Hello Bradley,
> It will look silly but maybe it works?
It looks silly, but it works well, thank you.
[10.109.3.15] $ cat /etc/hostname.vr0
-inet
inet 10.109.3.15 255.255.255.0
[10.109.3.15] $ cat /etc/hostname.vr3
inet 10.1.111.1 255.255.255.0
!route add 10.1.111.11 10.1.111.11
!route add 10.1.111.16 10.1.111.16
[10.109.3.15] $ cat /etc/ospfd.conf
router-id 10.109.3.15
#redistribute connected
redistribute 10.1.111.11/32
redistribute 10.1.111.16/32
area 0.0.0.0 {
interface vr0
}
At the far end I looks as follows.
[10.109.3.16] $ ospfctl show fib
flags: * = valid, O = OSPF, C = Connected, S = Static
Flags Prio Destination Nexthop
*S 8 0.0.0.0/0 10.109.3.254
*O 32 10.1.111.11/32 10.109.3.15
*O 32 10.1.111.16/32 10.109.3.15
C 4 10.1.200.0/24 10.1.200.1
C 4 10.1.222.0/24 10.1.222.1
*C 4 10.109.3.0/24 10.109.3.16
*C 0 127.0.0.0/8 link#0
*S 8 127.0.0.0/8 127.0.0.1
* 1 127.0.0.1/32 127.0.0.1
*S 8 224.0.0.0/4 127.0.0.1
On Fri, 10 Feb 2023 11:24:50 +1100
Bradley Latus <[email protected]> wrote:
> Hello
>
> Maybe try doing the IP of the host you want to go to?
>
> It will look silly but maybe it works?
>
> Aka
> !route add 10.1.111.11 10.1.111.11
>
> That worked on my attempt even without sleeping
>
> See if that helps.
>
>
>
>
> On Thu, 9 Feb 2023, 22:59 Radek, <[email protected]> wrote:
>
> > Hello Bradley,
> > if I add that route to /etc/hostname.vr3 I have no access to 10.1.111.11,
> > even from the local router.
> > After reboot I have to delete and add that route again by hand to make
> > everything work (sometimes I have to repeat delete/add few times to make it
> > work). It's 7.2/i386.
> > Any idea?
> >
> > [10.109.3.15] $ cat /etc/hostname.vr3
> > inet 10.1.111.1 255.255.255.0
> > !sleep 60
> > !route add 10.1.111.11 10.1.111.1
> >
> > [10.109.3.15] $ route -n show
> > Routing tables
> >
> > Internet:
> > Destination Gateway Flags Refs Use Mtu Prio
> > Iface
> > default 10.109.3.254 UGS 5 10 - 8 vr0
> > 224/4 127.0.0.1 URS 0 56 32768 8 lo0
> > 10.1.100/24 10.1.100.1 Cn 0 0 - 4 vr1
> > 10.1.100.1 00:00:24:cb:4f:cd UHLl 0 0 - 1 vr1
> > 10.1.100.255 10.1.100.1 Hb 0 0 - 1 vr1
> > 10.1.111/24 10.1.111.1 UCn 0 0 - 4 vr3
> > 10.1.111.1 00:00:24:cb:4f:cf UHLhl 1 2 - 1 vr3
> > 10.1.111.11 10.1.111.1 UGHS 0 104 - 8 vr3
> > 10.1.111.255 10.1.111.1 UHb 0 0 - 1 vr3
> > 10.1.222/24 10.109.3.16 UG 0 0 - 32 vr0
> > 10.109.3/24 10.109.3.15 UCn 3 18 - 4 vr0
> > 10.109.3.10 a4:bb:6d:d6:5a:a4 UHLc 1 11 - 3 vr0
> > 10.109.3.15 00:00:24:cb:4f:cc UHLl 0 13 - 1 vr0
> > 10.109.3.16 00:00:24:cd:90:10 UHLch 1 11 - 3 vr0
> > 10.109.3.254 00:0d:b9:35:39:29 UHLch 1 16 - 3 vr0
> > 10.109.3.255 10.109.3.15 UHb 0 0 - 1 vr0
> > 127/8 127.0.0.1 UGRS 0 0 32768 8 lo0
> > 127.0.0.1 127.0.0.1 UHhl 1 2 32768 1 lo0
> >
> > then...
