETS redistribute static route-map MYNETS network 192.168.49.0/24 area 49 network 192.168.50.0/29 area 49 network 192.168.50.8/29 area 50 network 192.168.50.16/28 area 50 network 192.168.50.32/27 area 50 network 192.168.50.64/26 area 50 network 192.168.50.128/25 area 50 area 49 authentication message-digest area 49 filter-list prefix private out area 50 authentication message-digest area 50 filter-list prefix private out ! ip prefix-list mynets seq 10 permit 192.168.49.0/24 ip prefix-list mynets seq 20 permit 192.168.50.0/24 ! ip prefix-list private seq 10 permit 10.0.0.0/8 ip prefix-list private seq 20 permit 10.0.0.0/8 ge 9 ip prefix-list private seq 30 permit 172.16.0.0/12 ip prefix-list private seq 40 permit 172.16.0.0/12 ge 13 ip prefix-list private seq 50 permit 192.168.0.0/16 ip prefix-list private seq 60 permit 192.168.0.0/16 ge 17 ! route-map MYNETS permit 10 match ip address prefix-list mynets ! EOF
18.07.2021 18:30, Chriztoffer Hansen wrote:
I'm trying to move from quagga to frr 7.5.1. I have existing working setup with OSPF and FreeBSD servers that have some aliases on its OSPF-enabled interfaces. In FreeBSD, if one needs several IP addresses in same IP subnet on one interfaces (for CARP etc.) then one assigns one of IPs with "real" subnet mask and others with /32 mask:
[skip] I've used "show interface" command and noted that FRR marked my aliases as "unnumbered" instead of needed "secondary". I've spent some time making me familiar with FRR code a bit, and came with a patch that teaches FRR to flag aliases as "secondary" and this solves my problem: OSPF neighborship with Quagga is established. The patch is pretty naive and straightforward but I'm not sure if it is completely correct and/or effective. --- zebra/interface.c.orig 2021-03-04 02:14:50 UTC +++ zebra/interface.c @@ -358,7 +358,36 @@ int if_subnet_add(struct interface *ifp, struct connec if ((addr_list = rn->info)) SET_FLAG(ifc->flags, ZEBRA_IFA_SECONDARY); - else { +#ifdef __FreeBSD__ + else if (cp.prefixlen == 32) { + struct listnode *node; + struct connected *pc; + struct prefix *p; + uint32_t mask; + + /* + * Find any non-secondary AF_INET node with non-NULL info + * that covers ifc. + */ + for (ALL_LIST_ELEMENTS_RO(ifp->connected, node, pc)) { + if (CHECK_FLAG(pc->flags, ZEBRA_IFA_SECONDARY)) + continue; + p = pc->address; + if (p->family != AF_INET) + continue; + mask = ((1 << (32-p->prefixlen))-1); + if ((p->u.prefix4.s_addr & mask) == + (cp.u.prefix4.s_addr & mask)) { + rn = route_node_get(zebra_if->ipv4_subnets, p); + if ((addr_list = rn->info)) { + SET_FLAG(ifc->flags, ZEBRA_IFA_SECONDARY); + break; + } + } + } + } +#endif + if(!addr_list) { UNSET_FLAG(ifc->flags, ZEBRA_IFA_SECONDARY); rn->info = addr_list = list_new(); route_lock_node(rn);
Eugene - Can you look at this PR and see if it fixes your issue: https://github.com/FRRouting/frr/pull/9098 thanks! donald On Sun, Jul 18, 2021 at 6:17 PM Eugene Grosbein <eugen@grosbein.net> wrote:
18.07.2021 18:30, Chriztoffer Hansen wrote:
I'm trying to move from quagga to frr 7.5.1. I have existing working setup with OSPF and FreeBSD servers that have some aliases on its OSPF-enabled interfaces. In FreeBSD, if one needs several IP addresses in same IP subnet on one interfaces (for CARP etc.) then one assigns one of IPs with "real" subnet mask and others with /32 mask:
[skip]
I've used "show interface" command and noted that FRR marked my aliases as "unnumbered" instead of needed "secondary".
I've spent some time making me familiar with FRR code a bit, and came with a patch that teaches FRR to flag aliases as "secondary" and this solves my problem: OSPF neighborship with Quagga is established. The patch is pretty naive and straightforward but I'm not sure if it is completely correct and/or effective.
