FRR OSPF Renaming Interface causes route problem
-
Route update problem:
pfSense1 area0/area10 -- pfSense2 area0/area10 -- pfSense3 area10
If while using a connection from pfSense3 (ssh), I cannot reach pfSense1 if I simply rename the interface on pfSense1 in the Web GUI. This is odd because FRR uses the base name not the cosmetic name (/conf/config.xml uses wan|lan|opt1... and /var/etc/frr/frr.conf uses vmx0, vmx1, ...).
Renaming in the web interface in pfSense1, when you click Apply, this is where pfSense3 can reach pfSense1 but the return route seems like its missing, rebooting pfSense1 fixes the problem (frr-reload didn't work)
Systems Info:
2.7.2-RELEASE (amd64) [all 3 pfSense]
built on Wed Dec 6 20:10:00 UTC 2023
FreeBSD 14.0-CURRENTVendor: VMware, Inc.
Version: VMW201.00V.21805430.B64.2305221830
Release Date: Mon May 22 2023AMD EPYC 3251 8-Core Processor
AES-NI CPU Crypto: Yes (inactive)
QAT Crypto: NoKeep in mind for below, some are using portgroups and some is using trunking in VMware (this is why you see VLANing in some but not others). This network converges if everything is rebooted, but if I change the interface name in pfSense1, traffic cannot make its way back to pfSense3 (this was noticed via tcpdump traces). Also if I try to ping pfSense3 from pfSense1, no route to host, but pfSense2 knows.
pfSense1 info
config.xml:<frrospfdareas> <config> <area>0.0.0.10</area> <descr></descr> <type>nssa</type> <defaultcost>0</defaultcost> <shortcut>disable</shortcut> <authtype></authtype> <row> <rangeprefix></rangeprefix> <rangecost></rangecost> <subprefix></subprefix> </row> <exportlist>none</exportlist> <importlist>none</importlist> <filterlist_out>none</filterlist_out> <filterlist_in>none</filterlist_in> </config> <config> <area>0.0.0.0</area> <descr></descr> <type>none</type> <defaultcost></defaultcost> <shortcut>default</shortcut> <authtype></authtype> <row> <rangeprefix></rangeprefix> <rangecost></rangecost> <subprefix></subprefix> </row> <exportlist>none</exportlist> <importlist>none</importlist> <filterlist_out>none</filterlist_out> <filterlist_in>none</filterlist_in> </config> </frrospfdareas> <frrospfdinterfaces> <config> <interface>opt17</interface> <descr></descr> <networktype>point-to-point</networktype> <passive></passive> <mtuignore></mtuignore> <metric></metric> <interfacearea>0.0.0.10</interfacearea> <acceptfilter></acceptfilter> <authtype></authtype> <password></password> <routerpriorityelections></routerpriorityelections> <retransmitinterval></retransmitinterval> <hellointervalinseconds></hellointervalinseconds> <deadtimer></deadtimer> <minimalhello></minimalhello> <bfdenable>on</bfdenable> </config> <config> <interface>opt5</interface> <descr></descr> <networktype>point-to-point</networktype> <passive></passive> <mtuignore></mtuignore> <metric>14</metric> <interfacearea>0.0.0.0</interfacearea> <acceptfilter></acceptfilter> <authtype></authtype> <password></password> <routerpriorityelections></routerpriorityelections> <retransmitinterval></retransmitinterval> <hellointervalinseconds></hellointervalinseconds> <deadtimer></deadtimer> <minimalhello></minimalhello> <bfdenable>on</bfdenable> </config> </frrospfdinterfaces> <frr> <config> <enable>on</enable> <routerid>101.17.2.251</routerid> <password><![CDATA[password]]></password> <passwordencrypt></passwordencrypt> <ignoreipsecrestart></ignoreipsecrestart> <carpstatusvid>none</carpstatusvid> <logging></logging> <pkgloglevel>0</pkgloglevel> <enablesnmpagentx></enablesnmpagentx> <row> <routevalue></routevalue> <routetarget>none</routetarget> </row> <nht>none</nht> <service_force_restart></service_force_restart> </config> </frr> <frrbfd> <config> <enable>on</enable> </config> </frrbfd>frr.conf:
