Page MenuHomeDevCentral
Create Task
Maniphest T2303

Installation and configuration of FRRouting
Open, NormalPublic
Actions

Description

Based on the T2208 (Quagga), this task aims to migrate to FRRouting.

FRRouting will replace Quagga as the routing suite to manage dynamic routing (we will use OSPF integrated in FRRouting).

Steps on routers :

  • 1. Install FRRouting on router-002 and router-003 D4055
  • 2. Activate the service with OSPF D4055
  • 3. Create the FRR configuration with OSPF added D4093

FRRouting should also be installed and configured on Windriver and Ysul (but not on Cloudhugger for the moment) :

  • 1. Install FRRouting D4093
  • 2. Activate the service with OSPF D4093
  • 3. Create the FRR configuration with OSPF added D4093

Based on T2324, we should install and configure OSPF on all others nodes.

  • 1. Router active should share the default route to others nodes D4093
  • 2. Install and config FRRouting on others nodes step by step (node by node) D4093
  • 3. Proceed step by step, node by node, to validate the configuration and ensure that routing works correctly even witn failover CARP D4093
  • 4. Final check : test if routing works good even with failover CARP

References :

https://en.wikipedia.org/wiki/FRRouting
https://docs.opnsense.org/manual/dynamic_routing.html
https://docs.frrouting.org/en/latest/ospfd.html
https://docs.frrouting.org/en/latest/vtysh.html
https://man.freebsd.org/cgi/man.cgi?query=vtysh&sektion=1&manpath=freebsd-ports
https://community.cisco.com/t5/networking-knowledge-base/understanding-passive-interface-default-command-in-ospf/ta-p/3120648
https://packetpushers.net/blog/understanding-ospf-router-id-rid-assignment

Revisions and Commits

rOPS Nasqueron Operations
AcceptedD4093 FRRouting : installation and configuration
AbandonedD4068 Configure FRRouting OSPF
D4055rOPSfa83110020d7 FRRouting (FRR): Installation on routers and activation at boot

Related Objects

Event Timeline

yousra triaged this task as Normal priority.Apr 9 2026, 08:38
yousra created this task.
yousra updated the task description. (Show Details)
yousra updated the task description. (Show Details)Apr 9 2026, 09:09
yousra updated the task description. (Show Details)Apr 9 2026, 09:25
yousra updated the task description. (Show Details)Apr 9 2026, 09:45
yousra updated the task description. (Show Details)
yousra updated the task description. (Show Details)Apr 9 2026, 09:49
yousra updated the task description. (Show Details)Apr 9 2026, 10:35
yousra updated the task description. (Show Details)Apr 9 2026, 10:38
yousra updated the task description. (Show Details)
yousra updated the task description. (Show Details)Apr 9 2026, 10:53
yousra updated the task description. (Show Details)Apr 9 2026, 18:59
yousra added a revision: D4055: FRRouting (FRR): Installation on routers and activation at boot.
yousra updated the task description. (Show Details)Apr 14 2026, 18:41
yousra updated the task description. (Show Details)Apr 14 2026, 18:43
yousra updated the task description. (Show Details)Apr 14 2026, 18:48
yousra updated the task description. (Show Details)Apr 14 2026, 21:35
yousra added a commit: rOPSfa83110020d7: FRRouting (FRR): Installation on routers and activation at boot.Apr 15 2026, 07:43
yousra updated the task description. (Show Details)Apr 15 2026, 08:32
yousra updated the task description. (Show Details)Apr 15 2026, 09:18
yousra updated the task description. (Show Details)Apr 15 2026, 10:26
yousra updated the task description. (Show Details)Apr 15 2026, 20:31
yousra updated the task description. (Show Details)Apr 15 2026, 21:59
yousra added a comment.EditedApr 15 2026, 22:03

command : sudo vtysh

router-002# show ip ospf route
============ OSPF network routing table ============
N    172.27.27.0/27        [10] area: 0.0.0.0
                           directly attached to vmx0