--- zebra/interface.c.orig 2021-03-04 02:14:50 UTC +++ zebra/interface.c @@ -358,7 +358,36 @@ int if_subnet_add(struct interface *ifp, struct connec
if ((addr_list = rn->info)) SET_FLAG(ifc->flags, ZEBRA_IFA_SECONDARY); - else { +#ifdef __FreeBSD__ + else if (cp.prefixlen == 32) { + struct listnode *node; + struct connected *pc; + struct prefix *p; + uint32_t mask; + + /* + * Find any non-secondary AF_INET node with non-NULL info + * that covers ifc. + */ + for (ALL_LIST_ELEMENTS_RO(ifp->connected, node, pc)) { + if (CHECK_FLAG(pc->flags, ZEBRA_IFA_SECONDARY)) + continue; + p = pc->address; + if (p->family != AF_INET) + continue; + mask = ((1 << (32-p->prefixlen))-1); + if ((p->u.prefix4.s_addr & mask) == + (cp.u.prefix4.s_addr & mask)) { + rn = route_node_get(zebra_if->ipv4_subnets, p); + if ((addr_list = rn->info)) { + SET_FLAG(ifc->flags, ZEBRA_IFA_SECONDARY); + break; + } + } + } + } +#endif + if(!addr_list) { UNSET_FLAG(ifc->flags, ZEBRA_IFA_SECONDARY); rn->info = addr_list = list_new(); route_lock_node(rn);
20.07.2021 21:38, Donald Sharp пишет:
Eugene -
Can you look at this PR and see if it fixes your issue:
https://github.com/FRRouting/frr/pull/9098
thanks!
I've rolled back my patch and applied your patch. It does not help, no neighbourship with Quagga and here is output of "show interface" command: col03.u.asl.local# show interface vm-public Interface vm-public is up, line protocol is up Link ups: 1 last: 2021/07/20 21:18:35.67 Link downs: 0 last: (never) vrf: default index 6 metric 1 mtu 1500 speed 0 flags: <UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> Type: Ethernet HWaddr: 02:f0:66:d1:dd:00 inet 192.168.49.3/24 inet 192.168.49.13/32 unnumbered inet 192.168.49.17/32 unnumbered Interface Type Other Interface Slave Type None input packets 3941650659, bytes 4648312647993, dropped 0, multicast packets 452356 input errors 0 output packets 3114270804, bytes 2225569635831, multicast packets 614390 output errors 14574061 collisions 0 Compare with same output in case of my (working) patch, note "secondary" attribute. col03.u.asl.local# show interface vm-public Interface vm-public is up, line protocol is up Link ups: 1 last: 2021/07/20 21:19:55.42 Link downs: 0 last: (never) vrf: default index 6 metric 1 mtu 1500 speed 0 flags: <UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> Type: Ethernet HWaddr: 02:f0:66:d1:dd:00 inet 192.168.49.3/24 inet 192.168.49.13/32 secondary unnumbered inet 192.168.49.17/32 secondary unnumbered Interface Type Other Interface Slave Type None input packets 3942013871, bytes 4648654787053, dropped 0, multicast packets 452526 input errors 0 output packets 3114622092, bytes 2225860210596, multicast packets 614760 output errors 14574061 collisions 0
Can we also see `vtysh -c "show ip route connected"` for Quagga and FRR? On Sat, Jul 17, 2021 at 7:00 PM Eugene Grosbein <eugen@grosbein.net> wrote:
Hi!
I hope this is right list to ask. Please correct me if not.
I'm trying to move from quagga to frr 7.5.1. I have existing working setup with OSPF and FreeBSD servers that have some aliases on its OSPF-enabled interfaces. In FreeBSD, if one needs several IP addresses in same IP subnet on one interfaces (for CARP etc.) then one assigns one of IPs with "real" subnet mask and others with /32 mask:
igb0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 inet 192.168.49.3 netmask 0xffffff00 broadcast 192.168.49.255 inet 192.168.49.13 netmask 0xffffffff broadcast 192.168.49.13 inet 192.168.49.17 netmask 0xffffffff broadcast 192.168.49.17
And another OSPF neighbour:
igb0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 inet 192.168.49.1 netmask 0xffffff00 broadcast 192.168.49.255 inet 192.168.49.10 netmask 0xffffffff broadcast 192.168.49.13 inet 192.168.49.11 netmask 0xffffffff broadcast 192.168.49.17
This worked for me for years with quagga but frr's ospfd does not form neighbourship with following errors:
interface igb0:192.168.49.17: ospf_read network address is not same [192.168.49.1] interface igb0:192.168.49.17: ospf_read network address is not same [192.168.49.10] interface igb0:192.168.49.17: ospf_read network address is not same [192.168.49.11]
It seems ospfd's checks cannot cope with FreeBSD-like IP aliases. Please help.
