Hello
Maybe try doing the IP of the host you want to go to?
It will look silly but maybe it works?
Aka
!route add 10.1.111.11 10.1.111.11
That worked on my attempt even without sleeping
See if that helps.
On Thu, 9 Feb 2023, 22:59 Radek, <r...@int.pl> wrote:
> Hello Bradley,
> if I add that route to /etc/hostname.vr3 I have no access to 10.1.111.11,
> even from the local router.
> After reboot I have to delete and add that route again by hand to make
> everything work (sometimes I have to repeat delete/add few times to make it
> work). It's 7.2/i386.
> Any idea?
>
> [10.109.3.15] $ cat /etc/hostname.vr3
> inet 10.1.111.1 255.255.255.0
> !sleep 60
> !route add 10.1.111.11 10.1.111.1
>
> [10.109.3.15] $ route -n show
> Routing tables
>
> Internet:
> Destination Gateway Flags Refs Use Mtu Prio
> Iface
> default 10.109.3.254 UGS 5 10 - 8 vr0
> 224/4 127.0.0.1 URS 0 56 32768 8 lo0
> 10.1.100/24 10.1.100.1 Cn 0 0 - 4 vr1
> 10.1.100.1 00:00:24:cb:4f:cd UHLl 0 0 - 1 vr1
> 10.1.100.255 10.1.100.1 Hb 0 0 - 1 vr1
> 10.1.111/24 10.1.111.1 UCn 0 0 - 4 vr3
> 10.1.111.1 00:00:24:cb:4f:cf UHLhl 1 2 - 1 vr3
> 10.1.111.11 10.1.111.1 UGHS 0 104 - 8 vr3
> 10.1.111.255 10.1.111.1 UHb 0 0 - 1 vr3
> 10.1.222/24 10.109.3.16 UG 0 0 - 32 vr0
> 10.109.3/24 10.109.3.15 UCn 3 18 - 4 vr0
> 10.109.3.10 a4:bb:6d:d6:5a:a4 UHLc 1 11 - 3 vr0
> 10.109.3.15 00:00:24:cb:4f:cc UHLl 0 13 - 1 vr0
> 10.109.3.16 00:00:24:cd:90:10 UHLch 1 11 - 3 vr0
> 10.109.3.254 00:0d:b9:35:39:29 UHLch 1 16 - 3 vr0
> 10.109.3.255 10.109.3.15 UHb 0 0 - 1 vr0
> 127/8 127.0.0.1 UGRS 0 0 32768 8 lo0
> 127.0.0.1 127.0.0.1 UHhl 1 2 32768 1 lo0
>
> then...
> [10.109.3.15] $ route delete 10.1.111.11 10.1.111.1
> delete host 10.1.111.11: gateway 10.1.111.1
> [10.109.3.15] $ route add 10.1.111.11 10.1.111.1
> add host 10.1.111.11: gateway 10.1.111.1
>
> [10.109.3.15] $ route -n show
> Routing tables
>
> Internet:
> Destination Gateway Flags Refs Use Mtu Prio
> Iface
> default 10.109.3.254 UGS 5 11 - 8 vr0
> 224/4 127.0.0.1 URS 0 137 32768 8 lo0
> 10.1.100/24 10.1.100.1 Cn 0 0 - 4 vr1
> 10.1.100.1 00:00:24:cb:4f:cd UHLl 0 0 - 1 vr1
> 10.1.100.255 10.1.100.1 Hb 0 0 - 1 vr1
> 10.1.111/24 10.1.111.1 UCn 1 0 - 4 vr3
> 10.1.111.1 00:00:24:cb:4f:cf UHLhl 1 15 - 1 vr3
> 10.1.111.11 00:00:24:cb:4f:d0 UHLc 0 172 - 3 vr3
> 10.1.111.11 10.1.111.1 UGHS 0 0 - 8 vr3
> 10.1.111.255 10.1.111.1 UHb 0 0 - 1 vr3
> 10.1.222/24 10.109.3.16 UG 0 170 - 32 vr0
> 10.109.3/24 10.109.3.15 UCn 3 28 - 4 vr0
> 10.109.3.10 a4:bb:6d:d6:5a:a4 UHLc 1 22 - 3 vr0
> 10.109.3.15 00:00:24:cb:4f:cc UHLl 0 24 - 1 vr0
> 10.109.3.16 00:00:24:cd:90:10 UHLch 1 33 - 3 vr0
> 10.109.3.254 00:0d:b9:35:39:29 UHLch 1 24 - 3 vr0
> 10.109.3.255 10.109.3.15 UHb 0 0 - 1 vr0
> 127/8 127.0.0.1 UGRS 0 0 32768 8 lo0
> 127.0.0.1 127.0.0.1 UHhl 1 2 32768 1 lo0
>
>
>
> On Thu, 9 Feb 2023 07:47:33 +1100
> Bradley Latus <brad.la...@gmail.com> wrote:
>
> > Hi,
> > I see a small mistake
> >
> > You need to add that route to vr3 interface when you bring it up, vr0
> will
> > most likely be up before vr3 so that is why your route adding in the
> > hostname.vr0 is wrong.
