Solved

ospfd openbsd not distributing routes

Posted on 2009-05-14
12
2,488 Views
Last Modified: 2013-12-19
Hello,

I am running ospfd on openbsd 4.5 and I am having issues distributing routes.  I can see all the routes on my network fine from my obsd router when I run:

ospfctl show database router

however, when I go to my other ospf routers which are cisco and juniper I cannot see the interface of the obsd router.

I am using redistribute connected in my conf file, but I would like to change to specify what networks I am distributing.  If I send out all connected it will cause issues. The "redistribute prefix [set ...]" looks promising, but I have not been able to find any examples for "prefix".

Thanks!



ospfd.conf:

router-id 10.9.220.1    
redistribute connected

# areas
area 0.0.0.0 {
        interface nfe0 {
                hello-interval 1
                auth-type none
        }
       interface lo1 {
                passive
       }

 ospfctl show neighbor        
ID              Pri State        DeadTime Address         Iface     Uptime
10.9.10.1       1   FULL/BCKUP   00:00:39 10.5.50.1       nfe0      00:08:01
0
Comment
Question by:loniadmin
  • 6
  • 4
12 Comments
 

Author Comment

by:loniadmin
ID: 24389416
I was finally able to find someone who hinted at the proper redistribution:

ospfd.conf
 redistribute 10.5.50.0/30
 redistribute 10.9.220.1/32

However, it still is not being properly distributed to the network.

# ospfctl show fib
flags: * = valid, O = OSPF, C = Connected, S = Static
Flags  Prio Destination          Nexthop          
*S        8 0.0.0.0/0            128.97.131.1
 C        4 10.0.132.0/24        link#4
*C        4 10.5.50.0/30         link#1
*O       32 10.5.50.0/30         10.5.50.2
 C        4 10.5.51.0/30         link#2
*         4 10.9.220.1/32        10.9.220.1
*S        8 127.0.0.0/8          127.0.0.1
*C        0 127.0.0.1/8          link#0
*         4 127.0.0.1/32         127.0.0.1
*C        4 128.XXX.XXX.0/24      link#3
*S        8 224.0.0.0/4          127.0.0.1

0
 
LVL 61

Expert Comment

by:gheist
ID: 24393340
other end has to do OSPF also.
traffic dump is of help with wireshark or ms monitor network.
0
 

Author Comment

by:loniadmin
ID: 24398044
Hello gheist.

The other end is configured for OSPF.  As you can see from my original post the show neighbor cmd shows the connected router.  The issue I am having is flooding networks from my obsd router to the rest of my network.

Not sure how a traffic dump would help on this.  It is a configuration flaw that I am having.
0
 
LVL 57

Expert Comment

by:giltjr
ID: 24400600
Is the other OSPF router configured with a hello interval of 1 second?  Seem a bit low to me, default is 10.
0
 

Accepted Solution

by:
loniadmin earned 0 total points
ID: 24414135
The issue turned out to be the line: " ip ospf network point-to-point" on the Cisco interface.  The link is a point to point link, but I guess since ospfd does not have that option in its config it results in weird behavior.  I removed it and everything works now.
0
What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 
LVL 61

Expert Comment

by:gheist
ID: 24419392
Refused to diagnose
0
 
LVL 61

Expert Comment

by:gheist
ID: 24419393
Refused diagnostic info.
0
 

Author Comment

by:loniadmin
ID: 24424310
Specifically to gheist:

I apologize for being terse, but if you attempt to answer a question without thinking about the problem, or without being knowledgable about the area of interest, many users (like myself) will immediately notice that.

I said "I can see all the routes on my network fine from my obsd router when I run: "ospfctl show database router".  Your first reply was to check is ospf was enabled on the other side.  The command implies that the protocol is up and running between the two end points.

You then comment that wireshark is helpful for diagnosing issues.  Really?  I'm not sure if this is a breakdown of communication or a pure lack of respect for the asker of the question.  If you want to see tcpdump captures, then ask.  

Don't raise an objection because a user doesn't provide diagnostic information that you didn't actually ask for (again, breakdown of communication).  I've flagged the question for review, and will continue to do so every time you respond to a question of mine without demonstrative expertise in the subject.
0
 
LVL 61

Expert Comment

by:gheist
ID: 24425779
Normally one traces lowlevel issues from traffic dump, not by trying to make guesses with obscure options. Have your points back if you prefer so.
0
 

Author Comment

by:loniadmin
ID: 24426634
I'd actually just prefer you not participate in our questions in the future.  Let somebody else answer the question that perhaps has more experience in the specific area.  I know you are very helpful to many users on Experts Exchange, but so far have not been helpful to us.
0
 

Author Comment

by:loniadmin
ID: 24475615
We have one admin (that would be me) that uses Experts Exchange.  As I'm sure you already understand, most questions - especially in the networking arena - are part of a project that affects more than a single person, or else the concept of networking wouldn't make much since.  

I have contacted the person responsible for corporate accounts as you suggested, however I have done so to discuss why our company will probably not purchase a corporate account, as our experiences with the moderators on the site were less than helpful.  We had this premium account so I could try out the service before purchasing a larger account for the whole organization.
0

Featured Post

What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

Join & Write a Comment

Quality of Service (QoS) options are nearly endless when it comes to networks today. This article is merely one example of how it can be handled in a hub-n-spoke design using a 3-tier configuration.
If you're not part of the solution, you're part of the problem.   Tips on how to secure IoT devices, even the dumbest ones, so they can't be used as part of a DDoS botnet.  Use PRTG Network Monitor as one of the building blocks, to detect unusual…
This video shows how to set up a shell script to accept a positional parameter when called, pass that to a SQL script, accept the output from the statement back and then manipulate it in the Shell.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now