On Wed, 2003-03-05 at 06:57, Eric B Kiser wrote: Good to hear :)
this first setup will be 5 ospf linux bering zebra's running current hardware (3c905 nic's) most boxes is simple 2 intreface but one will be a 4 interface with 1 uplink, 1 connection to a large nationwide network (but no Inet), 1 ospf network and 1 regular network (default-gw) sonn after there will be cisco boxes, win-nt firewalls (fw-1, symantec raptor,etc ) and more 'alien' hardware also what is the latest lrp'd zebra version ? or do you ppl make you'r own ? mvh Ronny Aasen > Most of the problems with OSPF seem to be misconfiguration at this point. > There were problems with MD5 authentication which have been resolved and > some hardware problems that had nothing to do with Zebra that have also been > resolved. > > For configuration help check out this site: http://pilot.org.ua/zebra/ > > Here are the responses that I have received so far and a bit of research > from the archives listed at the bottom... > > [Tim Bulger] > Sorry, this isn't exactly what you're looking for, but I've been running > zebra OSPF in VPN networks that span the globe since mid-2000 with no > significant complaints. The zebra boxes coexist peaceably with Cisco, > Foundry, Alcatel, Cabletron, possibly others. > > Hope this helps, > Tim > [Tim Bulger] > > [Stephane Bortzmeyer] > If you want to do simple things, you'll probably have no problems. We are > very > happy with Zebra's OSPF. > > Things I noticed on that mailing list were often OS-specific: > > * some Linux drivers (Broadcom cards) have problems with multicast (and it > is > worse if you have VLANs), > * BSD systems have problems with routing (the OSPF /32 route to itself being > blindly followed, lack of a default route making BSD believe it cannot > multicast, etc) > [/Stephane Bortzmeyer] > > [Paul Cammidge] > interestingly, a few people complained about problems with the broadcom > network cards, and the latest linux kernel includes a fix for this > driver. i dont know whether the fix is relates to the same problem. > > paul > [/Paul Cammidge] > > [Tesfaye Tariku] > > Sorry you are in the XYZ comp. (:->) > I think you need to look at variables that have impact on packet forwarding. > If the iptables or ipchains is not setup to allow the input/output > to forward packets to the intended systems, no matter how you setup the > ospf, you will be confined in the same box, assuming that you haven't setup > your box world accessible, which of course, your system may not last long. > If you are sure that the setup of ospf is correct but its not doing as > intended, > look other variables - iptables (or ipchains), PAM (if pam enabled zebra > setup exist in your system), SSH, SSL. > You need to look at these variables, which have significant impact on > packet i/o. At least it has a tendency to create unstability to the ospf > system. > I think the zebra/ospf on the beta phase showed great potential and I don't > think I'm with you on that. You may need to look at your own ospf setup as > well. > Good luck > TT > [/Tesfaye Tariku] > > +++Here are some other posts that have appeared within the last couple of > months. -ek > > [Jean-Francois Laforest] > I've been running OSPF (with zebra) for 2 months now, and from what I > noticed, there has been no problem whatsoever with MD5 authentication, > but sometimes when a link dies, it takes a little while to see it back > up. Other than that, it's rock solid. I have over 9 routers locally and > we have over 20 routers on our VPN. I will ask around to see if others > got problems, for me it runs fine on Linux and FreeBSD. Zebra also does > work fine with cisco routers. > > [/Jean-Francois Laforest] > > [Paul Jakma] > On Sun, 9 Feb 2003, Vladimir I. wrote: > > > Hello All, > > > > It's been more than half a year since I was forced to move away > > from OSPF to RIPv2 due to bugs in Zebra's OSPF implementation. > > Has the situation improved? I understand that Zebra's official > > CVS sees very small change nowadays, however what about Paul > > Jakma's releases? > > Actually, a lot of those fixes are now in CVS. Plus others which were > applied directly. > > > My problem was that OSPF often didn't re-establish adjency after > > link failures (e.g., got stuck in various states before FULL). At > > least partly that was attributed to a bug in MD5 authentication, > > which AFAIK is resolved now. > > Should be, thanks to Greg Troxel. > > The other thing to try is (if using MD5): > > > http://people.ie.alphyra.com/~paulj/zebra/20021111/patches/zebra-ospfd-md5au > th-seqnum.patch > > without it, if 2 routers were adjacent for x amount of time, then they > will take x amount of time to reestablish adjacency should one ospfd > be restarted. > > > Anybody running Zebra's OSPF on a network with 5+ routers? > > Yes. http://people.ie.alphyra.com/~paulj/zebra/20021111. > > There are a couple of Opaque LSA fixes in CVS too. > > regards, > -- > Paul Jakma > [/Paul