Date: Fri, 31 Mar 2006 07:11:16 +0000 From: Dima Dorfman <dd@freebsd.org> To: Michael DeMan <michael@staff.openaccess.org> Cc: Bart Van Kerckhove <bart@it-ss.be>, "freebsd-net@FreeBSD.org" <freebsd-net@freebsd.org> Subject: Re: OT - Quagga/CARP Message-ID: <20060331071115.GC884@trit.org> In-Reply-To: <EBB415E0-789D-48A5-B281-FA9BE5739930@staff.openaccess.org> References: <C935A1DF-4F65-4D5A-991B-B8A6C7E7DE24@staff.openaccess.org> <014e01c64928$6107abd0$020b000a@bartwrkstxp> <20060316193740.GE11850@spc.org> <C9011224-BE2F-4946-A90A-60C7A48D080E@staff.openaccess.org> <20060325092123.GB5468@trit.org> <EBB415E0-789D-48A5-B281-FA9BE5739930@staff.openaccess.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--VrqPEDrXMn8OVzN4 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Michael DeMan <michael@staff.openaccess.org> wrote: > So, if you already have a route to 10.100.100.0/24 via OSPF to =20 > another machine, then try to... >=20 > ip address 10.100.100.55/24 >=20 > You get an error. Is that the only problem? Someone was talking about funding development to fix something--surely there must be something more severe than the inability to use the "ip address" interface command? I thought the problem was about encoutering broken ingress paths if one of the routers loses connectivity to the destination network. Does the combination of CARP and quagga OSPF work once it's configured using system tools? > It is possible to force the interface configuration via 'ifconfig' on =20 > the UNIX command line, but for this equipment I want all interface =20 > configuration and routing driven out of Quagga. It would be cool if that was possible, but it's not really practical. My systems tend to have a lot of very custom configuration that quagga will never be able to express. If I had a cookie-cutter configuration, I'd probably be using a C or J box. While I've found bgpd and ospfd to be very stable, the zebra part that interacts with the kernel has had various problems over time--routes not being installed correctly, or going away, or having incorrect flags. I wouldn't trust it to configure the entire network subsystem. Dima. > On Mar 25, 2006, at 1:21 AM, Dima Dorfman wrote: >=20 > >Michael DeMan <michael@staff.openaccess.org> wrote: > >>Anyway, thanks very much for the information. I'm going to have to > >>figure out some kind of workaround on my architecture. In the worst > >>case, I can shut off OSPF on the edge routers and use static routes > >>upstream and OSPF from there, but that is going to be a real > >>nightmare for network maintenance over the long haul. > > > >You're talking about using CARP and OSPF on the edge routers, right? > > > >Can you explain a little more why CARP and zebra/ospfd don't play well > >together? I understand the problem about having two copies of the same > >route in the FIB, but I don't think it should prevent redundancy from > >working. I am planning to deploy FreeBSD-based access routers in the > >near future, and I'd like to have an idea of what issues I'll be > >facing. > > > >The scenario I have in mind is two FreeBSD boxes connected to the rest > >of the network on one side and clients (using carp) on the other. CARP > >is supposed to protect the client against one of the routers failing. > >I tried this on some test boxes today, and it looks like it should > >work. Both boxes are configured as OSPF neighbors and share a CARP > >vhid. When both links are up, each router has a route through the > >physical interface (it also sees the OSPF route, but the connected > >route is better). If one of the links fails (any condition that causes > >the physical interface to be down), the routes are withdrawn, the > >other box takes over the VIP, and the first box installs the OSPF > >route. Everything is still reachable. > > > >Am I missing an obvious problem or a case where this doesn't work? >=20 --VrqPEDrXMn8OVzN4 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- iD8DBQFELNYTBzAFW2n65YIRAoLeAJ9WnqYQlbIjuJtFG0q2Pbfxfg1pmQCeLF0g 84pjP1xsicJqQdl/iOfy3II= =f6bS -----END PGP SIGNATURE----- --VrqPEDrXMn8OVzN4--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060331071115.GC884>