Re: BGP: can't set sockopt TCP_MD5SIG 0 to socket 16



I'm using FreeBSD 5.4 with quagga 0.98.5. For L2 switch I'm using D-link
DES3326S and router using intel GB network card (dual port). The routing
process is controlled using quagga by ospfd and zebra. I forgot to see the
network traffice from tcpdump, for that I need to do a testing first and
will let u know the result.

Therefore, here is my vlan's config :

# --*Network*--
network_interfaces="em0 em1 em2 em3 rl0 lo0"
ifconfig_rl0="inet 192.168.0.10 netmask 255.255.255.0"
ifconfig_em0="up"
ifconfig_em1="up"
ifconfig_em2="up"
cloned_interfaces="vlan0 vlan1 vlan2 vlan3 vlan4 vlan6 vlan7 vlan8 vlan9
vlan10"
ifconfig_vlan0="inet xx.xx.0.1 netmask 255.255.255.0 vlan 1 vlandev em0"
ifconfig_vlan1="inet xx.xx.8.1 netmask 255.255.255.248 vlan 20 vlandev em0"
ifconfig_vlan2="inet xx.xx.1.1 netmask 255.255.255.192 vlan 2 vlandev em2"
ifconfig_vlan3="inet xx.xx.11.1 netmask 255.255.255.0 vlan 1000 vlandev em0"
ifconfig_vlan4="inet xx.xx.13.1 netmask 255.255.255.0 vlan 1001 vlandev em0"
ifconfig_vlan6="inet xx.xx.10.129 netmask 255.255.255.240 vlan 50 vlandev
em1"
ifconfig_vlan7="inet xx.xx.10.145 netmask 255.255.255.248 vlan 51 vlandev
em1"
ifconfig_vlan8="inet xx.xx.10.161 netmask 255.255.255.224 vlan 52 vlandev
em1"
ifconfig_vlan9="inet xx.xx.10.1 netmask 255.255.255.192 vlan 4000 vlandev
em1"
ifconfig_vlan10="inet xx.xx.14.1 netmask 255.255.255.248 vlan 2001 vlandev
em2"


-*ospfd's configuration*-
interface em0
description To Vlans
!
interface em1
description To Vlans
!
interface em2
description To Vlans - Business
!
interface em3
description To p2p - CORE
!
interface lo0
description To IBGP - Loopback
!
interface plip0
!
interface rl0
!
interface rl1
description To PG DistRouter
!
interface vlan0
description To Switch Management
!
interface vlan1
description To Authentication
!
interface vlan2
description To Business Switch Management
!
interface vlan3
description To Vlan1000
!
interface vlan4
description To Vlan1001
!
interface vlan6
description To Vlan50 - IDC 1
!
interface vlan7
description To Vlan51 - IDC 2
!
interface vlan8
description To Vlan52 - IDC 3
!
interface vlan9
description To Vlan4000 - DMZ
!
interface vlan10
description To Vlan2001 - Business Customer
!
router ospf
ospf router-id xx.xx.8.130
network xx.xx.0.0/24 area 0.0.0.1
network xx.xx.1.0/26 area 0.0.0.1
network xx.xx.8.0/29 area 0.0.0.1
network xx.xx.8.66/32 area 0.0.0.0
network xx.xx.8.128/29 area 0.0.0.0
network xx.xx.8.168/30 area 0.0.0.0
network xx.xx.10.0/26 area 0.0.0.1
network xx.xx.10.128/28 area 0.0.0.10
network xx.xx.10.144/29 area 0.0.0.10
network xx.xx.10.160/27 area 0.0.0.10
network xx.xx.11.0/24 area 0.0.0.50
network xx.xx.13.0/24 area 0.0.0.51
network xx.xx.14.0/29 area 0.0.0.52
!
line vty
!

-*zebra configuration*-
!
interface em0
ipv6 nd suppress-ra
!
interface em1
description To Vlans
ipv6 nd suppress-ra
!
interface em2
ipv6 nd suppress-ra
!
interface em3
ip address xx.xx.8.130/29
ipv6 nd suppress-ra
!
interface lo0
description To IBGP Loopback
ip address xx.xx.8.66/32
!
interface plip0
ipv6 nd suppress-ra
!
interface rl0
ipv6 nd suppress-ra
!
interface rl1
ip address xx.xx.8.169/30
ipv6 nd suppress-ra
!
interface vlan0
ipv6 nd suppress-ra
!
interface vlan1
description To Authentication
ipv6 nd suppress-ra
!
interface vlan2
ipv6 nd suppress-ra
!
interface vlan3
description To Customer
ipv6 nd suppress-ra
!
interface vlan4
description To Customer
ipv6 nd suppress-ra
!
interface vlan6
description To IDC
ipv6 nd suppress-ra
!
interface vlan7
description To IDC
ipv6 nd suppress-ra
!
interface vlan8
description To IDC
ipv6 nd suppress-ra
!
interface vlan9
ipv6 nd suppress-ra
!
interface vlan10
ipv6 nd suppress-ra
!
ip forwarding
!
line vty
!


On 4/3/06, Peter Jeremy <peterjeremy@xxxxxxxxxxxxxxxx> wrote:

On Mon, 2006-Apr-03 17:55:56 +0800, Nik wrote:
I'm curious why I need to enable MD5 because in my system I don't use any
authentication method. Is there any way to off the parameter. Also I
notice
that vlan in FreeBSD is not fully trunk.

Examples ;

vlan 1000 : 192.168.0.1/26

connect to L2 switch and untag certain port to connect to PC. I still can
use internet when I set that PC to use this IP;

IP = 192.168.0.5/24
Gateway = 192.168.0.1/24

I use VLAN trunks extensively in FreeBSD and have no problems with
them (I've had more problems with broken VLAN implementations in
switches). Can you detail exactly what your interface configuration
is and what commands your are issuing that aren't working as expected.
Have you looked at the network traffic using (eg) tcpdump.

--
Peter Jeremy

_______________________________________________
freebsd-current@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscribe@xxxxxxxxxxx"



Relevant Pages

  • [PATCH 1/1] IPN: Inter Process Networking
    ... +IPN is an Inter Process Communication service. ... +interface and protocols used for networking. ... +to a "network". ... +creates a communication socket. ...
    (Linux-Kernel)
  • Re: [PATCH 1/1] IPN: Inter Process Networking
    ... +IPN is an Inter Process Communication service. ... +interface and protocols used for networking. ... +to a "network". ... +creates a communication socket. ...
    (Linux-Kernel)
  • Re: Publish Web Server behind SBS 2003 Standard
    ... Microsoft CSS Online Newsgroup Support ... When opening a new thread via the web interface, ... |> Method 2: Different ports ... |> "Network Connection". ...
    (microsoft.public.windows.server.sbs)
  • RE: VPN Error 800
    ... In SBS network, we only support one or two interfaces. ... We have a workaround for your condition: disable perimeter interface, ... then enable perimeter interface. ...
    (microsoft.public.windows.server.sbs)
  • Re: "Windows cannot access the file gpt.ini for GPO" - Events 1058 and 1030 on XP client o
    ... by going into network properties Control ... :: the blank records for the external interface for both the domain ... :: Kevin D4 Dad Goodknecht Sr. ... Did you create the Blank Host for the private IP of the NIC that has file ...
    (microsoft.public.windows.server.dns)