============ OSPF router routing table =============

============ OSPF external routing table ===========


router-002#

commande : router-002# show ip ospf interface

gre1 is up
  ifindex 4, MTU 1476 bytes, BW 0 Mbit <UP,POINTOPOINT,RUNNING,MULTICAST>
  This interface is UNNUMBERED, Area 0.0.0.0
  MTU mismatch detection: enabled
  Router ID 2.2.2.2, Network Type POINTOPOINT, Cost: 10
  Transmit Delay is 1 sec, State Point-To-Point, Priority 1
  No backup designated router on this network
  Multicast group memberships: OSPFAllRouters
  Timer intervals configured, Hello 10s, Dead 40s, Wait 40s, Retransmit 5
    Hello due in 7.934s
  Neighbor Count is 0, Adjacent neighbor count is 0
  Graceful Restart hello delay: 10s
  LSA retransmissions: 0
gre2 is up
  ifindex 7, MTU 1476 bytes, BW 0 Mbit <UP,POINTOPOINT,RUNNING,MULTICAST>
  This interface is UNNUMBERED, Area 0.0.0.0
  MTU mismatch detection: enabled
  Router ID 2.2.2.2, Network Type POINTOPOINT, Cost: 10
  Transmit Delay is 1 sec, State Point-To-Point, Priority 1
  No backup designated router on this network
  Multicast group memberships: OSPFAllRouters
  Timer intervals configured, Hello 10s, Dead 40s, Wait 40s, Retransmit 5
    Hello due in 0.519s
  Neighbor Count is 0, Adjacent neighbor count is 0
  Graceful Restart hello delay: 10s
  LSA retransmissions: 0
vmx0 is up
  ifindex 1, MTU 1500 bytes, BW 10000 Mbit <UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST>
  Internet Address 172.27.27.11/27, Broadcast 172.27.27.31, Area 0.0.0.0
  MTU mismatch detection: enabled
  Router ID 2.2.2.2, Network Type BROADCAST, Cost: 10
  Transmit Delay is 1 sec, State DR, Priority 1
  Designated Router (ID) 2.2.2.2 Interface Address 172.27.27.11/27
  No backup designated router on this network
  Multicast group memberships: <None>
  Timer intervals configured, Hello 10s, Dead 40s, Wait 40s, Retransmit 5
    No Hellos (Passive interface)
  Neighbor Count is 0, Adjacent neighbor count is 0
  Graceful Restart hello delay: 10s
  LSA retransmissions: 0

The vtysh command-line tool is used to interact with FRRouting and display routing information.

The OSPF routing table shows the IntraNought network (172.27.27.0/27), which will be shared with Windriver and Ysul.

The OSPF interface configuration shows that OSPF is enabled on both vmx0 and gre1, gre2.

yousra updated the task description. (Show Details)Apr 16 2026, 08:06
yousra updated the task description. (Show Details)Apr 20 2026, 13:36
yousra updated the task description. (Show Details)Apr 20 2026, 13:48
yousra updated the task description. (Show Details)
yousra updated the task description. (Show Details)
yousra updated the task description. (Show Details)Apr 20 2026, 13:55
yousra updated the task description. (Show Details)Apr 20 2026, 14:17
yousra updated the task description. (Show Details)
yousra added a revision: D4068: Configure FRRouting OSPF.
yousra updated the task description. (Show Details)Apr 20 2026, 17:19
yousra updated the task description. (Show Details)Apr 20 2026, 17:21
yousra added a comment.Apr 20 2026, 17:30

ysul.nasqueron.org# show ip ospf neighbor

Neighbor ID     Pri State           Up Time         Dead Time Address         Interface                        RXmtL RqstL DBsmL
2.2.2.2           1 Full/-          1h30m05s          32.570s 172.27.27.250   gre1:172.27.27.31                    0     0     0

ysul.nasqueron.org# show ip ospf route

============ OSPF network routing table ============
N    172.27.27.0/27        [20] area: 0.0.0.0
                           via 172.27.27.250, gre1

