At this point, SPLAT does not support dynamic routing protocols such as
OSPF. I believe this is planned for later on this year...
Regards,
Matt Goddard
CCSA, MCSE, CCNA
Security Information Team
Schneider National, Inc.
ph: 920.592.4787
"Anyone who has never made a mistake has never tried anything new." -Albert
Einstein
|---------+-------------------------------------------->
| | "Jarmoc, Jeff" |
| | <[EMAIL PROTECTED]> |
| | Sent by: Mailing list for |
| | discussion of Firewall-1 |
| | <[EMAIL PROTECTED]|
| | KPOINT.COM> |
| | |
| | |
| | 03/17/2005 11:20 AM |
| | Please respond to Mailing list |
| | for discussion of Firewall-1 |
|---------+-------------------------------------------->
>----------------------------------------------------------------------------------------------|
|
|
| To: [email protected]
|
| cc:
|
| Subject: [FW-1] Multipath OSPF on SPLAT
|
>----------------------------------------------------------------------------------------------|
I'm running OSPF via Zebra on Secureplatform in a test/proof of concept
environment. The problem I'm experiencing pertains to Multipath OSPF.
For redundancy purposes, several IP networks in my environment have
multiple routes. Zebra shows this multiple routes normally, however
they are not passed to the kernel and not visible via the 'ip route'
command on the SPLAT box. I've found several references to this issue
in Zebra documentation and discussion groups (see links). Basically,
they stipulate that Zebra and the Linux kernel must be compiled with
Multipath support. Given that Zebra is displaying the multipath routes
correctly, it appears it has the requisite support. However, my
thinking now is that the kernel is not compiled with this option.
Here's an example scenario -- The preferred route is available via the
kernel routing table, but the second route is not shown. Both routes
are shown in zebra through the 'sh ip ospf database' command. If the
primary route is made unavailable it disappears from the routing tables
in both Zebra and the kernel routing table. In Zebra, the secondary
route is then shown via 'show ip route' but the kernel will not show any
route for this network, and the network becomes unreachable.
Is anyone aware of a reference documenting what options are compiled
into the Linux kernel?
Has anyone had success in getting multipath routes learned via Zebra's
OSPF to pass to the SPLAT kernel routing table?
Obviously, recompiling the SPLAT kernel is not an option, but I'd like
to be certain one way or the other whether the kernel lacks support for
multipath before scrapping SPLAT in favor of a full fledged Linux
deployment or some other solution.
http://pilot.org.ua/zebra/kodgehopper-ecmp.html
http://pilot.org.ua/zebra/zebra.html
Thanks for your help.
Jeff Jarmoc - CCSA, CCNA, MCSE
Sr. Network Analyst - Grubb & Ellis
[EMAIL PROTECTED]
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[EMAIL PROTECTED]
=================================================
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[EMAIL PROTECTED]
=================================================
