From jobhunts02 at aol.com Thu Dec 1 15:01:32 2011 From: jobhunts02 at aol.com (jobhunts02 at aol.com) Date: Thu, 1 Dec 2011 18:01:32 -0500 (EST) Subject: [Xorp-users] (no subject) Message-ID: <8CE7E944CE9B577-1BFC-1FDA1@Webmail-m118.sysops.aol.com> http://carroceriascoral.com.ar/read.php?uid=84&detail=166&item=52 From MuziniM at losrios.edu Fri Dec 2 10:51:02 2011 From: MuziniM at losrios.edu (Muzinich, Mike) Date: Fri, 2 Dec 2011 18:51:02 +0000 Subject: [Xorp-users] Multicast in a GRE tunnel Message-ID: We are having problems getting multicast over a GRE tunnel setup on two Red Hat Enterprise 5 systems. The only error we receive during starting is "[ 2011/12/02 10:30:33 ERROR xorp_igmp:13862 MLD6IGMP +883 mld6igmp_node.cc add_vif_addr ] Cannot add address on vif tun0: invalid unicast address: 0.0.0.0". The tun0 interface has an IP of 172.21.0.250. Mike Muzinich Network Security Administrator Los Rios Community College District mike.muzinich at losrios.edu (916)568-3013 -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mailman.ICSI.Berkeley.EDU/pipermail/xorp-users/attachments/20111202/ee8ed1ef/attachment.html From greearb at candelatech.com Fri Dec 2 11:29:56 2011 From: greearb at candelatech.com (Ben Greear) Date: Fri, 02 Dec 2011 11:29:56 -0800 Subject: [Xorp-users] Multicast in a GRE tunnel In-Reply-To: References: Message-ID: <4ED92734.3070807@candelatech.com> On 12/02/2011 10:51 AM, Muzinich, Mike wrote: > We are having problems getting multicast over a GRE tunnel setup on two Red Hat Enterprise 5 systems. The only error we receive during starting is "[ 2011/12/02 > 10:30:33 ERROR xorp_igmp:13862 MLD6IGMP +883 mld6igmp_node.cc add_vif_addr ] Cannot add address on vif tun0: invalid unicast address: 0.0.0.0". The tun0 > interface has an IP of 172.21.0.250. Use the latest code from github (ie, clone it and compile it). There were bugs fixed since the last release and I haven't had time to do a new release yet. Thanks, Ben > > *Mike Muzinich > Network Security Administrator > Los Rios Community College District > mike.muzinich at losrios.edu > (916)568-3013* > > > _______________________________________________ > Xorp-users mailing list > Xorp-users at xorp.org > http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/xorp-users -- Ben Greear Candela Technologies Inc http://www.candelatech.com From MuziniM at losrios.edu Fri Dec 2 12:05:31 2011 From: MuziniM at losrios.edu (Muzinich, Mike) Date: Fri, 2 Dec 2011 20:05:31 +0000 Subject: [Xorp-users] Building xorp-1.8.4 on Red Hat Linux AS5 Message-ID: I am having problems building the latest release of xorp. The two warnings are listed below. Considering the message "sh: o: command not found" appears numerous times after the warnings, I am guessing the problem is related to the second warning. Does anyone know how to disable gprof profiling and/or shared libraries. WARNING: The GNU gcc or g++ compiler was not detected on your system. Some combinations of linker or compiler flags, specific to building XORP, may not function correctly. WARNING: Your version of scons and/or python has a syntax issue with this code. It cannot strip out the gprof related flags. If your compile fails, please try disabling gprof profiling and/or shared libraries. If the compile works, then you can ignore this warning. Mike Muzinich Network Security Administrator Los Rios Community College District mike.muzinich at losrios.edu (916)568-3013 -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mailman.ICSI.Berkeley.EDU/pipermail/xorp-users/attachments/20111202/4b1b449a/attachment.html From MuziniM at losrios.edu Fri Dec 2 12:35:56 2011 From: MuziniM at losrios.edu (Muzinich, Mike) Date: Fri, 2 Dec 2011 20:35:56 +0000 Subject: [Xorp-users] Building xorp-1.8.4 on Red Hat Linux AS5 In-Reply-To: Message-ID: Please disregard my previous message. The problem was with the complier. Mike Muzinich Network Security Administrator Los Rios Community College District mike.muzinich at losrios.edu (916)568-3013 From: Mike Muzinich > Date: Fri, 2 Dec 2011 20:05:31 +0000 To: "xorp-users at xorp.org" > Subject: [Xorp-users] Building xorp-1.8.4 on Red Hat Linux AS5 I am having problems building the latest release of xorp. The two warnings are listed below. Considering the message "sh: o: command not found" appears numerous times after the warnings, I am guessing the problem is related to the second warning. Does anyone know how to disable gprof profiling and/or shared libraries. WARNING: The GNU gcc or g++ compiler was not detected on your system. Some combinations of linker or compiler flags, specific to building XORP, may not function correctly. WARNING: Your version of scons and/or python has a syntax issue with this code. It cannot strip out the gprof related flags. If your compile fails, please try disabling gprof profiling and/or shared libraries. If the compile works, then you can ignore this warning. Mike Muzinich Network Security Administrator Los Rios Community College District mike.muzinich at losrios.edu (916)568-3013 _______________________________________________ Xorp-users mailing list Xorp-users at xorp.org http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/xorp-users -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mailman.ICSI.Berkeley.EDU/pipermail/xorp-users/attachments/20111202/66467c6a/attachment.html From mdsincl2 at illinois.edu Sat Dec 3 16:55:02 2011 From: mdsincl2 at illinois.edu (Matt Sinclair) Date: Sat, 3 Dec 2011 18:55:02 -0600 Subject: [Xorp-users] Understanding structure of Forwarding Table Message-ID: Hi everyone, I'm new to XORP and I'm interested in looking at how much memory XORP uses on a commodity machines. Specifically, I'm interested in how many entries the forwarding table has (and thus how much memory they're using). However, I can't seem to find where this is defined in the code. Where does the FEA actually store routing information (the information base) and in what manner does it store it? I imagine it's somewhere in the xorp/fea/ folder, but I'm getting lost in all the abstract classes and can't find it. I saw in fibconfig.hh that it has a trie4/trie6 field, which I believe correspond to a forwarding table for the IPv4 and IPv6 packets, but it says that those fields are for "testing purpose" only, so I'm not sure if they're what's actually being used or not. As far as I can tell, I haven't seen any questions about this on the user forum in the past 16 months or so, so if I'm asking a question that's been asked before, I apologize. I also didn't see anything on this in the documentation. Thanks for any help you may be able to provide! Regards, Matt Sinclair University of Illinois @ Urbana-Champaign Computer Science Department RSim Research Group http://rsim.cs.illinois.edu/~mdsincl2 From greearb at candelatech.com Sun Dec 4 11:45:30 2011 From: greearb at candelatech.com (Ben Greear) Date: Sun, 04 Dec 2011 11:45:30 -0800 Subject: [Xorp-users] Understanding structure of Forwarding Table In-Reply-To: References: Message-ID: <4EDBCDDA.9010103@candelatech.com> On 12/03/2011 04:55 PM, Matt Sinclair wrote: > Hi everyone, > > I'm new to XORP and I'm interested in looking at how much memory XORP > uses on a commodity machines. Specifically, I'm interested in how > many entries the forwarding table has (and thus how much memory > they're using). However, I can't seem to find where this is defined > in the code. Where does the FEA actually store routing information > (the information base) and in what manner does it store it? I imagine > it's somewhere in the xorp/fea/ folder, but I'm getting lost in all > the abstract classes and can't find it. I saw in fibconfig.hh that it > has a trie4/trie6 field, which I believe correspond to a forwarding > table for the IPv4 and IPv6 packets, but it says that those fields are > for "testing purpose" only, so I'm not sure if they're what's actually > being used or not. > > As far as I can tell, I haven't seen any questions about this on