service integrated-vtysh-config ! ip router-id 101.17.2.251 ! interface vmx0.952 ip ospf network point-to-point ip ospf bfd ip ospf area 0.0.0.10 interface vmx0.1511 ip ospf network point-to-point ip ospf cost 14 ip ospf bfd ip ospf area 0.0.0.0 ! router ospf ospf router-id 101.17.2.251 redistribute connected area 0.0.0.0 shortcut default area 0.0.0.10 nssa area 0.0.0.10 shortcut disable ! bfd ! line vtypfsense2 Info
config.xml:<frrospfdareas> <config> <area>0.0.0.10</area> <descr></descr> <type>nssa</type> <defaultcost>0</defaultcost> <shortcut>disable</shortcut> <authtype></authtype> <row> <rangeprefix></rangeprefix> <rangecost></rangecost> <subprefix></subprefix> </row> <exportlist>none</exportlist> <importlist>none</importlist> <filterlist_out>none</filterlist_out> <filterlist_in>none</filterlist_in> </config> <config> <area>0.0.0.0</area> <descr></descr> <type>none</type> <defaultcost></defaultcost> <shortcut>default</shortcut> <authtype></authtype> <row> <rangeprefix></rangeprefix> <rangecost></rangecost> <subprefix></subprefix> </row> <exportlist>none</exportlist> <importlist>none</importlist> <filterlist_out>none</filterlist_out> <filterlist_in>none</filterlist_in> </config> </frrospfdareas> <frrospfdinterfaces> <config> <interface>lan</interface> <descr></descr> <networktype>point-to-point</networktype> <passive></passive> <mtuignore></mtuignore> <metric></metric> <interfacearea>0.0.0.0</interfacearea> <acceptfilter></acceptfilter> <authtype></authtype> <password></password> <routerpriorityelections></routerpriorityelections> <retransmitinterval></retransmitinterval> <hellointervalinseconds></hellointervalinseconds> <deadtimer></deadtimer> <minimalhello></minimalhello> <bfdenable></bfdenable> </config> <config> <interface>opt2</interface> <descr></descr> <networktype>point-to-point</networktype> <passive></passive> <mtuignore></mtuignore> <metric>19</metric> <interfacearea>0.0.0.0</interfacearea> <acceptfilter></acceptfilter> <authtype></authtype> <password></password> <routerpriorityelections></routerpriorityelections> <retransmitinterval></retransmitinterval> <hellointervalinseconds></hellointervalinseconds> <deadtimer></deadtimer> <minimalhello></minimalhello> <bfdenable>on</bfdenable> </config> <config> <interface>opt22</interface> <descr></descr> <networktype>point-to-point</networktype> <passive></passive> <mtuignore></mtuignore> <metric></metric> <interfacearea>0.0.0.10</interfacearea> <acceptfilter></acceptfilter> <authtype></authtype> <password></password> <routerpriorityelections></routerpriorityelections> <retransmitinterval></retransmitinterval> <hellointervalinseconds></hellointervalinseconds> <deadtimer></deadtimer> <minimalhello></minimalhello> <bfdenable>on</bfdenable> </config> <config> <interface>opt13</interface> <descr></descr> <networktype>point-to-point</networktype> <passive></passive> <mtuignore></mtuignore> <metric>22</metric> <interfacearea>0.0.0.10</interfacearea> <acceptfilter></acceptfilter> <authtype></authtype> <password></password> <routerpriorityelections></routerpriorityelections> <retransmitinterval></retransmitinterval> <hellointervalinseconds></hellointervalinseconds> <deadtimer></deadtimer> <minimalhello></minimalhello> <bfdenable>on</bfdenable> </config> </frrospfdinterfaces> <frr> <config> <enable>on</enable> <routerid>101.17.2.51</routerid> <password><![CDATA[password]]></password> <passwordencrypt></passwordencrypt> <ignoreipsecrestart></ignoreipsecrestart> <carpstatusvid>none</carpstatusvid> <logging></logging> <pkgloglevel>0</pkgloglevel> <enablesnmpagentx></enablesnmpagentx> <row> <routevalue></routevalue> <routetarget>none</routetarget> </row> <nht>none</nht> <service_force_restart></service_force_restart> </config> </frr> <frrbfd> <config> <enable>on</enable> </config> </frrbfd>frr.conf:
