[Xorp-users] How to notify the OSPF process to use FEA on a different machine?
Mingcy.Xu
mingcy.xu at gmail.com
Fri Sep 12 00:34:27 PDT 2008
I tried the script approach but got a different result. The following is the
detailed information.
Host Lab_62(10.20.1.1) : xorp_rtrmgr
Host Lab_59(10.20.1.2) : xorp_fea
1. On the FEA host I have XORP built inside the
/home/Martin/xorp-1.5 directory
2. Create the following script and place it instead of the
fea/xorp_fea binary on the rtrmgr side:
#!/bin/sh
ssh root at 10.20.1.2 'env XORP_FINDER_SERVER_ADDRESS=10.20.1.1
XORP_FINDER_CLIENT_ADDRESS=10.20.1.2 /home/Martin/xorp-1.5/fea/xorp_fea'
Note that 10.20.1.1 is the IP address of the rtrmgr (local)
host, and 10.20.1.2 is the IP address of the fea (remote)host.
When I run this script on rtrmgr host, I did notice the fea process was
started on the FEA host.
3. Setup environmental variables for the Finder on the rtrmgr host:
[root at Lab_62 xorp-1.5]# env |more
HOSTNAME=Lab_62
TERM=vt100
SHELL=/bin/bash
XORP_FINDER_SERVER_ADDRESS=10.20.1.1
XORP_FINDER_CLIENT_ADDRESS=10.20.1.1
...
///////////////////////////////////////////
4. Make sure that ssh without typing a password works to the fea host.
[root at Lab_62 ~]# ssh 10.20.1.2
Last login: Fri Sep 12 13:43:01 2008 from 10.20.1.1
[root at Lab_59 ~]#
(No password needed.)
To achieve this,I use the following scheme:
1. Run ssh-keygen on the rtrmgr host to create an RSA key-pair with an
empty password.
2. Copy the public key to the FEA host.
3. Add the public key to the /root/.ssh/authorized_keys file on the
FEA host.
5. Start the rtrmgr on the local host:
(the config.boot file used is listed below.)
[root at Lab_62 rtrmgr]# ./xorp_rtrmgr -a 10.20.1.2
[ 2008/09/12 15:02:05 INFO xorp_rtrmgr:3348 IPC +477 sockutil.cc
set_preferred_ipv4_addr ] Changing to address 10.20.1.1 for IPv4 based XRL
communication.
[ 2008/09/12 15:02:05 INFO xorp_rtrmgr:3348 RTRMGR +239 master_conf_tree.cc
execute ] Changed modules: interfaces, firewall, fea, rib, policy, ospf4
[ 2008/09/12 15:02:06 INFO xorp_rtrmgr:3348 RTRMGR +96 module_manager.cc
execute ] Executing module: interfaces (fea/xorp_fea)
[ 2008/09/12 15:02:08 INFO xorp_rtrmgr:3348 RTRMGR +96 module_manager.cc
execute ] Executing module: firewall (fea/xorp_fea)
[ 2008/09/12 15:02:12 INFO xorp_rtrmgr:3348 RTRMGR +96 module_manager.cc
execute ] Executing module: fea (fea/xorp_fea)
[ 2008/09/12 15:02:28 ERROR xorp_rtrmgr:3348 XRL +639 xrl_pf_stcp.cc die ]
XrlPFSTCPSender died: Keepalive timeout
[ 2008/09/12 15:02:28 ERROR xorp_rtrmgr:3348 RTRMGR +1400 task.cc
execute_done ] 210 Transport failed
[ 2008/09/12 15:02:28 ERROR xorp_rtrmgr:3348 RTRMGR +1998 task.cc task_fail
] Shutting down fatally wounded process (fea)
[ 2008/09/12 15:02:28 INFO xorp_rtrmgr:3348 RTRMGR +171 module_manager.cc
terminate ] Terminating module: fea
[ 2008/09/12 15:02:28 ERROR xorp_rtrmgr:3348 RTRMGR +681
master_conf_tree.cc commit_pass2_done ] Commit failed: 210 Transport failed
[ 2008/09/12 15:02:28 ERROR xorp_rtrmgr:3348 RTRMGR +251
master_conf_tree.cc config_done ] Configuration failed: 210 Transport failed
[ 2008/09/12 15:02:28 INFO xorp_rtrmgr:3348 RTRMGR +2228 task.cc run_task ]
No more tasks to run
[ 2008/09/12 15:02:28 INFO xorp_rtrmgr:3348 RTRMGR +171 module_manager.cc
terminate ] Terminating module: firewall
[ 2008/09/12 15:02:28 INFO xorp_rtrmgr:3348 RTRMGR +171 module_manager.cc
terminate ] Terminating module: interfaces
[ 2008/09/12 15:02:28 INFO xorp_rtrmgr:3348 RTRMGR +194 module_manager.cc
terminate ] Killing module: interfaces
Killed by signal 15.
[ 2008/09/12 15:02:28 ERROR xorp_rtrmgr:3348 RTRMGR +747 module_manager.cc
done_cb ] Command "/home/Martin/xorp-1.5/fea/xorp_fea": terminated with
signal 15.
[ 2008/09/12 15:02:28 INFO xorp_rtrmgr:3348 RTRMGR +282 module_manager.cc
module_exited ] Module killed during shutdown: interfaces
[root at Lab_62 rtrmgr]#
[root at Lab_62 rtrmgr]#
At this point, I encountered something strange:
1) the rtrmgr host could not reach FEA host. Its route talbe stayed
unchanged.
