Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 3 Apr 2006 16:22:14 +0000
From:      Nik <nikruzhan@gmail.com>
To:        "Peter Jeremy" <peterjeremy@optushome.com.au>
Cc:        current@freebsd.org
Subject:   Re: BGP: can't set sockopt TCP_MD5SIG 0 to socket 16
Message-ID:  <60ffc71f0604030922yec065bfs73493a4f80a225e2@mail.gmail.com>
In-Reply-To: <20060403101504.GB683@turion.vk2pj.dyndns.org>
References:  <60ffc71f0604030126w60070561i9781729205d3790d@mail.gmail.com> <1144055468.15377.12.camel@bert.mlan.solnet.ch> <60ffc71f0604030255h3b418706vfaf51bb5f088dff3@mail.gmail.com> <20060403101504.GB683@turion.vk2pj.dyndns.org>

next in thread | previous in thread | raw e-mail | index | archive | help
 I'm using FreeBSD 5.4 with quagga 0.98.5. For L2 switch I'm using D-link
DES3326S and router using intel GB network card (dual port). The routing
process is controlled using quagga by ospfd and zebra. I forgot to see the
network traffice from tcpdump, for that I need to do a testing first and
will let u know the result.

Therefore, here is my vlan's config :

# --*Network*--
network_interfaces=3D"em0 em1 em2 em3 rl0 lo0"
ifconfig_rl0=3D"inet 192.168.0.10 netmask 255.255.255.0"
ifconfig_em0=3D"up"
ifconfig_em1=3D"up"
ifconfig_em2=3D"up"
cloned_interfaces=3D"vlan0 vlan1 vlan2 vlan3 vlan4 vlan6 vlan7 vlan8 vlan9
vlan10"
ifconfig_vlan0=3D"inet xx.xx.0.1 netmask 255.255.255.0 vlan 1 vlandev em0"
ifconfig_vlan1=3D"inet xx.xx.8.1 netmask 255.255.255.248 vlan 20 vlandev em=
0"
ifconfig_vlan2=3D"inet xx.xx.1.1 netmask 255.255.255.192 vlan 2 vlandev em2=
"
ifconfig_vlan3=3D"inet xx.xx.11.1 netmask 255.255.255.0 vlan 1000 vlandev e=
m0"
ifconfig_vlan4=3D"inet xx.xx.13.1 netmask 255.255.255.0 vlan 1001 vlandev e=
m0"
ifconfig_vlan6=3D"inet xx.xx.10.129 netmask 255.255.255.240 vlan 50 vlandev
em1"
ifconfig_vlan7=3D"inet xx.xx.10.145 netmask 255.255.255.248 vlan 51 vlandev
em1"
ifconfig_vlan8=3D"inet xx.xx.10.161 netmask 255.255.255.224 vlan 52 vlandev
em1"
ifconfig_vlan9=3D"inet xx.xx.10.1 netmask 255.255.255.192 vlan 4000 vlandev
em1"
ifconfig_vlan10=3D"inet xx.xx.14.1 netmask 255.255.255.248 vlan 2001 vlande=
v
em2"


-*ospfd's configuration*-
interface em0
 description To Vlans
!
interface em1
 description To Vlans
!
interface em2
 description To Vlans - Business
!
interface em3
 description To p2p - CORE
!
interface lo0
 description To IBGP - Loopback
!
interface plip0
!
interface rl0
!
interface rl1
 description To PG DistRouter
!
interface vlan0
 description To Switch Management
!
interface vlan1
 description To Authentication
!
interface vlan2
 description To Business Switch Management
!
interface vlan3
 description To Vlan1000
!
interface vlan4
 description To Vlan1001
!
interface vlan6
 description To Vlan50 - IDC 1
!
interface vlan7
 description To Vlan51 - IDC 2
!
interface vlan8
 description To Vlan52 - IDC 3
!
interface vlan9
 description To Vlan4000 - DMZ
!
interface vlan10
 description To Vlan2001 - Business Customer
!
router ospf
 ospf router-id xx.xx.8.130
 network xx.xx.0.0/24 area 0.0.0.1
 network xx.xx.1.0/26 area 0.0.0.1
 network xx.xx.8.0/29 area 0.0.0.1
 network xx.xx.8.66/32 area 0.0.0.0
 network xx.xx.8.128/29 area 0.0.0.0
 network xx.xx.8.168/30 area 0.0.0.0
 network xx.xx.10.0/26 area 0.0.0.1
 network xx.xx.10.128/28 area 0.0.0.10
 network xx.xx.10.144/29 area 0.0.0.10
 network xx.xx.10.160/27 area 0.0.0.10
 network xx.xx.11.0/24 area 0.0.0.50
 network xx.xx.13.0/24 area 0.0.0.51
 network xx.xx.14.0/29 area 0.0.0.52
!
line vty
!

-*zebra configuration*-
!
interface em0
 ipv6 nd suppress-ra
!
interface em1
 description To Vlans
 ipv6 nd suppress-ra
!
interface em2
 ipv6 nd suppress-ra
!
interface em3
 ip address xx.xx.8.130/29
 ipv6 nd suppress-ra
!
interface lo0
 description To IBGP Loopback
 ip address xx.xx.8.66/32
!
interface plip0
 ipv6 nd suppress-ra
!
interface rl0
 ipv6 nd suppress-ra
!
interface rl1
 ip address xx.xx.8.169/30
 ipv6 nd suppress-ra
!
interface vlan0
 ipv6 nd suppress-ra
!
interface vlan1
 description To Authentication
 ipv6 nd suppress-ra
!
interface vlan2
 ipv6 nd suppress-ra
!
interface vlan3
 description To Customer
 ipv6 nd suppress-ra
!
interface vlan4
 description To Customer
 ipv6 nd suppress-ra
!
interface vlan6
 description To IDC
 ipv6 nd suppress-ra
!
interface vlan7
 description To IDC
 ipv6 nd suppress-ra
!
interface vlan8
 description To IDC
 ipv6 nd suppress-ra
!
interface vlan9
 ipv6 nd suppress-ra
!
interface vlan10
 ipv6 nd suppress-ra
!
ip forwarding
!
line vty
!


On 4/3/06, Peter Jeremy <peterjeremy@optushome.com.au> wrote:
>
> On Mon, 2006-Apr-03 17:55:56 +0800, Nik wrote:
> >I'm curious why I need to enable MD5 because in my system I don't use an=
y
> >authentication method. Is there any way to off the parameter. Also I
> notice
> >that vlan in FreeBSD is not fully trunk.
> >
> >Examples ;
> >
> >vlan 1000 : 192.168.0.1/26
> >
> >connect to L2 switch and untag certain port to connect to PC. I still ca=
n
> >use internet when I set that PC to use this IP;
> >
> >IP =3D 192.168.0.5/24
> >Gateway =3D 192.168.0.1/24
>
> I use VLAN trunks extensively in FreeBSD and have no problems with
> them (I've had more problems with broken VLAN implementations in
> switches).  Can you detail exactly what your interface configuration
> is and what commands your are issuing that aren't working as expected.
> Have you looked at the network traffic using (eg) tcpdump.
>
> --
> Peter Jeremy
>



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?60ffc71f0604030922yec065bfs73493a4f80a225e2>