Tag: frr

IPV6 getting an address automagically

You can use static definitions to give a device or link an IP address. You can use modern(last 20 years) technology to do this for you – and get additional advantages.

A server application needs a fixed IP address and port. A client, connecting to the server, can use a different IP address and port on different days. This has the advantage that it makes it harder for the bad guys to track you from your address and port combination

Client application usually use the option “allocate me any free port”.

To get a different IP address every time you can use IPv6 Stateless Address Auto-configuration (SLAAC). It is called stateless because it does not need to remember any state information from one day to the next. The client application says “give me an IP address, any IP Address” and then uses the IP address, until the device is shutdown, or the interface is closed.

On Linux You need radvd for this to work.

Router Advertisement Daemon (radvd)

You used to have dedicated routers. Now you can run radvd on a computer and it acts like a router. You can run it on your personal machine, or run it in its own machine.

This supports Neighbor Discovery Protocol. When your machine connects to the network, it asks all routers on your local network for configuration information. It gets back a list of prefixes defined on the router (for example 2001:db8::/64). If your machine wants to send a packet to 2001:db8::99, it sends a request to all routers on the local network, asking if any router has 2001:db8::99 defined. If so, the router responds, and so your machine knows where to send the packet to.

When an IP address is allocated to a device, it sends a request to all devices in the local network, asking “does anyone have this address”. This avoids devices with the same IP address. It is known as Duplicate Address Detection (DAD).

My radvd config file

The syntax of the configuration file is defined here

For my interface vl100 I wanted it to give it an IP address 2100… and 2100…

interface  vl100
{
   AdvSendAdvert on; 
   MaxRtrAdvInterval 60;
   MinDelayBetweenRAs  3; 
   
   prefix 2100::/64
   {
     AdvAutonomous on;
   };
    prefix 2200::/64
   {
   };
};

Where

  • AdvAutonomous on (the default) says support SLAAC

Creates

: vl100@enp0s31f6: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 state UP qlen 1000
    inet6 2200::3905:281e:909b:5e00/64 scope global temporary dynamic 
       valid_lft 86398sec preferred_lft 14398sec
    inet6 2200::8e16:45ff:fe36:f48a/64 scope global dynamic mngtmpaddr 
       valid_lft 86398sec preferred_lft 14398sec
    inet6 2100::3863:da22:619a:42e0/64 scope global temporary dynamic 
       valid_lft 86398sec preferred_lft 14398sec
    inet6 2100::8e16:45ff:fe36:f48a/64 scope global dynamic mngtmpaddr 
       valid_lft 86398sec preferred_lft 14398sec
    inet6 fe80::8e16:45ff:fe36:f48a/64 scope link 
       valid_lft forever preferred_lft forever

See here for the meaning of the fields

The attributes of the connection include :scope global temporary dynamic

  • dynamic was created by using stateless SLAAC configuration. If the address was created by an ip -6 addr add … dev … command, it will not have dynamic.
  • tentative – in the process of Duplicate Address Detection processing.
  • temporary – it expires after the time interval.
  • mngtmpaddr – is used as a template for temporary connections

You can change the attributes of an address using the change command. For example to change the time out value

sudo ip -6 addr change 2200::… dev vl100 valid_lft 100 preferred_lft 10

For me it expired and generated another connection with the same address.

Configuring frr on Linux

frr is a network router for Linux systems.

It works well, and has a lot of good documentation about all of the commands and options, but it does doesn’t have a “getting started” section. It is a bit like getting the wiring diagram for a car, when all you to do is get in and drive the car.

Below are some of the things I stumbled across lessons I learned.

Some later definitions override earlier definitions.

With

router ospf6
  ospf6 router-id 6.6.6.6  
  ospf6 router-id 6.6.6.7

The definition used is 6.6.6.7 because it overrides the earlier 6.6.6.6

interface AB
 description colins AB first
  ip ospf area 0.0.0.0
  ip ospf area 20.0.0.0

In this case the area 0.0.0.0 is used – so the order does not look consistent.

interface eno1 
   ipv6 nd prefix 2001:db8:6099::/64
   ipv6 nd prefix 2008::/64

 
interface eno1
   description server2 ospf6
   ipv6 ospf6 instance-id 2

The description is description server2 ospf6 because it was the only one specified.

Both of the nd prefix values are used.

What is used where?

If you want to configure a daemon, you needs to specify parameters in different places.

For example, the ospf6 daemon

router ospf6
  ospf6 router-id 6.6.6.6
...  

interface enp0s31f6
  ipv6 ospf6 area 0.0.0.0

The router ospf6 configuration is for the daemon thread.

The information on the interface…. statement is for each interface. This means all of the configuration information for an interface is under the interface…. section.

