[Xorp-users] FW: cannot ping one of the interfaces from an OSPF router after installing XORP
Ben Greear
greearb at candelatech.com
Wed Aug 6 13:26:34 PDT 2014
On 08/06/2014 01:18 PM, Liu, Xuan (UMKC-Student) wrote:
> I guess it depends on what OS the node has.
I think it is probably:
if net.ipv4.conf.all.rp_filter or
net.ipv4.conf.[iface-name].rp_filter
then warn user
I wouldn't try to make xorp actually change the config since
maybe the user really wants rp_filter enabled...
Thanks,
Ben
>
> For CentOS 5.5
> [root at control-2 ~]# sysctl -a | grep \\.rp_filter
> net.ipv4.conf.all.rp_filter = 0
> net.ipv4.conf.default.rp_filter = 1
> net.ipv4.conf.lo.rp_filter = 0
> net.ipv4.conf.eth0.rp_filter = 1
>
> For my nodes running Ubuntu 12.04:
> net.ipv4.conf.all.rp_filter = 1
> net.ipv4.conf.default.rp_filter = 1
> net.ipv4.conf.lo.rp_filter = 1
> net.ipv4.conf.eth0.rp_filter = 1
> net.ipv4.conf.eth1.rp_filter = 1
> net.ipv4.conf.eth2.rp_filter = 1
> net.ipv4.conf.eth3.rp_filter = 1
> net.ipv4.conf.eth4.rp_filter = 1
> net.ipv4.conf.eth5.rp_filter = 1
> net.ipv4.conf.eth6.rp_filter = 1
>
> On ubuntu system, I need to run following command to turn off the reverse path filtering (assuming all my virtual interfaces are ethX, X is not 0)
> sudo sysctl -w net.ipv4.conf.all.rp_filter=0
> sudo sysctl -w net.ipv4.conf.default.rp_filter=0
> # turn off the reverse path filtering for eth1 ~ eth6
> /sbin/ifconfig -a | grep eth | awk '{ if (substr($1, 4,4) != 0) { print "sudo sysctl -w net.ipv4.conf." $1 ".rp_filter=0"}}' | sh
>
> Then it looks like:
> net.ipv4.conf.all.rp_filter = 0
> net.ipv4.conf.default.rp_filter = 0
> net.ipv4.conf.lo.rp_filter = 1
> net.ipv4.conf.eth0.rp_filter = 1
> net.ipv4.conf.eth1.rp_filter = 0
> net.ipv4.conf.eth2.rp_filter = 0
> net.ipv4.conf.eth3.rp_filter = 0
> net.ipv4.conf.eth4.rp_filter = 0
> net.ipv4.conf.eth5.rp_filter = 0
> net.ipv4.conf.eth6.rp_filter = 0
>
> I only tested XORP on Fedora and Ubuntu, so I'm not sure if this only happens to Ubuntu system.
>
> So maybe it's better to have a note in the XORP installation instruction, so that the users can be aware of this potential issue.
>
> Thanks,
>
> -- Xuan
>
>
>
>
>
> ________________________________________
> From: Ben Greear <greearb at candelatech.com>
> Sent: Tuesday, August 5, 2014 5:18 PM
> To: Liu, Xuan (UMKC-Student)
> Cc: Avinash Sridharan; xorp-users at xorp.org
> Subject: Re: [Xorp-users] FW: cannot ping one of the interfaces from an OSPF router after installing XORP
>
> On 08/05/2014 03:05 PM, Liu, Xuan (UMKC-Student) wrote:
>> Okay, I just figured it out. I needs to turn off the reverse path filtering on my VM, by default it's 1.
>>
>>
>> sudo sysctl -w net.ipv4.conf.all.rp_filter=0
>>
>> sudo sysctl -w net.ipv4.conf.default.rp_filter=0
>>
>>
>> I also did similar thing to all other interfaces (eth1, eth2, ...)
>>
>>
>> Here is a bug report about this issue for ubuntu server 10.04 that has Quagga installed.
>>
>>
>> https://bugs.launchpad.net/ubuntu/+source/quagga/+bug/625812
>>
>>
>> Thank you for all the helps
>
> Is this something that Xorp could detect on startup and warn the user about, perhaps?
>
> If so, a patch (against latest code in git) would be welcome.
>
> Thanks,
> Ben
>
> --
> Ben Greear <greearb at candelatech.com>
> Candela Technologies Inc http://www.candelatech.com
>
--
Ben Greear <greearb at candelatech.com>
Candela Technologies Inc http://www.candelatech.com
More information about the Xorp-users
mailing list