On Mon, Apr 27, 2020 at 07:26:08PM +0100, Richard Chivers wrote: > Hi, > > That makes a lot of sense thanks, and appears to have solved the problem, > we had a route added through our loopback interface in production" > "!/sbin/route add -reject default 127.0.0.1" > > Is that the best/general practise in general?
I would use a -blackhole route (no need to send out ICMP messages) but yes, that is what I normally use in such a case (at least for the DFZ). > Cheers > > Richard > > On Mon, Apr 27, 2020 at 8:25 AM Claudio Jeker <cje...@diehard.n-r-g.com> > wrote: > > > On Sun, Apr 26, 2020 at 08:44:42PM +0100, Richard Chivers wrote: > > > Not sure how I missed the clear information in the man page... > > > > > > "If set to default, a default route pointing to this router will be > > > announced over OSPF" > > > > > > It seems I am just having an issue and it should work as I expected. > > > > > > I will do some more diagnosis in the morning... > > > > > > > I think the man page is not optimal here. ospfd(8) and ospf6d(8) will only > > redistribute networks that are in the FIB. So in case of redistribute > > default the router needs to have a default route 0/0 or ::/0 in the > > routing table. Also that route's priority needs to be less than 32 > > to be picked up. > > > > This is different from bgpd where the network statements and export > > default-route statement work even if there is no matching route in the > > FIB. > > > > > On Sun, 26 Apr 2020, 17:09 Richard Chivers, <r.chiv...@zengenti.com> > > wrote: > > > > > > > Hi, > > > > > > > > Hope someone can help, I am having a strange issue and can't seem to > > > > isolate the problem. > > > > > > > > We have "redistribute default" set globally on our bgp/ibgp speakers > > > > in the ospfd.conf. The bsd boxes are all 6.6. > > > > > > > > These routers are connected via ibgp to some other routers and have > > > > external bgp sessions taking at present a couple of basic network > > > > announcements from their egbp peers. e.g. 2.2.2.0/24 ( we have faked > > our > > > > transit provider) > > > > > > > > Connected to these routers we have a pair of firewalls, which > > previously > > > > received a default route from the bgp/ibgp speakers. > > > > > > > > I am trying to understand exactly what the redistribute default in the > > > > ospfd.conf does. I assume it is saying if i have a static default > > route or > > > > another default route from an upstream then tell other routers about > > it? Or > > > > is it saying tell others to use me as a default route. I can't seem to > > find > > > > anything specific in the docs to clarify this, and would like to > > understand > > > > it clearly if pos. > > > > > > > > In our case our previous configuration on 5.8 and this configuration > > has a > > > > static route on the bgp speakers of 0.0.0.0/24 -> 127.0.0.1. > > > > > > > > If I do a ospfctl sh rib or ospfctl sh data on the firewalls i just > > don't > > > > see any default route being provided by the bgp speakers. > > > > > > > > Hope this makes sense. I am sure I am missing something obvious... > > > > > > > > Effectively I want the bgp speakers to announce themselves as the > > default > > > > route for their neighbor firewalls over ospf. > > > > > > > > Thanks > > > > > > > > -- > > :wq Claudio > > -- :wq Claudio
