plugins icon indicating copy to clipboard operation
plugins copied to clipboard

Published 20 hours ago verified publisher icon opnsense

enable staticd (frr) by default

Open ip6li opened this issue 2 years ago • 0 comments

Important notices

Before you add a new report, we ask you kindly to acknowledge the following:

  • [x] I have read the contributing guide lines at https://github.com/opnsense/core/blob/master/CONTRIBUTING.md
  • [x] I am convinced that my issue is new after having checked both open and closed issues at https://github.com/opnsense/core/issues?q=is%3Aissue

Issue 5778 does not match to my problem.

Used OPNsense version: OPNsense 22.7.4-amd64, FreeBSD 13.1-RELEASE-p2, OpenSSL 1.1.1q 5 Jul 2022 (updated Sep., 18th 2022)

Is your feature request related to a problem? Please describe.

Problem is to create a set up which support ip based load balancing for some poor behaved hardware. Example: Vodafone offers a product named CableMax1000 with an Arris cable modem which neither supports LACP, nor 2,5G interfaces. Routing protocols like IS-IS, OSPF or BGP4 are also not supported. This cable product allows line speeds which exceeds capabilities of a GBit ethernet slightly.

A clear and concise description of what the problem is including your motivation for the request,

Linux supports an easy was do set up such a behaviour:

ip route replace default nexthop via 192.168.3.1 dev enp1s0 weight 1 nexthop via 192.168.3.1 dev enp2s0 weight 1

Such a configuration works with Linux and Arris cable modem. My idea is to set up a similar behaviour with staticd from OPNsense frr package.

Describe the solution you like

frr offers a mighty routing solution even for static routes by staticd which is included in OPNsense package frr7. It seems to do that job using following config

OPNsense.localdomain# show running-config 
Building configuration...

Current configuration:
!
frr version 7.5.1
frr defaults datacenter
hostname OPNsense.localdomain
log syslog notifications
!
ip route 0.0.0.0/0 192.168.3.1 igb1 onlink
ip route 0.0.0.0/0 192.168.3.1 igb0 onlink
!
line vty
!
end
OPNsense.localdomain# show ip route
Codes: K - kernel route, C - connected, S - static, R - RIP,
       O - OSPF, I - IS-IS, B - BGP, E - EIGRP, N - NHRP,
       T - Table, v - VNC, V - VNC-Direct, A - Babel, D - SHARP,
       F - PBR, f - OpenFabric,
       > - selected route, * - FIB route, q - queued, r - rejected, b - backup

S>* 0.0.0.0/0 [1/0] via 192.168.3.1, igb0 onlink, weight 1, 00:02:08
  *                 via 192.168.3.1, igb1 onlink, weight 1, 00:02:08
C * 192.168.3.0/24 [0/1] is directly connected, igb1, 00:10:42
C>* 192.168.3.0/24 [0/1] is directly connected, igb0, 00:10:42
C>* 192.168.254.0/24 [0/1] is directly connected, em0_vlan4090, 00:10:42

Describe alternatives you considered

For now I found no alternative, because AFAIK FreeBSD does not offer a similar solution like Linux. LAGG with round robin works for IPv4, only. It does not work for dual stack IPv4/IPv6, in this case LAGG/rr does not work for IPv6 connections.

Additional context

  • According to D26449 (FreeBSD) it is necessary to set net.route.multipath to 1 by sysctl.
  • Multipath routing on OPNsense in this manner may need some additional investigation.

ip6li avatar Sep 18 '22 16:09 ip6li