OPNsense Forum

Archive => 18.7 Legacy Series => Topic started by: alex_rhys-hurn on September 23, 2018, 05:11:07 pm

Title: Block bogons breaks OSPFv3
Post by: alex_rhys-hurn on September 23, 2018, 05:11:07 pm

Hi,

Just deployed OSPFv3 on my OPNSense VM v. 18.1 using FRR 3.0.3

The firewall logs show that the Bogon rule blocked OSPF protocol from FF00 something...

SO, I go to interfaces, disable the block bogon rule, then I get a neighbour adjacency immediately.

I do have rules for both v4 and v6 allowing OSPF first in the firewall rules.

Any ideas how to fix this?

Thanks.

Title: Re: Block bogons breaks OSPFv3
Post by: alex_rhys-hurn on September 23, 2018, 05:54:16 pm

Heres the exact log entry:

WANBackbone1   Sep 23 18:53:17   fe80::250:56ff:feb5:269   ff02::5   OSPF   Block bogon IPv6 networks from WANBackbone1

Alex

Title: Re: Block bogons breaks OSPFv3
Post by: mimugmail on September 23, 2018, 06:24:52 pm

Just dont block bogons. When you have a default Drop at the end it blocks it anyway

Title: Re: Block bogons breaks OSPFv3
Post by: fabian on September 23, 2018, 08:44:35 pm

@mimugmail: for IPv4 I inject a firewall rule for OSPFv2 to pass this traffic. If you have more OSPFv3 knowlege than I am, this is how it is done:
https://github.com/opnsense/plugins/blob/master/net/frr/src/etc/inc/plugins.inc.d/frr.inc#L44

Please note that it needs a filter reload.

Title: Re: Block bogons breaks OSPFv3
Post by: alex_rhys-hurn on September 23, 2018, 11:39:18 pm

Hi Guys,

Thanks for the feedback. Its helpful to see how to run OPNSense as I am new to it.

I am all working now.

Alex