851N/A# The contents of this file are subject to the terms of the
851N/A# Common Development and Distribution License (the "License").
304N/A# You may not use this file except in compliance with the License.
304N/A# See the License for the specific language governing permissions
304N/A# and limitations under the License.
304N/A# When distributing Covered Code, include this CDDL HEADER in each
304N/A# If applicable, add the following below this CDDL HEADER, with the
304N/A# fields enclosed by brackets "[]" replaced with your own identifying
304N/A# information: Portions Copyright [yyyy] [name of copyright owner]
304N/A# Copyright (c) 2006, 2011, Oracle
and/or its affiliates. All rights reserved.
304N/A SOLARIS' OFFERING OF OPENSOURCE QUAGGA SOFTWARE
304N/A ************************************************
304N/AQuagga(version 0.99.4) in Solaris is comprised of the following packages:
304N/A - Provides the Quagga daemons and the quaggaadm utility.
304N/A The daemons installed by this package are:
304N/A ripd, ripngd, ospfd, ospf6d, bgpd, and zebra(the routing manager daemon)
304N/A This package has dependencies on SUNWquaggar and SUNWquagga-libs
851N/A file and SMF manifests for Quagga daemons.
304N/A - Provides Quagga-specific dynamic libraries used by the Quagga daemons.
304N/A - Provides header files, archive libraries and libtool files required for
304N/A building code using the Quagga libraries. Note that these interfaces are
493N/A External to Solaris and come without API stability guarantees. See also the
493N/A attributes (5) manual page.
- Provides the sources from which this release of the SUNWquagga packages
were built. You may need to install either the Workshop compilers or gcc
to compile the source. In order to compile Quagga's vtysh utility, you
will need Readline libraries, which are freely available on the web.
Location of Installed Files and Directories
===========================================
Modules of Quagga Location
-------------------------------------------------------------
Daemon binaries(zebra,ospfd, ospf6d, ripd,
Previously, the Zebra routing protocol suite was delivered as part of the
SFW consolidation. This has now been replaced with Quagga, and Zebra
routing configuration can be migrated easily, either explicitly by running
"routeadm -u" (see routeadm (1M)), or by rebooting the system. The
appropriate configuration files for the daemons used will be migrated to
Quagga, and the equivalent Quagga SMF services will be enabled.
Incompatibilities of Quagga
============================
You may use
in.routed(1M) on other systems on your network, but you must not
Quagga. Quagga is incompatible with the Solaris IP Multipathing
(
in.mpathd(1M)) feature. Do not enable IPMP on a system running Quagga. If
you have a machine set up with IPMP and wish to run Quagga on it, please
Solaris 10 System Administrator Collection >>
System Administration Guide: IP Services >>
Part VI IP Network Multipathing (IPMP) >>
30. Administering IPMP (Task))
IFF_NORTEXCH Interface Flag Support
====================================
Currently Quagga is not aware of the IFF_NORTEXCH interface flag, so if
you're trying to fence off interfaces from the intrusion of unwanted routing
protocols, make sure you don't configure those interfaces in Quagga.
Support Level of Quagga Software
================================
The contents of SUNWquaggar, SUNWquagga-daemons are provided with full Level
1 support in accordance with your current software support agreement. This
support includes Sun's global 24/7 sustaining model.
Configuring a Multi-homed Host as a Router Using Quagga
==========================================================
1. Create the appropriate daemon configuration file in
/etc/quagga.
Sample configuration files have been provided in that directory.
routeadm -e ipv4-forwarding
Disable IPMP if machine is set up with it. To do this, you will
have to undo all the things you had done to configure IPMP
on your system. Please see :
Product Categories>> Solaris >> Solaris 10
Solaris 10 System Administration Guide:IP services, Chapter 30
for configurations details of IPMP.
Also it is important to note that each daemon is invoked with
arguments to disable remote Telnet access to the daemons as it is a
security risk. Please do not edit these configuration parameters that
comprise part of the daemon-args property for each service.
