[Enterprise SONiC] OSPF(Open Shortest Path First ) Follow
- Create OSPF on Backbone area
- Setup authentication with simple password(Clear-text) for OSPF
- Setup authentication with message-digest for OSPF
- Setup OSPF with virtual link
Tested model & firmware version:
- Switch model name:
DCS203 (AS7362-56X)
DCS201,202 [AS5835-54X(T)]
- Edgecore SONiC version:
202006 ~ 202006.4
202012.0 ~ 202012.4
202111.0 ~ 202111.8
Restriction:
-
In the 202012 & 202111 versions, frr_mgmt_framework_config in the DEVICE_METADATA section and set it to "true", otherwise the OSPF cannot work. After 202012.3 and 20211 branch, this configuration is including in default configurations.
"DEVICE_METADATA": {
"localhost": {
"buffer_model": "traditional",
"default_bgp_status": "up",
"default_pfcwd_status": "disable",
"docker_routing_config_mode": "split",
"frr_mgmt_framework_config": "true",
"hostname": "SW1",
"hwsku": "Accton-AS7326-56X",
"mac": "04:f8:f8:6a:f6:91",
"platform": "x86_64-accton_as7326_56x-r0",
"synchronous_mode": "enable",
"type": "LeafRouter"
}
}, - In current version, it support OSPFv2 only.
- Default network type is broadcast.
- Currently, multiple OSPF instances are not supported.
Create OSPF on Backbone area
Topology:
Procedure:
Step 1. Set the Vlan and ip as topology(reference Management-and-front-port-IPv4-IPv6-Address and VLAN-Inter-VLAN-Routing)
Step 2. Init FRR(reference FRRouting-and-config-initialization)
Step 3. Login to vtysh to do the ospf setting.
OS1:
admin@sonic:~$ vtysh Hello, this is FRRouting (version 7.2.1-sonic). Copyright 1996-2005 Kunihiro Ishiguro, et al. sonic# sonic# config sonic(config)# router ospf sonic(config-router)# network 10.0.0.0/31 area 0 sonic(config-router)# network 192.168.10.0/24 area 0 sonic(config-router)# network 192.168.20.0/24 area 0 sonic(config-router)# network 192.168.30.0/24 area 0
OS2:
admin@sonic:~$ vtysh Hello, this is FRRouting (version 7.2.1-sonic). Copyright 1996-2005 Kunihiro Ishiguro, et al. sonic# sonic# config sonic(config)# router ospf sonic(config-router)# network 10.0.0.0/31 area 0 sonic(config-router)# network 192.168.5.0/24 area 0 sonic(config-router)# network 192.168.15.0/24 area 0 sonic(config-router)# network 192.168.25.0/24 area 0
Step 4. Check OSPF neighbors
OS1:
sonic# show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface RXmtL RqstL DBsmL
192.168.25.1 1 Full/DR 31.440s 10.0.0.1 Ethernet56:10.0.0.0 0 0 0
OS2:
sonic# show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface RXmtL RqstL DBsmL
188.188.98.39 1 Full/Backup 33.721s 10.0.0.0 Ethernet56:10.0.0.1 0 0 0
Step 5. Check routing table
OS1:
sonic# show ip route
Codes: K - kernel route, C - connected, S - static, R - RIP,
O - OSPF, I - IS-IS, B - BGP, E - EIGRP, N - NHRP,
T - Table, v - VNC, V - VNC-Direct, A - Babel, D - SHARP,
F - PBR, f - OpenFabric,
> - selected route, * - FIB route, q - queued route, r - rejected route
K>* 0.0.0.0/0 [0/202] via 188.188.1.1, eth0, 00:07:45
C>* 1.1.1.1/32 is directly connected, Loopback0, 00:07:25
O 10.0.0.0/31 [110/10] is directly connected, Ethernet56, 00:06:42
C>* 10.0.0.0/31 is directly connected, Ethernet56, 00:07:25
C>* 188.188.0.0/16 is directly connected, eth0, 00:07:46
O>* 192.168.5.0/24 [110/20] via 10.0.0.1, Ethernet56, 00:06:32
O 192.168.10.0/24 [110/10] is directly connected, Vlan10, 00:04:54
C>* 192.168.10.0/24 is directly connected, Vlan10, 00:07:24