To display the ospf6 configuration use

show running-config ospf6

It extracts the ospf6 interesting information from the configuration

Current configuration:
!
frr version 8.1
...
hostname Server
!
debug ospf6 zebra
debug ospf6 interface
!
interface eno1
 description server2 ospzz
 ipv6 ospf6 area 0.0.0.0
 ipv6 ospf6 instance-id 2
 ipv6 ospf6 network point-to-point
exit
!

router ospf6
 ospf6 router-id 6.6.1.1
 redistribute static
 redistribute ripng
exit
!
end

and ignored other information like

debug ospf zebra
debug ospf interface 

interface eno1 
   ipv6 nd prefix 2001:db8:6099::/64
   ipv6 nd prefix 2008::/64

The debug ospf… is ignored because this relates to ospf not to ospf6.

The ipv6 nd is ignored because this is not ospf6 related.

Configuring using vtysh

You can use vtysh to configure your /etc/frr/frr.cntl for example

  • vtysh
  • configure
  • interface vl100
  • ipv6 address 3000::1/64
  • do write
  • quit
  • quite
  • quit

it is a good idea to make a copy of the /etc/frr/frr.conf before you do this.

Show doesn’t always show

You can use the command

show running-config

and that shows you most of what is configured and running.

Note that default values may not be displayed.

When my definitions had 

interface eno1 
   ip ospf hello-interval 11

the show running-configuration gave

interface eno1
 description server ospzz
 ip address 10.1.0.3 peer 10.1.0.2/24
 ip ospf area 0.0.0.0
 ip ospf dead-interval 40
 ip ospf hello-interval 11

When I had ip ospf hello-interval 10 the output did not include ip ospf hello-interval 10 because it was the default value.

You can use sudo vtysh

show running config
write file

to rewrite the /etc/frr/frr.conf control file with the defaults removed, and the frr version line updated.

If you use the command

show ip ospf interface

it gives you the values for each interface such as

Timer intervals configured, Hello 10s, Dead 40s, Wait 40s, Retransmit 5

OSPF defaults

these were in the file lib/libospf.h in the frr source.

 OSPF_MIN_LS_INTERVAL                  5000     /* msec */
 OSPF_MIN_LS_ARRIVAL                   1000     /* in milliseconds */
 OSPF_LSA_INITIAL_AGE                     0      /* useful for debug */
 OSPF_LSA_MAXAGE                       3600
 OSPF_CHECK_AGE                         300
 OSPF_LSA_MAXAGE_DIFF                   900
 OSPF_LS_INFINITY                  0xffffff
 OSPF_DEFAULT_DESTINATION        0x00000000      /* 0.0.0.0 */
 OSPF_INITIAL_SEQUENCE_NUMBER    0x80000001U
 OSPF_MAX_SEQUENCE_NUMBER        0x7fffffffU


/* OSPF interface default values. */
 OSPF_OUTPUT_COST_DEFAULT           10
 OSPF_OUTPUT_COST_INFINITE          UINT16_MAX
 OSPF_ROUTER_DEAD_INTERVAL_DEFAULT  40

 OSPF_ROUTER_DEAD_INTERVAL_MINIMAL   1
 OSPF_HELLO_INTERVAL_DEFAULT        10
 OSPF_ROUTER_PRIORITY_DEFAULT        1
 OSPF_RETRANSMIT_INTERVAL_DEFAULT    5
 OSPF_TRANSMIT_DELAY_DEFAULT         1
 OSPF_DEFAULT_BANDWIDTH           10000  /* Mbps */

 OSPF_DEFAULT_REF_BANDWIDTH      100000  /* Mbps */

 OSPF_POLL_INTERVAL_DEFAULT         60
 OSPF_NEIGHBOR_PRIORITY_DEFAULT      0

 OSPF_MTU_IGNORE_DEFAULT             0
 OSPF_FAST_HELLO_DEFAULT             0

 OSPF_AREA_BACKBONE              0x00000000      /* 0.0.0.0 */
 OSPF_AREA_RANGE_COST_UNSPEC     -1U

 OSPF_AREA_DEFAULT       0
 OSPF_AREA_STUB          1
 OSPF_AREA_NSSA          2
 OSPF_AREA_TYPE_MAX      3

/* SPF Throttling timer values. */
 OSPF_SPF_DELAY_DEFAULT              0
 OSPF_SPF_HOLDTIME_DEFAULT           50
 OSPF_SPF_MAX_HOLDTIME_DEFAULT       5000

 OSPF_LSA_MAXAGE_CHECK_INTERVAL          30
 OSPF_LSA_MAXAGE_REMOVE_DELAY_DEFAULT    60