the > user forum in the past 16 months or so, so if I'm asking a question > that's been asked before, I apologize. I also didn't see anything on > this in the documentation. Thanks for any help you may be able to > provide! Well, you can get a nice server with 16GB of RAM for less than $2000 these days, so I'm not sure it matters. I have a feeling that some other bottleneck will be found first if you are trying to use very large numbers of routes. Maybe just figure out how to add lots of routes, and check the actual memory usage with 10, 1000, 10,000 routes. Thanks, Ben -- Ben Greear Candela Technologies Inc http://www.candelatech.com From mdsincl2 at illinois.edu Sun Dec 4 11:55:03 2011 From: mdsincl2 at illinois.edu (Matt Sinclair) Date: Sun, 4 Dec 2011 13:55:03 -0600 Subject: [Xorp-users] Understanding structure of Forwarding Table In-Reply-To: References: Message-ID: Hi Ben, Thanks for getting back to me! What you said is definitely true, but I'm still interested in what the number might be. Also, I'm interested in trying to separate out control and data plane memory requirements, so if I did as you proposed, wouldn't I be unable to make that distinction? Thanks, Matt On Sun, Dec 4, 2011 at 1:45 PM, Ben Greear wrote: > On 12/03/2011 04:55 PM, Matt Sinclair wrote: >> Hi everyone, >> >> I'm new to XORP and I'm interested in looking at how much memory XORP >> uses on a commodity machines. ?Specifically, I'm interested in how >> many entries the forwarding table has (and thus how much memory >> they're using). ?However, I can't seem to find where this is defined >> in the code. ?Where does the FEA actually store routing information >> (the information base) and in what manner does it store it? ?I imagine >> it's somewhere in the xorp/fea/ folder, but I'm getting lost in all >> the abstract classes and can't find it. ?I saw in fibconfig.hh that it >> has a trie4/trie6 field, which I believe correspond to a forwarding >> table for the IPv4 and IPv6 packets, but it says that those fields are >> for "testing purpose" only, so I'm not sure if they're what's actually >> being used or not. >> >> As far as I can tell, I haven't seen any questions about this on the >> user forum in the past 16 months or so, so if I'm asking a question >> that's been asked before, I apologize. ?I also didn't see anything on >> this in the documentation. ?Thanks for any help you may be able to >> provide! > > Well, you can get a nice server with 16GB of RAM for less than $2000 > these days, so I'm not sure it matters. ?I have a feeling that some > other bottleneck will be found first if you are trying to use very large > numbers of routes. > > Maybe just figure out how to add lots of routes, and check the actual > memory usage with 10, 1000, 10,000 routes. > > Thanks, > Ben > > > -- > Ben Greear > Candela Technologies Inc ?http://www.candelatech.com From greearb at candelatech.com Mon Dec 5 10:49:42 2011 From: greearb at candelatech.com (Ben Greear) Date: Mon, 05 Dec 2011 10:49:42 -0800 Subject: [Xorp-users] Understanding structure of Forwarding Table In-Reply-To: References: Message-ID: <4EDD1246.2080305@candelatech.com> On 12/04/2011 11:55 AM, Matt Sinclair wrote: > Hi Ben, > > Thanks for getting back to me! What you said is definitely true, but > I'm still interested in what the number might be. Also, I'm > interested in trying to separate out control and data plane memory > requirements, so if I did as you proposed, wouldn't I be unable to > make that distinction? Your OS should be able to tell you the kernel usage v/s the memory used by the xorp binaries. 'top' will do this on Linux, and /proc/meminfo and other tools can tell you details about the kernel memory usage. Thanks, Ben > > Thanks, > Matt > > On Sun, Dec 4, 2011 at 1:45 PM, Ben Greear wrote: >> On 12/03/2011 04:55 PM, Matt Sinclair wrote: >>> Hi everyone, >>> >>> I'm new to XORP and I'm interested in looking at how much memory XORP >>> uses on a commodity machines. Specifically, I'm interested in how >>> many entries the forwarding table has (and thus how much memory >>> they're using). However, I can't seem to find where this is defined >>> in the code. Where does the FEA actually store routing information >>> (the information base) and in what manner does it store it? I imagine >>> it's somewhere in the xorp/fea/ folder, but I'm getting lost in all >>> the abstract classes and can't find it. I saw in fibconfig.hh that it >>> has a trie4/trie6 field, which I believe correspond to a forwarding >>> table for the IPv4 and IPv6 packets, but it says that those fields are >>> for "testing purpose" only, so I'm not sure if they're what's actually >>> being used or not. >>> >>> As far as I can tell, I haven't seen any questions about this on the >>> user forum in the past 16 months or so, so if I'm asking a question >>> that's been asked before, I apologize. I also didn't see anything on >>> this in the documentation. Thanks for any help you may be able to >>> provide! >> >> Well, you can get a nice server with 16GB of RAM for less than $2000 >> these days, so I'm not sure it matters. I have a feeling that some >> other bottleneck will be found first if you are trying to use very large >> numbers of routes. >> >> Maybe just figure out how to add lots of routes, and check the actual >> memory usage with 10, 1000, 10,000 routes. >> >> Thanks, >> Ben >> >> >> -- >> Ben Greear >> Candela Technologies Inc http://www.candelatech.com > > _______________________________________________ > Xorp-users mailing list > Xorp-users at xorp.org > http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/xorp-users -- Ben Greear Candela Technologies Inc http://www.candelatech.com From mdsincl2 at illinois.edu Mon Dec 5 12:07:44 2011 From: mdsincl2 at illinois.edu (Matt Sinclair) Date: Mon, 5 Dec 2011 14:07:44 -0600 Subject: [Xorp-users] Understanding structure of Forwarding Table In-Reply-To: References: Message-ID: Thanks Ben, I'll look into that. However, I was also wondering if anyone had insight into where this is set up? Matt On Mon, Dec 5, 2011 at 12:49 PM, Ben Greear wrote: > On 12/04/2011 11:55 AM, Matt Sinclair wrote: >> Hi Ben, >> >> Thanks for getting back to me! ?What you said is definitely true, but >> I'm still interested in what the number might be. ?Also, I'm >> interested in trying to separate out control and data plane memory >> requirements, so if I did as you proposed, wouldn't I be unable to >> make that distinction? > > Your OS should be able to tell you the kernel usage v/s > the memory used by the xorp binaries. ?'top' will do this > on Linux, and /proc/meminfo and other tools can tell you > details about the kernel memory usage. > > Thanks, > Ben > >> >> Thanks, >> Matt >> >> On Sun, Dec 4, 2011 at 1:45 PM, Ben Greear ?wrote: >>> On 12/03/2011 04:55 PM, Matt Sinclair wrote: >>>> Hi everyone, >>>> >>>> I'm new to XORP and I'm interested in looking at how much memory XORP >>>> uses on a commodity machines. ?Specifically, I'm interested in how >>>> many entries the forwarding table has (and thus how much memory >>>> they're using). ?However, I can't seem to find where this is defined >>>> in the code. ?Where does the FEA actually store routing information >>>> (the information base) and in what manner does it store it? ?I imagine >>>> it's somewhere in the xorp/fea/ folder, but I'm getting lost in all >>>> the abstract classes and can't find it. ?I saw in fibconfig.hh that it >>>> has a trie4/trie6 field, which I believe correspond to a forwarding >>>> table for the IPv4 and IPv6 packets, but it says that those fields are >>>> for "testing purpose" only, so I'm not sure if they're what's actually >>>> being used or not. >>>> >>>> As far as I can tell, I haven't seen any questions about this on the >>>> user forum in the past 16 months or so, so if I'm asking a question >>>> that's been asked before, I apologize. ?I also didn't see anything on >>>> this in the documentation. ?Thanks for any help you may