5446N/A# The contents of this file are subject to the terms of the
5446N/A# Common Development and Distribution License (the "License").
2801N/A# You may not use this file except in compliance with the License.
2801N/A# See the License for the specific language governing permissions
2801N/A# and limitations under the License.
2801N/A# When distributing Covered Code, include this CDDL HEADER in each
2801N/A# If applicable, add the following below this CDDL HEADER, with the
2801N/A# fields enclosed by brackets "[]" replaced with your own identifying
2801N/A# information: Portions Copyright [yyyy] [name of copyright owner]
2892N/A# Copyright (c) 2006, 2011, Oracle
and/or its affiliates. All rights reserved.
2801N/A SOLARIS' OFFERING OF OPENSOURCE QUAGGA SOFTWARE
2801N/A ************************************************
2801N/AQuagga(version 0.99.4) in Solaris is comprised of the following packages:
2801N/A - Provides the Quagga daemons and the quaggaadm utility.
2801N/A The daemons installed by this package are:
2801N/A ripd, ripngd, ospfd, ospf6d, bgpd, and zebra(the routing manager daemon)
5446N/A This package has dependencies on SUNWquaggar and SUNWquagga-libs
2801N/A file and SMF manifests for Quagga daemons.
2801N/A - Provides Quagga-specific dynamic libraries used by the Quagga daemons.
2801N/A - Provides header files, archive libraries and libtool files required for
2801N/A building code using the Quagga libraries. Note that these interfaces are
2801N/A External to Solaris and come without API stability guarantees. See also the
2801N/A attributes (5) manual page.
5446N/A - Provides the sources from which this release of the SUNWquagga packages
2801N/A were built. You may need to install either the Workshop compilers or gcc
2801N/A to compile the source. In order to compile Quagga's vtysh utility, you
2801N/A will need Readline libraries, which are freely available on the web.
2801N/ALocation of Installed Files and Directories
2801N/A===========================================
2801N/A-------------------------------------------------------------
2892N/ADaemon binaries(zebra,ospfd, ospf6d, ripd,
2801N/APreviously, the Zebra routing protocol suite was delivered as part of the
2801N/ASFW consolidation. This has now been replaced with Quagga, and Zebra
2801N/Arouting configuration can be migrated easily, either explicitly by running
2801N/A"routeadm -u" (see routeadm (1M)), or by rebooting the system. The
2801N/Aappropriate configuration files for the daemons used will be migrated to
2892N/AQuagga, and the equivalent Quagga SMF services will be enabled.
2801N/A============================
2801N/AYou may use
in.routed(1M) on other systems on your network, but you must not
2801N/AQuagga. Quagga is incompatible with the Solaris IP Multipathing
2892N/A(
in.mpathd(1M)) feature. Do not enable IPMP on a system running Quagga. If
2801N/Ayou have a machine set up with IPMP and wish to run Quagga on it, please
2801N/ASolaris 10 System Administrator Collection >>
2801N/A System Administration Guide: IP Services >>
2801N/A Part VI IP Network Multipathing (IPMP) >>
2801N/A 30. Administering IPMP (Task))
2801N/AIFF_NORTEXCH Interface Flag Support
2801N/A====================================
2801N/ACurrently Quagga is not aware of the IFF_NORTEXCH interface flag, so if
2801N/Ayou're trying to fence off interfaces from the intrusion of unwanted routing
2801N/Aprotocols, make sure you don't configure those interfaces in Quagga.
2801N/ASupport Level of Quagga Software
2801N/A================================
2801N/AThe contents of SUNWquaggar, SUNWquagga-daemons are provided with full Level
2801N/A1 support in accordance with your current software support agreement. This
2801N/Asupport includes Sun's global 24/7 sustaining model.
2801N/AConfiguring a Multi-homed Host as a Router Using Quagga
2801N/A==========================================================
2801N/A Sample configuration files have been provided in that directory.
2801N/A routeadm -e ipv4-forwarding
2801N/A Disable IPMP if machine is set up with it. To do this, you will
2801N/A have to undo all the things you had done to configure IPMP
2801N/A on your system. Please see :
2801N/A Product Categories>> Solaris >> Solaris 10
2801N/A Solaris 10 System Administration Guide:IP services, Chapter 30
2801N/A for configurations details of IPMP.
5446N/A Also it is important to note that each daemon is invoked with
2801N/A arguments to disable remote Telnet access to the daemons as it is a
2801N/A security risk. Please do not edit these configuration parameters that
2801N/A comprise part of the daemon-args property for each service.
