OSPF NSSA
Konrad Kręciwilk
konrad.kreciwilk at korbank.pl
Thu Jan 19 23:45:01 CET 2023
Hello Team,
I encountered a weird problem with OSPF. I attache scheme.png.
R1 and R2 has configured area0 via vlan1000, both has also area1 NSSA to
R3. Simply:
-------------------------
config R1:
protocol ospf CORE_OSPF {
tick 1;
ipv4 {
import all;
export none;
};
area 0.0.0.0 {
interface "vlan1000" {
cost 2;
type ptp;
bfd;
};
};
area 0.0.0.1 {
nssa;
interface "vlan4001" {
type ptp;
bfd yes;
};
};
};
R1: Bird 2.0.10
-------------------------
config R2:
protocol ospf CORE_OSPF {
tick 1;
ipv4 {
import all;
export none;
};
area 0.0.0.0 {
interface "vlan1000" {
cost 2;
type ptp;
bfd;
};
};
area 0.0.0.1 {
nssa;
interface "vlan4011" {
type ptp;
bfd yes;
};
};
};
R2: Bird 2.0.11
-------------------------
config R3:
function allow_network()
prefix set localnet;
{
localnet = [ 10.0.0.0/8{24,30}];
ospf_metric1 = 20;
if net ~ localnet then
return true;
else
return false;
}
filter out_connected {
if allow_network() then
accept;
else
reject;
}
protocol ospf CORE_OSPF {
tick 1;
ipv4 {
import all;
export filter out_connected;
};
area 0.0.0.1 {
nssa;
interface "vlan4001" {
cost 100;
type ptp;
bfd yes;
};
interface "vlan4011" {
cost 100;
type ptp;
bfd yes;
};
};
};
conntected interface with 10.7.100.254/24:
# ifconfig vlan91
vlan91: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu
1500
options=4600703<RXCSUM,TXCSUM,TSO4,TSO6,LRO,RXCSUM_IPV6,TXCSUM_IPV6,NOMAP>
ether a0:36:9f:9d:4a:4c
inet 10.7.100.254 netmask 0xffffff00 broadcast 10.7.100.255
groups: vlan
vlan: 91 vlanproto: 802.1q vlanpcp: 0 parent interface: lagg0
media: Ethernet autoselect
status: active
nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
R3: Bird 2.0.11
-------------------------
In normale state, every looks good. R1 and R2 see connected subnets from
R3 as OSPF E1 via local vlan (R1->4001, R2->4011), R3 recevied default
route (nssa):
from R1:
BIRD 2.0.10 ready.
bird> show route for 10.7.100.254
Table master4:
10.7.100.0/24 unicast [CORE_OSPF 23:08:09.064] * E1 (150/30)
[xx.xx.xx.xx]
via xx.xx.92.141 on vlan4001
bird>
from R2:
BIRD 2.0.11 ready.
bird> show route for 10.7.100.254
Table master4:
10.7.100.0/24 unicast [CORE_OSPF 23:21:35.334] * E1 (150/30)
[xx.xx.xx.xx]
via xx.xx.92.137 on vlan4011
bird>
but when on the switch remove e.g. vlan4001 to R3 (broken L2
connectivity), R1 still see via vlan4001 (all dead times have expired -
configured bfd). When I set ifconfig vlan4001 down on R3 the
announcement disappears, R1 and R2 to do not see 10.7.100.0/24. if in
this state (vlan4001 - broken connectivity, R3: vlan4001 state down), I
restart bird process the situation is getting better - R2 see
10.7.100.254 via vlan4011 and R1 see 10.7.100.254 via vlan1000 (area0).
I rewrite R3 config from Bird to Quagga and there is no such things. I
have also R4 (mikrotik) connected in a similar way (AREA2 NSSA) and also
works fine when I emulate L2 connectivity interrupt.
I can provide all the logs from the devices,
All nodes are FreeBSD.
Regards,
Konrad Kręciwilk
-------------- next part --------------
A non-text attachment was scrubbed...
Name: scheme.png
Type: image/png
Size: 23251 bytes
Desc: not available
URL: <http://trubka.network.cz/pipermail/bird-users/attachments/20230119/3185f10f/attachment.png>
More information about the Bird-users
mailing list