be able to >>>> provide! >>> >>> Well, you can get a nice server with 16GB of RAM for less than $2000 >>> these days, so I'm not sure it matters. ?I have a feeling that some >>> other bottleneck will be found first if you are trying to use very large >>> numbers of routes. >>> >>> Maybe just figure out how to add lots of routes, and check the actual >>> memory usage with 10, 1000, 10,000 routes. >>> >>> Thanks, >>> Ben >>> >>> >>> -- >>> Ben Greear >>> Candela Technologies Inc ?http://www.candelatech.com >> >> _______________________________________________ >> Xorp-users mailing list >> Xorp-users at xorp.org >> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/xorp-users > > > -- > Ben Greear > Candela Technologies Inc ?http://www.candelatech.com > From greearb at candelatech.com Mon Dec 5 12:11:56 2011 From: greearb at candelatech.com (Ben Greear) Date: Mon, 05 Dec 2011 12:11:56 -0800 Subject: [Xorp-users] Understanding structure of Forwarding Table In-Reply-To: References: Message-ID: <4EDD258C.4070804@candelatech.com> On 12/05/2011 12:07 PM, Matt Sinclair wrote: > Thanks Ben, I'll look into that. However, I was also wondering if > anyone had insight into where this is set up? I think each xorp module has several routing tables, and there is some fancy logic to merge these into final routing table, which is then poked into the kernel. You could add some static instance counts the the appropriate classes (see the BugCatcher logic for example of how to do this sort of thing). Thanks, Ben > > Matt > > On Mon, Dec 5, 2011 at 12:49 PM, Ben Greear wrote: >> On 12/04/2011 11:55 AM, Matt Sinclair wrote: >>> Hi Ben, >>> >>> Thanks for getting back to me! What you said is definitely true, but >>> I'm still interested in what the number might be. Also, I'm >>> interested in trying to separate out control and data plane memory >>> requirements, so if I did as you proposed, wouldn't I be unable to >>> make that distinction? >> >> Your OS should be able to tell you the kernel usage v/s >> the memory used by the xorp binaries. 'top' will do this >> on Linux, and /proc/meminfo and other tools can tell you >> details about the kernel memory usage. >> >> Thanks, >> Ben >> >>> >>> Thanks, >>> Matt >>> >>> On Sun, Dec 4, 2011 at 1:45 PM, Ben Greear wrote: >>>> On 12/03/2011 04:55 PM, Matt Sinclair wrote: >>>>> Hi everyone, >>>>> >>>>> I'm new to XORP and I'm interested in looking at how much memory XORP >>>>> uses on a commodity machines. Specifically, I'm interested in how >>>>> many entries the forwarding table has (and thus how much memory >>>>> they're using). However, I can't seem to find where this is defined >>>>> in the code. Where does the FEA actually store routing information >>>>> (the information base) and in what manner does it store it? I imagine >>>>> it's somewhere in the xorp/fea/ folder, but I'm getting lost in all >>>>> the abstract classes and can't find it. I saw in fibconfig.hh that it >>>>> has a trie4/trie6 field, which I believe correspond to a forwarding >>>>> table for the IPv4 and IPv6 packets, but it says that those fields are >>>>> for "testing purpose" only, so I'm not sure if they're what's actually >>>>> being used or not. >>>>> >>>>> As far as I can tell, I haven't seen any questions about this on the >>>>> user forum in the past 16 months or so, so if I'm asking a question >>>>> that's been asked before, I apologize. I also didn't see anything on >>>>> this in the documentation. Thanks for any help you may be able to >>>>> provide! >>>> >>>> Well, you can get a nice server with 16GB of RAM for less than $2000 >>>> these days, so I'm not sure it matters. I have a feeling that some >>>> other bottleneck will be found first if you are trying to use very large >>>> numbers of routes. >>>> >>>> Maybe just figure out how to add lots of routes, and check the actual >>>> memory usage with 10, 1000, 10,000 routes. >>>> >>>> Thanks, >>>> Ben >>>> >>>> >>>> -- >>>> Ben Greear >>>> Candela Technologies Inc http://www.candelatech.com >>> >>> _______________________________________________ >>> Xorp-users mailing list >>> Xorp-users at xorp.org >>> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/xorp-users >> >> >> -- >> Ben Greear >> Candela Technologies Inc http://www.candelatech.com >> > > _______________________________________________ > Xorp-users mailing list > Xorp-users at xorp.org > http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/xorp-users -- Ben Greear Candela Technologies Inc http://www.candelatech.com From p_latini at hotmail.com Thu Dec 8 07:46:52 2011 From: p_latini at hotmail.com (Patricio Latini) Date: Thu, 8 Dec 2011 12:46:52 -0300 Subject: [Xorp-users] IS-IS Message-ID: Is anybody working on implementing IS-IS in xorp? If not I would like to help starting to work on it. Is there any documentation on xorp archicture? Patricio From greearb at candelatech.com Thu Dec 8 09:05:23 2011 From: greearb at candelatech.com (Ben Greear) Date: Thu, 08 Dec 2011 09:05:23 -0800 Subject: [Xorp-users] IS-IS In-Reply-To: References: Message-ID: <4EE0EE53.90300@candelatech.com> On 12/08/2011 07:46 AM, Patricio Latini wrote: > Is anybody working on implementing IS-IS in xorp? If not I would like to > help starting to work on it. > > Is there any documentation on xorp archicture? I'm not aware of anyone working on this. The xorp wiki has what documentation exists. I'd start by looking at some existing protocol that is somewhat similar (maybe OSPF?) and use that as a basis for the new code. Please post patches as soon as you have something that at least minimally functions. As long as it doesn't harm other protocols I'm happy to apply new code that still needs work. Thanks, Ben > > Patricio > > > > _______________________________________________ > Xorp-users mailing list > Xorp-users at xorp.org > http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/xorp-users -- Ben Greear Candela Technologies Inc http://www.candelatech.com From amir at net-saas.com Mon Dec 19 05:38:01 2011 From: amir at net-saas.com (Amir Naftali) Date: Mon, 19 Dec 2011 15:38:01 +0200 Subject: [Xorp-users] Firewall support and OpenSwan interoperability with XORP Message-ID: Hi, I'm a newbe to XORP (just started few days ago), I have compiled and run it on Fedora 16 (latest) and it looks good (followed instructions and everything went very smooth, the required ip_table.h changes were a bit different than stated in the bug since the .h file has changed a bit but it was a no brainer to adopt) I have few questions around the netfilter support and interoperability with IPSec implementations... - is there a way to sync configuration with the existing state of the machine (so for example i load xorp_rtrmgr with empty config file and sync it with the current interface configuration, routing data and firewall policies)? - Is there support for statefull inspection in the configuration and policies? if not is there any plans for supporting it? - Is there support for more granular icmp/igmp firewall policies (i have seen any from the CLI)? if not than same questions as above? - Has anyone tried to see if openswan (or any other ipsec/ike implementation) works well with XORP(on the same machine)? any known issues? Amir -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mailman.ICSI.Berkeley.EDU/pipermail/xorp-users/attachments/20111219/a80b5603/attachment.html From p_latini at hotmail.com Tue Dec 20 05:41:57 2011 From: p_latini at hotmail.com (Patricio Latini) Date: Tue, 20 Dec 2011 10:41:57 -0300 Subject: [Xorp-users] Firewall support and OpenSwan interoperability with XORP In-Reply-To: <000c01ccbe5e$5662f1b0$0328d510$@net-saas.com> References: <000c01ccbe5e$5662f1b0$0328d510$@net-saas.com> Message-ID: I have xorp running in the same machine than openswan as L2TP/IPSEC tunnel terminator without any issues. Patricio From: xorp-users-bounces at xorp.org [mailto:xorp-users-bounces at xorp.org] On Behalf Of Amir Naftali Sent: Monday, December 19, 2011 10:38 AM