changing router-ids in ospfd not working
Hello,
ospfd can't handle changing router-ids.
Consider the following setup, two machines, border3 / superm:
border3:
border3# cat /etc/ospfd.conf
router-id 10.12.95.250
redistribute static set type 2
redistribute connected set type 2
redistribute 10.12.95.250/32 set type 2
redistribute default set { metric 300 type 2 }
area 0.0.0.0 {
interface em0
}
border3# ifconfig lo0
[...]
inet 10.12.95.250 netmask 0x
border3# ifconfig em0
[...]
inet 10.12.95.162 netmask 0xffe0 broadcast 10.12.95.191
superm
--
superm# cat /etc/ospfd.conf
router-id 10.12.80.1
area 0.0.0.0 {
interface re0
}
superm# ifconfig re0
[...]
inet 10.12.95.165 netmask 0xffe0 broadcast 10.12.95.191
superm# ifconfig em0
[...]
inet 10.12.80.1 netmask 0xff00 broadcast 10.12.80.255
starting ospfd on both machines results in:
border3# ospfctl sh nei
ID Pri StateDeadTime Address Iface Uptime
10.12.80.1 1 FULL/BCKUP 00:00:36 10.12.95.165em0 00:08:52
superm# ospfctl sh nei
ID Pri StateDeadTime Address Iface Uptime
10.12.95.2501 FULL/DR 00:00:30 10.12.95.162re0 00:09:47
changing the router-id on superm from 10.12.80.1 to 10.12.95.165 and
restarting ospfd on superm results in:
border3# ospfctl sh nei
ID Pri StateDeadTime Address Iface Uptime
10.12.80.1 1 EXSTA/OTHER 00:00:35 10.12.95.165em0 -
border3# tail /var/log/daemon
Jan 6 13:08:43 border3 ospfd[21043]: nbr_adj_timer: failed to form
adjacency with 10.12.80.1
superm# ospfctl sh nei
ID Pri StateDeadTime Address Iface Uptime
10.12.95.2501 INIT/OTHER 00:00:37 10.12.95.162re0 -
Note that border3 still tries to talk to router with the old id
10.12.80.1
Restarting ospfd on border3 (where no config changes were done!) is a
workaround.
The problem is in hello.c which tries to match the src IP (which
didn't change). This patch apparently fixes the problem (I couldn't
figure out why hello.c matches the src IP in this case and not the
router-id which is already done in other places)
Index: hello.c
===
RCS file: /cvs/src/usr.sbin/ospfd/hello.c,v
retrieving revision 1.15
diff -u -r1.15 hello.c
--- hello.c 31 Jan 2009 08:55:00 - 1.15
+++ hello.c 6 Jan 2010 13:46:30 -
@@ -175,11 +175,11 @@
case IF_TYPE_BROADCAST:
case IF_TYPE_NBMA:
case IF_TYPE_POINTOMULTIPOINT:
- /* match src IP */
+ /* match router-id */
LIST_FOREACH(nbr, iface-nbr_list, entry) {
if (nbr == iface-self)
continue;
- if (nbr-addr.s_addr == src.s_addr)
+ if (nbr-id.s_addr == rtr_id)
break;
}
break;
Stopping both ospfds, changing the router-id on superm back to
10.12.80.1 and starting both ospfds (superm: -current ospfd, border3
ospfd with the patch applied) results in:
[r...@border3.ffm2-test.hsgate.de:/usr/src/usr.sbin/ospfd]# ospfctl sh nei
ID Pri StateDeadTime Address Iface Uptime
10.12.80.1 1 FULL/BCKUP 00:00:31 10.12.95.165em0 00:00:36
[r...@superm.build.hsgate.de:/etc]# ospfctl sh nei
ID Pri StateDeadTime Address Iface Uptime
10.12.95.2501 FULL/DR 00:00:38 10.12.95.162re0 00:00:50
If the router-id on superm is now changed to 10.12.95.165 it looks
like this:
border3# ospfctl sh nei
ID Pri StateDeadTime Address Iface Uptime
10.12.95.1651 FULL/BCKUP 00:00:33 10.12.95.165em0 00:03:47
10.12.80.1 1 DOWN/OTHER 00:03:17 10.12.95.165em0 -
superm# ospfctl sh nei
ID Pri StateDeadTime Address Iface Uptime
10.12.95.2501 FULL/DR 00:00:35 10.12.95.162re0 00:04:14
The DOWN/OTHER line will disappear after 24 hours.