> > [10.109.3.15] $ route delete 10.1.111.11 10.1.111.1
> > delete host 10.1.111.11: gateway 10.1.111.1
> > [10.109.3.15] $ route add 10.1.111.11 10.1.111.1
> > add host 10.1.111.11: gateway 10.1.111.1
> >
> > [10.109.3.15] $ route -n show
> > Routing tables
> >
> > Internet:
> > Destination Gateway Flags Refs Use Mtu Prio
> > Iface
> > default 10.109.3.254 UGS 5 11 - 8 vr0
> > 224/4 127.0.0.1 URS 0 137 32768 8 lo0
> > 10.1.100/24 10.1.100.1 Cn 0 0 - 4 vr1
> > 10.1.100.1 00:00:24:cb:4f:cd UHLl 0 0 - 1 vr1
> > 10.1.100.255 10.1.100.1 Hb 0 0 - 1 vr1
> > 10.1.111/24 10.1.111.1 UCn 1 0 - 4 vr3
> > 10.1.111.1 00:00:24:cb:4f:cf UHLhl 1 15 - 1 vr3
> > 10.1.111.11 00:00:24:cb:4f:d0 UHLc 0 172 - 3 vr3
> > 10.1.111.11 10.1.111.1 UGHS 0 0 - 8 vr3
> > 10.1.111.255 10.1.111.1 UHb 0 0 - 1 vr3
> > 10.1.222/24 10.109.3.16 UG 0 170 - 32 vr0
> > 10.109.3/24 10.109.3.15 UCn 3 28 - 4 vr0
> > 10.109.3.10 a4:bb:6d:d6:5a:a4 UHLc 1 22 - 3 vr0
> > 10.109.3.15 00:00:24:cb:4f:cc UHLl 0 24 - 1 vr0
> > 10.109.3.16 00:00:24:cd:90:10 UHLch 1 33 - 3 vr0
> > 10.109.3.254 00:0d:b9:35:39:29 UHLch 1 24 - 3 vr0
> > 10.109.3.255 10.109.3.15 UHb 0 0 - 1 vr0
> > 127/8 127.0.0.1 UGRS 0 0 32768 8 lo0
> > 127.0.0.1 127.0.0.1 UHhl 1 2 32768 1 lo0
> >
> >
> >
> > On Thu, 9 Feb 2023 07:47:33 +1100
> > Bradley Latus <[email protected]> wrote:
> >
> > > Hi,
> > > I see a small mistake
> > >
> > > You need to add that route to vr3 interface when you bring it up, vr0
> > will
> > > most likely be up before vr3 so that is why your route adding in the
> > > hostname.vr0 is wrong.
> > >
> > > Cheers
> > >
> > > On Thu, 9 Feb 2023, 01:36 Radek, <[email protected]> wrote:
> > >
> > > > Hello Bradley,
> > > > thank you, your setup works the way I need.
> > > >
> > > > I can't deal with adding the static route permanently. I have to add
> > the
> > > > static route by hand (route add 10.1.111.11/32 10.1.111.1) after
> > reboot.
> > > > Did I missed something?
> > > >
> > > > [10.109.3.15] $ cat /etc/hostname.vr0
> > > > -inet
> > > > dhcp
> > > > #inet 10.109.3.15 255.255.255.0
> > > > !sleep 60
> > > > !route add 10.1.111.11/32 10.1.111.1
> > > >
> > > > After reboot it looks like this:
> > > >
> > > > [10.109.3.15] $ route -n show
> > > > Routing tables
> > > >
> > > > Internet:
> > > > Destination Gateway Flags Refs Use Mtu Prio
> > > > Iface
> > > > default 10.109.3.254 UGS 5 15 -
> > 8 vr0
> > > > 224/4 127.0.0.1 URS 0 59 32768
> > 8 lo0
> > > > 10.1.100/24 10.1.100.1 Cn 0 0 -
> > 4 vr1
> > > > 10.1.100.1 00:00:24:cb:4f:cd UHLl 0 0 -
> > 1 vr1
> > > > 10.1.100.255 10.1.100.1 Hb 0 0 -
> > 1 vr1
> > > > 10.1.111/24 10.1.111.1 UCn 1 0 -
> > 4 vr3
> > > > 10.1.111.1 00:00:24:cb:4f:cf UHLl 0 3 -
> > 1 vr3
> > > > 10.1.111.11 00:00:24:cb:4f:d0 UHLc 0 2 -
> > 3 vr3
> > > > 10.1.111.255 10.1.111.1 UHb 0 0 -
> > 1 vr3
> > > > 10.1.222/24 10.109.3.16 UG 0 0 -
> > 32 vr0
> > > > 10.109.3/24 10.109.3.15 UCn 3 40 -
> > 4 vr0
> > > > 10.109.3.10 a4:bb:6d:d6:5a:a4 UHLc 1 29 -
> > 3 vr0
> > > > 10.109.3.15 00:00:24:cb:4f:cc UHLl 0 13 -
> > 1 vr0
> > > > 10.109.3.16 00:00:24:cd:90:10 UHLch 1 26 -
> > 3 vr0
> > > > 10.109.3.254 00:0d:b9:35:39:29 UHLch 1 31 -
> > 3 vr0
> > > > 10.109.3.255 10.109.3.15 UHb 0 0 -
> > 1 vr0
> > > > 127/8 127.0.0.1 UGRS 0 0 32768
> > 8 lo0
> > > > 127.0.0.1 127.0.0.1 UHhl 1 2 32768
> > 1 lo0
> > > >
> > > >
> > > > On Tue, 7 Feb 2023 17:54:27 +1100
> > > > Bradley Latus <[email protected]> wrote:
> > > >
> > > > > Hi all,
> > > > >
> > > > > I have done an experiment.
