Good day.
I hope this is the appropriate forum for my questions. It is both
OpenBSD and OpenOSPFD related, but quite networking-centric. My
apologies if there is a better forum.
I've scoured the various examples out on the internet, referenced
relevant information in the various OpenBSD FAQs and elsewhere, yet
still am experiencing problems.
Basically, I am trying to run OpenOSPFD to manage my routes between 4
routers (2 local, 2 remote, each managing a unique network). I have a
backbone network on each of the routers for router communication, and
the remote routers have backbone network IP addresses via an OpenVPN
connection.
I know pictures are preferred, but with the amount of information it
seemed daunting, so here's a semi-picture (where the connection between
all routers is via the 10.10.10.x network):
local routers
----------------------------------------
router A (OBSD4.4) router B (OBSD 4.4)
------------------ -------------------
em0: 10.80.1.0/24 xl0: 10.80.2.0/24
em1: 10.10.10.1 em0: 10.10.10.2
tun1: backbone VPN
bridge1: em0 + tun1
remote routers
----------------------------------------
router C (OBSD4.3) router D (FBSD 7.2)
------------------ -------------------
re0: 10.81.1.0/24 xl1: 10.82.1.0/24
tun1: 10.10.10.4 tap1: 10.10.10.5
router B bridge1:
/etc/bridgename.bridge1
-----------------------
add em0
add tun1
up
*** IP forwarding is enabled on all routers.
*** In pf rules on all routers, I am telling pf to skip the backbone
and tun interfaces (so it doesn't somehow complicate things).
Objective: Trying to run OSPF to manage routes between the routers,
each of which manages a 10.8x.y.0/24 network.
* the 10.10.10.x network is designated as the communications network
between the routers (aka "backbone network").
* the remote routers join the backbone via an OpenVPN connection
hosted by "router B" (the tun1 interface on "router B").
* tun1 and em0 on "router B" are bridged, in the belief that it
will facilitate communication from routers C and D communicating
on the backbone network.
* the backbone VPN works. I can set static routes as appropriate and
traffic routes as desired.
* although I have 4 routers, I am playing with A, B, and C at this
point, as I still have to figure out how to get OpenOSPFD on a
FreeBSD box (it doesn't seem to be actively supported in ports
anymore?)
--------------------------------------------------------------------
OpenOSPFD config (/etc/ospfd.conf)
----------------------------------
router A (OpenOSPFD 4.4.1)
--------------------------
router-id 10.10.10.1
redistribute connected
area 0.0.0.0 {
auth-type none
interface em1
}
router B (OpenOSPFD 4.4.1)
--------------------------
router-id 10.10.10.2
redistribute connected
area 0.0.0.0 {
auth-type none
interface em0
}
router C (native OpenOSPFD to OBSD4.3)
--------------------------------------
router-id 10.10.10.4
redistribute connected
area 0.0.0.0 {
auth-type none
interface tun1
}
--------------------------------------------------------------------
Observations: There appears to be problems on "router B" when OSPFd
is trying to establish full communication amongst all the routers.
Output of "ospfctl show neighbor" when all 3 are running
--------------------------------------------------------
router A
--------
10.10.10.4 1 FULL/DR 00:00:31 10.10.10.4 em1 09:55:14
10.10.10.2 1 FULL/OTHER 00:00:31 10.10.10.2 em1 16:11:21
router B
--------
10.10.10.4 1 DOWN/OTHER 00:02:04 10.10.10.4 tun1 -
10.10.10.1 1 FULL/BCKUP 00:00:30 10.10.10.1 em0 16:11:47
router C
--------
10.10.10.1 1 FULL/BCKUP 00:00:34 10.10.10.1 tun1 09:55:50
10.10.10.2 1 INIT/OTHER 00:00:34 10.10.10.2 tun1 -
If I just run ospfd on routers A and C, they seem to talk just fine.
When I start ospfd on router B, if I tell it to use "interface em0" it
seems to be able to talk okay with router A (but has issues talking to
router C), whereas if it is using "interface tun1", it can talk to
router C, but has issues talking to router A (I see lots of "unknown
neighbor ID" messages from ospfd-- a tcpdump seems to show traffic
destined to router A from B is going down tun1, never getting to the
right place-- but this is usually when I tell router B to use BOTH em0
and tun1, just two consecutive interface statements in the area stanza).
When I have "router B" use tun1 (the backbone VPN link), I have to
assign it an IP (10.10.10.6 for the sake of experimenting). This tends
to have an effect of popping up on routers A and C as a neighbor.
I thought what might be a way to solve the problem was to tell router B
to use the bridge1 interface... but I cannot seem to apply an IP address
to it.
The questions I think I have are:
- Do I need to do something more with the bridge to somehow get it
talking transparently between the two interfaces on router B?
- Is it possible to apply an IP address to an OpenBSD bridge? If so,
how?
- Any suggestions for dealing with OpenOSPFD communications through this
scenario?
- I can use OSPF on more than 2 routers, right? I don't see anything
that specifically says "max/only 2", but I do see some status messages
that refer to "2-WAY", and all the examples found out on the internet
make use of only 2 routers. I do have a 3rd local router (not
mentioned) that I'd also like to join in on the fun once I get things
going.
- I do want OSPF in this scenario, right? I read up on BGP and OSPF and
arrived at the conclusion that I am dealing with interior routing.
- Random OT question: Does anyone know the current state of OpenOSPFD on
non-OpenBSD systems (and FreeBSD 7.2 in particular)? From what I can
see, OpenOSPFD was removed from ports a year or so ago, citing lack of
maintainer. I see other mentions that people should favor OpenOSPFD
over Quagga's OSPFD due to a more active community.
Thanks for any help, suggestions, pointers, etc. that can be offered.
-Matthew