> >
> > Cheers
> >
> > On Thu, 9 Feb 2023, 01:36 Radek, <r...@int.pl> wrote:
> >
> > > Hello Bradley,
> > > thank you, your setup works the way I need.
> > >
> > > I can't deal with adding the static route permanently. I have to add
> the
> > > static route by hand (route add 10.1.111.11/32 10.1.111.1) after
> reboot.
> > > Did I missed something?
> > >
> > > [10.109.3.15] $ cat /etc/hostname.vr0
> > > -inet
> > > dhcp
> > > #inet 10.109.3.15 255.255.255.0
> > > !sleep 60
> > > !route add 10.1.111.11/32 10.1.111.1
> > >
> > > After reboot it looks like this:
> > >
> > > [10.109.3.15] $ route -n show
> > > Routing tables
> > >
> > > Internet:
> > > Destination Gateway Flags Refs Use Mtu Prio
> > > Iface
> > > default 10.109.3.254 UGS 5 15 -
> 8 vr0
> > > 224/4 127.0.0.1 URS 0 59 32768
> 8 lo0
> > > 10.1.100/24 10.1.100.1 Cn 0 0 -
> 4 vr1
> > > 10.1.100.1 00:00:24:cb:4f:cd UHLl 0 0 -
> 1 vr1
> > > 10.1.100.255 10.1.100.1 Hb 0 0 -
> 1 vr1
> > > 10.1.111/24 10.1.111.1 UCn 1 0 -
> 4 vr3
> > > 10.1.111.1 00:00:24:cb:4f:cf UHLl 0 3 -
> 1 vr3
> > > 10.1.111.11 00:00:24:cb:4f:d0 UHLc 0 2 -
> 3 vr3
> > > 10.1.111.255 10.1.111.1 UHb 0 0 -
> 1 vr3
> > > 10.1.222/24 10.109.3.16 UG 0 0 -
> 32 vr0
> > > 10.109.3/24 10.109.3.15 UCn 3 40 -
> 4 vr0
> > > 10.109.3.10 a4:bb:6d:d6:5a:a4 UHLc 1 29 -
> 3 vr0
> > > 10.109.3.15 00:00:24:cb:4f:cc UHLl 0 13 -
> 1 vr0
> > > 10.109.3.16 00:00:24:cd:90:10 UHLch 1 26 -
> 3 vr0
> > > 10.109.3.254 00:0d:b9:35:39:29 UHLch 1 31 -
> 3 vr0
> > > 10.109.3.255 10.109.3.15 UHb 0 0 -
> 1 vr0
> > > 127/8 127.0.0.1 UGRS 0 0 32768
> 8 lo0
> > > 127.0.0.1 127.0.0.1 UHhl 1 2 32768
> 1 lo0
> > >
> > >
> > > On Tue, 7 Feb 2023 17:54:27 +1100
> > > Bradley Latus <brad.la...@gmail.com> wrote:
> > >
> > > > Hi all,
> > > >
> > > > I have done an experiment.