Pick the appropriate SMF service for the routing daemon that
you wish to start. To enable a Quagga daemon service, type the following
# routeadm -s routing-svcs="<routing daemon svc>" -e ipv4-routing -u
# svcadm enable <routing daemon svc>
Example: To enable the ospfd daemon, type the command:
# routeadm -s routing-svcs=ospf:quagga -e ipv4-routing -u
To enable the ospf6d daemon, type the command:
# routeadm -s routing-svcs=ospf6:quagga -e ipv6-routing -u
Editing the Daemon Arguments
----------------------------
You can change the arguments used to invoke the Quagga routing
daemons by modifying the service properties (listed by
running "routeadm -l <routing daemon svc>"). For example,
sets an alternate configuration file.
Monitoring, Debugging and Reconfiguring Quagga Daemons Interactively
====================================================================
Quagga provides a Telnet UI so that the user can access the daemons in
real-time. This interface is disabled by default for all daemons, but can
be enabled by changing the daemon-args property of Quagga services to a suitable
value, such as "-A 127.0.0.1":
# routeadm -m ospf:quagga vty_address="127.0.0.1"
This user interface allows one to connect to each daemon, monitor the
daemon, tag debugging parameters, and reconfigure the parameters of the
running daemon. We have provided this facility with a wrapper utility called
quaggaadm (formerly zebraadm).
To access a particular daemon type
*****WARNING*****WARNING****WARNING********
By default, if the daemon-args are not set so as to restrict access, Quagga
allows a user to remotely access the daemons via the Telnet UI. We STRONGLY
RECOMMEND AGAINST remote Telnet access of the daemons, as it leaves the
system vulnerable to security holes. To avoid leaving your system
vulnerable, all daemons must be invoked with "-A 127.0.0.1" option, as shown
in the example above where routeadm is used to modify the 'daemon-args'
*****WARNING*****WARNING****WARNING********
Disabling Quagga Daemons on a System
====================================
If you have enabled Quagga routing daemons as discussed above, and now wish
to disable them, this can be done generally with:
# routeadm -d ipv4-routing -u
# routeadm -d ipv6-routing -u
as appropriate. One may also disable just specific daemons with:
# svcadm disable <daemon service>
High-Availability Networking for Hosts with Quagga
==================================================
The OSPF-MP (OSPF Multi-Pathing) feature is a layer 3 solution to achieve
network connectivity redundancy on servers. It uses the popular technique of
advertising loopback-hosted virtual addresses using a routing protocol, in
this case the OSPF routing protocol.
The OSPF-MP feature is meant to be enabled on multihomed servers to
implement an HA solution based on the OSPF protocol. Note that the server's
interfaces *do not require forwarding to be enabled* for the functioning of
this feature. The feature does require, though, that
ip_strict_dst_multihoming not be enabled. The OSPF-MP feature can be
achieved by configuring Quagga appropriately on a server.
| loopback virtual addresses:
---------------------------------------
| server with OSPF-MP feature enabled |
---------------------------------------
====== subnet A ===== subnet B
----------------------------------
----------------------------------
Setting up a Multi-Homed Host with OSPF-MP
==========================================
1.Configure loopback aliases on the machine. Following is an
#ifconfig lo0:1 inet plumb 172.16.3.91/32 up
To have these loopback aliases plumb up across boots, create the
file would have the following entry:
172.16.3.91 netmask 255.255.255.255 up
2. Copy over the OSPF-MP sample configuration files:
3 Edit the zebra and ospfd configuration files appropriately
4. Disable forwarding on your server.
routeadm -d ipv4-forwarding
5. Disable IPMP if machine is set up with it. To do this you will
have to undo all the things you had done to configure IPMP on your
Product Categories>> Solaris >> Solaris 10
Solaris 10 System Administration Guide:IP services, Chapter 30
for configuration details of IPMP.
