Whilst I acknowledge that Alan advised against this recently, as a
temporary measure until we have the correct connectivity in place, I have a
need to use OSPF on Linux, but can't get it working successfully. I have
redacted some info for my own protection, but hopefully there is enough
info for someone to spot what we've done wrong!
There are four OSA ports, call them OSA10, 11, 12, 13, all shared with z/OS
which is using VIPA/OSPF. The OSAs each have a subnet xxx.xxx.186.xx/27:
OSA10 has xxx.xxx.186.32/27
OSA11 has xxx.xxx.186.0/27
OSA12 has xxx.xxx.186.96/27
OSA13 has xxx.xxx.186.64/27
The firewalls currently deny sessions (3270 or ssh) to the subnets on the
OSAs directly (xxx.xxx.186.*), but allow sessions to a VIPA subnet behind
those (xxx.xxx.182.*). We are trying to get the firewall restrictions on
the 186 network lifted, but in the mean time would like to get OSPF working
so we can use the 182 network. We are currently only trying to use OSA10
for connectivity, we have not tried to configure for HA yet.
On z/VM we have managed to successfully get a VIPA working, in the
xxx.xxx.182.0/24 range, basing the configuration on the z/OS one.
MPROUTED CONFIG:
Area
Area_Number=0.0.0.201
Authentication_Type=None;
OSPF_Interface
IP_Address=xxx.xxx.186.*
Subnet_Mask=255.255.255.224
Attaches_To_Area=0.0.0.201
Cost0=200
Router_Priority=0;
OSPF_Interface
IP_Address=xxx.xxx.182.50
Name=LVIPA
Subnet_Mask=255.255.255.0
Attaches_To_Area=0.0.0.201
Destination_Addr=xxx.xxx.182.50;
OSPF_Interface
IP_Address=xxx.xxx.182.*
Subnet_Mask=255.255.255.0
Attaches_To_Area=0.0.0.201;
netstat dev
VM TCP/IP Netstat Level 710 TCP/IP Server Name: TCPIP
Device DVIPA Type: VIRTUAL Status: Ready
Queue size: 0 CPU: 0 Address: 0000
Link LVIPA Type: VIRTUAL Net number: 0
IPv6: Disabled
Device DEV@E100 Type: OSD Status: Ready
Queue size: 0 CPU: 0 Address: E100 Port name: UNASSIGNED
IPv4 Router Type: NonRouter Arp Query Support: Yes
Link OSA10STC Type: QDIOETHERNET Port number: 0
Transport Type: IP
Speed: 10000000000
BytesIn: 514185245 BytesOut: 31814890
Forwarding: Enabled MTU: 1800 IPv6: Disabled
IPv4 Path MTU Discovery: Disabled
Broadcast Capability: Yes
Multicast Capability: Yes
IPv4 VIPA ARP
Multicast Group Members
--------------- -------
224.0.0.5 1
224.0.0.1 1
netstat conn
VM TCP/IP Netstat Level 710 TCP/IP Server Name: TCPIP
Active IPv4 Transmission Blocks:
User Id Conn Local Socket Foreign Socket State
---- -- ---- ----- ------ ------- ------ -----
INTCLIEN 1000 *..TELNET *..* Listen
MPROUTE 1003 127.0.0.1..1024 127.0.0.1..1025
Established
netstat gate shows many subnets and hosts.
On Linux (RHEL7.6), we have configured a VIPA:
modprobe dummy
ip link add dummy0 type dummy
ip addr add xxx.xxx.182.52/24 dev dummy0
qethconf vipa add xxx.xxx.182.52 enccw0.0.e106
ip route add xxx.xxx.182.52 via xxx.xxx.186.53
ip link
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode
DEFAULT group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: enccw0.0.e106: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1492 qdisc
pfifo_fast state UP mode DEFAULT group default qlen 1000
link/ether 6c:ae:8b:48:d6:98 brd ff:ff:ff:ff:ff:ff
3: dummy0: <BROADCAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue state
UNKNOWN mode DEFAULT group default qlen 1000
link/ether 72:df:51:19:c2:06 brd ff:ff:ff:ff:ff:ff
ip route
default via xxx.xxx.186.34 dev enccw0.0.e106 proto static metric 100
xxx.xxx.182.0/24 dev dummy0 proto kernel scope link src xxx.xxx.182.52
xxx.xxx.182.52 via xxx.xxx.186.53 dev enccw0.0.e106
xxx.xxx.186.32/27 dev enccw0.0.e106 proto kernel scope link src
xxx.xxx.186.53 metric 100
We have installed quagga and configured the following:
zebra.conf
! Static VIPA
interface dummy0
ip address xxx.xxx.182.52/24
ipv6 nd suppress-ra
!