O>* 192.168.15.0/24 [110/20] via 10.0.0.1, Ethernet56, 00:06:32
O 192.168.20.0/24 [110/10] is directly connected, Vlan20, 00:04:50
C>* 192.168.20.0/24 is directly connected, Vlan20, 00:07:24
O>* 192.168.25.0/24 [110/20] via 10.0.0.1, Ethernet56, 00:06:32
O 192.168.30.0/24 [110/10] is directly connected, Vlan30, 00:04:47
C>* 192.168.30.0/24 is directly connected, Vlan30, 00:07:24
OS2:
sonic# show ip route
Codes: K - kernel route, C - connected, S - static, R - RIP,
O - OSPF, I - IS-IS, B - BGP, E - EIGRP, N - NHRP,
T - Table, v - VNC, V - VNC-Direct, A - Babel, D - SHARP,
F - PBR, f - OpenFabric,
> - selected route, * - FIB route, q - queued route, r - rejected route
K>* 0.0.0.0/0 [0/202] via 188.188.1.1, eth0, 02:15:38
C>* 2.2.2.2/32 is directly connected, Loopback0, 02:15:18
O 10.0.0.0/31 [110/10] is directly connected, Ethernet56, 00:08:47
C>* 10.0.0.0/31 is directly connected, Ethernet56, 00:08:47
C>* 188.188.0.0/16 is directly connected, eth0, 02:15:39
O 192.168.5.0/24 [110/10] is directly connected, Vlan5, 00:35:34
C>* 192.168.5.0/24 is directly connected, Vlan5, 00:35:34
O>* 192.168.10.0/24 [110/20] via 10.0.0.0, Ethernet56, 00:06:14
O 192.168.15.0/24 [110/10] is directly connected, Vlan15, 00:35:34
C>* 192.168.15.0/24 is directly connected, Vlan15, 00:35:34
O>* 192.168.20.0/24 [110/20] via 10.0.0.0, Ethernet56, 00:06:10
O 192.168.25.0/24 [110/10] is directly connected, Vlan25, 00:35:34
C>* 192.168.25.0/24 is directly connected, Vlan25, 00:35:34
O>* 192.168.30.0/24 [110/20] via 10.0.0.0, Ethernet56, 00:06:07
Setup authentication with simple password(Clear-text) for OSPF
Procedure:
Step 1. Base on "Example 1" setting
Step 2. Modify hello time and dead time(This step is optional)
OS1 and OS2 setting in FRR:
sonic# configure sonic(config)# interface Ethernet56 sonic(config-if)# ip ospf hello-interval 20 sonic(config-if)# ip ospf dead-interval 20
Note. Default time about "hello-interval" and "dead-interval" is 40s.
Step 3. Enable authentication on router seting.
OS1 and OS2 setting in FRR:
sonic# configure sonic(config)# router ospf sonic(config-router)# area 0 authentication
Step 4. Enable and set the key on connect interface.
sonic# configure sonic(config)# interface Ethernet56 sonic(config-if)# ip ospf authentication sonic(config-if)# ip ospf authentication-key edgecorets
Step 5. Check the authentication with simple password, we can capture packet to check the OSPF header information.
Caution: In current version, the authentication information can't be check by "show ip ospf interface"
Setup authentication with message-digest for OSPF
Procedure:
Step 1. Base on "Example 1" setting
Step 2. Enable authentication in router setting.
OS1 and OS2 in FRR:
sonic# configure sonic(config)# router ospf sonic(config-router)# area 0 authentication message-digest
Step 3. Set the key on connect interface.
sonic# configure sonic(config)# interface Ethernet56 sonic(config-if)# ip ospf message-digest-key 1 md5 edgecorets
Step 4. Check the authentication with simple password, we can capture packet to check the OSPF header information.
Caution: In current version, the authentication information can't be check by "show ip ospf interface"
Setup OSPF with virtual link
Topology:
Procedure:
Step 1. Set the Vlan and ip as topology(reference Management-and-front-port-IPv4-IPv6-Address and VLAN-Inter-VLAN-Routing)
Step 2. Init FRR(reference FRRouting-and-config-initialization)
Step 3. Set the OSPF on switchs.