Jakma] > > [Stephane Bortzmeyer] > On Sunday 9 February 2003, at 17 h 41, > "Vladimir I." <[EMAIL PROTECTED]> wrote: > > > My problem was that OSPF often didn't re-establish adjency after > > link failures (e.g., got stuck in various states before FULL). At > > least partly that was attributed to a bug in MD5 authentication, > > which AFAIK is resolved now. Anybody running Zebra's OSPF on a > > network with 5+ routers? > > We do, in production, and I did not notice this sort of problems (but we are > lucky, we have few link failures). We do not use MD5 auth. > [/Stephane Bortzmeyer] > > [John Frazier] > Been running Zebra/ospfd/bgpd in production in our network for several > years now. No problems that I can think of at all. I don't use MD5 auth > however because there is no need in our environment. simple-password auth > does just fine. > [/John Frazier] > > If you want to verify this informationyou can go to > http://www.zebra.org/mailing.html and click on marc.theaimsgroup.com then do > a search for ospf. > > Regards, > Eric Kiser > > > > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] Behalf Of Eric B Kiser > Sent: Tuesday, March 04, 2003 3:04 PM > To: Ronny Aasen; leaf > Subject: RE: [leaf-user] zebra and bering > > > Hi Ronny, > > OSPF from Zebra is available for the current version of Bering. There is > however some debate as the current stability of Zebra's implementation of > OSPF. Below is a copy of the mail that I sent to the Zebra mailing list. > > [begin] > Howdy all, > > This is a request for comment from anyone that is currently running OSPF > successfully. The impression that some folks have is that OSPF is a bit > flaky at this point. However, I seem to remember a post from John stating > that he has OSPF running on his network and has not had any significant > problems with it. Also, If we have some folks with problems and others that > don't, what is the discrepancy? I am looking for something along the lines > of... If you want to do A, B, C, then it is fine. But, if you want to do X, > Y, and Z, then you will likely run into trouble. > > Thanks in advance, > Eric Kiser > [/end] > > I will put together whatever information I get back from them and post the > results to the list. > > Regards, > Eric Kiser > > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] Behalf Of Ronny Aasen > Sent: Tuesday, March 04, 2003 9:47 AM > To: leaf > Subject: [leaf-user] zebra and bering > > > > hello > > i have just been given a limit of 15 days to convert my berings into > OSPF capable routers, either by software or new boxes. > I love linux/bering and would prefer to do this with a zebra package. > > is there anyone on this list that have implemented zebra in a bering > router. (is it possible, or will i need to go to a 2.2.x kernel based > distro) > > mvh > Ronny Aasen > > > > > > > > > > > > > > > ------------------------------------------------------- > This SF.net email is sponsored by: Etnus, makers of TotalView, The debugger > for complex code. Debugging C/C++ programs can leave you feeling lost and > disoriented. TotalView can help you find your way. Available on major UNIX > and Linux platforms. Try it free. www.etnus.com > ------------------------------------------------------------------------ > leaf-user mailing list: [EMAIL PROTECTED] > https://lists.sourceforge.net/lists/listinfo/leaf-user > SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html > > > > ------------------------------------------------------- > This SF.net email is sponsored by: Etnus, makers of TotalView, The debugger > for complex code. Debugging C/C++ programs can leave you feeling lost and > disoriented. TotalView can help you find your way. Available on major UNIX > and Linux platforms. Try it free. www.etnus.com > ------------------------------------------------------------------------ > leaf-user mailing list: [EMAIL PROTECTED] > https://lists.sourceforge.net/lists/listinfo/leaf-user > SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html > > > > ------------------------------------------------------- > This SF.net email is sponsored by: Etnus, makers of TotalView, The debugger > for complex code. Debugging C/C++ programs can leave you feeling lost and > disoriented. TotalView can help you find your way. Available on major UNIX > and Linux platforms. Try it free. www.etnus.com > ------------------------------------------------------------------------ > leaf-user mailing list: [EMAIL PROTECTED] > https://lists.sourceforge.net/lists/listinfo/leaf-user > SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html ------------------------------------------------------- This SF.net email is sponsored by: Etnus, makers of TotalView, The debugger for complex code. Debugging C/C++ programs can leave you feeling lost and disoriented. TotalView can help you find your way. Available on major UNIX and Linux platforms. Try it free. www.etnus.com ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