interface enccw0.0.e106
ip address xxx.xxx.186.53/27
ipv6 nd suppress-ra
!
interface lo
!
interface sit0
ipv6 nd suppress-ra
!
ip forwarding
!
line vty
exec-timeout 0 0
!
ospfd.conf
! Server - Static VIPA
interface dummy0
ip ospf cost 1
ip ospf priority 0
!
interface enccw0.0.e106
ip ospf cost 10
ip ospf priority 0
!
interface lo
!
interface sit0
!
router ospf
network xxx.xxx.186.32/27 area 201
ospf router-id xxx.xxx.182.52
area 0.0.0.201 stub
!
line vty
exec-timeout 0 0
!
OSPF diagnostics (from vtysh shell):
show ip route
Codes: K - kernel route, C - connected, S - static, R - RIP,
O - OSPF, I - IS-IS, B - BGP, A - Babel,
> - selected route, * - FIB route
K>* 0.0.0.0/0 via xxx.xxx.186.34, enccw0.0.e106
C>* xxx.xxx.182.0/24 is directly connected, dummy0
K>* xxx.xxx.182.52/32 via xxx.xxx.186.53, enccw0.0.e106
O xxx.xxx.186.32/27 [110/10] is directly connected, enccw0.0.e106,
00:27:27
C>* xxx.xxx.186.32/27 is directly connected, enccw0.0.e106
C>* 127.0.0.0/8 is directly connected, lo
show ip ospf
OSPF Routing Process, Router ID: xxx.xxx.182.52
Supports only single TOS (TOS0) routes
This implementation conforms to RFC2328
RFC1583Compatibility flag is disabled
OpaqueCapability flag is disabled
Initial SPF scheduling delay 200 millisec(s)
Minimum hold time between consecutive SPFs 1000 millisec(s)
Maximum hold time between consecutive SPFs 10000 millisec(s)
Hold time multiplier is currently 1
SPF algorithm last executed 1d16h16m ago
SPF timer is inactive
Refresh timer 10 secs
Number of external LSA 0. Checksum Sum 0x00000000
Number of opaque AS LSA 0. Checksum Sum 0x00000000
Number of areas attached to this router: 1
Area ID: 0.0.0.201 (Stub)
Shortcutting mode: Default, S-bit consensus: ok
Number of interfaces in this area: Total: 0, Active: 0
Number of fully adjacent neighbors in this area: 0
Area has no authentication
Number of full virtual adjacencies going through this area: 0
SPF algorithm executed 1 times
Number of LSA 1
Number of router LSA 1. Checksum Sum 0x0000f2b5
Number of network LSA 0. Checksum Sum 0x00000000
Number of summary LSA 0. Checksum Sum 0x00000000
Number of ASBR summary LSA 0. Checksum Sum 0x00000000
Number of NSSA LSA 0. Checksum Sum 0x00000000
Number of opaque link LSA 0. Checksum Sum 0x00000000
Number of opaque area LSA 0. Checksum Sum 0x00000000
show ip ospf route
============ OSPF network routing table ============
N xxx.xxx.186.32/27 [10] area: 0.0.0.201
directly attached to enccw0.0.e106
============ OSPF router routing table =============
============ OSPF external routing table ===========
show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
RXmtL RqstL DBsmL
OAT entries:
For the z/VM device we can see both 186.55 and 182.50 addresses registered
in the OAT, for the Linux device we can only see the 186.53 address.
Any advice gratefully received!
Kevan
----------------------------------------------------------------------
For LINUX-390 subscribe / signoff / archive access instructions,
send email to lists...@vm.marist.edu with the message: INFO LINUX-390 or visit
http://www2.marist.edu/htbin/wlvindex?LINUX-390