> > > >
> > > > If your interface is part of an area, it will be advertised always.
> > > >
> > > > If you wanted to advertise only /32 this is how I got mine to work.
> > > > Ensure your interface vr3 is not in your ospf area
> > > >
> > > > Add a static route to the one you wish to advertise, it appears that
> > > unless
> > > > a route exists on the machine you cannot redistribute a random ip.
> > > >
> > > > So route add 10.1.111.11/32 10.1.111.1
> > > >
> > > > Then you can redistribute your /32
> > > >
> > > >
> > > >
> > > > router-id 10.109.3.15
> > > > redistribute 10.1.111.11/32
> > > >
> > > > area 0.0.0.0 {
> > > > interface vr0
> > > > }
> > > >
> > > >
> > > >
> > > > On Tue, 7 Feb 2023, 02:46 Radek, <r...@int.pl> wrote:
> > > >
> > > > > Hello,
> > > > > > I’d check the databases on both sides.
> > > > > > And flush/reload the config and fibs.
> > > > > I reloaded and restarted OSPFd on both sides - nothing changes.
> Then, I
> > > > > rebooted routers on both sides - nothing changes.
> > > > > I still can see/ping the whole 10.1.111.0/24 subnet from the far
> end.
> > > > >
> > > > > [10.109.3.15]$ ospfctl show database router
> > > > >
> > > > > Router Link States (Area 0.0.0.0)
> > > > >
> > > > > LS age: 238
> > > > > Options: -|-|-|-|-|-|E|-
> > > > > LS Type: Router
> > > > > Link State ID: 10.109.3.15
> > > > > Advertising Router: 10.109.3.15
> > > > > LS Seq Number: 0x80000016
> > > > > Checksum: 0x6d0a
> > > > > Length: 48
> > > > > Flags: *|*|*|*|*|-|E|-
> > > > > Number of Links: 2
> > > > >
> > > > > Link connected to: Stub Network
> > > > > Link ID (Network ID): 10.1.111.0
> > > > > Link Data (Network Mask): 255.255.255.0
> > > > > Metric: 10
> > > > >
> > > > > Link connected to: Transit Network
> > > > > Link ID (Designated Router address): 10.109.3.16
> > > > > Link Data (Router Interface address): 10.109.3.15
> > > > > Metric: 10
> > > > >
> > > > > LS age: 239
> > > > > Options: -|-|-|-|-|-|E|-
> > > > > LS Type: Router
> > > > > Link State ID: 10.109.3.16
> > > > > Advertising Router: 10.109.3.16
> > > > > LS Seq Number: 0x80000016
> > > > > Checksum: 0xb058
> > > > > Length: 36
> > > > > Flags: *|*|*|*|*|-|E|-
> > > > > Number of Links: 1
> > > > >
> > > > > Link connected to: Transit Network
> > > > > Link ID (Designated Router address): 10.109.3.16
> > > > > Link Data (Router Interface address): 10.109.3.16
> > > > > Metric: 10
> > > > >
> > > > >
> > > > > [10.109.3.16]$ ospfctl show fib
> > > > > flags: * = valid, O = OSPF, C = Connected, S = Static
> > > > > Flags Prio Destination Nexthop
> > > > > *S 8 0.0.0.0/0 10.109.3.254
> > > > > *O 32 10.1.111.0/24 10.109.3.15
> > > > >
> > > > >
> > > > > On Sun, 5 Feb 2023 22:20:07 +0100
> > > > > Diederik Schouten <dsch...@high5.net> wrote:
> > > > >
> > > > > > Hello,
> > > > > >
> > > > > > I’d check the databases on both sides.
> > > > > > And flush/reload the config and fibs.
> > > > > > Then check again which link state advertisements are in the
> database.
> > > > > > To make sure you now get the /32 advertised.
> > > > > >
> > > > > > Sent from my iPhone
> > > > > >
> > > > > > > On 5 Feb 2023, at 21:15, Radek <r...@int.pl> wrote:
> > > > > > >
> > > > > > > Hello Diederik, hello Tom,
> > > > > > > this is a simple lab/testing configuration, that's why there
> is no
> > > > > "passive" and other...
