Main »

FAQ

Questions:


1. Does Quagga Run on uclibc?
2. My provider requires me to password-protect BGP sessions (neighbor a.b.c.d password blah)
3. I need more info about TCP-MD5, where is it?
4. Does Quagga support dot1q encapsulation?
5. Where do I get Quagga?
6. How do I ask a question on the mailing-list to get any (or even a helpful) answer?
7. How do I exclude specific networks from redistribution to other protocols?
8. I want to redistribute stuff from BGP into OSPF. what do I do?
9. Why do all my routes go out when time is corrected, e.g. after running ntpdate? Why is it so and how to fix it and how to avoid this issue?
10. Does Quagga support mpls or gmpls ?
11. OSPF is not working on my wireless network. Why is it so, and what can I do to make it work?
12. What's the difference between matching against access-list and a prefix-list ?
13. Is it possible for zebra to add a static route in a non-default routing table, something like ip route add X via Y table Z does. ?
14. How to turn granularities hello-interval and dead-interval from seconds to milliseconds?
15. Bgpd|ospfd|other daemon is running, I can see it exchanging routes with other network equipment, but there are no routes installed into routing table. What is wrong?
16. I want all interfaces to be set passive by default when using OSPF, and only become enabled if configured so. What should I do?
17. Is it possible to do source based routing on linux with quagga?
18. I applied route-map on one of my neighbors in order to tag own routes with communities, but my neighbor does not see them.
19. Is there a way to have all the deamons interact together so one can logon to the local host once and configure everything, rip, ospf, ect. ?
20. Does quagga support 4-byte ASN? ( See: http://ripe.net/info/faq/rs/asn32.html )
21. I want to push 100mbit/1/10GE through my box, what pci/cpu should I use?
22. I'm getting sendmsg in ospf_write failed in logs
23. I got this in logs: RIPNG: can't bind ripng socket: Permission denied
24. I've setup my linux box to talk tcp-md5, I'm sure it is working right, but on the Cisco's side I see this: %TCP-6-BADAUTH: No MD5 digest from ... . What's wrong?
25. What I do to make Quagga talk tcp-md5?
26. What ports/protocols should I allow on firewall to use OSPF?
27. How to summarize routes on ABR?
28. How can I verify what routes I'm sending to (i)BGP peer
29. I'my trying to make Quagga talk md5 with latest patches and kernel >=2.6.20. All seemd to be fine, but apparently it's not. What to do?
30. bgpd|ospfd|zebra|ripd segfaulted! What do I do to provide full debugging data to developers?


Answers:

Q: Does Quagga Run on uclibc? (^)
A: Yes. It is known to compile and run with the last few version of uclibc.

Q: My provider requires me to password-protect BGP sessions (neighbor a.b.c.d password blah) (^)
A: You need TCP-MD5, follow this page

Q: I need more info about TCP-MD5, where is it? (^)
A: Check here

Q: Does Quagga support dot1q encapsulation? (^)
A: No, Quagga only does routing, it does not provide full support for configuring the OS that it runs on (e.g. dot1q, netfilters, iptables). Quagga is not IOS! To get dot1q working, you have to refer to the manuals of your OS. Quagga only supports configuring addresses on interfaces.

Q: Where do I get Quagga? (^)
A: One can download Quagga directly from here, or from a mirror .

Q: How do I ask a question on the mailing-list to get any (or even a helpful) answer? (^)
A: You have to ask it The Right Way

Q: How do I exclude specific networks from redistribution to other protocols? (^)
A: You have to apply route-map or distribute-list.

Q: I want to redistribute stuff from BGP into OSPF. what do I do? (^)
A: You do not really want to do it. For explanation read Paul's networking blog, chapter Why can't I filter OSPF

Q: Why do all my routes go out when time is corrected, e.g. after running ntpdate? Why is it so and how to fix it and how to avoid this issue? (^)
A: this happens when using MD5-AUTH, as described in Quagga Quagga docs. Time should never go backwards for MD5-AUTH to work. Some other issues with LSA were also noticed with unstable timers. Notice, that ntpdate is not intended to be use by any host with stable network connectivity (router seems to be one ;-) ), one should use a time daemon like chrony, ntpd or similar, also see bug #134 for more discussion, and a patch for testing.

Q: Does Quagga support mpls or gmpls ? (^)
A: Sadly, mpls support for Quagga is very outdated, patches seem not to be maintained for a long time. Additional information about mpls and Linux is here.

Q: OSPF is not working on my wireless network. Why is it so, and what can I do to make it work? (^)
A: Some of wireless access points and bridges lack support for multicasts. By default, quagga treats network as broadcast cloud. To get ospfd work on such equipment, one must configure ospfd to work on non-broadcast networks, and configure each neighbor separately, just like in configuration examples (ospf configuration examples, example 1). Also, make sure that the timers on interfaces match.