> > > > >
> > > > > If your interface is part of an area, it will be advertised always.
> > > > >
> > > > > If you wanted to advertise only /32 this is how I got mine to work.
> > > > > Ensure your interface vr3 is not in your ospf area
> > > > >
> > > > > Add a static route to the one you wish to advertise, it appears that
> > > > unless
> > > > > a route exists on the machine you cannot redistribute a random ip.
> > > > >
> > > > > So route add 10.1.111.11/32 10.1.111.1
> > > > >
> > > > > Then you can redistribute your /32
> > > > >
> > > > >
> > > > >
> > > > > router-id 10.109.3.15
> > > > > redistribute 10.1.111.11/32
> > > > >
> > > > > area 0.0.0.0 {
> > > > > interface vr0
> > > > > }
> > > > >
> > > > >
> > > > >
> > > > > On Tue, 7 Feb 2023, 02:46 Radek, <[email protected]> wrote:
> > > > >
> > > > > > Hello,
> > > > > > > I’d check the databases on both sides.
> > > > > > > And flush/reload the config and fibs.
> > > > > > I reloaded and restarted OSPFd on both sides - nothing changes.
> > Then, I
> > > > > > rebooted routers on both sides - nothing changes.
> > > > > > I still can see/ping the whole 10.1.111.0/24 subnet from the far
> > end.
> > > > > >
> > > > > > [10.109.3.15]$ ospfctl show database router
> > > > > >
> > > > > > Router Link States (Area 0.0.0.0)
> > > > > >
> > > > > > LS age: 238
> > > > > > Options: -|-|-|-|-|-|E|-
> > > > > > LS Type: Router
> > > > > > Link State ID: 10.109.3.15
> > > > > > Advertising Router: 10.109.3.15
> > > > > > LS Seq Number: 0x80000016
> > > > > > Checksum: 0x6d0a
> > > > > > Length: 48
> > > > > > Flags: *|*|*|*|*|-|E|-
> > > > > > Number of Links: 2
> > > > > >
> > > > > > Link connected to: Stub Network
> > > > > > Link ID (Network ID): 10.1.111.0
> > > > > > Link Data (Network Mask): 255.255.255.0
> > > > > > Metric: 10
> > > > > >
> > > > > > Link connected to: Transit Network
> > > > > > Link ID (Designated Router address): 10.109.3.16
> > > > > > Link Data (Router Interface address): 10.109.3.15
> > > > > > Metric: 10
> > > > > >
> > > > > > LS age: 239
> > > > > > Options: -|-|-|-|-|-|E|-
> > > > > > LS Type: Router
> > > > > > Link State ID: 10.109.3.16
> > > > > > Advertising Router: 10.109.3.16
> > > > > > LS Seq Number: 0x80000016
> > > > > > Checksum: 0xb058
> > > > > > Length: 36
> > > > > > Flags: *|*|*|*|*|-|E|-
> > > > > > Number of Links: 1
> > > > > >
> > > > > > Link connected to: Transit Network
> > > > > > Link ID (Designated Router address): 10.109.3.16
> > > > > > Link Data (Router Interface address): 10.109.3.16
> > > > > > Metric: 10
> > > > > >
> > > > > >
> > > > > > [10.109.3.16]$ ospfctl show fib
> > > > > > flags: * = valid, O = OSPF, C = Connected, S = Static
> > > > > > Flags Prio Destination Nexthop
> > > > > > *S 8 0.0.0.0/0 10.109.3.254
> > > > > > *O 32 10.1.111.0/24 10.109.3.15
> > > > > >
> > > > > >
> > > > > > On Sun, 5 Feb 2023 22:20:07 +0100
> > > > > > Diederik Schouten <[email protected]> wrote:
> > > > > >
> > > > > > > Hello,
> > > > > > >
> > > > > > > I’d check the databases on both sides.
> > > > > > > And flush/reload the config and fibs.