2) the FEA host could still reach rtrmgr host. But when I tried to ssh
rtrmgr host( #ssh 10.20.1.1), I got
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that the RSA host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
5e:00:30:a9:72:3e:89:de:4a:07:4e:d8:ca:f7:ae:a6.
Please contact your system administrator.
Add correct host key in /root/.ssh/known_hosts to get rid of this message.
Offending key in /root/.ssh/known_hosts:3
RSA host key for 20.1.1.1 has changed and you have requested strict
checking.
Host key verification failed.
3) After I rebooted the FEA host and deleted its /root/.ssh/known_hosts, the
above two problems were resolved.
I have done this experiment for four times, each time I got the same result.
Hi, Pavlin, do you have any doubt that running xorp_static_routes on a
separate machine with xorp_rtrmgr might be a little different from the
situation regarding xorp_fea?
The config.boot used:
/* $XORP: xorp/rtrmgr/config/ospfv2.boot,v 1.1 2007/08/29 06:49:43 pavlin
Exp $ */
policy {
policy-statement connected {
term export {
from {
protocol: "connected"
}
}
}
}
interfaces {
interface eth0 {
disable: false
discard: false
vif eth0 {
disable: false
address 10.20.1.1 {
prefix-length: 24
broadcast: 10.20.1.255
disable: false
}
}
}
interface eth1 {
disable: false
discard: false
vif eth1 {
disable: false
address 10.30.1.1 {
prefix-length: 24
broadcast: 10.30.1.255
disable: false
}
}
}
}
fea {
unicast-forwarding4 {
disable: false
}
}
protocols {
ospf4 {
router-id: 10.20.1.1
area 0.0.0.0 {
interface eth0 {
link-type: "broadcast"
vif eth0 {
address 10.20.1.1 {
disable: false
}
}
}
interface eth1 {
link-type: "broadcast"
vif eth1 {
address 10.30.1.1 {
disable: false
}
}
}
}
traceoptions {
flag {
all {
disable: false
}
}
}
export: "connected"
}
}
-----Original Message-----
From: Pavlin Radoslavov [mailto:pavlin at ICSI.Berkeley.EDU]
Sent: Friday, September 12, 2008 5:25 AM
To: Pavlin Radoslavov
Cc: Mingcy.Xu
Subject: Re: [Xorp-users] How to notify the OSPF process to use FEA on a
different machine?
> I wonder why replacing xorp_fea with the script didn't work for you.
> Later this afternoon I will do some experiments to see what happens.
I just tried the script approach, and it worked for me.
Here is what I did:
1. On the fea host I have XORP precompiled inside the
/home/pavlin/cxorp directory
2. Create the following script and place it instead of the
fea/xorp_fea binary on the rtrmgr side:
#!/bin/sh
ssh vm-freebsd env XORP_FINDER_SERVER_ADDRESS=192.168.113.1 \
XORP_FINDER_CLIENT_ADDRESS=192.168.113.130
/home/pavlin/cxorp/fea/xorp_fea
Note that 192.168.113.1 is the IP address of the rtrmgr (local)
host, and 192.168.113.130 is the IP address of the fea (remote)
host.
3. Setup the following environmental variables on the rtrmgr host:
setenv XORP_FINDER_SERVER_ADDRESS 192.168.113.1 setenv
XORP_FINDER_CLIENT_ADDRESS 192.168.113.1
4. Make sure that ssh without typing a password works to the fea
host (I use ssh-agent), and that running the fea/xorp_fea script
actually executes the xorp_fea binary on the remote fea host:
pavlin at rtrmgr[49] /Users/pavlin/cxorp/fea/xorp_fea [ 2008/09/11 14:20:11
INFO xorp_fea IPC ] Changing to address 192.168.113.130 for IPv4 based XRL
communication.
[ 2008/09/11 14:20:11 INFO xorp_fea IPC ] Changing to address
192.168.113.130 for IPv4 based XRL communication.
[ 2008/09/11 14:20:11 INFO xorp_fea IPC ] Changing to address
192.168.113.130 for IPv4 based XRL communication.
[ 2008/09/11 14:20:11 INFO xorp_fea IPC ] Changing to address
192.168.113.130 for IPv4 based XRL communication.
[ 2008/09/11 14:20:11 ERROR xorp_fea:72561 LIBCOMM +609
/home/pavlin/xorp/libcomm/comm_sock.c comm_sock_connect4 ] Error connecting
socket (family = 2, remote_addr = 192.168.113.1, remote_port = 19999):
Connection refused [ 2008/09/11 14:20:11 ERROR xorp_fea:72561 FINDER +384
/home/pavlin/xorp/libxipc/finder_tcp_messenger.cc do_auto_connect ] Failed
to connect to 192.168.113.1/19999: Connection refused [ 2008/09/11 14:20:11
ERROR xorp_fea:72561 LIBCOMM +609 /home/pavlin/xorp/libcomm/comm_sock.c
comm_sock_connect4 ] Error connecting socket (family = 2, remote_addr =
192.168.113.1, remote_port = 19999): Connection refused ...
(Type Ctrl-C to stop)
5. Start the rtrmgr on the local host:
./xorp_rtrmgr -a 192.168.113.130 -b static.boot
Please let me know how it goes.
Pavlin
More information about the Xorp-users
mailing list