Q: What's the difference between matching against access-list and a prefix-list ? (^)
A: access-list let's you match against range, e.g.
access-list TEST permit 10.0.0.0/8
by default, matches all prefixes within given range. E.g. prefix 10.2.3.0/24 fits in. It's equal to the following ip prefix-list:
ip prefix-list TEST2 permit 10.0.0.0/8 le 32
Attention here. Prefix-list without le or ge specified, works slightly different from access-list. The following prefix-list:
ip prefix-list TEST3 permit 10.0.0.0/8
will only pass network 10.0.0.0/8, meaning 10.2.3.0/24 will NOT make it.

Q: Is it possible for zebra to add a static route in a non-default routing table, something like ip route add X via Y table Z does. ? (^)
A: No. Zebra does not support multiple routing tables.

Q: How to turn granularities hello-interval and dead-interval from seconds to milliseconds? (^)
A: 'ip ospf dead-interval minimal hello-multiplier X' command needs to be set. Read here how to do this.

Q: Bgpd|ospfd|other daemon is running, I can see it exchanging routes with other network equipment, but there are no routes installed into routing table. What is wrong? (^)
A: In this case, you should check, if there's zebra daemon running, and if other daemons have access to zebra's socket (which should be accessible and present in --localstatedir set up while ./configure, by default /var, in Debian /var/run/quagga)

Q: I want all interfaces to be set passive by default when using OSPF, and only become enabled if configured so. What should I do? (^)
A: You might try passive-by-default patch, more info here or use Quagga >=0.99.6

Q: Is it possible to do source based routing on linux with quagga? (^)
A: No. ;-) Use static routing and iproute2 tool.

Q: I applied route-map on one of my neighbors in order to tag own routes with communities, but my neighbor does not see them. (^)
A: Try clearing the session to this neighbor (clear ip bgp <ip>) either soft or hard. You may also try checking spelling.

Q: Is there a way to have all the deamons interact together so one can logon to the local host once and configure everything, rip, ospf, ect. ? (^)
A: For this purpose a vtysh should be used. It connects to all the daemons and directs each command to the appropriate daemon(s).

Q: Does quagga support 4-byte ASN? ( See: http://ripe.net/info/faq/rs/asn32.html ) (^)
A: Not yet in mainline, but check additional resources for custom patches.

Q: I want to push 100mbit/1/10GE through my box, what pci/cpu should I use? (^)
A: It's not really a Quagga question, but it's been asked from time to time on #quagga, so let's cite: 
               <Scrye> pci-e > pci-x > pci 64bit > pci 32bit 
               <Scrye> 500mbps for pci 32, 1000 for pci64/66, 1000 full duplex for pci-x-100/133 
                       and 2gig pcie x1, 4gig pcie-x4, 10gig pciex8 10gig full pci-x16 
               <Scrye> roughly
               <glut> Scrye: and what about cpu that handles stuff? 
               <Scrye> ghz per gigabit 
               <Scrye> glut : one of those new quad core xeons should beable to handle a 10 gigabit feed 


               Whole story here
Q: I'm getting sendmsg in ospf_write failed in logs (^)
A: Check your firewalling, you possibly filtered out ospf

Q: I got this in logs: RIPNG: can't bind ripng socket: Permission denied (^)
A: Check the permissions on the directory configured as the local state directory (--localstatedir)

Q: I've setup my linux box to talk tcp-md5, I'm sure it is working right, but on the Cisco's side I see this: %TCP-6-BADAUTH: No MD5 digest from ... . What's wrong? (^)
A: If you're sure Quagga talks tcp-md5 (kernel and stuff) check Cisco bug CSCsb51019

Q: What I do to make Quagga talk tcp-md5? (^)
A: In general, you need two things: 
               # apply the patch to quagga 0.99.6 with and compile it with -DHAVE_TCP_MD5 cflags
               # configure kernel with CONFIG_TCP_MD5SIG=y 
               if it's not working, you might check [quagga-users 8151] (whole thread seems interesting)
Q: What ports/protocols should I allow on firewall to use OSPF? (^)
A: OSPF is a separate protocol, number 89, so you have to allow protocol ospf on your firewall 
               e.g. iptables -t filter -I INPUT -p 89 -j ACCEPT on Linux
Q: How to summarize routes on ABR? (^)
A: Check here

Q: How can I verify what routes I'm sending to (i)BGP peer (^)
A: sh ip bgp neighbors <neighbor ip> advertised-routes

Q: I'my trying to make Quagga talk md5 with latest patches and kernel >=2.6.20. All seemd to be fine, but apparently it's not. What to do? (^)
A: Try checking AddRes for Linux TCP-MD5 story and make sure you've TSO disabled on your NIC

with ethtool -K tso off

Q: bgpd|ospfd|zebra|ripd segfaulted! What do I do to provide full debugging data to developers? (^)
A: Check here

Page last modified on September 18, 2007

Edit - History - Print - Recent Changes (All) - Search