OS1:
admin@sonic:~$ vtysh Hello, this is FRRouting (version 7.2.1-sonic). Copyright 1996-2005 Kunihiro Ishiguro, et al. sonic# sonic# config sonic(config)# router ospf sonic(config-router)# ospf router-id 1.1.1.1 sonic(config-router)# network 10.0.0.0/31 area 0 sonic(config-router)# network 192.168.10.0/24 area 0 sonic(config-router)# network 192.168.20.0/24 area 0 sonic(config-router)# network 192.168.30.0/24 area 0
OS2:
admin@sonic:~$ vtysh Hello, this is FRRouting (version 7.2.1-sonic). Copyright 1996-2005 Kunihiro Ishiguro, et al. sonic# sonic# config sonic(config)# router ospf sonic(config-router)# ospf router-id 2.2.2.2 sonic(config-router)# network 10.0.0.0/31 area 0 sonic(config-router)# network 192.168.5.0/24 area 1 sonic(config-router)# network 192.168.15.0/24 area 1 sonic(config-router)# network 192.168.25.0/24 area 1
OS3:
admin@sonic:~$ vtysh Hello, this is FRRouting (version 7.2.1-sonic). Copyright 1996-2005 Kunihiro Ishiguro, et al. sonic# sonic# config sonic(config)# router ospf sonic(config-router)# ospf router-id 3.3.3.3 sonic(config-router)# network 192.168.5.0/24 area 1 sonic(config-router)# network 192.168.16.0/24 area 2 sonic(config-router)# network 192.168.26.0/24 area 2
Step 4. Check the routing in OS1, we can find it won't have OS3(area 2) routing information. It is caused by OS3 didn't connect to area0 directly.
sonic# show ip route
Codes: K - kernel route, C - connected, S - static, R - RIP,
O - OSPF, I - IS-IS, B - BGP, E - EIGRP, N - NHRP,
T - Table, v - VNC, V - VNC-Direct, A - Babel, D - SHARP,
F - PBR, f - OpenFabric,
> - selected route, * - FIB route, q - queued route, r - rejected route
K>* 0.0.0.0/0 [0/202] via 188.188.1.1, eth0, 00:25:48
C>* 1.1.1.1/32 is directly connected, Loopback0, 00:25:28
O 10.0.0.0/31 [110/10] is directly connected, Ethernet56, 00:25:26
C>* 10.0.0.0/31 is directly connected, Ethernet56, 00:25:26
C>* 188.188.0.0/16 is directly connected, eth0, 00:25:49
O>* 192.168.5.0/24 [110/20] via 10.0.0.1, Ethernet56, 00:00:08
O 192.168.10.0/24 [110/10] is directly connected, Vlan10, 00:25:27
C>* 192.168.10.0/24 is directly connected, Vlan10, 00:25:27
O>* 192.168.15.0/24 [110/20] via 10.0.0.1, Ethernet56, 00:00:08
O 192.168.20.0/24 [110/10] is directly connected, Vlan20, 00:25:27
C>* 192.168.20.0/24 is directly connected, Vlan20, 00:25:27
O>* 192.168.25.0/24 [110/20] via 10.0.0.1, Ethernet56, 00:00:08
O 192.168.30.0/24 [110/10] is directly connected, Vlan30, 00:25:27
C>* 192.168.30.0/24 is directly connected, Vlan30, 00:25:27
Step 5. Create a virtual link between OS2 and OS3.
OS2:
sonic# config sonic(config)# router ospf sonic(config-router)# area 1 virtual-link 3.3.3.3
OS3:
sonic# configure sonic(config)# router ospf sonic(config-router)# area 1 virtual-link 2.2.2.2
Step 6. Check all routing information on switches, we can find the routing from OS3 to OS1 is ok.
