FreeBSD, OSPF, and multicast

Alexander V. Chernikov melifaro at FreeBSD.org
Fri Nov 1 15:07:29 CET 2013 

On 01.11.2013 18:00, Claude Marinier wrote:
>> -----Original Message-----
>> From: Alexander V. Chernikov [mailto:melifaro at FreeBSD.org]
>> Sent: Friday, November 01, 2013 9:52 AM
>> To: Claude Marinier; Ondrej Filip; bird-users at bird.network.cz
>> Subject: Re: FreeBSD, OSPF, and multicast
>>
>> On 01.11.2013 17:38, Claude Marinier wrote:
>>>> -----Original Message-----
>>>> From: Claude Marinier
>>>> Sent: Friday, November 01, 2013 9:05 AM
>>>> To: 'Ondrej Filip'
>>>> Subject: RE: FreeBSD, OSPF, and multicast
>>>>
>>>>> -----Original Message-----
>>>>> From: owner-bird-users at atrey.karlin.mff.cuni.cz [mailto:owner-bird-
>>>>> users at atrey.karlin.mff.cuni.cz] On Behalf Of Ondrej Filip
>>>>> Sent: Thursday, October 31, 2013 6:37 PM
>>>>> To: Claude Marinier; bird-users at bird.network.cz
>>>>> Subject: Re: FreeBSD, OSPF, and multicast
>>>>>
>>>>> On 31.10.2013 14:38, Claude Marinier wrote:
>>>>>> Hi,
>>>>>>
>>>>>> I am building a WAN emulator using a FreeBSD server with DummyNet
>>>>>> for WAN effects and BIRD for OSPF. At first, no multicast packets
>>>>>> left the server; then I added a default route and they left by that
>>>>>> interface only. How can I configure the server so BIRD sends HELLO
>>>>>> packets out all the interfaces.
>>>>> Can you send 'show ospf interfaces' and maybe also check if there
>>>>> are no errors
>>>> BIRD 1.3.11 ready.
>>>> bird> show ospf int
>>>> WANemu:
>>>> Interface bce0 (xxx.xxx.xxx.8/29)
>>>>           Type: broadcast
>>>>           Area: 0.0.0.0 (0)
>>>>           State: dr
>>>>           Priority: 1
>>>>           Cost: 10
>>>>           Hello timer: 10
>>>>           Wait timer: 40
>>>>           Dead timer: 40
>>>>           Retransmit timer: 5
>>>>           Designed router (ID): xxx.xxx.xxx.14
>>>>           Designed router (IP): xxx.xxx.xxx.14
>>>>           Backup designed router (ID): 0.0.0.0
>>>>           Backup designed router (IP): 0.0.0.0 Interface bce1 (xxx.xxx.xxx.184/29)
>>>>           Type: broadcast
>>>>           Area: 0.0.0.0 (0)
>>>>           State: dr
>>>>           Priority: 1
>>>>           Cost: 10
>>>>           Hello timer: 10
>>>>           Wait timer: 40
>>>>           Dead timer: 40
>>>>           Retransmit timer: 5
>>>>           Designed router (ID): xxx.xxx.xxx.14
>>>>           Designed router (IP): xxx.xxx.xxx.189
>>>>           Backup designed router (ID): 0.0.0.0
>>>>           Backup designed router (IP): 0.0.0.0
>>>> bird> show ospf neighbors
>>>> WANemu:
>>>> Router ID       Pri          State      DTime   Interface  Router IP
>>>> xxx.xxx.xxx.9     1         init/other  00:37   bce0       xxx.xxx.xxx.9
>>>> xxx.xxx.xxx.185   1         init/other  00:33   bce1       xxx.xxx.xxx.185
>>>>
>>>>> bird> echo all
>>>>> bird> debug all all
>>>> There is a lot of output. How can this be restricted to HELLO messages?
>>> Got something useful from 'debug all all'.
>>>
>>>>>> device1: Scanning interfaces
>>>>>> WANemu: HELLO packet received from 131.140.113.9 via bce0
>>>>>> WANemu: HELLO packet received from 131.140.113.185 via bce1
>>>>>> device1: Scanning interfaces
>>>>>> WANemu: HELLO packet sent via bce1
>>>>>> WANemu: HELLO packet sent via bce0
>>>>>> WANemu: HELLO packet received from 131.140.113.9 via bce0
>>>>>> WANemu: HELLO packet received from 131.140.113.185 via bce1
>>> I am also running 'tcpdump' on one of the interfaces:
>>>    - it does not show bird's HELLO packets
>> Just to ensure: what filter expression is set for tcpdump?
> None.
>
>>>    - it does show the Cisco router's HELLO packets
>>>    - it does show CDP packets from the Cisco router
>>>    - it does show CDP packets from the server running bird
>> Do you have some kind of firewall enabled (ipfw, pf, or..)?
> Yes, IPFW is configured with some of the default entries (from sample config file) and pipes for delay.
>
> 00010 pipe 1 ip from any to any out xmit bce0
> 00020 pipe 2 ip from any to any out xmit bce1
^ You're piping your control traffic here.

Can you temporarily disable ipfw for IPv4 traffic and see what happens?
( e.g. set net.inet.ip.fw.enable sysctl to 0) and look if anything changes?
> 00100 allow ip from any to any via lo0
> 00200 deny ip from any to 127.0.0.0/8
> 00300 deny ip from 127.0.0.0/8 to any
> 00400 deny ip from any to ::1
> 00500 deny ip from ::1 to any
> 00600 allow ipv6-icmp from :: to ff02::/16
> 00700 allow ipv6-icmp from fe80::/10 to fe80::/10
> 00800 allow ipv6-icmp from fe80::/10 to ff02::/16
> 00900 allow ipv6-icmp from any to any ip6 icmp6types 1
> 01000 allow ipv6-icmp from any to any ip6 icmp6types 2,135,136
> 65000 allow ip from any to any
> 65535 deny ip from any to any
>
> I will look into removing the IPv6 rules later.
>
>>>> I suspect that there is an underlying assumption (like IGMP or PIM)
>>>> which I have not yet discovered.
>>>>
>>>>> 		Ondrej
>>>>>
>>>>>> Thank you.
>>>>>>
>>>>>> Details:
>>>>>>
>>>>>> FreeBSD WAMemu 9.2-RELEASE FreeBSD 9.2-RELEASE #0 r255898: Thu Sep
>>>>>> 26 22:50:31 UTC 2013
>>>>>> root at bake.isc.freebsd.org:/usr/obj/usr/src/sys/GENERIC  amd64
>>>>>>
>>>>>> bird-1.3.11
>>>>>>
>>>>>> P.S. I got it working by avoiding multicast with 'type
>>>>>> nonbroadcast' and 'neighbors'.
>>>>>> --
>>>>>> Claude Marinier
>

More information about the Bird-users mailing list