2801N/A Pick the appropriate SMF service for the routing daemon that
2801N/A you wish to start. To enable a Quagga daemon service, type the following
2801N/A # routeadm -s routing-svcs="<routing daemon svc>" -e ipv4-routing -u
2801N/A # svcadm enable <routing daemon svc>
2801N/A Example: To enable the ospfd daemon, type the command:
2801N/A # routeadm -s routing-svcs=ospf:quagga -e ipv4-routing -u
2801N/A To enable the ospf6d daemon, type the command:
2801N/A # routeadm -s routing-svcs=ospf6:quagga -e ipv6-routing -u
2801N/AEditing the Daemon Arguments
2801N/A----------------------------
2801N/AYou can change the arguments used to invoke the Quagga routing
2801N/Adaemons by modifying the service properties (listed by
2801N/Arunning "routeadm -l <routing daemon svc>"). For example,
2801N/Asets an alternate configuration file.
2801N/AMonitoring, Debugging and Reconfiguring Quagga Daemons Interactively
2801N/A====================================================================
2801N/AQuagga provides a Telnet UI so that the user can access the daemons in
2801N/Areal-time. This interface is disabled by default for all daemons, but can
2801N/Abe enabled by changing the daemon-args property of Quagga services to a suitable
2801N/Avalue, such as "-A 127.0.0.1":
2801N/A # routeadm -m ospf:quagga vty_address="127.0.0.1"
2801N/AThis user interface allows one to connect to each daemon, monitor the
2801N/Adaemon, tag debugging parameters, and reconfigure the parameters of the
3998N/Arunning daemon. We have provided this facility with a wrapper utility called
2801N/Aquaggaadm (formerly zebraadm).
2801N/ATo access a particular daemon type
2801N/A*****WARNING*****WARNING****WARNING********
2801N/ABy default, if the daemon-args are not set so as to restrict access, Quagga
2801N/Aallows a user to remotely access the daemons via the Telnet UI. We STRONGLY
5446N/ARECOMMEND AGAINST remote Telnet access of the daemons, as it leaves the
5446N/Asystem vulnerable to security holes. To avoid leaving your system
2801N/Avulnerable, all daemons must be invoked with "-A 127.0.0.1" option, as shown
2801N/Ain the example above where routeadm is used to modify the 'daemon-args'
2801N/A*****WARNING*****WARNING****WARNING********
2801N/ADisabling Quagga Daemons on a System
2801N/A====================================
2801N/AIf you have enabled Quagga routing daemons as discussed above, and now wish
2801N/Ato disable them, this can be done generally with:
2801N/A # routeadm -d ipv4-routing -u
2801N/A # routeadm -d ipv6-routing -u
2801N/Aas appropriate. One may also disable just specific daemons with:
2801N/A # svcadm disable <daemon service>
2801N/AHigh-Availability Networking for Hosts with Quagga
2801N/A==================================================
2801N/AThe OSPF-MP (OSPF Multi-Pathing) feature is a layer 3 solution to achieve
5813N/Anetwork connectivity redundancy on servers. It uses the popular technique of
2801N/Aadvertising loopback-hosted virtual addresses using a routing protocol, in
2801N/Athis case the OSPF routing protocol.
2801N/AThe OSPF-MP feature is meant to be enabled on multihomed servers to
2801N/Aimplement an HA solution based on the OSPF protocol. Note that the server's
2801N/Ainterfaces *do not require forwarding to be enabled* for the functioning of
2801N/Athis feature. The feature does require, though, that
2801N/Aip_strict_dst_multihoming not be enabled. The OSPF-MP feature can be
2801N/Aachieved by configuring Quagga appropriately on a server.
2801N/A | loopback virtual addresses:
2801N/A ---------------------------------------
2801N/A | server with OSPF-MP feature enabled |
2801N/A ---------------------------------------
5446N/A ====== subnet A ===== subnet B
3998N/A ----------------------------------
3998N/A ----------------------------------
3998N/ASetting up a Multi-Homed Host with OSPF-MP
3998N/A==========================================
3998N/A #ifconfig lo0:1 inet plumb 172.16.3.91/32 up
3998N/A To have these loopback aliases plumb up across boots, create the
3998N/A file would have the following entry:
3998N/A 172.16.3.91 netmask 255.255.255.255 up
3998N/A2. Copy over the OSPF-MP sample configuration files:
3998N/A3 Edit the zebra and ospfd configuration files appropriately
5446N/A4. Disable forwarding on your server.
2801N/A routeadm -d ipv4-forwarding
2801N/A5. Disable IPMP if machine is set up with it. To do this you will
2801N/A have to undo all the things you had done to configure IPMP on your
2801N/A Product Categories>> Solaris >> Solaris 10
2801N/A Solaris 10 System Administration Guide:IP services, Chapter 30
2801N/A for configuration details of IPMP.
