[FROG] OSPF and not redistributing ptp subnets

Philip Prindeville philipp_subx at redfish-solutions.com
Sat Oct 31 17:17:20 UTC 2020


Hi.

I’m wracking my brain trying to figure this one out.  I’ve tried several examples online but none of them work.

I’m using FRR 7.0 on CentOS 8 Stream.

My box looks like this:

hostname redfish1

GRE tunnel interface “tun-lakeland2” 10.0.0.30/30 (peer is .29, “lakeland2”)

Bridge interface “br0” is 10.5.29.1/24.

The subnet 10.0.0.28/30 is not meaningful to anyone other than my peer who is already directly connected to it, and hence doesn’t need to learn of it via OSPF.

What I *do* want it learning is that I’m connected to 10.5.29.0/24 (and all packets sent to any 10.0.0.0/8 networks should be sourced with 10.5.29.1).

This is a remote site in a spoke-and-hub topology (actually, there’s 2 hubs, but we won’t worry about that for now).

My config first looks like:

log file /var/log/ospfd.log debugging
!
interface br0
 ip ospf area 0.0.0.0
!
interface tun-lakeland2
 ip ospf network point-to-point
!
router ospf
 ospf router-id 10.5.29.1
 passive-interface default
 no passive-interface tun-lakeland2
!
route-map set-source permit 10
 set src 10.5.29.1
!
ip protocol ospf route-map set-source
!
end

Should be simple, but doesn’t work. Doesn’t even send announcements on tun-lakeland2.  Or see its neighbor.

So here’s my 2nd config:

!
router ospf
 ospf router-id 10.5.29.1
 redistribute connected
 redistribute kernel
 network 10.0.0.0/8 area 0.0.0.0
 passive-interface default
 no passive-interface tun-lakeland2
 area 0.0.0.0 range 10.0.0.0/24 not-advertise
!
route-map set-source permit 10
 set src 10.5.29.1
!
ip protocol ospf route-map set-source
!
end


Which also doesn’t work.  It does peer, but it also announces the /30 networks inside of 10.0.0.0/24.

Third config looks like:

!
router ospf
 ospf router-id 10.5.29.1
 network 10.0.0.0/8 area 0.0.0.0
 passive-interface default
 no passive-interface tun-lakeland2
 !
 distribute-list not-ptp out connected
 distribute-list not-ptp out kernel
!
access-list not-ptp deny 10.0.0.0/24
access-list not-ptp permit any
!
end

Again, I see routing announcements for the /30 subnets in 10.0.0.0/24 going out:

17:13:39.408645 IP (tos 0xc0, ttl 1, id 39681, offset 0, flags [none], proto OSPF (89), length 120)
    10.0.0.30 > 224.0.0.5: OSPFv2, LS-Update, length 100
	Router-ID 10.5.29.1, Backbone Area, Authentication Type: none (0), 1 LSA
	  LSA #1
	  Advertising Router 10.5.29.1, seq 0x8000000d, age 1s, length 52
	    Router LSA (1), LSA-ID: 10.5.29.1
	    Options: [External]
	    Router LSA Options: [none]
	      Stub Network: 10.5.29.0, Mask: 255.255.255.0
		topology default (0), metric 10
	      Stub Network: 10.0.0.24, Mask: 255.255.255.252
		topology default (0), metric 10
	      Neighbor Router-ID: 10.5.2.1, Interface Address: 10.0.0.30
		topology default (0), metric 10
	      Stub Network: 10.0.0.28, Mask: 255.255.255.252
		topology default (0), metric 10

Which resembles what was happening with config #2 as well.

Also, my peer (10.5.2.1/24 aka 10.0.0.29/30) is advertising a route that’s not in the 10.0.0.0/8 space, despite also having a similar “network” statement… How do I turn off distributing “external” routes into my area (it’s a routable address, indeed it’s to the subnet that his public interface is on, which ends up trying to draw my VPN [GRE] traffic to be routed over the 10.0.0.0/8 network with disastrous results).

It’s a trivial setup, right?  But I’ve been debugging it for hours.

Is there a really good book (that’s recent!) about routing with Quagga/FRR, say version 7.0 or later?

I’d really like to figure this out and move on to other stuff.

Thanks,

-Philip





More information about the frog mailing list