--
While debugging this I observed another problem which I currently
cannot reproduce completely:
If changing router-ids in the reverse order, starting with
10.12.95.165 and then changing it to 10.12.80.1 results in the
following log entry (with the hello.c patch applied):
Jan 6 13:28:36 border3 ospfd[4393]: nbr_fsm: neighbor ID
10.12.95.165, event ADJ_TIMEOUT not expected in state INIT
The state changes to DOWN/OTHER so the line will disappear after 24
hours.
Somehow I manged to get the state to get stuck in INIT/OTHER(?) and ospfd
writing every n minutes event ADJ_TIMEOUT not expected in state
INIT.
I can no longer reproduce this case but I did write a
patch for this, too:
Index: neighbor.c
patch ftp-proxy, proposal
Hi,
I would like to propose a patch for ftp-proxy. This patch implement an
option concerning specific timeout (connect_timeout).
It add an option for setting connect_timeout variable while starting
ftp-proxy (this variable is currently set to 30 in code). Setting this
variable to another value can solve many troubles with some ftp server:
ex:
- There are some public ftp servers missconfigurated who use ident protocol
and wait 30 seconds on ident port before sending banner.
With the default connect_timeout value, it is not possible to connect to
theses servers with fw filtering ident port. With a higher value, it will
succeed
- It can be also usefull to change these value and set it to a lower value
in order to drop these kind of servers quickly.
That's why I think adding a knob can be usefull.
What do you thing about this idea ? Other people should have had troubles
with the default value.
Kind regards,
Tiery
-
diff -u -p -r -r ftp-proxy.orig/ftp-proxy.8 ftp-proxy/ftp-proxy.8
--- ftp-proxy.orig/ftp-proxy.8Tue Jan 5 11:31:39 2010
+++ ftp-proxy/ftp-proxy.8Tue Jan 5 16:41:34 2010
@@ -26,6 +26,7 @@
.Op Fl 6Adrv
.Op Fl a Ar address
.Op Fl b Ar address
+.Op Fl c Ar connect_timeout
.Op Fl D Ar level
.Op Fl m Ar maxsessions
.Op Fl P Ar port
@@ -95,6 +96,9 @@ connection to a server.
.It Fl b Ar address
Address where the proxy will listen for redirected control connections.
The default is 127.0.0.1, or ::1 in IPv6 mode.
+.It Fl c Ar connect_timeout
+Number of seconds that the connection will wait before
+assuming that the server is down. The default is 30 seconds.
.It Fl D Ar level
Debug level, ranging from 0 to 7.
Higher is more verbose.