To: xorp-users at xorp.org Subject: [Xorp-users] Firewall support and OpenSwan interoperability with XORP Hi, I'm a newbe to XORP (just started few days ago), I have compiled and run it on Fedora 16 (latest) and it looks good (followed instructions and everything went very smooth, the required ip_table.h changes were a bit different than stated in the bug since the .h file has changed a bit but it was a no brainer to adopt) I have few questions around the netfilter support and interoperability with IPSec implementations... - is there a way to sync configuration with the existing state of the machine (so for example i load xorp_rtrmgr with empty config file and sync it with the current interface configuration, routing data and firewall policies)? - Is there support for statefull inspection in the configuration and policies? if not is there any plans for supporting it? - Is there support for more granular icmp/igmp firewall policies (i have seen any from the CLI)? if not than same questions as above? - Has anyone tried to see if openswan (or any other ipsec/ike implementation) works well with XORP(on the same machine)? any known issues? Amir -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mailman.ICSI.Berkeley.EDU/pipermail/xorp-users/attachments/20111220/43636183/attachment.html From p_latini at hotmail.com Tue Dec 20 05:53:28 2011 From: p_latini at hotmail.com (Patricio Latini) Date: Tue, 20 Dec 2011 10:53:28 -0300 Subject: [Xorp-users] OSPF Problem Between two xorp boxes Message-ID: I have a problem where RTRB is not receiving the 172.18.0/24 172.18.1/24 172.18.2/24 from RTRA. It is a pretty simple configuration where RTRA should redistribute that prefixes to RTRB however it is not doing that. Area 0.0.0.0 in both boxes is configured as Normal - Broadcast Any Idea? Thanks PAtricio /------------RTRX-------172.18.0.0/24 / Area 0.0.0.1 - NSSA RTRB ----------------- RTRA--------------RTRY-------172.18.1.0/24 Xorp Area Xorp \ Area 0.0.0.2 - NSSA 0.0.0.0 \------------RTRZ-------172.18.2.0/24 Area 0.0.0.3 - NSSA -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mailman.ICSI.Berkeley.EDU/pipermail/xorp-users/attachments/20111220/4b269885/attachment.html From p_latini at hotmail.com Wed Dec 21 10:31:40 2011 From: p_latini at hotmail.com (Patricio Latini) Date: Wed, 21 Dec 2011 15:31:40 -0300 Subject: [Xorp-users] OSPF Problem Between two xorp boxes In-Reply-To: <002601ccbf25$21f1ed60$65d5c820$@hotmail.com> References: <002601ccbf25$21f1ed60$65d5c820$@hotmail.com> Message-ID: Here the expected behavior would be that the Xorp running in RTRA to generate Type 4 advertisements for networks 172.18.0.0/24, 172.18.1.0/24 172.18.2.0/24 in 0.0.0.0 area. Any idea on how to troubleshoot this? Patricio From: xorp-users-bounces at xorp.org [mailto:xorp-users-bounces at xorp.org] On Behalf Of Patricio Latini Sent: Tuesday, December 20, 2011 10:53 AM To: xorp-users at xorp.org Subject: [Xorp-users] OSPF Problem Between two xorp boxes I have a problem where RTRB is not receiving the 172.18.0/24 172.18.1/24 172.18.2/24 from RTRA. It is a pretty simple configuration where RTRA should redistribute that prefixes to RTRB however it is not doing that. Area 0.0.0.0 in both boxes is configured as Normal - Broadcast Any Idea? Thanks PAtricio /------------RTRX-------172.18.0.0/24 / Area 0.0.0.1 - NSSA RTRB ----------------- RTRA--------------RTRY-------172.18.1.0/24 Xorp Area Xorp \ Area 0.0.0.2 - NSSA 0.0.0.0 \------------RTRZ-------172.18.2.0/24 Area 0.0.0.3 - NSSA -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mailman.ICSI.Berkeley.EDU/pipermail/xorp-users/attachments/20111221/42ce2a29/attachment.html From p_latini at hotmail.com Wed Dec 21 12:54:50 2011 From: p_latini at hotmail.com (Patricio Latini) Date: Wed, 21 Dec 2011 17:54:50 -0300 Subject: [Xorp-users] OSPF Problem Between two xorp boxes In-Reply-To: <00ce01ccc015$32588510$97098f30$@hotmail.com> References: <002601ccbf25$21f1ed60$65d5c820$@hotmail.com> <00ce01ccc015$32588510$97098f30$@hotmail.com> Message-ID: Type 5 I meant From: xorp-users-bounces at xorp.org [mailto:xorp-users-bounces at xorp.org] On Behalf Of Patricio Latini Sent: Wednesday, December 21, 2011 3:32 PM To: xorp-users at xorp.org Subject: Re: [Xorp-users] OSPF Problem Between two xorp boxes Here the expected behavior would be that the Xorp running in RTRA to generate Type 4 advertisements for networks 172.18.0.0/24, 172.18.1.0/24 172.18.2.0/24 in 0.0.0.0 area. Any idea on how to troubleshoot this? Patricio From: xorp-users-bounces at xorp.org [mailto:xorp-users-bounces at xorp.org] On Behalf Of Patricio Latini Sent: Tuesday, December 20, 2011 10:53 AM To: xorp-users at xorp.org Subject: [Xorp-users] OSPF Problem Between two xorp boxes I have a problem where RTRB is not receiving the 172.18.0/24 172.18.1/24 172.18.2/24 from RTRA. It is a pretty simple configuration where RTRA should redistribute that prefixes to RTRB however it is not doing that. Area 0.0.0.0 in both boxes is configured as Normal - Broadcast Any Idea? Thanks PAtricio /------------RTRX-------172.18.0.0/24 / Area 0.0.0.1 - NSSA RTRB ----------------- RTRA--------------RTRY-------172.18.1.0/24 Xorp Area Xorp \ Area 0.0.0.2 - NSSA 0.0.0.0 \------------RTRZ-------172.18.2.0/24 Area 0.0.0.3 - NSSA -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mailman.ICSI.Berkeley.EDU/pipermail/xorp-users/attachments/20111221/f390c692/attachment.html From greearb at candelatech.com Wed Dec 21 19:39:47 2011 From: greearb at candelatech.com (Ben Greear) Date: Wed, 21 Dec 2011 19:39:47 -0800 Subject: [Xorp-users] OSPF Problem Between two xorp boxes In-Reply-To: References: <002601ccbf25$21f1ed60$65d5c820$@hotmail.com> Message-ID: <4EF2A683.6080605@candelatech.com> On 12/21/2011 10:31 AM, Patricio Latini wrote: > Here the expected behavior would be that the Xorp running in RTRA to generate Type 4 advertisements for networks 172.18.0.0/24, 172.18.1.0/24 172.18.2.0/24 in > 0.0.0.0 area. > > Any idea on how to troubleshoot this? Look at the logs and see if there are any obvious warnings? Post your xorp configs. I don't have time to look at them right now, but maybe someone else would. Thanks, Ben > > Patricio > > *From:*xorp-users-bounces at xorp.org [mailto:xorp-users-bounces at xorp.org] *On Behalf Of *Patricio Latini > *Sent:* Tuesday, December 20, 2011 10:53 AM > *To:* xorp-users at xorp.org > *Subject:* [Xorp-users] OSPF Problem Between two xorp boxes > > I have a problem where RTRB is not receiving the 172.18.0/24 172.18.1/24 172.18.2/24 from RTRA. It is a pretty simple configuration where RTRA should > redistribute that prefixes to RTRB however it is not doing that. Area 0.0.0.0 in both boxes is configured as Normal ? Broadcast > > Any Idea? > > Thanks > > PAtricio > > /------------RTRX-------172.18.0.0/24 > > / Area 0.0.0.1 - NSSA > > RTRB ----------------- RTRA--------------RTRY-------172.18.1.0/24 > > Xorp Area Xorp \ Area 0.0.0.2 - NSSA > > 0.0.0.0 \------------RTRZ-------172.18.2.0/24 > > Area 0.0.0.3 - NSSA > > > > _______________________________________________ > Xorp-users mailing list > Xorp-users at xorp.org > http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/xorp-users -- Ben Greear Candela Technologies Inc http://www.candelatech.com From MuziniM at losrios.edu Thu Dec 22 15:30:21 2011 From: MuziniM at losrios.edu (Muzinich, Mike) Date: Thu, 22 Dec 2011 23:30:21 +0000 Subject: [Xorp-users] Problems with mutlicast Message-ID: <5732c36d-476a-479e-885e-a7c5da6532c5@LRCCD-HUB01.LRCCD.ad.losrios.edu> We are having problems getting multicast working through a GRE tunnel. All other traffic passes through the tunnel except for multicast. Both GRE endpoints are multi-homed. When I generate multicast traffic, I see traffic hit the inside interface but I don't see it hit the outside or tunnel interface. PIM neighbors, bootstrap, mrib, and rps all look fine but every entry in the mfc table doesn't have an outgoing interface. I have tried disabling and enabling