Quagga OSPF not adding Kernel Routes



  • Hi,

    I'm running pfSense with an Quagga OSPF Instance.
    The Quogga shows all needed Routes, but under Diagnostic > Routes they're missing.

    Quogga Version is 0.99.22.3 v0.6.1, pfSense is latest.
    Checked global settings:

    - Redistribute connected subnets
    - Redistribute static
    - Redistribute Kernel
    

    Running Interface is set to use md5 password. As said, Status is good, but System Routes are not added.
    Maybe there is a logical problem?

    Thanks in advance,

    redflag



  • is there anything in the logs that shows errors adding the routes ?

    could you post some screenshots of the quagga configuration/status + also any error logs that might be related ?

    do routes you publish router-A show up on other router-B ? or vice-versa ?



  • @heper:

    is there anything in the logs that shows errors adding the routes ?

    could you post some screenshots of the quagga configuration/status + also any error logs that might be related ?

    do routes you publish router-A show up on other router-B ? or vice-versa ?

    Hi Heper,

    Thanks for reply. The other devices are running MikroTik RouterOS 6.x. Routes are visible on each MikroTik Device.
    This is a log of Quogga daemon on restart:

    Jan 4 09:20:57	zebra[89757]: Zebra 0.99.22.3 starting: vty@2601
    Jan 4 09:20:58	ospfd[89783]: ASBR[Status:1]: Update
    Jan 4 09:20:58	ospfd[89783]: ASBR[Status:2]: Update
    Jan 4 09:20:58	ospfd[89783]: ASBR[Status:2]: Already ASBR
    Jan 4 09:20:58	ospfd[89783]: ASBR[Status:3]: Update
    Jan 4 09:20:58	ospfd[89783]: ASBR[Status:3]: Already ASBR
    Jan 4 09:20:58	ospfd[89783]: buffer_flush_available: write error on fd 0: Bad file descriptor
    Jan 4 09:20:58	ospfd[89950]: OSPFd 0.99.22.3 starting: vty@2604
    Jan 4 09:20:58	zebra[89757]: client 12 says hello and bids fair to announce only ospf routes
    Jan 4 09:20:58	ospfd[89950]: interface 10.178.4.1 [6] join AllSPFRouters Multicast group.
    Jan 4 09:20:58	ospfd[89950]: LSA[Type5:0.0.0.0]: Not originate AS-external-LSA for default
    Jan 4 09:20:59	ospfd[89950]: Link State Update: Unknown Neighbor 10.255.255.253 on int: ovpns1:10.178.4.1
    Jan 4 09:21:00	ospfd[89950]: Link State Acknowledgment: Unknown Neighbor 10.255.255.252.
    Jan 4 09:21:07	ospfd[89950]: interface ovpns1:10.178.4.1: ospf_check_md5 bad sequence 43519 (expect 43522)
    Jan 4 09:21:08	ospfd[89950]: Packet[DD]: Neighbor 10.255.255.253 state is 2-Way, packet discarded.
    Jan 4 09:21:08	ospfd[89950]: Packet[DD]: Neighbor 10.255.255.252 state is 2-Way, packet discarded.
    Jan 4 09:21:13	ospfd[89950]: Packet[DD]: Neighbor 10.255.255.253 state is 2-Way, packet discarded.
    Jan 4 09:21:13	ospfd[89950]: Packet[DD]: Neighbor 10.255.255.252 state is 2-Way, packet discarded.
    Jan 4 09:21:17	ospfd[89950]: interface ovpns1:10.178.4.1: ospf_check_md5 bad sequence 43520 (expect 43523)
    Jan 4 09:21:18	ospfd[89950]: Packet[DD]: Neighbor 10.255.255.253 state is 2-Way, packet discarded.
    Jan 4 09:21:18	ospfd[89950]: Packet[DD]: Neighbor 10.255.255.252 state is 2-Way, packet discarded.
    Jan 4 09:21:23	ospfd[89950]: Packet[DD]: Neighbor 10.255.255.253 state is 2-Way, packet discarded.
    Jan 4 09:21:23	ospfd[89950]: Packet[DD]: Neighbor 10.255.255.252 state is 2-Way, packet discarded.
    Jan 4 09:21:27	ospfd[89950]: interface ovpns1:10.178.4.1: ospf_check_md5 bad sequence 43521 (expect 43524)
    Jan 4 09:21:28	ospfd[89950]: Packet[DD]: Neighbor 10.255.255.253 state is 2-Way, packet discarded.
    Jan 4 09:21:28	ospfd[89950]: Packet[DD]: Neighbor 10.255.255.252 state is 2-Way, packet discarded.
    Jan 4 09:21:33	ospfd[89950]: Packet[DD]: Neighbor 10.255.255.253 state is 2-Way, packet discarded.
    Jan 4 09:21:33	ospfd[89950]: Packet[DD]: Neighbor 10.255.255.252 state is 2-Way, packet discarded.
    Jan 4 09:21:37	ospfd[89950]: interface ovpns1:10.178.4.1: ospf_check_md5 bad sequence 43522 (expect 43525)
    Jan 4 09:21:38	ospfd[89950]: DR-Election[1st]: Backup 10.178.4.2
    Jan 4 09:21:38	ospfd[89950]: DR-Election[1st]: DR 10.178.4.2
    Jan 4 09:21:38	ospfd[89950]: Packet[DD]: Neighbor 10.255.255.253 Negotiation done (Slave).
    Jan 4 09:21:38	ospfd[89950]: Packet[DD]: Neighbor 10.255.255.252 state is 2-Way, packet discarded.
    Jan 4 09:21:40	ospfd[89950]: Link State Acknowledgment: Neighbor[10.255.255.252] state 2-Way is less than Exchange
    Jan 4 09:21:43	ospfd[89950]: Packet[DD]: Neighbor 10.255.255.252 state is 2-Way, packet discarded.
    Jan 4 09:21:43	ospfd[89950]: LSA[Type5:0.0.0.0]: Not originate AS-external-LSA for default
    Jan 4 09:21:43	ospfd[89950]: nsm_change_state(10.255.255.253, Loading -> Full): scheduling new router-LSA origination
    Jan 4 09:21:47	ospfd[89950]: interface ovpns1:10.178.4.1: ospf_check_md5 bad sequence 43523 (expect 43526)
    Jan 4 09:21:48	ospfd[89950]: Packet[DD]: Neighbor 10.255.255.252 state is 2-Way, packet discarded.
    Jan 4 09:21:53	ospfd[89950]: Packet[DD]: Neighbor 10.255.255.252 state is 2-Way, packet discarded.
    Jan 4 09:21:54	ospfd[89950]: Link State Acknowledgment: Neighbor[10.255.255.252] state 2-Way is less than Exchange
    Jan 4 09:21:57	ospfd[89950]: interface ovpns1:10.178.4.1: ospf_check_md5 bad sequence 43524 (expect 43527)
    Jan 4 09:21:58	ospfd[89950]: Packet[DD]: Neighbor 10.255.255.252 state is 2-Way, packet discarded.
    

