Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    FRR multiple Issues and Problems

    Scheduled Pinned Locked Moved
    FRR
    1
    3
    1.3k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      pete35
      last edited by

      Hi,

      in my virtual LAB in run some 10 Pfsense 2.4.3. with the latest FRR package for 3 OSPF areas.

      1. There is a problem in the GUI: when defining an OSPF Interface, fill the field Retransmit intervall - leads to an error in the log "there is no such command"

      2. STUB and NSSA areas are totally ignored. The definition of stub/nssa areas should go to both areas ( 0 and stub), but there is no field for such thing in area 0, we cant set this on the interface, manualy adding does not work.

      3. Adding multiple "disabled redistribution" networks leads to entries where the network is defined for "redistribution" and not for "disabled redistribution" in the gui. Manually correction is needed.

      There are other Problems like https://forum.pfsense.org/index.php?topic=146591.0

      Spreading the configuration into several pieces leads to situations where the connection to the remote side is lost, because i need to do several steps on different pages which multiple "Save" commands which gives incorrect intermediate configurations which leads to lost connections. The structure of this OSPF FRR Gui is suboptimal.

      Maybe someone can define a small basic network sample for pfsense with 3-4 OSPF FRR Pfense routers and at least 2 areas ( area 0 and a stub area) where the configuration steps are clearly stated and all is up and running on Pfsense. Im not an OSPF guru, but i can read and understand the Cisco OSPF samples. I tried it for 3 days now and cant made it work on Pfsense :-[.

      Supporting FRR OSPF an Pfsense is awesome, but it should work in some more details and not only in a case with 2 routers in area 0.

      <a href="https://carsonlam.ca">bintang88</a>
      <a href="https://carsonlam.ca">slot88</a>

      1 Reply Last reply Reply Quote 0
      • P
        pete35
        last edited by

        Digging further into this OSPF stuff and defining a small test ospf lab for myself leads to the following findings:

        The points 1) and 3) are still valid.

        The point 2 can be refined: Manually adding the area x.x.x.x stub ( stub no-summary) or nssa keywords in the configuration of the backbone area works,
        if the interface is correctly set to its own area, which is default. Im doing this wrong in the first attempt.

        So for the configuration of the stub and nssa areas we need an additional field-group where multiple areas can be defined as stub, nssa or stub no-summary.
        This will allow do use multiple ospf areas without manually adding ospf commands to the configuration. Its partially there, maybe
        combining the fields "area" and "define fib updates" into a group and define the area type for a group of areas should go into the configuration like "area 1.1.1.1 stub | stub no-summary | nssa"

        Sample:
        partially ospfd.conf for FRR OSPF Router in Area 10.2.1.0 ( STUB Area):

        router ospf
        ospf router-id 10.2.1.1
        area 10.2.1.0 stub  <–--------------------- this can be done with the GUI, because its the default area
        network 10.2.1.0/24 area 10.2.1.0

        partially ospfd.conf for FRR OSPF Router in Area 0.0.0.0 (Backbone Area):

        router ospf
        ospf router-id 10.1.1.1
        area 10.2.1.0 stub  <–--------------------- this cannot be done with the GUI, because its another area
        network 10.1.1.0/24 area 0.0.0.0

        If anyone can comment and or confirm this stuff, we can open a redmine ticket for this.
        Thank you for reading.

        <a href="https://carsonlam.ca">bintang88</a>
        <a href="https://carsonlam.ca">slot88</a>

        P 1 Reply Last reply Reply Quote 0
        • P
          pete35 @pete35
          last edited by

          Digging further into the FRR OSPF IPV6 GUI functions i see more problems within the GUI and function of the FRR package:

          1. OSPF IPv6 doesn´t work with OPENVPN IPv6 P2P tunnels. Changing the OPSFv6 Interface to use the WAN Interface works perfectly. The IPv6 tunnel is working perfectly, FW Rules are set to "pass ipv4+6 * any any" but there is no OSPF "Hello" activity on the IPv6 tunnel, when OSPF6 ist set to use this tunnel as IPv6 activated interface with another FRR Pfsense on the other site. Usually OSPF IPv6 routes are based on the Link Local IP address of the interface, maybe this is a problem here, just guessing.

          2. OSPF IPv6 current version cannot use areas (not implemented yet) - so the OPSFv6 GUI is really misleading, we can change the area to some other, but there is no warning that there is no function behind that. There maybe a future version, where areas are supported in OPSF IPV6.

          3. OSPF Global Settings: The subnet field ist too short for a full IPv6 address, so a long IPv6 address is only partially displayed.

          4. OSPF6 Settings : the last part is really a problem, we can suppose, that there should be "Distribute Networks" and "Disable Redistribution" but non is there - only a subnet/area id field. There are some parts missing and it doesn´t work … even in OSPF v4 it doesn´t work.

          We really need an updated version of the FRR routing package, the current version is 5.x, where in Pfsense we are at 3.x.

          I really like that FRR package, but it is in a "BETA" State and with all this GUI problems not easy to implement.

          Regards Pete

          <a href="https://carsonlam.ca">bintang88</a>
          <a href="https://carsonlam.ca">slot88</a>

          1 Reply Last reply Reply Quote 0
          • First post
            Last post