net.ipv4.conf.default.rp_filter with no change in behavior , routed all multicast traffic through tun0, enabled multicast on the tunnel interface and gre0, and tried this with and without the outside interface in the Xorp configuration. Most of the warning messages related to the tunnel are: [ 2011/12/22 15:18:07.618194 WARNING xorp_pimsm4 PIM ] JoinDesired(S,G) = true: upstream neighbor for source X.X.X.X and group 224.0.1.60: not found Any help I can get will be appreciated. We are running version 1.8.4. Mike Muzinich Network Security Administrator Los Rios Community College District mike.muzinich at losrios.edu (916)568-3013 -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mailman.ICSI.Berkeley.EDU/pipermail/xorp-users/attachments/20111222/8db8c870/attachment.html From greearb at candelatech.com Thu Dec 22 20:12:23 2011 From: greearb at candelatech.com (Ben Greear) Date: Thu, 22 Dec 2011 20:12:23 -0800 Subject: [Xorp-users] Problems with mutlicast In-Reply-To: <5732c36d-476a-479e-885e-a7c5da6532c5@LRCCD-HUB01.LRCCD.ad.losrios.edu> References: <5732c36d-476a-479e-885e-a7c5da6532c5@LRCCD-HUB01.LRCCD.ad.losrios.edu> Message-ID: <4EF3FFA7.5020903@candelatech.com> On 12/22/2011 03:30 PM, Muzinich, Mike wrote: > We are having problems getting multicast working through a GRE tunnel. All other traffic passes through the tunnel except for multicast. Both GRE endpoints are > multi-homed. When I generate multicast traffic, I see traffic hit the inside interface but I don't see it hit the outside or tunnel interface. PIM neighbors, > bootstrap, mrib, and rps all look fine but every entry in the mfc table doesn't have an outgoing interface. > > I have tried disabling and enabling net.ipv4.conf.default.rp_filter with no change in behavior , routed all multicast traffic through tun0, enabled multicast on > the tunnel interface and gre0, and tried this with and without the outside interface in the Xorp configuration. Most of the warning messages related to the > tunnel are: > > [ 2011/12/22 15:18:07.618194 WARNING xorp_pimsm4 PIM ] JoinDesired(S,G) = true: upstream neighbor for source X.X.X.X and group 224.0.1.60: not found > > Any help I can get will be appreciated. We are running version 1.8.4. Use the latest code from GIT...I think I fixed that since the last release. Thanks, Ben > > *Mike Muzinich > Network Security Administrator > Los Rios Community College District > mike.muzinich at losrios.edu > (916)568-3013* > > > _______________________________________________ > Xorp-users mailing list > Xorp-users at xorp.org > http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/xorp-users -- Ben Greear Candela Technologies Inc http://www.candelatech.com From MuziniM at losrios.edu Tue Dec 27 09:57:30 2011 From: MuziniM at losrios.edu (Muzinich, Mike) Date: Tue, 27 Dec 2011 17:57:30 +0000 Subject: [Xorp-users] Problems with mutlicast In-Reply-To: <4EF3FFA7.5020903@candelatech.com> Message-ID: I am using the latest code from GIT, I think. Is there a file I can check to ensure I am using the latest code? Mike Muzinich Network Security Administrator Los Rios Community College District mike.muzinich at losrios.edu (916)568-3013 From: Ben Greear > Organization: Candela Technologies Date: Thu, 22 Dec 2011 20:12:23 -0800 To: Mike Muzinich > Cc: "xorp-users at xorp.org" > Subject: Re: [Xorp-users] Problems with mutlicast On 12/22/2011 03:30 PM, Muzinich, Mike wrote: We are having problems getting multicast working through a GRE tunnel. All other traffic passes through the tunnel except for multicast. Both GRE endpoints are multi-homed. When I generate multicast traffic, I see traffic hit the inside interface but I don't see it hit the outside or tunnel interface. PIM neighbors, bootstrap, mrib, and rps all look fine but every entry in the mfc table doesn't have an outgoing interface. I have tried disabling and enabling net.ipv4.conf.default.rp_filter with no change in behavior , routed all multicast traffic through tun0, enabled multicast on the tunnel interface and gre0, and tried this with and without the outside interface in the Xorp configuration. Most of the warning messages related to the tunnel are: [ 2011/12/22 15:18:07.618194 WARNING xorp_pimsm4 PIM ] JoinDesired(S,G) = true: upstream neighbor for source X.X.X.X and group 224.0.1.60: not found Any help I can get will be appreciated. We are running version 1.8.4. Use the latest code from GIT...I think I fixed that since the last release. Thanks, Ben *Mike Muzinich Network Security Administrator Los Rios Community College District mike.muzinich at losrios.edu (916)568-3013* _______________________________________________ Xorp-users mailing list Xorp-users at xorp.org http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/xorp-users -- Ben Greear > Candela Technologies Inc http://www.candelatech.com -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mailman.ICSI.Berkeley.EDU/pipermail/xorp-users/attachments/20111227/8e8e9861/attachment.html From greearb at candelatech.com Tue Dec 27 11:38:33 2011 From: greearb at candelatech.com (Ben Greear) Date: Tue, 27 Dec 2011 11:38:33 -0800 Subject: [Xorp-users] Problems with mutlicast In-Reply-To: References: Message-ID: <4EFA1EB9.9030102@candelatech.com> On 12/27/2011 09:57 AM, Muzinich, Mike wrote: > I am using the latest code from GIT, I think. Is there a file I can check to ensure I am using the latest code? The latest code will print a version when you start xorpsh, and should show 1.8.5-WIP: [root at lec2010-ath9k-1 lanforge]# /usr/local/xorp/sbin/xorpsh Welcome to XORP v1.8.5-WIP on lec2010-ath9k-1 Version tag: 52ea68a Build Date: 2011-10-05 16:36 32-bit root at lec2010-ath9k-1> Ben > > *Mike Muzinich > Network Security Administrator > Los Rios Community College District > mike.muzinich at losrios.edu > (916)568-3013* > > From: Ben Greear > > Organization: Candela Technologies > Date: Thu, 22 Dec 2011 20:12:23 -0800 > To: Mike Muzinich > > Cc: "xorp-users at xorp.org " > > Subject: Re: [Xorp-users] Problems with mutlicast > > On 12/22/2011 03:30 PM, Muzinich, Mike wrote: > > We are having problems getting multicast working through a GRE tunnel. All other traffic passes through the tunnel except for multicast. Both GRE endpoints are > multi-homed. When I generate multicast traffic, I see traffic hit the inside interface but I don't see it hit the outside or tunnel interface. PIM neighbors, > bootstrap, mrib, and rps all look fine but every entry in the mfc table doesn't have an outgoing interface. > > I have tried disabling and enabling net.ipv4.conf.default.rp_filter with no change in behavior , routed all multicast traffic through tun0, enabled multicast on > the tunnel interface and gre0, and tried this with and without the outside interface in the Xorp configuration. Most of the warning messages related to the > tunnel are: > > [ 2011/12/22 15:18:07.618194 WARNING xorp_pimsm4 PIM ] JoinDesired(S,G) = true: upstream neighbor for source X.X.X.X and group 224.0.1.60: not found > > Any help I can get will be appreciated. We are running version 1.8.4. > > > Use the latest code from GIT...I think I fixed that since the last release. > > Thanks, > Ben > > > *Mike Muzinich > Network Security Administrator > Los Rios Community College District > mike.muzinich at losrios.edu > (916)568-3013* > > > _______________________________________________ > Xorp-users mailing list > Xorp-users at xorp.org > http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/xorp-users > > > > -- > Ben Greear > > Candela Technologies Inc http://www.candelatech.com > -- Ben Greear Candela Technologies Inc http://www.candelatech.com From MuziniM at losrios.edu Tue Dec 27 12:34:42 2011 From: MuziniM at losrios.edu (Muzinich, Mike) Date: Tue, 27 Dec 2011 20:34:42 +0000 Subject: [Xorp-users] Problems with mutlicast In-Reply-To: <4EFA1EB9.9030102@candelatech.com> Message-ID: What is the URL to download the latest code? I don't get a version banner when I start the shell. vpn1:/root > /usr/local/xorp/sbin/xorpsh Welcome to XORP on vpn1 root at vpn1> show version Version 1.8.4 Mike Muzinich Network Security Administrator Los Rios Community College District mike.muzinich at losrios.edu (916)568-3013 From: Ben Greear > Organization: Candela Technologies Date: Tue, 27 Dec 2011 11:38:33 -0800 To: Mike Muzinich > Cc: "xorp-users at xorp.org" > Subject: Re: [Xorp-users] Problems with mutlicast On 12/27/2011 09:57 AM, Muzinich, Mike wrote: I am using the latest code from GIT, I think. Is there a file I can check to ensure I am using the latest code? The latest code will print a version when you start xorpsh, and should show 1.8.5-WIP: [root at lec2010-ath9k-1 lanforge]# /usr/local/xorp/sbin/xorpsh Welcome to XORP v1.8.5-WIP on lec2010-ath9k-1 Version tag: 52ea68a Build Date: 2011-10-05 16:36 32-bit root at lec2010-ath9k-1> Ben *Mike Muzinich Network Security Administrator Los Rios Community College District mike.muzinich at losrios.edu (916)568-3013* From: Ben Greear > Organization: Candela Technologies Date: Thu, 22 Dec 2011 20:12:23 -0800 To: Mike Muzinich > Cc: "xorp-users at xorp.org " > Subject: Re: [Xorp-users] Problems with mutlicast On 12/22/2011 03:30 PM, Muzinich, Mike wrote: We are having problems getting multicast working through a GRE tunnel. All other traffic passes through the tunnel except for multicast. Both GRE endpoints are multi-homed. When I generate multicast traffic, I see traffic hit the inside interface but I don't see it hit the outside or tunnel interface. PIM neighbors, bootstrap, mrib, and rps all look fine but every entry in the mfc table doesn't have an outgoing interface. I have tried disabling and enabling net.ipv4.conf.default.rp_filter with no change in behavior , routed all multicast traffic through tun0, enabled multicast on the tunnel interface and gre0, and tried this with and without the outside interface in the Xorp configuration. Most of the warning messages related to the tunnel are: [ 2011/12/22 15:18:07.618194 WARNING xorp_pimsm4 PIM ] JoinDesired(S,G) = true: upstream neighbor for source X.X.X.X and group 224.0.1.60: not found Any help I can get will be appreciated. We are running version 1.8.4. Use the latest code from GIT...I think I fixed that since the last release. Thanks, Ben *Mike Muzinich Network Security Administrator Los Rios Community College District mike.muzinich at losrios.edu (916)568-3013* _______________________________________________ Xorp-users mailing list Xorp-users at xorp.org http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/xorp-users -- Ben Greear > Candela Technologies Inc http://www.candelatech.com -- Ben Greear > Candela Technologies Inc http://www.candelatech.com -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mailman.ICSI.Berkeley.EDU/pipermail/xorp-users/attachments/20111227/8ec74c7b/attachment.html From greearb at candelatech.com Tue Dec 27 14:11:42 2011 From: greearb at candelatech.com (Ben Greear) Date: Tue, 27 Dec 2011 14:11:42 -0800 Subject: [Xorp-users] Problems with mutlicast In-Reply-To: References: Message-ID: <4EFA429E.9060501@candelatech.com> On 12/27/2011 12:34 PM, Muzinich, Mike wrote: > What is the URL to download the latest code? I don't get a version banner when I start the shell. git clone git://github.com/greearb/xorp.ct.git After that, to get any new updates, just do a 'git pull' in the newly created directory. Ben > > vpn1:/root > /usr/local/xorp/sbin/xorpsh > Welcome to XORP on vpn1 > root at vpn1> show version > Version 1.8.4 > > *Mike Muzinich > Network Security Administrator > Los Rios Community College District > mike.muzinich at losrios.edu > (916)568-3013* > > From: Ben Greear > > Organization: Candela Technologies > Date: Tue, 27 Dec 2011 11:38:33 -0800 > To: Mike Muzinich > > Cc: "xorp-users at xorp.org " > > Subject: Re: [Xorp-users] Problems with mutlicast > > On 12/27/2011 09:57 AM, Muzinich, Mike wrote: > > I am using the latest code from GIT, I think. Is there a file I can check to ensure I am using the latest code? > > > The latest code will print a version when you start xorpsh, > and should show 1.8.5-WIP: > > [root at lec2010-ath9k-1 lanforge]# /usr/local/xorp/sbin/xorpsh > Welcome to XORP v1.8.5-WIP on lec2010-ath9k-1 > Version tag: 52ea68a Build Date: 2011-10-05 16:36 32-bit > root at lec2010-ath9k-1> > > Ben > > > *Mike Muzinich > Network Security Administrator > Los Rios Community College District > mike.muzinich at losrios.edu > (916)568-3013* > > From: Ben Greear >> > Organization: Candela Technologies > Date: Thu, 22 Dec 2011 20:12:23 -0800 > To: Mike Muzinich >> > Cc: "xorp-users at xorp.org >" >> > Subject: Re: [Xorp-users] Problems with mutlicast > > On 12/22/2011 03:30 PM, Muzinich, Mike wrote: > > We are having problems getting multicast working through a GRE tunnel. All other traffic passes through the tunnel except for multicast. Both GRE endpoints are > multi-homed. When I generate multicast traffic, I see traffic hit the inside interface but I don't see it hit the outside or tunnel interface. PIM neighbors, > bootstrap, mrib, and rps all look fine but every entry in the mfc table doesn't have an outgoing interface. > > I have tried disabling and enabling net.ipv4.conf.default.rp_filter with no change in behavior , routed all multicast traffic through tun0, enabled multicast on > the tunnel interface and gre0, and tried this with and without the outside interface in the Xorp configuration. Most of the warning messages related to the > tunnel are: > > [ 2011/12/22 15:18:07.618194 WARNING xorp_pimsm4 PIM ] JoinDesired(S,G) = true: upstream neighbor for source X.X.X.X and group 224.0.1.60: not found > > Any help I can get will be appreciated. We are running version 1.8.4. > > > Use the latest code from GIT...I think I fixed that since the last release. > > Thanks, > Ben > > > *Mike Muzinich > Network Security Administrator > Los Rios Community College District > mike.muzinich at losrios.edu > (916)568-3013* > > > _______________________________________________ > Xorp-users mailing list > Xorp-users at xorp.org > http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/xorp-users > > > > -- > Ben Greear >> > Candela Technologies Inc http://www.candelatech.com > > > > -- > Ben Greear > > Candela Technologies Inc http://www.candelatech.com > -- Ben Greear Candela Technologies Inc http://www.candelatech.com From andriysenkovych at gmail.com Wed Dec 28 05:22:34 2011 From: andriysenkovych at gmail.com (Andriy Senkovych) Date: Wed, 28 Dec 2011 15:22:34 +0200 Subject: [Xorp-users] Wrong IP address used for GRE interface Message-ID: Hello, xorp-users! I'm using Xorp 1.8.3 package on Debian for PIM-SM over GRE/IPSec. I used slightly modified default config. I use such tunnels to access both worker machines and data provider: The config file has the following interfaces section: interfaces { restore-original-config-on-shutdown: false interface cme-gw { description: "Tunnel interface to data provider" disable: false default-system-config } interface cme-dev { description: "Tunnel interface to worker machine" disable: false default-system-config } } As a result I get the following interfaces configuration: > show interfaces cme-dev/cme-dev: Flags: mtu 1476 speed unknown inet 10.145.0.129 subnet 10.145.0.129/32 --> 10.145.129.63 inet 10.145.2.122 subnet 10.145.2.120/30 --> 10.145.2.122 physical index 5 cme-gw/cme-gw: Flags: mtu 1476 speed unknown inet 10.145.0.129 subnet 10.145.0.129/32 --> 10.145.254.1 inet 10.145.2.222 subnet 10.145.2.220/30 --> 10.145.2.222 physical index 4 My actual configuration for these interfaces is: $ ip a l 4: cme-gw: mtu 1476 qdisc noqueue state UNKNOWN link/gre 10.145.0.129 peer 10.145.254.1 inet 10.145.2.222/30 scope global cme-gw 5: cme-dev: mtu 1476 qdisc noqueue state UNKNOWN link/gre 10.145.0.129 peer 10.145.129.63 inet 10.145.2.122/30 scope global cme-dev Using config above I get the following pim interfaces configuration: > show pim interface Interface State Mode V