6. Enable the OSPF-MP service at boot time, type the following
# routeadm -s routing-svcs=ospf:quagga -e ipv4-routing -u
7. Verify that the loopback hosted addresses are being correctly
advertised by OSPF on the server, use the following snoop command:
snoop -d <device> -rv ospf
Following is the snoop output on a server that is enabled with OSPF-MP, and
is configured with the loopback alias of the example case above:
ETHER: ----- Ether Header -----
ETHER: Packet 8 arrived at 16:23:57.00008
ETHER: Packet size = 82 bytes
ETHER: Destination = 1:0:5e:0:0:5, (multicast)
ETHER: Source = 0:d0:b7:b9:ac:b2,
ETHER: Ethertype = 0800 (IP)
IP: ----- IP Header -----
IP: Header length = 20 bytes
IP: Type of service = 0xc0
IP: xxx. .... = 6 (precedence)
IP: ...0 .... = normal delay
IP: .... 0... = normal throughput
IP: .... .0.. = normal reliability
IP: .... ..0. = not ECN capable transport
IP: .... ...0 = no ECN congestion experienced
IP: Total length = 68 bytes
IP: Identification = 41685
IP: .0.. .... = may fragment
IP: ..0. .... = last fragment
IP: Fragment offset = 0 bytes
IP: Header checksum = 2ac5
IP: Source address = 10.1.1.1, 10.1.1.1
IP: Destination address = 224.0.0.5, 224.0.0.5
OSPF: ----- OSPF Header -----
OSPF: Router ID = 10.1.2.1
OSPF HELLO: ----- Hello Packet -----
OSPF HELLO: Mask = 255.255.255.0
OSPF HELLO: Hello interval = 10
OSPF HELLO: Dead interval = 40
OSPF HELLO: Designated Router = 10.1.1.2
OSPF HELLO: Backup Designated Router = 10.1.1.1
OSPF HELLO: Neighbor: 172.16.3.91
Example configuration case on a server with OSPF-MP feature
-----------------------------------------------------------
Given a server with the following ifconfig output:
lo0: flags=1000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4> mtu 8232 index 1
inet 127.0.0.1 netmask ff000000
lo0:1: flags=1000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4> mtu 8232 index 1
inet 172.16.3.91 netmask ffffffff
hme1: flags=1100843<UP,BROADCAST,RUNNING,MULTICAST,ROUTER,IPv4> mtu
1500 index 3 inet 10.10.48.91
netmask ffffff00 broadcast 10.10.48.255 ether 8:0:20:d9:53:71
qfe0: flags=1100843<UP,BROADCAST,RUNNING,MULTICAST,ROUTER,IPv4> mtu 1500 index 4 inet 10.11.48.91
netmask ffffff00 broadcast 10.11.48.255 ether 0:3:ba:17:4d:47
Its ospfd and zebra config files for OSPF-MP would be the following:
! Zebra configuration saved from vty
! Zebra configuration saved from vty
ospf router-id 10.10.48.91
network 10.10.48.0/24 area 1
network 10.11.48.0/24 area 1
Troubleshooting the OSPF-MP Feature
===================================
Use the following monitoring and debugging commands on a running
Monitoring Commands for the ospfd Daemon
----------------------------------------
show ip ospf interface [INTERFACE]
Debug Commands for the ospfd Daemon
-----------------------------------
debug ospf ism (status|events|timers)
debug ospf lsa (generate|flooding|refresh)
debug ospf nsm (status|events|timers)
debug ospf packet (hello|dd|ls-request|ls-update|ls-ack|all)
debug ospf packet (hello|dd|ls-request|ls-update|ls-ack|all) (send|recv)
debug ospf packet (hello|dd|ls-request|ls-update|ls-ack|all)
debug ospf zebra (interface|redistribute)
Similarly, use the following monitoring and debugging commands on a running
Monitor Commands for the zebra Daemon
--------------------------------------
Debug Commands for the zebra Daemon
-----------------------------------
debug zebra packet (recv|send)
debug zebra packet (recv|send) detail
Fine-tuning the OSPF-MP Feature by Customizing the OSPF Timers
==============================================================
Use specific interface level configuration subcommands of Telnet UI
to fine-tune the timers of OSPF daemon. To get to the interface level
configuration mode, type:
Password:<type password that is set in the
ospfd.conf file>
<hostname>#configure terminal
<hostname>(config)# interface <interface name>
The appropriate subcommands to customize the timers are:
ip ospf dead-interval <1-65535>
ip ospf hello-interval <1-65535>
ip ospf retransmit-interval <3-65535>
ip ospf transmit-delay <1-65535>
You can have these new parameters committed to the configuration file by
<hostname>(config-if)# write file
For further details of the above commands, please see the Quagga