2801N/A6. Enable the OSPF-MP service at boot time, type the following
2801N/A # routeadm -s routing-svcs=ospf:quagga -e ipv4-routing -u
2801N/A7. Verify that the loopback hosted addresses are being correctly
2801N/A advertised by OSPF on the server, use the following snoop command:
2801N/AFollowing is the snoop output on a server that is enabled with OSPF-MP, and
2801N/Ais configured with the loopback alias of the example case above:
2801N/AETHER: ----- Ether Header -----
2801N/AETHER: Packet 8 arrived at 16:23:57.00008
2801N/AETHER: Packet size = 82 bytes
5813N/AETHER: Destination = 1:0:5e:0:0:5, (multicast)
2801N/AETHER: Source = 0:d0:b7:b9:ac:b2,
2801N/AETHER: Ethertype = 0800 (IP)
2801N/AIP: Header length = 20 bytes
2801N/AIP: xxx. .... = 6 (precedence)
2801N/AIP: ...0 .... = normal delay
2801N/AIP: .... 0... = normal throughput
2801N/AIP: .... .0.. = normal reliability
2801N/AIP: .... ..0. = not ECN capable transport
2801N/AIP: .... ...0 = no ECN congestion experienced
2801N/AIP: .0.. .... = may fragment
2801N/AIP: ..0. .... = last fragment
2801N/AIP: Fragment offset = 0 bytes
5446N/AIP: Source address = 10.1.1.1, 10.1.1.1
2801N/AIP: Destination address = 224.0.0.5, 224.0.0.5
2801N/AOSPF: ----- OSPF Header -----
2801N/AOSPF HELLO: ----- Hello Packet -----
2801N/AOSPF HELLO: Mask = 255.255.255.0
2801N/AOSPF HELLO: Hello interval = 10
2801N/AOSPF HELLO: Dead interval = 40
2801N/AOSPF HELLO: Designated Router = 10.1.1.2
2801N/AOSPF HELLO: Backup Designated Router = 10.1.1.1
2801N/AOSPF HELLO: Neighbor: 172.16.3.91
2801N/AExample configuration case on a server with OSPF-MP feature
2801N/A-----------------------------------------------------------
2801N/AGiven a server with the following ifconfig output:
2801N/Alo0: flags=1000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4> mtu 8232 index 1
2801N/A inet 127.0.0.1 netmask ff000000
2801N/Alo0:1: flags=1000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4> mtu 8232 index 1
2801N/A inet 172.16.3.91 netmask ffffffff
2801N/Ahme1: flags=1100843<UP,BROADCAST,RUNNING,MULTICAST,ROUTER,IPv4> mtu
2801N/A1500 index 3 inet 10.10.48.91
2801N/Anetmask ffffff00 broadcast 10.10.48.255 ether 8:0:20:d9:53:71
2801N/Aqfe0: flags=1100843<UP,BROADCAST,RUNNING,MULTICAST,ROUTER,IPv4> mtu 1500 index 4 inet 10.11.48.91
2801N/Anetmask ffffff00 broadcast 10.11.48.255 ether 0:3:ba:17:4d:47
2801N/AIts ospfd and zebra config files for OSPF-MP would be the following:
2801N/A! Zebra configuration saved from vty
2801N/A! Zebra configuration saved from vty
2801N/A network 10.10.48.0/24 area 1
2801N/A network 10.11.48.0/24 area 1
2801N/ATroubleshooting the OSPF-MP Feature
2801N/A===================================
2801N/AUse the following monitoring and debugging commands on a running
2801N/AMonitoring Commands for the ospfd Daemon
2801N/A----------------------------------------
2801N/A show ip ospf interface [INTERFACE]
2801N/ADebug Commands for the ospfd Daemon
2801N/A-----------------------------------
5446N/A debug ospf ism (status|events|timers)
2801N/A debug ospf lsa (generate|flooding|refresh)
2801N/A debug ospf nsm (status|events|timers)
2801N/A debug ospf packet (hello|dd|ls-request|ls-update|ls-ack|all)
2801N/A debug ospf packet (hello|dd|ls-request|ls-update|ls-ack|all) (send|recv)
2801N/A debug ospf packet (hello|dd|ls-request|ls-update|ls-ack|all)
2801N/A debug ospf zebra (interface|redistribute)
2801N/ASimilarly, use the following monitoring and debugging commands on a running
2801N/AMonitor Commands for the zebra Daemon
2801N/A--------------------------------------
2801N/ADebug Commands for the zebra Daemon
2801N/A-----------------------------------
5813N/A debug zebra packet (recv|send)
2801N/A debug zebra packet (recv|send) detail
2801N/AFine-tuning the OSPF-MP Feature by Customizing the OSPF Timers
2801N/A==============================================================
2801N/AUse specific interface level configuration subcommands of Telnet UI
2801N/Ato fine-tune the timers of OSPF daemon. To get to the interface level
2801N/A <hostname>#configure terminal
2801N/A <hostname>(config)# interface <interface name>
2801N/AThe appropriate subcommands to customize the timers are:
2801N/A ip ospf dead-interval <1-65535>
2801N/A ip ospf hello-interval <1-65535>
2801N/A ip ospf retransmit-interval <3-65535>
5813N/A ip ospf transmit-delay <1-65535>
5446N/AYou can have these new parameters committed to the configuration file by
3998N/A <hostname>(config-if)# write file
3998N/AFor further details of the above commands, please see the Quagga