Saturday, June 02, 2018

Redistributing AS-external nexthops over OSPF

Hi all,

I've been doing a bit of labbing with some OpenBSD VM's in order to try and
learn how to use OpenBSD's OSPF and BGP tools, as my prior experience in this
sort of thing is running BIRD on Linux in dn42 [1].

In my current lab configuration, I have six OpenBSD VM's which I have divided
into two clusters of three nodes. Each cluster is fully meshed over gre(4)
point-to-point links, and each node has its primary IP addresses configured
on a second lo(4) device -- link-local addresses are used on the gre(4)
interfaces.

+----+ +----+
| 01 |------+ +------| 04 |
+----+ | | +----+
| +----+ +----+ |
| | 00 | | 03 | |
| +----+ +----+ |
+----+ | | +----+
| 02 |------+ +------| 05 |
+----+ +----+


On each of these nodes, I have configured ospf{,6}d(8) to broadcast down the
point-to-point gre(4) links and consider the second loopback as a stub
interface, i.e.:

area 0.0.0.0 {
# Each node in each cluster of three has two direct
# peers
interface gre0
interface gre1

interface lo1 { passive }
}

I have also configured bgpd(8) on each VM host and assigned an AS number to
each of the two clusters, the goal being to create an eBGP peering between
the two clusters and make each node in the first cluster reachable to each
node in the second cluster and vice versa.

I have therefore set up a gre(4) tunnel between the nodes labelled "00" and
"03" in the ASCII art above, and configured a BGP link between the two. The
external routes are propagated to all the nodes in both clusters, however
the issue I have is that I can't find a way to automatically propagate the
nexthop addresses (on the gre(4) tunnel between "00" and "03") to the other
routers behind them.

Attaching the ospfd's to the tunnel linking the two clusters (both in active
and passive mode) does not propagate these routes via OSPF. It's probably
possible to solve this issue by rewriting the nexthop attribute on the
border routers in bgpd(8), however I'm hesistant to do this having been
cautioned against it previously. I'm able to handle external nexthops at the
OSPF level with my BIRD-on-Linux configuration, so I'm not sure what I need
to be doing on OpenBSD to achieve the same result.

Cheers,
multiplexd

[1]: https://dn42.eu

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)