_______________________________________________ frog mailing list frog@lists.frrouting.org https://lists.frrouting.org/listinfo/frog
18.07.2021 20:19, Donald Sharp wrote:
Can we also see `vtysh -c "show ip route connected"` for Quagga and FRR?
For one of peers named col02 (192.168.49.1) that still has Quagga installed, vm-public is internal bridge0 ethernet-like interface renamed, ngX and gifX are p2p-interfaces, igb0 is external ethernet interface with public IP: # vtysh Hello, this is Quagga (version 1.2.4). Copyright 1996-2005 Kunihiro Ishiguro, et al. col02.u.asl.local# show ip route connected Codes: K - kernel route, C - connected, S - static, R - RIP, O - OSPF, I - IS-IS, B - BGP, P - PIM, A - Babel, N - NHRP, > - selected route, * - FIB route C>* X.X.X.X/26 is directly connected, igb0 C>* 127.0.0.0/8 is directly connected, lo0 C>* 192.168.49.0/24 is directly connected, vm-public C>* 192.168.49.10/32 is directly connected, vm-public C>* 192.168.49.11/32 is directly connected, vm-public C>* 192.168.49.150/32 is directly connected, ng0 C>* 192.168.49.151/32 is directly connected, ng1 C>* 192.168.49.153/32 is directly connected, ng3 C>* 192.168.50.0/30 is directly connected, gif0 C>* 192.168.50.4/30 is directly connected, gif1 C>* 192.168.50.8/30 is directly connected, gif2 C>* 192.168.50.12/30 is directly connected, gif3 C>* 192.168.50.16/30 is directly connected, gif4 For another peer named col03 (192.168.49.3) that is being setup and has FRR installed instead of Quagga already. For the moment it has only external igb0 interface and internal vm-public facing same segment (switch) that first peer is connected to: # vtysh Hello, this is FRRouting (version 7.5.1). Copyright 1996-2005 Kunihiro Ishiguro, et al. col03.u.asl.local# show ip route connected Codes: K - kernel route, C - connected, S - static, R - RIP, O - OSPF, I - IS-IS, B - BGP, E - EIGRP, N - NHRP, T - Table, v - VNC, V - VNC-Direct, A - Babel, D - SHARP, F - PBR, f - OpenFabric, > - selected route, * - FIB route, q - queued, r - rejected, b - backup C>* Y.Y.Y.Y/26 [0/1] is directly connected, igb0, 00:00:40 C>* 192.168.49.0/24 [0/1] is directly connected, vm-public, 00:00:40 C>* 192.168.49.13/32 [0/1] is directly connected, vm-public, 00:00:40 C>* 192.168.49.17/32 [0/1] is directly connected, vm-public, 00:00:40
18.07.2021 5:57, Eugene Grosbein wrote:
Hi!
I hope this is right list to ask. Please correct me if not.
I'm trying to move from quagga to frr 7.5.1. I have existing working setup with OSPF and FreeBSD servers that have some aliases on its OSPF-enabled interfaces. In FreeBSD, if one needs several IP addresses in same IP subnet on one interfaces (for CARP etc.) then one assigns one of IPs with "real" subnet mask and others with /32 mask:
igb0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 inet 192.168.49.3 netmask 0xffffff00 broadcast 192.168.49.255 inet 192.168.49.13 netmask 0xffffffff broadcast 192.168.49.13 inet 192.168.49.17 netmask 0xffffffff broadcast 192.168.49.17
And another OSPF neighbour:
igb0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 inet 192.168.49.1 netmask 0xffffff00 broadcast 192.168.49.255 inet 192.168.49.10 netmask 0xffffffff broadcast 192.168.49.13 inet 192.168.49.11 netmask 0xffffffff broadcast 192.168.49.17
This is my obvious mistake in "broadcast" part for second example because of copy-paste and improper of editing, I hope it is not very misleading. Of course, every broadcast really equals to IP for /32 aliases.
This worked for me for years with quagga but frr's ospfd does not form neighbourship with following errors:
interface igb0:192.168.49.17: ospf_read network address is not same [192.168.49.1] interface igb0:192.168.49.17: ospf_read network address is not same [192.168.49.10] interface igb0:192.168.49.17: ospf_read network address is not same [192.168.49.11]
It seems ospfd's checks cannot cope with FreeBSD-like IP aliases. Please help.
_______________________________________________ frog mailing list frog@lists.frrouting.org https://lists.frrouting.org/listinfo/frog
participants (3)
-
Chriztoffer Hansen -
Donald Sharp -
Eugene Grosbein