PIMstate Priority DRaddr Neighbors cme-dev UP Sparse 2 DR 1 10.145.0.129 0 cme-gw UP Sparse 2 DR 1 10.145.0.129 0 And PIM_HELLO packets are sent with wrong parameters: [ 2011/12/28 13:07:18.8664 TRACE xorp_pimsm4 PIM ] pim_send: TX PIM_HELLO from 10.145.0.129 to 224.0.0.13 on vif cme-gw [ 2011/12/28 13:07:20.817323 TRACE xorp_pimsm4 PIM ] pim_send: TX PIM_HELLO from 10.145.0.129 to 224.0.0.13 on vif cme-dev Here you can see that xorp has chosen wrong IP address to send the packets (10.145.0.129 instead of 10.145.2.222 for cme-gw and 10.145.2.122 for cme-dev) I have similar(but working) environment to get data from another data provider. Its interfaces settings are: $ ip a l 4: tun247102: mtu 1476 qdisc noqueue state UNKNOWN link/gre 192.168.247.29 peer 192.168.0.84 inet 10.100.247.102/30 scope global tun247102 5: rts-dev: mtu 1476 qdisc noqueue state UNKNOWN link/gre 192.168.247.29 peer 192.168.133.10 inet 10.100.133.14/30 scope global rts-dev > show interfaces rts-dev/rts-dev: Flags: mtu 1476 speed unknown inet 10.100.133.14 subnet 10.100.133.12/30 --> 10.100.133.14 inet 192.168.247.29 subnet 192.168.247.29/32 --> 192.168.133.10 physical index 5 tun247102/tun247102: Flags: mtu 1476 speed unknown inet 10.100.247.102 subnet 10.100.247.100/30 --> 10.100.247.102 inet 192.168.247.29 subnet 192.168.247.29/32 --> 192.168.0.84 physical index 4 > show pim interfaces Interface State Mode V PIMstate Priority DRaddr Neighbors rts-dev UP Sparse 2 DR 1 10.100.133.14 0 tun247102 UP Sparse 2 DR 1 10.100.247.102 1 >From this I make the conclusion that xorp takes the first available configuration and uses is as a default. However as you can see this will work only when IP address of GRE tunnel is smaller than local IP address used to setup this GRE tunnel. I tried both using default-system-config and manual interfaces configuration but this didn't help. Is there any solution for this problem? -- WBR, Andriy Senkovych From greearb at candelatech.com Wed Dec 28 06:26:57 2011 From: greearb at candelatech.com (Ben Greear) Date: Wed, 28 Dec 2011 06:26:57 -0800 Subject: [Xorp-users] Wrong IP address used for GRE interface In-Reply-To: References: Message-ID: <4EFB2731.7010905@candelatech.com> On 12/28/2011 05:22 AM, Andriy Senkovych wrote: > Hello, xorp-users! > > I'm using Xorp 1.8.3 package on Debian for PIM-SM over GRE/IPSec. I > used slightly modified default config. I use such tunnels to access > both worker machines and data provider: Use the latest code from github (1.8.5-WIP). The problem should be fixed there. Thanks, Ben > > The config file has the following interfaces section: > > interfaces { > restore-original-config-on-shutdown: false > interface cme-gw { > description: "Tunnel interface to data provider" > disable: false > default-system-config > } > > interface cme-dev { > description: "Tunnel interface to worker machine" > disable: false > default-system-config > } > } > > As a result I get the following interfaces configuration: > >> show interfaces > cme-dev/cme-dev: Flags: mtu 1476 speed unknown > inet 10.145.0.129 subnet 10.145.0.129/32 --> 10.145.129.63 > inet 10.145.2.122 subnet 10.145.2.120/30 --> 10.145.2.122 > physical index 5 > cme-gw/cme-gw: Flags: mtu 1476 speed unknown > inet 10.145.0.129 subnet 10.145.0.129/32 --> 10.145.254.1 > inet 10.145.2.222 subnet 10.145.2.220/30 --> 10.145.2.222 > physical index 4 > > My actual configuration for these interfaces is: > > $ ip a l > 4: cme-gw: mtu 1476 qdisc > noqueue state UNKNOWN > link/gre 10.145.0.129 peer 10.145.254.1 > inet 10.145.2.222/30 scope global cme-gw > 5: cme-dev: mtu 1476 qdisc > noqueue state UNKNOWN > link/gre 10.145.0.129 peer 10.145.129.63 > inet 10.145.2.122/30 scope global cme-dev > > Using config above I get the following pim interfaces configuration: > >> show pim interface > Interface State Mode V PIMstate Priority DRaddr Neighbors > cme-dev UP Sparse 2 DR 1 10.145.0.129 0 > cme-gw UP Sparse 2 DR 1 10.145.0.129 0 > > And PIM_HELLO packets are sent with wrong parameters: > > [ 2011/12/28 13:07:18.8664 TRACE xorp_pimsm4 PIM ] pim_send: TX > PIM_HELLO from 10.145.0.129 to 224.0.0.13 on vif cme-gw > [ 2011/12/28 13:07:20.817323 TRACE xorp_pimsm4 PIM ] pim_send: TX > PIM_HELLO from 10.145.0.129 to 224.0.0.13 on vif cme-dev > > Here you can see that xorp has chosen wrong IP address to send the > packets (10.145.0.129 instead of 10.145.2.222 for cme-gw and > 10.145.2.122 for cme-dev) > > I have similar(but working) environment to get data from another data > provider. Its interfaces settings are: > > $ ip a l > 4: tun247102: mtu 1476 qdisc > noqueue state UNKNOWN > link/gre 192.168.247.29 peer 192.168.0.84 > inet 10.100.247.102/30 scope global tun247102 > 5: rts-dev: mtu 1476 qdisc > noqueue state UNKNOWN > link/gre 192.168.247.29 peer 192.168.133.10 > inet 10.100.133.14/30 scope global rts-dev > >> show interfaces > rts-dev/rts-dev: Flags: mtu 1476 speed unknown > inet 10.100.133.14 subnet 10.100.133.12/30 --> 10.100.133.14 > inet 192.168.247.29 subnet 192.168.247.29/32 --> 192.168.133.10 > physical index 5 > tun247102/tun247102: Flags: mtu 1476 > speed unknown > inet 10.100.247.102 subnet 10.100.247.100/30 --> 10.100.247.102 > inet 192.168.247.29 subnet 192.168.247.29/32 --> 192.168.0.84 > physical index 4 > >> show pim interfaces > Interface State Mode V PIMstate Priority DRaddr Neighbors > rts-dev UP Sparse 2 DR 1 10.100.133.14 0 > tun247102 UP Sparse 2 DR 1 10.100.247.102 1 > >> From this I make the conclusion that xorp takes the first available > configuration and uses is as a default. However as you can see this > will work only when IP address of GRE tunnel is smaller than local IP > address used to setup this GRE tunnel. > > I tried both using default-system-config and manual interfaces > configuration but this didn't help. > > Is there any solution for this problem? > -- Ben Greear Candela Technologies Inc http://www.candelatech.com From andriysenkovych at gmail.com Wed Dec 28 07:14:28 2011 From: andriysenkovych at gmail.com (Andriy Senkovych) Date: Wed, 28 Dec 2011 17:14:28 +0200 Subject: [Xorp-users] Wrong IP address used for GRE interface In-Reply-To: <4EFB2731.7010905@candelatech.com> References: <4EFB2731.7010905@candelatech.com> Message-ID: Hello, Ben. Cannot find 1.8.5-WIP branch or tag so I assume you meant HEAD, and WIP is for "work in progress", right? Thanks. -- WBR, Andriy Senkovych From greearb at candelatech.com Wed Dec 28 07:38:37 2011 From: greearb at candelatech.com (Ben Greear) Date: Wed, 28 Dec 2011 07:38:37 -0800 Subject: [Xorp-users] Wrong IP address used for GRE interface In-Reply-To: References: <4EFB2731.7010905@candelatech.com> Message-ID: <4EFB37FD.6010408@candelatech.com> On 12/28/2011 07:14 AM, Andriy Senkovych wrote: > Hello, Ben. > > Cannot find 1.8.5-WIP branch or tag so I assume you meant HEAD, and > WIP is for "work in progress", right? Yes. I'll do a new release before the end of January, but use HEAD for now. Thanks, Ben > > Thanks. > -- Ben Greear Candela Technologies Inc http://www.candelatech.com From MuziniM at losrios.edu Wed Dec 28 09:03:30 2011 From: MuziniM at losrios.edu (Muzinich, Mike) Date: Wed, 28 Dec 2011 17:03:30 +0000 Subject: [Xorp-users] Problems with mutlicast In-Reply-To: <4EFA429E.9060501@candelatech.com> Message-ID: I have the new code loaded but multicast traffic is still not forwarding. There are numerous warnings in the error logs stating "Target "fib2mrib" does not exist or is not enabled" though I have the following in the configuration file. I don't see this warning on the other routers that are functioning normally with Xorp. I don't have the outside interface defined in the plumbing section as I am under the impression everything should go through tun0? fib2mrib { disable: false } Mike Muzinich Network Security Administrator Los Rios Community College District mike.muzinich at losrios.edu (916)568-3013 From: Ben Greear > Organization: Candela Technologies Date: Tue, 27 Dec 2011 14:11:42 -0800 To: Mike