service integrated-vtysh-config ! ip router-id 101.17.2.51 ! interface vmx0.454 ip ospf network point-to-point ip ospf area 0.0.0.0 interface vmx0.3023 ip ospf network point-to-point ip ospf cost 19 ip ospf bfd ip ospf area 0.0.0.0 interface vmx0.952 ip ospf network point-to-point ip ospf bfd ip ospf area 0.0.0.10 interface vmx0.311 ip ospf network point-to-point ip ospf cost 22 ip ospf bfd ip ospf area 0.0.0.10 ! router ospf ospf router-id 101.17.2.51 redistribute connected area 0.0.0.0 shortcut default area 0.0.0.10 nssa area 0.0.0.10 shortcut disable ! bfd ! line vtypfSense3 info
config.xml:<frrospfdareas> <config> <area>0.0.0.10</area> <descr></descr> <type>nssa</type> <defaultcost></defaultcost> <shortcut>default</shortcut> <authtype></authtype> <row> <rangeprefix></rangeprefix> <rangecost></rangecost> <subprefix></subprefix> </row> <exportlist>none</exportlist> <importlist>none</importlist> <filterlist_out>none</filterlist_out> <filterlist_in>none</filterlist_in> </config> </frrospfdareas> <frrospfdinterfaces> <config> <interface>lan</interface> <descr></descr> <networktype>point-to-point</networktype> <passive></passive> <mtuignore></mtuignore> <metric></metric> <interfacearea>0.0.0.10</interfacearea> <acceptfilter></acceptfilter> <authtype></authtype> <password></password> <routerpriorityelections></routerpriorityelections> <retransmitinterval></retransmitinterval> <hellointervalinseconds></hellointervalinseconds> <deadtimer></deadtimer> <minimalhello></minimalhello> <bfdenable></bfdenable> </config> <config> <interface>opt2</interface> <descr></descr> <networktype>point-to-point</networktype> <passive></passive> <mtuignore></mtuignore> <metric>22</metric> <interfacearea>0.0.0.10</interfacearea> <acceptfilter></acceptfilter> <authtype></authtype> <password></password> <routerpriorityelections></routerpriorityelections> <retransmitinterval></retransmitinterval> <hellointervalinseconds></hellointervalinseconds> <deadtimer></deadtimer> <minimalhello></minimalhello> <bfdenable>on</bfdenable> </config> </frrospfdinterfaces> <frr> <config> <enable>on</enable> <routerid>101.17.2.157</routerid> <password><![CDATA[password]]></password> <passwordencrypt></passwordencrypt> <ignoreipsecrestart></ignoreipsecrestart> <carpstatusvid>none</carpstatusvid> <logging></logging> <pkgloglevel>0</pkgloglevel> <enablesnmpagentx></enablesnmpagentx> <row> <routevalue></routevalue> <routetarget>none</routetarget> </row> <nht>none</nht> <service_force_restart></service_force_restart> </config> </frr> <frrbfd> <config> <enable>on</enable> </config> </frrbfd>frr.conf:
service integrated-vtysh-config ! ip router-id 101.17.2.157 ! interface vmx1 ip ospf network point-to-point ip ospf area 0.0.0.10 interface vmx3 ip ospf network point-to-point ip ospf cost 22 ip ospf bfd ip ospf area 0.0.0.10 ! router ospf ospf router-id 101.17.2.157 redistribute connected area 0.0.0.10 nssa area 0.0.0.10 shortcut default ! bfd ! line vty
Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.