1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
|
.\" $OpenBSD: ospf6d.8,v 1.14 2012/09/26 16:19:44 jmc Exp $
.\"
.\" Copyright (c) 2004, 2005, 2007 Esben Norby <norby@openbsd.org>
.\"
.\" Permission to use, copy, modify, and distribute this software for any
.\" purpose with or without fee is hereby granted, provided that the above
.\" copyright notice and this permission notice appear in all copies.
.\"
.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
.\"
.Dd $Mdocdate: September 26 2012 $
.Dt OSPF6D 8
.Os
.Sh NAME
.Nm ospf6d
.Nd "Open Shortest Path First daemon"
.Sh SYNOPSIS
.Nm
.Op Fl dnv
.Op Fl D Ar macro Ns = Ns Ar value
.Op Fl f Ar file
.Sh DESCRIPTION
.Nm
is an Open Shortest Path First
.Pq OSPF
daemon which manages routing tables.
This implementation supports OSPF version 3, thus it is only capable of
maintaining IPv6 routing tables.
.Pp
OSPF is an interior gateway protocol designed to supersede RIP.
It has several advantages over RIP.
For instance, every router has an understanding of the complete network
topology.
Response to changes in the network is faster.
Furthermore, failure detection is improved.
.Pp
The OSPF daemon maintains a Link State Database
.Pq LSDB
containing information about routers and networks within an Autonomous System
.Pq AS .
.Pp
Dijkstra's shortest path first algorithm is used to compute a Routing
Information Base
.Pq RIB
using the LSDB as input.
The Forwarding Information Base
.Pq FIB ,
a.k.a. the kernel routing table, is updated with information from the RIB.
.Pp
OSPF routers discover one another automatically via OSPF hello packets.
OSPF routers communicate via two multicast groups: ff02::5 (all Shortest
Path First routers) and ff02::6 (all Designated Routers).
OSPF runs directly on top of IP and uses neither TCP nor UDP.
IP protocol number 89 is reserved for OSPF.
.Pp
All routers in an OSPF network spend most of their time keeping each others'
LSDBs in sync.
All routers must have the same information in the LSDB at all times.
Every time the LSDB is updated the RIB is updated; if needed the FIB is
also updated.
.Pp
In a multi-access network such as Ethernet, it is unfeasible for all routers
to synchronize their LSDB with all other routers in the network.
In such networks a Designated Router
.Pq DR
and a Backup Designated Router
.Pq BDR
are elected.
The DR's responsibility is to synchronize with all routers; the BDR will
not do much until the DR fails.
The first router in a network is automatically elected DR, the second
router BDR.
All routers have a FULL adjacency with the DR and the BDR.
Routers with FULL adjacency exchange information about their LSDBs.
A router not elected either DR or BDR will have 2-WAY adjacency with all
routers but the DR and BDR.
Routers with 2-WAY adjacency recognize that they know each other,
but do not exchange information about their LSDBs.
If a DR or BDR fails another router is elected DR or BDR
and all routers form FULL adjacencies with the newly elected DR or BDR.
.Pp
When routers are connected via point-to-point links, DR and BDR
election is skipped since only two routers are connected to the link.
.Pp
To limit the impact changes in the network have on the LSDB it is possible
to segment an OSPF network into areas.
Area 0.0.0.0 (a.k.a. the backbone area) must always be present.
Routers can be configured as Area Border Router
.Pq ABR ,
being part of multiple areas.
Every area must have direct access to the backbone area.
ABRs not directly connected to the backbone area need to establish a
virtual link to a router in the backbone area.
.Pp
AS Border Routers
.Pq ASBR
are connected to an OSPF network and other external networks via BGP, RIP,
or static routing, and provide connectivity to networks outside the AS.
.Pp
.Nm
is usually started at boot time, and can be enabled by
setting the following in
.Pa /etc/rc.conf.local :
.Pp
.Dl ospf6d_flags=\&"\&"
.Pp
See
.Xr rc 8
and
.Xr rc.conf 8
for more information on the boot process
and enabling daemons.
.Pp
A running
.Nm
can be controlled with the
.Xr ospf6ctl 8
utility.
.Pp
The options are as follows:
.Bl -tag -width Ds
.It Fl D Ar macro Ns = Ns Ar value
Define
.Ar macro
to be set to
.Ar value
on the command line.
Overrides the definition of
.Ar macro
in the configuration file.
.It Fl d
Do not daemonize.
If this option is specified,
.Nm
will run in the foreground and log to
.Em stderr .
.It Fl f Ar file
Specify an alternative configuration file.
.It Fl n
Configtest mode.
Only check the configuration file for validity.
.It Fl v
Produce more verbose output.
.El
.Sh FILES
.Bl -tag -width "/var/run/ospf6d.sockXX" -compact
.It /etc/ospf6d.conf
Default
.Nm
configuration file.
.It /var/run/ospf6d.sock
.Ux Ns -domain
socket used for communication with
.Xr ospf6ctl 8 .
.El
.Sh SEE ALSO
.Xr ipsec.conf 5 ,
.Xr ospf6d.conf 5 ,
.Xr ospf6ctl 8
.Sh STANDARDS
.Rs
.%A M. Gupta
.%A N. Melam
.%D June 2006
.%R RFC 4552
.%T Authentication/Confidentiality for OSPFv3
.Re
.Pp
.Rs
.%A R. Coltun
.%A D. Ferguson
.%A J. Moy
.%A A. Lindem
.%D July 2008
.%R RFC 5340
.%T OSPF for IPv6
.Re
.Sh HISTORY
The
.Nm
program first appeared in
.Ox 4.2 .
.Sh BUGS
Virtual links are currently not available in
.Nm .
.Pp
Support for multiple areas is currently not available in
.Nm .
.Pp
Unlike OSPF for IPv4, OSPF for IPv6 has no built-in support for
authentication of OSPF packets.
Instead, it relies on IPsec for packet authentication.
Because OSPF uses multicast, IKE cannot be used for configuring IPsec
flows securing OSPF traffic.
.Nm
is currently entirely unaware of IPsec and has no support for helping
users setting up IPsec flows between OSPF routers.
However, setting up IPsec flows between routers using manual keying is
strongly recommended to protect the OSPF network against spoofing attacks.
Note in particular that flows need to be configured for multicast groups
ff02::5 and ff02::6.
See
.Xr ipsec.conf 5 .
|