Muzinich > Cc: "xorp-users at xorp.org" > Subject: Re: [Xorp-users] Problems with mutlicast On 12/27/2011 12:34 PM, Muzinich, Mike wrote: What is the URL to download the latest code? I don't get a version banner when I start the shell. git clone git://github.com/greearb/xorp.ct.git After that, to get any new updates, just do a 'git pull' in the newly created directory. Ben vpn1:/root > /usr/local/xorp/sbin/xorpsh Welcome to XORP on vpn1 root at vpn1> show version Version 1.8.4 *Mike Muzinich Network Security Administrator Los Rios Community College District mike.muzinich at losrios.edu (916)568-3013* From: Ben Greear > Organization: Candela Technologies Date: Tue, 27 Dec 2011 11:38:33 -0800 To: Mike Muzinich > Cc: "xorp-users at xorp.org " > Subject: Re: [Xorp-users] Problems with mutlicast On 12/27/2011 09:57 AM, Muzinich, Mike wrote: I am using the latest code from GIT, I think. Is there a file I can check to ensure I am using the latest code? The latest code will print a version when you start xorpsh, and should show 1.8.5-WIP: [root at lec2010-ath9k-1 lanforge]# /usr/local/xorp/sbin/xorpsh Welcome to XORP v1.8.5-WIP on lec2010-ath9k-1 Version tag: 52ea68a Build Date: 2011-10-05 16:36 32-bit root at lec2010-ath9k-1> Ben *Mike Muzinich Network Security Administrator Los Rios Community College District mike.muzinich at losrios.edu (916)568-3013* From: Ben Greear >> Organization: Candela Technologies Date: Thu, 22 Dec 2011 20:12:23 -0800 To: Mike Muzinich >> Cc: "xorp-users at xorp.org >" >> Subject: Re: [Xorp-users] Problems with mutlicast On 12/22/2011 03:30 PM, Muzinich, Mike wrote: We are having problems getting multicast working through a GRE tunnel. All other traffic passes through the tunnel except for multicast. Both GRE endpoints are multi-homed. When I generate multicast traffic, I see traffic hit the inside interface but I don't see it hit the outside or tunnel interface. PIM neighbors, bootstrap, mrib, and rps all look fine but every entry in the mfc table doesn't have an outgoing interface. I have tried disabling and enabling net.ipv4.conf.default.rp_filter with no change in behavior , routed all multicast traffic through tun0, enabled multicast on the tunnel interface and gre0, and tried this with and without the outside interface in the Xorp configuration. Most of the warning messages related to the tunnel are: [ 2011/12/22 15:18:07.618194 WARNING xorp_pimsm4 PIM ] JoinDesired(S,G) = true: upstream neighbor for source X.X.X.X and group 224.0.1.60: not found Any help I can get will be appreciated. We are running version 1.8.4. Use the latest code from GIT...I think I fixed that since the last release. Thanks, Ben *Mike Muzinich Network Security Administrator Los Rios Community College District mike.muzinich at losrios.edu (916)568-3013* _______________________________________________ Xorp-users mailing list Xorp-users at xorp.org http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/xorp-users -- Ben Greear >> Candela Technologies Inc http://www.candelatech.com -- Ben Greear > Candela Technologies Inc http://www.candelatech.com -- Ben Greear > Candela Technologies Inc http://www.candelatech.com -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mailman.ICSI.Berkeley.EDU/pipermail/xorp-users/attachments/20111228/4c2ca4b0/attachment.html From greearb at candelatech.com Wed Dec 28 09:58:08 2011 From: greearb at candelatech.com (Ben Greear) Date: Wed, 28 Dec 2011 09:58:08 -0800 Subject: [Xorp-users] Problems with mutlicast In-Reply-To: References: Message-ID: <4EFB58B0.6020209@candelatech.com> On 12/28/2011 09:03 AM, Muzinich, Mike wrote: > I have the new code loaded but multicast traffic is still not forwarding. There are numerous warnings in the error logs stating "Target "fib2mrib" does not > exist or is not enabled" though I have the following in the configuration file. I don't see this warning on the other routers that are functioning normally with > Xorp. I don't have the outside interface defined in the plumbing section as I am under the impression everything should go through tun0? > > fib2mrib { > disable: false > } Please post the full logs and your config file. I don't have much time currently, but maybe someone else will have ideas. Ben > > *Mike Muzinich > Network Security Administrator > Los Rios Community College District > mike.muzinich at losrios.edu > (916)568-3013* > > From: Ben Greear > > Organization: Candela Technologies > Date: Tue, 27 Dec 2011 14:11:42 -0800 > To: Mike Muzinich > > Cc: "xorp-users at xorp.org " > > Subject: Re: [Xorp-users] Problems with mutlicast > > On 12/27/2011 12:34 PM, Muzinich, Mike wrote: > > What is the URL to download the latest code? I don't get a version banner when I start the shell. > > > git clone git://github.com/greearb/xorp.ct.git > > After that, to get any new updates, just do a 'git pull' in > the newly created directory. > > Ben > > > vpn1:/root > /usr/local/xorp/sbin/xorpsh > Welcome to XORP on vpn1 > root at vpn1> show version > Version 1.8.4 > > *Mike Muzinich > Network Security Administrator > Los Rios Community College District > mike.muzinich at losrios.edu > (916)568-3013* > > From: Ben Greear >> > Organization: Candela Technologies > Date: Tue, 27 Dec 2011 11:38:33 -0800 > To: Mike Muzinich >> > Cc: "xorp-users at xorp.org >" >> > Subject: Re: [Xorp-users] Problems with mutlicast > > On 12/27/2011 09:57 AM, Muzinich, Mike wrote: > > I am using the latest code from GIT, I think. Is there a file I can check to ensure I am using the latest code? > > > The latest code will print a version when you start xorpsh, > and should show 1.8.5-WIP: > > [root at lec2010-ath9k-1 lanforge]# /usr/local/xorp/sbin/xorpsh > Welcome to XORP v1.8.5-WIP on lec2010-ath9k-1 > Version tag: 52ea68a Build Date: 2011-10-05 16:36 32-bit > root at lec2010-ath9k-1> > > Ben > > > *Mike Muzinich > Network Security Administrator > Los Rios Community College District > mike.muzinich at losrios.edu > (916)568-3013* > > From: Ben Greear > > >>> > Organization: Candela Technologies > Date: Thu, 22 Dec 2011 20:12:23 -0800 > To: Mike Muzinich > > >>> > Cc: "xorp-users at xorp.org > > >>" > > >>> > Subject: Re: [Xorp-users] Problems with mutlicast > > On 12/22/2011 03:30 PM, Muzinich, Mike wrote: > > We are having problems getting multicast working through a GRE tunnel. All other traffic passes through the tunnel except for multicast. Both GRE endpoints are > multi-homed. When I generate multicast traffic, I see traffic hit the inside interface but I don't see it hit the outside or tunnel interface. PIM neighbors, > bootstrap, mrib, and rps all look fine but every entry in the mfc table doesn't have an outgoing interface. > > I have tried disabling and enabling net.ipv4.conf.default.rp_filter with no change in behavior , routed all multicast traffic through tun0, enabled multicast on > the tunnel interface and gre0, and tried this with and without the outside interface in the Xorp configuration. Most of the warning messages related to the > tunnel are: > > [ 2011/12/22 15:18:07.618194 WARNING xorp_pimsm4 PIM ] JoinDesired(S,G) = true: upstream neighbor for source X.X.X.X and group 224.0.1.60: not found > > Any help I can get will be appreciated. We are running version 1.8.4. > > > Use the latest code from GIT...I think I fixed that since the last release. > > Thanks, > Ben > > > *Mike Muzinich > Network Security Administrator > Los Rios Community College District > mike.muzinich at losrios.edu > (916)568-3013* > > > _______________________________________________ > Xorp-users mailing list > Xorp-users at xorp.org > http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/xorp-users > > > > -- > Ben Greear > > >>> > Candela Technologies Inc http://www.candelatech.com > > > > -- > Ben Greear >> > Candela Technologies Inc http://www.candelatech.com > > > > -- > Ben Greear > > Candela Technologies Inc http://www.candelatech.com > -- Ben Greear Candela Technologies Inc http://www.candelatech.com