Re: BGP: can't set sockopt TCP_MD5SIG 0 to socket 16

From: Nik <nikruzhan_at_gmail.com>
Date: Mon, 3 Apr 2006 16:22:14 +0000
 I'm using FreeBSD 5.4 with quagga 0.98.5. For L2 switch I'm using D-link
DES3326S and router using intel GB network card (dual port). The routing
process is controlled using quagga by ospfd and zebra. I forgot to see the
network traffice from tcpdump, for that I need to do a testing first and
will let u know the result.

Therefore, here is my vlan's config :

# --*Network*--
network_interfaces="em0 em1 em2 em3 rl0 lo0"
ifconfig_rl0="inet 192.168.0.10 netmask 255.255.255.0"
ifconfig_em0="up"
ifconfig_em1="up"
ifconfig_em2="up"
cloned_interfaces="vlan0 vlan1 vlan2 vlan3 vlan4 vlan6 vlan7 vlan8 vlan9
vlan10"
ifconfig_vlan0="inet xx.xx.0.1 netmask 255.255.255.0 vlan 1 vlandev em0"
ifconfig_vlan1="inet xx.xx.8.1 netmask 255.255.255.248 vlan 20 vlandev em0"
ifconfig_vlan2="inet xx.xx.1.1 netmask 255.255.255.192 vlan 2 vlandev em2"
ifconfig_vlan3="inet xx.xx.11.1 netmask 255.255.255.0 vlan 1000 vlandev em0"
ifconfig_vlan4="inet xx.xx.13.1 netmask 255.255.255.0 vlan 1001 vlandev em0"
ifconfig_vlan6="inet xx.xx.10.129 netmask 255.255.255.240 vlan 50 vlandev
em1"
ifconfig_vlan7="inet xx.xx.10.145 netmask 255.255.255.248 vlan 51 vlandev
em1"
ifconfig_vlan8="inet xx.xx.10.161 netmask 255.255.255.224 vlan 52 vlandev
em1"
ifconfig_vlan9="inet xx.xx.10.1 netmask 255.255.255.192 vlan 4000 vlandev
em1"
ifconfig_vlan10="inet xx.xx.14.1 netmask 255.255.255.248 vlan 2001 vlandev
em2"


-*ospfd's configuration*-
interface em0
 description To Vlans
!
interface em1
 description To Vlans
!
interface em2
 description To Vlans - Business
!
interface em3
 description To p2p - CORE
!
interface lo0
 description To IBGP - Loopback
!
interface plip0
!
interface rl0
!
interface rl1
 description To PG DistRouter
!
interface vlan0
 description To Switch Management
!
interface vlan1
 description To Authentication
!
interface vlan2
 description To Business Switch Management
!
interface vlan3
 description To Vlan1000
!
interface vlan4
 description To Vlan1001
!
interface vlan6
 description To Vlan50 - IDC 1
!
interface vlan7
 description To Vlan51 - IDC 2
!
interface vlan8
 description To Vlan52 - IDC 3
!
interface vlan9
 description To Vlan4000 - DMZ
!
interface vlan10
 description To Vlan2001 - Business Customer
!
router ospf
 ospf router-id xx.xx.8.130
 network xx.xx.0.0/24 area 0.0.0.1
 network xx.xx.1.0/26 area 0.0.0.1
 network xx.xx.8.0/29 area 0.0.0.1
 network xx.xx.8.66/32 area 0.0.0.0
 network xx.xx.8.128/29 area 0.0.0.0
 network xx.xx.8.168/30 area 0.0.0.0
 network xx.xx.10.0/26 area 0.0.0.1
 network xx.xx.10.128/28 area 0.0.0.10
 network xx.xx.10.144/29 area 0.0.0.10
 network xx.xx.10.160/27 area 0.0.0.10
 network xx.xx.11.0/24 area 0.0.0.50
 network xx.xx.13.0/24 area 0.0.0.51
 network xx.xx.14.0/29 area 0.0.0.52
!
line vty
!

-*zebra configuration*-
!
interface em0
 ipv6 nd suppress-ra
!
interface em1
 description To Vlans
 ipv6 nd suppress-ra
!
interface em2
 ipv6 nd suppress-ra
!
interface em3
 ip address xx.xx.8.130/29
 ipv6 nd suppress-ra
!
interface lo0
 description To IBGP Loopback
 ip address xx.xx.8.66/32
!
interface plip0
 ipv6 nd suppress-ra
!
interface rl0
 ipv6 nd suppress-ra
!
interface rl1
 ip address xx.xx.8.169/30
 ipv6 nd suppress-ra
!
interface vlan0
 ipv6 nd suppress-ra
!
interface vlan1
 description To Authentication
 ipv6 nd suppress-ra
!
interface vlan2
 ipv6 nd suppress-ra
!
interface vlan3
 description To Customer
 ipv6 nd suppress-ra
!
interface vlan4
 description To Customer
 ipv6 nd suppress-ra
!
interface vlan6
 description To IDC
 ipv6 nd suppress-ra
!
interface vlan7
 description To IDC
 ipv6 nd suppress-ra
!
interface vlan8
 description To IDC
 ipv6 nd suppress-ra
!
interface vlan9
 ipv6 nd suppress-ra
!
interface vlan10
 ipv6 nd suppress-ra
!
ip forwarding
!
line vty
!


On 4/3/06, Peter Jeremy <peterjeremy_at_optushome.com.au> wrote:
>
> On Mon, 2006-Apr-03 17:55:56 +0800, Nik wrote:
> >I'm curious why I need to enable MD5 because in my system I don't use any
> >authentication method. Is there any way to off the parameter. Also I
> notice
> >that vlan in FreeBSD is not fully trunk.
> >
> >Examples ;
> >
> >vlan 1000 : 192.168.0.1/26
> >
> >connect to L2 switch and untag certain port to connect to PC. I still can
> >use internet when I set that PC to use this IP;
> >
> >IP = 192.168.0.5/24
> >Gateway = 192.168.0.1/24
>
> I use VLAN trunks extensively in FreeBSD and have no problems with
> them (I've had more problems with broken VLAN implementations in
> switches).  Can you detail exactly what your interface configuration
> is and what commands your are issuing that aren't working as expected.
> Have you looked at the network traffic using (eg) tcpdump.
>
> --
> Peter Jeremy
>
Received on Mon Apr 03 2006 - 14:22:18 UTC

This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:38:54 UTC