============ OSPF router routing table =============

============ OSPF external routing table ===========

netstat -rn

172.27.27.0/27     172.27.27.250      UG1            gre1

An OSPF adjacency is successfully established between ysul and router-002 through the GRE tunnel. This allows dynamic route exchange, as shown by the learned 172.27.27.0/27 network via OSPF.

yousra updated the task description. (Show Details)Apr 20 2026, 18:37
yousra updated the task description. (Show Details)Apr 20 2026, 18:54
yousra added a comment.Apr 20 2026, 19:55

ysul.nasqueron.org# show ip ospf neighbor

Neighbor ID     Pri State           Up Time         Dead Time Address         Interface                        RXmtL RqstL DBsmL
2.2.2.2           1 Init/-          14m09s            32.374s 172.27.27.250   gre1:172.27.27.31                    0     0     0
3.3.3.3           1 Full/-          17.178s           31.923s 172.27.27.254   gre1:172.27.27.31                    0     0     0

ysul.nasqueron.org# show ip ospf route

============ OSPF network routing table ============
N    172.27.27.0/27        [20] area: 0.0.0.0
                           via 172.27.27.254, gre1

============ OSPF router routing table =============

============ OSPF external routing table ===========

netstat -rn

172.27.27.0/27     172.27.27.254      UG1            gre1

In this context, Ysul maintains a GRE tunnel toward the VIP, which now reaches router-003. As a result, a FULL OSPF adjacency is successfully established with router-003, allowing Ysul to learn and install the correct route to the internal network (172.27.27.0/27).

Router-002, however, still appears in the OSPF neighbor table in INIT state. This is because, although the tunnel has been reconfigured on Ysul, it remains active on router-002. Consequently, router-002 continues to send OSPF Hello packets that are still received by Ysul through the GRE interface toward the VIP.

Since GRE is stateless, packets can be sent even if the return path is no longer valid.

So basically the communication between Ysul and router-002 is no longer bidirectional, it is why the OSPF adjacency cannot be established. As a result, no routing information is exchanged and router-002 is not used for forwarding traffic. This behavior is acceptable in this context, as it does not impact routing.

yousra updated the task description. (Show Details)Thu, Apr 23, 21:27
yousra updated the task description. (Show Details)
yousra added a revision: D4093: FRRouting : installation and configuration.
yousra added projects: Salt, Drake network.Fri, Apr 24, 08:25
yousra added a comment.Mon, May 4, 14:01

Finally check after T2319 :

OSPF works correctly between Windriver and router-002.

windriver.nasqueron.org# show ip ospf neighbor

Neighbor ID     Pri State           Up Time         Dead Time Address         Interface                        RXmtL RqstL DBsmL
3.3.3.3           1 Full/-          25m30s            30.131s 172.27.27.243   gre1:172.27.27.36                    0     0     0

[yousra@windriver /usr/local/etc/frr]$ netstat -rn

172.27.27.0/27     172.27.27.243      UG1            gre1

OSPF works also correctly between Windriver and router-003.

windriver.nasqueron.org# show ip ospf neighbor

Neighbor ID     Pri State           Up Time         Dead Time Address         Interface                        RXmtL RqstL DBsmL
2.2.2.2           1 Full/-          45.231s           34.849s 172.27.27.243   gre1:172.27.27.36                    0     0     0

[yousra@windriver /usr/local/etc/frr]$ netstat -rn

172.27.27.0/27     172.27.27.243      UG1            gre1
yousra updated the task description. (Show Details)Mon, May 4, 14:36
yousra updated the task description. (Show Details)Mon, May 4, 14:38
yousra updated the task description. (Show Details)
yousra updated the task description. (Show Details)Wed, May 6, 07:33
yousra updated the task description. (Show Details)Wed, May 6, 07:37
yousra updated the task description. (Show Details)Wed, May 6, 07:39
yousra updated the task description. (Show Details)
yousra updated the task description. (Show Details)Wed, May 6, 08:06
yousra updated the task description. (Show Details)Thu, May 14, 14:44
yousra moved this task from Working on to Done on the Secure HA tunnels board.
Nasqueron DevCentral · If it had been much bigger the moon would have had a core of ice. · Powered by Phabricator