plugins icon indicating copy to clipboard operation
plugins copied to clipboard
verified publisher icon opnsense

net/frr: OSPF metric-type support

Open reubenfarrelly opened this issue 1 month ago • 1 comments

Important notices

Before you add a new report, we ask you kindly to acknowledge the following:

  • [ X ] I have read the contributing guide lines at https://github.com/opnsense/core/blob/master/CONTRIBUTING.md
  • [ X ] I am convinced that my issue is new after having checked both open and closed issues at https://github.com/opnsense/core/issues?q=is%3Aissue

Is your feature request related to a problem? Please describe.

I have an existing network that has an OSPF area in it where a small number of peers all exchange IPv4 and IPv6 routes. This also includes a dynamic default route, which means if I have an upstream failure or lose my OPNsense box the LAN gets automatically routed out via another link.

This setup uses an OSPF (and ospfv3) metric-type which is set to 1. Other peers in that subnet all have metric-type 1 set for redistribution, but this is problematic with OPNsense, because although the underlying frr supports it and I can manually configure this, this setting gets wiped on reboot.

Describe the solution you like

Add metric-type value support to the OSPF redistribution of routes in the UI for both IPv4 and IPv6.

Describe alternatives you considered

No alternative other than reconfigure everything else to account for the inability of OPNsense to allow this option to be set.

Additional context

Original config:

router ospf ospf router-id 192.168.5.1 log-adjacency-changes auto-cost reference-bandwidth 1000 redistribute connected route-map ROUTE-MAP-CONNECTED-PERMIT-IPv4 redistribute static route-map ROUTE-MAP-STATIC-PERMIT-IPv4 default-information originate metric 0 exit

Using vtysh:

router ospf ospf router-id 192.168.5.1 log-adjacency-changes auto-cost reference-bandwidth 1000 redistribute connected metric-type 1 route-map ROUTE-MAP-CONNECTED-PERMIT-IPv4 redistribute static metric-type 1 route-map ROUTE-MAP-STATIC-PERMIT-IPv4 default-information originate metric 0 metric-type 1 exit

OSPF then works fine straight away with that manual config, but on reboot the metric-type setting is lost. This is a big problem because the route with the missing metric-type that OPNsense originates is inferior to the route that the secondary link router originates that does have metric-type 1 set. So the link never fails back (even despite the route metric being better).

firewall-1.reub.net(config-router)# redistribute connected route-map ROUTE-MAP-CONNECTED-PERMIT-IPv4 metric-type (1-2) Set OSPF External Type 1/2 metrics firewall-1.reub.net(config-router)#

There is also no option to apply a route-map to the default route (although I don't need this feature right now, but for the sake of completeness that command is similarly in vtysh but not in the UI).

reubenfarrelly avatar Nov 27 '25 02:11 reubenfarrelly

https://docs.frrouting.org/en/stable-7.4/ospfd.html?highlight=redistribution#redistribution

The dialog is shared right now with other protocols which do not seem to have that metric

https://docs.frrouting.org/en/stable-7.4/bgp.html#redistribution

This needs some extra thought, might take some time. I put this on low priority, though PRs welcome.

Reference: https://github.com/opnsense/plugins/pull/4578 https://github.com/opnsense/plugins/blob/master/net/frr/src/opnsense/mvc/app/controllers/OPNsense/Quagga/forms/dialogEditRedistribution.xml

Monviech avatar Nov 27 '25 08:11 Monviech