On Fri, Apr 10, 2015 at 10:23:23AM +0200, Patrik Lundin wrote:
On Wed, Apr 1, 2015 at 5:12 PM, Ondrej Zajicek <santiago@crfreenet.org> wrote:
On Wed, Apr 01, 2015 at 05:01:01PM +0200, Patrik Lundin wrote:
I specifically noticed that OSPF is supposed to create routes for its own interfaces.
Yes it is supposed to do that. Although handling of 'lo' is kind of special case and in some circumstances does not work as expected. In that case it is often useful to try dummy interface instead of lo interface.
I thought I should report back on my continued adventures. Like you said using the lo interface seemed to work for IPv4, but I noticed bird6 would not pick up a /128 prefix assigned to lo in the same way.
I found this had been discussed earlier: http://marc.info/?l=bird-users&m=130087394302820&w=2
Because of this I decided to abandon the use of lo altogether, and just use dummy interfaces which worked fine for both protocols.
...
Some things to note:
* I have not decided on the best way to create the dummy interfaces, the solution above was just a quick hack but it seems to work well.
Just add 'dummy' to /etc/modules, it will be loaded and dummy0 will be created by default.
* While bird defaults to a "ptp" link type for eth0, bird6 defaults to "broadcast".
* The dummy0 interface defaults to being a stub interface in bird, while it requires configuration in bird6.
That is because OSPFv2 uses IPv4 addresses where /31 signalize ptp link and /32 stub link, OSPFv3 uses IPv6 link-local addresses and there is /64 everywhere.
The above configuration works well, the main thing I am still not sure about if is there is a "best" way to take a specific anycast node out of rotation if it needs maintenance. Anyone have any experience with this? General ideas are appreciated as well!
There are two possibilities: 1) Shut down dummy interface (ip link set dummy0 down), OSPF should immediately stop propagating attached addresses. This is probably the cleanest solution. You could even have multiple dummy interfaces with different addresses for different services and disable them independently. 2) Shut down OSPF protocol (birdc disable ospf1), OSPF would immediately de-peer. It should be also immediate, although in unusual cases you have to wait for timeout. -- Elen sila lumenn' omentielvo Ondrej 'Santiago' Zajicek (email: santiago@crfreenet.org) OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net) "To err is human -- to blame it on a computer is even more so."