Author Topic: Block bogons breaks OSPFv3 (Read 3340 times)

alex_rhys-hurn · « **on:** September 23, 2018, 05:11:07 pm »

Hi,

Just deployed OSPFv3 on my OPNSense VM v. 18.1 using FRR 3.0.3

The firewall logs show that the Bogon rule blocked OSPF protocol from FF00 something...

SO, I go to interfaces, disable the block bogon rule, then I get a neighbour adjacency immediately.

I do have rules for both v4 and v6 allowing OSPF first in the firewall rules.

Any ideas how to fix this?

Thanks.

alex_rhys-hurn · « **Reply #1 on:** September 23, 2018, 05:54:16 pm »

Heres the exact log entry:

WANBackbone1 Sep 23 18:53:17 fe80::250:56ff:feb5:269 ff02::5 OSPF Block bogon IPv6 networks from WANBackbone1

Alex

mimugmail · « **Reply #2 on:** September 23, 2018, 06:24:52 pm »

Just dont block bogons. When you have a default Drop at the end it blocks it anyway

fabian · « **Reply #3 on:** September 23, 2018, 08:44:35 pm »

@mimugmail: for IPv4 I inject a firewall rule for OSPFv2 to pass this traffic. If you have more OSPFv3 knowlege than I am, this is how it is done:
https://github.com/opnsense/plugins/blob/master/net/frr/src/etc/inc/plugins.inc.d/frr.inc#L44

Please note that it needs a filter reload.

alex_rhys-hurn · « **Reply #4 on:** September 23, 2018, 11:39:18 pm »

Hi Guys,

Thanks for the feedback. Its helpful to see how to run OPNSense as I am new to it.

I am all working now.

Alex

Author Topic: Block bogons breaks OSPFv3 (Read 3340 times)

alex_rhys-hurn

Block bogons breaks OSPFv3

alex_rhys-hurn

Re: Block bogons breaks OSPFv3

mimugmail

Re: Block bogons breaks OSPFv3

fabian

Re: Block bogons breaks OSPFv3

alex_rhys-hurn

Re: Block bogons breaks OSPFv3