> > > > > > > Then check again which link state advertisements are in the
> > database.
> > > > > > > To make sure you now get the /32 advertised.
> > > > > > >
> > > > > > > Sent from my iPhone
> > > > > > >
> > > > > > > > On 5 Feb 2023, at 21:15, Radek <[email protected]> wrote:
> > > > > > > >
> > > > > > > > Hello Diederik, hello Tom,
> > > > > > > > this is a simple lab/testing configuration, that's why there
> > is no
> > > > > > "passive" and other...
> > > > > > > > The purpose of this configuration is to allow access to
> > certain IP
> > > > > > address and restrict access to the rest of the subnet.
> > > > > > > > I can use PF to block/pass what I need... but I'm trying make
> > sure
> > > > if
> > > > > > I can do it by announcing "not more than needed" over OSPF.
> > > > > > > >
> > > > > > > > "redistribute 10.1.111.11/32" seems to be what I need, but
> > > > probally I
> > > > > > missed something, because this option doesn't work for me as
> > expected.
> > > > > > > >
> > > > > > > > $ cat /etc/ospfd.conf
> > > > > > > > router-id 10.109.3.15
> > > > > > > > redistribute 10.1.111.11/32
> > > > > > > >
> > > > > > > > area 0.0.0.0 {
> > > > > > > > interface vr0
> > > > > > > > interface vr3
> > > > > > > > }
> > > > > > > >
> > > > > > > > Then, I can still see/ping other IPs in 10.1.111.0/24 from
> > the far
> > > > > > end network.
> > > > > > > >
> > > > > > > > On the far router I can see the whole subnet instead of
> > somthing
> > > > like
> > > > > > " *O 32 10.1.111.11/24 10.109.3.15".
> > > > > > > >
> > > > > > > > $ ospfctl show fib
> > > > > > > > flags: * = valid, O = OSPF, C = Connected, S = Static
> > > > > > > > Flags Prio Destination Nexthop
> > > > > > > > *S 8 0.0.0.0/0 10.109.3.254
> > > > > > > > *O 32 10.1.111.0/24 10.109.3.15
> > > > > > > >
> > > > > > > > Any clues?
> > > > > > > >
> > > > > > > >> On Sat, 4 Feb 2023 23:16:57 +0000
> > > > > > > >> Tom Smyth <[email protected]> wrote:
> > > > > > > >>
> > > > > > > >> Hi Radek,
> > > > > > > >>
> > > > > > > >> it is better practice to add ospf network statements to
> > > > ospfd.conf
> > > > > > > >> (if you dont want to send / recieve ospf messages on an
> > interface
> > > > set
> > > > > > the
> > > > > > > >> interface to passive in ospfd.conf
> > > > > > > >> avoid redistribute connected
> > > > > > > >> (add the network you want to be added to your ospf network)
> > and
> > > > leave
> > > > > > the
> > > > > > > >> other network ommitted from your ospfd.conf
> > > > > > > >>
> > > > > > > >>
> > > > > > > >> I hope this helps,
> > > > > > > >>
> > > > > > > >>
> > > > > > > >>> On Sat, 4 Feb 2023 at 20:02, Radek <[email protected]> wrote:
> > > > > > > >>>
> > > > > > > >>> Hello,
> > > > > > > >>> is it possible to announce over OSPF only one (or a few
> > > > specific) IP
> > > > > > > >>> address instead of the whole subnet?
> > > > > > > >>> If yes.. an ospfd.conf example would be appreciated.
> > > > > > > >>>
> > > > > > > >>> $ cat /etc/hostname.vr3
> > > > > > > >>> inet 10.1.111.1 255.255.255.0
> > > > > > > >>>
> > > > > > > >>> $ cat /etc/ospfd.conf
> > > > > > > >>> router-id 10.109.3.15
> > > > > > > >>> redistribute connected
> > > > > > > >>>
> > > > > > > >>> area 0.0.0.0 {
> > > > > > > >>> interface vr0
> > > > > > > >>> interface vr3
> > > > > > > >>> }
> > > > > > > >>>
> > > > > > > >>> Thanks,
> > > > > > > >>> Radek
> > > > > > > >>>
> > > > > > > >>>
> > > > > > > >>
> > > > > > > >> --
> > > > > > > >> Kindest regards,
> > > > > > > >> Tom Smyth.
> > > > > > > >
> > > > > > > >
> > > > > > > > Radek
> > > > > > > >
> > > > > > >
> > > > > >
> > > > > >
> > > > > > Radek
> > > > > >
> > > > > >
> > > >
> > > >
> > > > Radek
> > > >
> > > >
> >
> >
> > Radek
> >
> >
Radek
