[FROG] OSPF and not redistributing ptp subnets
Philip Prindeville
philipp_subx at redfish-solutions.com
Sat Oct 31 17:17:20 UTC 2020
Hi.
I’m wracking my brain trying to figure this one out. I’ve tried several examples online but none of them work.
I’m using FRR 7.0 on CentOS 8 Stream.
My box looks like this:
hostname redfish1
GRE tunnel interface “tun-lakeland2” 10.0.0.30/30 (peer is .29, “lakeland2”)
Bridge interface “br0” is 10.5.29.1/24.
The subnet 10.0.0.28/30 is not meaningful to anyone other than my peer who is already directly connected to it, and hence doesn’t need to learn of it via OSPF.
What I *do* want it learning is that I’m connected to 10.5.29.0/24 (and all packets sent to any 10.0.0.0/8 networks should be sourced with 10.5.29.1).
This is a remote site in a spoke-and-hub topology (actually, there’s 2 hubs, but we won’t worry about that for now).
My config first looks like:
log file /var/log/ospfd.log debugging
!
interface br0
ip ospf area 0.0.0.0
!
interface tun-lakeland2
ip ospf network point-to-point
!
router ospf
ospf router-id 10.5.29.1
passive-interface default
no passive-interface tun-lakeland2
!
route-map set-source permit 10
set src 10.5.29.1
!
ip protocol ospf route-map set-source
!
end
Should be simple, but doesn’t work. Doesn’t even send announcements on tun-lakeland2. Or see its neighbor.
So here’s my 2nd config:
!
router ospf
ospf router-id 10.5.29.1
redistribute connected
redistribute kernel
network 10.0.0.0/8 area 0.0.0.0
passive-interface default
no passive-interface tun-lakeland2
area 0.0.0.0 range 10.0.0.0/24 not-advertise
!
route-map set-source permit 10
set src 10.5.29.1
!
ip protocol ospf route-map set-source
!
end
Which also doesn’t work. It does peer, but it also announces the /30 networks inside of 10.0.0.0/24.
Third config looks like:
!
router ospf
ospf router-id 10.5.29.1
network 10.0.0.0/8 area 0.0.0.0
passive-interface default
no passive-interface tun-lakeland2
!
distribute-list not-ptp out connected
distribute-list not-ptp out kernel
!
access-list not-ptp deny 10.0.0.0/24
access-list not-ptp permit any
!
end
Again, I see routing announcements for the /30 subnets in 10.0.0.0/24 going out:
17:13:39.408645 IP (tos 0xc0, ttl 1, id 39681, offset 0, flags [none], proto OSPF (89), length 120)
10.0.0.30 > 224.0.0.5: OSPFv2, LS-Update, length 100
Router-ID 10.5.29.1, Backbone Area, Authentication Type: none (0), 1 LSA
LSA #1
Advertising Router 10.5.29.1, seq 0x8000000d, age 1s, length 52
Router LSA (1), LSA-ID: 10.5.29.1
Options: [External]
Router LSA Options: [none]
Stub Network: 10.5.29.0, Mask: 255.255.255.0
topology default (0), metric 10
Stub Network: 10.0.0.24, Mask: 255.255.255.252
topology default (0), metric 10
Neighbor Router-ID: 10.5.2.1, Interface Address: 10.0.0.30
topology default (0), metric 10
Stub Network: 10.0.0.28, Mask: 255.255.255.252
topology default (0), metric 10
Which resembles what was happening with config #2 as well.
Also, my peer (10.5.2.1/24 aka 10.0.0.29/30) is advertising a route that’s not in the 10.0.0.0/8 space, despite also having a similar “network” statement… How do I turn off distributing “external” routes into my area (it’s a routable address, indeed it’s to the subnet that his public interface is on, which ends up trying to draw my VPN [GRE] traffic to be routed over the 10.0.0.0/8 network with disastrous results).
It’s a trivial setup, right? But I’ve been debugging it for hours.
Is there a really good book (that’s recent!) about routing with Quagga/FRR, say version 7.0 or later?
I’d really like to figure this out and move on to other stuff.
Thanks,
-Philip
More information about the frog
mailing list