Only in ftp-proxy: ftp-proxy.8.orig
diff -u -p -r -r ftp-proxy.orig/ftp-proxy.c ftp-proxy/ftp-proxy.c
--- ftp-proxy.orig/ftp-proxy.cTue Jan 5 11:31:39 2010
+++ ftp-proxy/ftp-proxy.cTue Jan 5 16:49:21 2010
@@ -44,7 +44,6 @@
#include filter.h
-#define CONNECT_TIMEOUT30
#define MIN_PORT1024
#define MAX_LINE500
#define MAX_LOGLINE300
@@ -115,8 +114,8 @@ char ntop_buf[NTOP_BUFS][INET6_ADDRSTRLEN];
struct sockaddr_storage fixed_server_ss, fixed_proxy_ss;
char *fixed_server, *fixed_server_port, *fixed_proxy, *listen_ip,
*listen_port,
*qname, *tagname;
-int anonymous_only, daemonize, id_count, ipv6_mode, loglevel, max_sessions,
-rfc_mode, session_count, timeout, verbose;
+int anonymous_only, connect_timeout, daemonize, id_count, ipv6_mode,
loglevel,
+max_sessions, rfc_mode, session_count, timeout, verbose;
extern char *__progname;
void
@@ -506,7 +505,7 @@ handle_connection(const int listen_fd, short event, vo
logmsg(LOG_CRIT, #%d bufferevent_new server failed, s-id);
goto fail;
}
-bufferevent_settimeout(s-server_bufev, CONNECT_TIMEOUT, 0);
+bufferevent_settimeout(s-server_bufev, connect_timeout, 0);
bufferevent_enable(s-server_bufev, EV_READ | EV_TIMEOUT);
return;
@@ -592,6 +591,7 @@ main(int argc, char *argv[])
/* Defaults. */
anonymous_only= 0;
+connect_timeout= 30;
daemonize= 1;
fixed_proxy= NULL;
fixed_server= NULL;
@@ -611,7 +611,7 @@ main(int argc, char *argv[])
id_count= 1;
session_count= 0;
-while ((ch = getopt(argc, argv, 6Aa:b:D:dm:P:p:q:R:rT:t:v)) != -1) {
+while ((ch = getopt(argc, argv, 6Aa:b:c:D:dm:P:p:q:R:rT:t:v)) != -1)
{
switch (ch) {
case '6':
ipv6_mode = 1;
@@ -625,6 +625,11 @@ main(int argc, char *argv[])
case 'b':
listen_ip = optarg;
break;
+case 'c':
+connect_timeout = strtonum(optarg, 0, 86400, errstr);
+if (errstr)
+errx(1, connect timeout %s, errstr);
+break;
case 'D':
loglevel = strtonum(optarg, LOG_EMERG, LOG_DEBUG,
errstr);
@@ -1119,8 +1124,9 @@ void
usage(void)
{
fprintf(stderr, usage: %s [-6Adrv] [-a address] [-b address]
- [-D level] [-m maxsessions]\n [-P port]
- [-p port] [-q queue] [-R address] [-T tag]\n
- [-t timeout]\n, __progname);
+ [-c connect_timeout] \n [-D level]
+ [-m maxsessions] [-P port] [-p port] [-q queue]\n
+ [-R address] [-T tag] [-t timeout]\n
+, __progname);
exit(1);
}
Only in ftp-proxy: ftp-proxy.c.orig
haga mailing proveemos el mejor programa y usuarios smtp
Envio de emails por smtp abiertos pagas por unica vez envios a alta velocidad Hasta 5 envios por pc en simultaneo Permite mensajes html o texto Envia con nombres personalizados y en modo texto permite mail merge multiple Estadisticas de envio completo casilla de mails rebotados y mails exitosos, para compilar y armar tus bases lo ultimo en programas para extraccion de mail funcionando asociado a busquedas de google contactenos respondiendo el mail muy atte
[patch] bgplg.c probably leaks file descriptor
Hello, t...@. Seems that bgplg.c leaks file descriptor `fd' in lg_incl(). It opens it, but does not closes. Index: bgplg.c === RCS file: /OpenBSD/src/usr.bin/bgplg/bgplg.c,v retrieving revision 1.7 diff -u -r1.7 bgplg.c --- bgplg.c 10 Oct 2007 13:23:40 - 1.7 +++ bgplg.c 7 Jan 2010 21:33:51 - @@ -235,6 +235,7 @@ fwrite(buf, len, 1, stdout); } while(len == BUFSIZ); + close(fd); return (0); }
[patch] patch:util.c does free memory after strdup(3)
Hello, t...@.
tmpbuf is allocated via strdup(3) but it is leaved unfreed when we
leave makedirs() function.
Index: util.c
===
RCS file: /OpenBSD/src/usr.bin/patch/util.c,v
retrieving revision 1.33
diff -u -r1.33 util.c
--- util.c 27 Oct 2009 23:59:41 - 1.33
+++ util.c 7 Jan 2010 21:42:11 -
@@ -310,8 +310,10 @@
if (striplast) {
char*s = strrchr(tmpbuf, '/');
- if (s == NULL)
+ if (s == NULL) {
+ free(tmpbuf);
return; /* nothing to be done */
+ }
*s = '\0';
}
if (mkpath(tmpbuf) != 0)
