OpenOSPFd replacing network routes

Danny Srepel dsrepel at QHRTechnologies.com
Fri Aug 19 23:24:27 UTC 2011 

There's a fundamental difference between OpenBSD and FreeBSD's respective networking. Specifically, the kernel routing table. In OpenBSD, it is possible to have multiple routes to the same destination, and are differentiated by priority. This capability does not exist in FreeBSD.

Let me just get right into the details by outlining a functioning OpenBSD system, and where FreeBSD's issues are.

This is my example ospfd.conf,

01| router-id 0.0.0.1
02| redistribute connected
03| redistribute static
04| area 0.0.0.0 {
05|         interface vlan1
06| }

Below is output from `netstat -rn' taken form an OpenBSD machine before the OpenOSPFd process was started. The 192.168.11.0/24 network is used to exchange OSPF information with its neighbours. 192.168.12.0/24 is a connected network to this host. 192.168.13.0/24 is one hop away (via 192.168.11.2, its only neighbour).

07| Destination        Gateway            Flags   Refs      Use   Mtu  Prio Iface
08| 127/8              127.0.0.1          UGRS       0        0 33160     8 lo0
09| 127.0.0.1          127.0.0.1          UH         1        0 33160     4 lo0
10| 192.168.11/24      link#5             UC         0        0     -     4 vlan1
11| 192.168.12/24      link#6             UC         0        0     -     4 vlan2
12| 224/4              127.0.0.1          URS        0        0 33160     8 lo0

And this is `netstat -rn' taken after OpenOSPFd finished negotiating with its neighbour,

13| Destination        Gateway            Flags   Refs      Use   Mtu  Prio Iface
14| 127/8              127.0.0.1          UGRS       0        0 33160     8 lo0
15| 127.0.0.1          127.0.0.1          UH         1        0 33160     4 lo0
16| 192.168.11/24      link#5             UC         2        0     -     4 vlan1
17| 192.168.11/24      192.168.11.1       UG         0        0     -    32 vlan1
18| 192.168.11.1       00:50:56:96:00:89  UHLc       1        0     -     4 lo0
19| 192.168.11.2       00:50:56:96:00:90  UHLc       2        7     -     4 vlan1
20| 192.168.12/24      link#6             UC         0        0     -     4 vlan2
21| 192.168.13/24      192.168.11.2       UG         0        0     -    32 vlan1
22| 224/4              127.0.0.1          URS        0        0 33160     8 lo0

Notice there are multiple entries for 192.168.11.0/24 (line #16-17). Line #17 was added by ospfd.

Before continuing, I'm going to paste the equivalent information on FreeBSD's side, so that we can better compare. Below is `netstat -rn' taken before ospfd is started,

23| Destination        Gateway            Flags    Refs      Use  Netif Expire
24| 127.0.0.1          link#3             UH          0      139    lo0
25| 192.168.11.0/24    link#1             U           0        0    em0
26| 192.168.11.1       link#1             UHS         0        0    lo0
27| 192.168.12.0/24    link#9             U           0        0 em0_vl
28| 192.168.12.1       link#9             UHS         0        0    lo0

And this is `netstat -rn' taken after OpenOSPFd finished negotiating with its neighbour,

29| Destination        Gateway            Flags    Refs      Use  Netif Expire
30| 127.0.0.1          link#3             UH          0      147    lo0
31| 192.168.11.0/24    192.168.1.1        U           1        6    em0
32| 192.168.11.1       link#1             UHS         0        0    lo0
33| 192.168.12.0/24    link#9             U           0        0 em0_vl
34| 192.168.12.1       link#9             UHS         0        0    lo0
35| 192.168.13.0/24    192.168.1.2        UG          0        0    em0
36| 192.168.13.1/32    192.168.1.2        UG          0        0    em0

Notice there's only one entry for 192.168.11.0/24 (line #25 got replaced with line #31).

And that's really the cruft of the issue: in FreeBSD you can only have the one network route, whereas in OpenBSD, you can have multiple. When a neighbour goes away in FreeBSD, the 192.168.11.0/24 route gets deleted. In OpenBSD, there's no negative impact, since there are multiple routes to the same network. Using our example, line #10 still exists as line #16 in OpenBSD, line #25 gets deleted and line #31 gets created in FreeBSD.

This isn't really a bug, it's more a difference in capabilities between FreeBSD's and OpenBSD's respective networking. OpenOSPFd doesn't seem to have any special considerations for FreeBSD.

The Fix / Workaround
--------------------

The concept is simple: create an IP alias where the network overlaps the existing IP/network.
In our example, 192.168.11.0/24 is used to exchange OSPF information. Create an alias of 192.168.10.1/23. That way when the 192.168.11.0/24 route gets deleted, the systems will be accessible to each other over the 192.168.10.0/23 route. In order for this to work as expected, you'll need to make a couple changes to your ospfd.conf file.

This is the original ospfd.conf file taken from the FreeBSD system,

37| router-id 0.0.0.1
38| redistribute connected
39| redistribute static
40| area 0.0.0.0 {
41|         interface em0
42| }

And this is what it looks like after adding the IP alias,

43| router-id 0.0.0.1
44| no redistribute 192.168.10.0/23
45| redistribute connected
46| redistribute static
47| area 0.0.0.0 {
48|         interface em0:192.168.11.1
49| }

The `no distribute' is critical.

Could people share their comments and experiences with OpenOSPFd on FreeBSD?

More information about the freebsd-questions mailing list