> > > > > > > The purpose of this configuration is to allow access to
> certain IP
> > > > > address and restrict access to the rest of the subnet.
> > > > > > > I can use PF to block/pass what I need... but I'm trying make
> sure
> > > if
> > > > > I can do it by announcing "not more than needed" over OSPF.
> > > > > > >
> > > > > > > "redistribute 10.1.111.11/32" seems to be what I need, but
> > > probally I
> > > > > missed something, because this option doesn't work for me as
> expected.
> > > > > > >
> > > > > > > $ cat /etc/ospfd.conf
> > > > > > > router-id 10.109.3.15
> > > > > > > redistribute 10.1.111.11/32
> > > > > > >
> > > > > > > area 0.0.0.0 {
> > > > > > > interface vr0
> > > > > > > interface vr3
> > > > > > > }
> > > > > > >
> > > > > > > Then, I can still see/ping other IPs in 10.1.111.0/24 from
> the far
> > > > > end network.
> > > > > > >
> > > > > > > On the far router I can see the whole subnet instead of
> somthing
> > > like
> > > > > " *O 32 10.1.111.11/24 10.109.3.15".
> > > > > > >
> > > > > > > $ ospfctl show fib
> > > > > > > flags: * = valid, O = OSPF, C = Connected, S = Static
> > > > > > > Flags Prio Destination Nexthop
> > > > > > > *S 8 0.0.0.0/0 10.109.3.254
> > > > > > > *O 32 10.1.111.0/24 10.109.3.15
> > > > > > >
> > > > > > > Any clues?
> > > > > > >
> > > > > > >> On Sat, 4 Feb 2023 23:16:57 +0000
> > > > > > >> Tom Smyth <tom.sm...@wirelessconnect.eu> wrote:
> > > > > > >>
> > > > > > >> Hi Radek,
> > > > > > >>
> > > > > > >> it is better practice to add ospf network statements to
> > > ospfd.conf
> > > > > > >> (if you dont want to send / recieve ospf messages on an
> interface
> > > set
> > > > > the
> > > > > > >> interface to passive in ospfd.conf
> > > > > > >> avoid redistribute connected
> > > > > > >> (add the network you want to be added to your ospf network)
> and
> > > leave
> > > > > the
> > > > > > >> other network ommitted from your ospfd.conf
> > > > > > >>
> > > > > > >>
> > > > > > >> I hope this helps,
> > > > > > >>
> > > > > > >>
> > > > > > >>> On Sat, 4 Feb 2023 at 20:02, Radek <r...@int.pl> wrote:
> > > > > > >>>
> > > > > > >>> Hello,
> > > > > > >>> is it possible to announce over OSPF only one (or a few
> > > specific) IP
> > > > > > >>> address instead of the whole subnet?
> > > > > > >>> If yes.. an ospfd.conf example would be appreciated.
> > > > > > >>>
> > > > > > >>> $ cat /etc/hostname.vr3
> > > > > > >>> inet 10.1.111.1 255.255.255.0
> > > > > > >>>
> > > > > > >>> $ cat /etc/ospfd.conf
> > > > > > >>> router-id 10.109.3.15
> > > > > > >>> redistribute connected
> > > > > > >>>
> > > > > > >>> area 0.0.0.0 {
> > > > > > >>> interface vr0
> > > > > > >>> interface vr3
> > > > > > >>> }
> > > > > > >>>
> > > > > > >>> Thanks,
> > > > > > >>> Radek
> > > > > > >>>
> > > > > > >>>
> > > > > > >>
> > > > > > >> --
> > > > > > >> Kindest regards,
> > > > > > >> Tom Smyth.
> > > > > > >
> > > > > > >
> > > > > > > Radek
> > > > > > >
> > > > > >
> > > > >
> > > > >
> > > > > Radek
> > > > >
> > > > >
> > >
> > >
> > > Radek
> > >
> > >
>
>
> Radek
>
>