OS1:
sonic# show ip route Codes: K - kernel route, C - connected, S - static, R - RIP, O - OSPF, I - IS-IS, B - BGP, E - EIGRP, N - NHRP, T - Table, v - VNC, V - VNC-Direct, A - Babel, D - SHARP, F - PBR, f - OpenFabric, > - selected route, * - FIB route, q - queued route, r - rejected route K>* 0.0.0.0/0 [0/202] via 188.188.1.1, eth0, 00:06:34 C>* 1.1.1.1/32 is directly connected, Loopback0, 00:06:14 O 10.0.0.0/31 [110/10] is directly connected, Ethernet56, 00:05:28 C>* 10.0.0.0/31 is directly connected, Ethernet56, 00:06:11 C>* 188.188.0.0/16 is directly connected, eth0, 00:06:35 O>* 192.168.5.0/24 [110/20] via 10.0.0.1, Ethernet56, 00:00:41 O 192.168.10.0/24 [110/10] is directly connected, Vlan10, 00:06:13 C>* 192.168.10.0/24 is directly connected, Vlan10, 00:06:13 O>* 192.168.15.0/24 [110/20] via 10.0.0.1, Ethernet56, 00:00:41 O>* 192.168.16.0/24 [110/30] via 10.0.0.1, Ethernet56, 00:00:23 O 192.168.20.0/24 [110/10] is directly connected, Vlan20, 00:06:13 C>* 192.168.20.0/24 is directly connected, Vlan20, 00:06:13 O>* 192.168.25.0/24 [110/20] via 10.0.0.1, Ethernet56, 00:00:41 O>* 192.168.26.0/24 [110/30] via 10.0.0.1, Ethernet56, 00:00:23 O 192.168.30.0/24 [110/10] is directly connected, Vlan30, 00:06:13 C>* 192.168.30.0/24 is directly connected, Vlan30, 00:06:13
OS2:
sonic# show ip route
Codes: K - kernel route, C - connected, S - static, R - RIP,
O - OSPF, I - IS-IS, B - BGP, E - EIGRP, N - NHRP,
T - Table, v - VNC, V - VNC-Direct, A - Babel, D - SHARP,
F - PBR, f - OpenFabric,
> - selected route, * - FIB route, q - queued route, r - rejected route
K>* 0.0.0.0/0 [0/202] via 188.188.1.1, eth0, 00:07:12
C>* 2.2.2.2/32 is directly connected, Loopback0, 00:06:51
O 10.0.0.0/31 [110/10] is directly connected, Ethernet56, 00:06:51
C>* 10.0.0.0/31 is directly connected, Ethernet56, 00:06:51
C>* 188.188.0.0/16 is directly connected, eth0, 00:07:12
O 192.168.5.0/24 [110/10] is directly connected, Vlan5, 00:03:56
C>* 192.168.5.0/24 is directly connected, Vlan5, 00:06:36
O>* 192.168.10.0/24 [110/20] via 10.0.0.0, Ethernet56, 00:01:23
O 192.168.15.0/24 [110/10] is directly connected, Vlan15, 00:06:36
C>* 192.168.15.0/24 is directly connected, Vlan15, 00:06:36
O>* 192.168.16.0/24 [110/20] via 192.168.5.2, Vlan5, 00:00:16
O>* 192.168.20.0/24 [110/20] via 10.0.0.0, Ethernet56, 00:01:23
O 192.168.25.0/24 [110/10] is directly connected, Vlan25, 00:06:36
C>* 192.168.25.0/24 is directly connected, Vlan25, 00:06:36
O>* 192.168.26.0/24 [110/20] via 192.168.5.2, Vlan5, 00:00:16
O>* 192.168.30.0/24 [110/20] via 10.0.0.0, Ethernet56, 00:01:23
OS3:
sonic# show ip route
Codes: K - kernel route, C - connected, S - static, R - RIP,
O - OSPF, I - IS-IS, B - BGP, E - EIGRP, N - NHRP,
T - Table, v - VNC, V - VNC-Direct, A - Babel, D - SHARP,
F - PBR, f - OpenFabric,
> - selected route, * - FIB route, q - queued route, r - rejected route
K>* 0.0.0.0/0 [0/0] via 188.188.1.1, eth0, 00:07:56
C>* 3.3.3.3/32 is directly connected, Loopback0, 00:07:39
O>* 10.0.0.0/31 [110/20] via 192.168.5.1, Vlan5, 00:00:13
C>* 188.188.0.0/16 is directly connected, eth0, 00:07:56
O 192.168.5.0/24 [110/10] is directly connected, Vlan5, 00:07:13
C>* 192.168.5.0/24 is directly connected, Vlan5, 00:07:38
O>* 192.168.10.0/24 [110/30] via 192.168.5.1, Vlan5, 00:00:13
O>* 192.168.15.0/24 [110/20] via 192.168.5.1, Vlan5, 00:00:23
O 192.168.16.0/24 [110/10] is directly connected, Vlan16, 00:07:38
C>* 192.168.16.0/24 is directly connected, Vlan16, 00:07:38
O>* 192.168.20.0/24 [110/30] via 192.168.5.1, Vlan5, 00:00:13
O>* 192.168.25.0/24 [110/20] via 192.168.5.1, Vlan5, 00:00:23
O 192.168.26.0/24 [110/10] is directly connected, Vlan26, 00:07:38
C>* 192.168.26.0/24 is directly connected, Vlan26, 00:07:38
O>* 192.168.30.0/24 [110/30] via 192.168.5.1, Vlan5, 00:00:13
Comments
0 comments
Please sign in to leave a comment.