    I'm wondering about the names 2-Way and Exchange. It does not make real sense for me. Maybe someone has an idea? :-)








  • Interface ovpns1:10.178.4.1: ospf_check_md5 bad sequence 43524 (expect 43527)
    

    I would think this might be a  significant error in authentication. Could you test if it works without md5?  (unless it has nothing todo with the passwords offcourse)
    Also try with only the default settings (remove all the checkboxes to redistribute routes/subnets). Only distribute the subnets you enter manually in the fields below



  • @heper:

    Interface ovpns1:10.178.4.1: ospf_check_md5 bad sequence 43524 (expect 43527)
    

    I would think this might be a  significant error in authentication. Could you test if it works without md5?  (unless it has nothing todo with the passwords offcourse)
    Also try with only the default settings (remove all the checkboxes to redistribute routes/subnets). Only distribute the subnets you enter manually in the fields below

    Okay, tested with all options off. Same Problem is still there.

    This is Category "Routing" Log:

    Jan 8 06:52:37 	zebra[17346]: Zebra 0.99.22.3 starting: vty@2601
    Jan 8 06:52:38 	ospfd[17363]: buffer_flush_available: write error on fd 0: Bad file descriptor
    Jan 8 06:52:38 	ospfd[29703]: OSPFd 0.99.22.3 starting: vty@2604
    Jan 8 06:52:38 	zebra[17346]: client 12 says hello and bids fair to announce only ospf routes
    Jan 8 06:52:38 	ospfd[29703]: interface 10.178.4.1 [6] join AllSPFRouters Multicast group.
    Jan 8 06:52:48 	ospfd[29703]: Packet[DD]: Neighbor 10.255.255.253 state is 2-Way, packet discarded.
    Jan 8 06:52:48 	ospfd[29703]: Packet[DD]: Neighbor 10.255.255.254 state is 2-Way, packet discarded.
    Jan 8 06:56:09 	ospfd[29703]: Packet[DD]: Neighbor 10.255.255.254 I-bit set.
    Jan 8 06:56:14 	ospfd[29703]: Packet[DD]: Neighbor 10.255.255.253 state is 2-Way, packet discarded.
    Jan 8 06:56:14 	ospfd[29703]: Packet[DD]: Neighbor 10.255.255.254 state is 2-Way, packet discarded.
    Jan 8 06:56:14 	ospfd[29703]: Packet[DD]: Neighbor 10.255.255.254 Negotiation done (Slave).
    

    Cannot find any running config, always same errors. The MikroTik Devices shows hundreds of state-changes for this Quogga Instance. As there is a write error, i think about a bug. What do you think?



  • i've never personally had this kind of issue's with quagga before,but i only use it between pfsense devices. (and i don't have micortik hardware at hand)

    Jimp (one of pfSense lead developers) is also the pfsense-package maintainer for Quagga as far as i know….
    Perhaps he can help you figure this out, because i'm out of idea's ;)


Log in to reply