1.\" $OpenBSD: ospf6d.8,v 1.18 2015/07/27 17:28:39 sobrado Exp $ 2.\" 3.\" Copyright (c) 2004, 2005, 2007 Esben Norby <norby@openbsd.org> 4.\" 5.\" Permission to use, copy, modify, and distribute this software for any 6.\" purpose with or without fee is hereby granted, provided that the above 7.\" copyright notice and this permission notice appear in all copies. 8.\" 9.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 10.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 11.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 12.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 13.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 14.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 15.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 16.\" 17.Dd $Mdocdate: July 27 2015 $ 18.Dt OSPF6D 8 19.Os 20.Sh NAME 21.Nm ospf6d 22.Nd Open Shortest Path First daemon 23.Sh SYNOPSIS 24.Nm 25.Op Fl dnv 26.Op Fl D Ar macro Ns = Ns Ar value 27.Op Fl f Ar file 28.Op Fl s Ar socket 29.Sh DESCRIPTION 30.Nm 31is an Open Shortest Path First 32.Pq OSPF 33daemon which manages routing tables. 34This implementation supports OSPF version 3, thus it is only capable of 35maintaining IPv6 routing tables. 36.Pp 37OSPF is an interior gateway protocol designed to supersede RIP. 38It has several advantages over RIP. 39For instance, every router has an understanding of the complete network 40topology. 41Response to changes in the network is faster. 42Furthermore, failure detection is improved. 43.Pp 44The OSPF daemon maintains a Link State Database 45.Pq LSDB 46containing information about routers and networks within an Autonomous System 47.Pq AS . 48.Pp 49Dijkstra's shortest path first algorithm is used to compute a Routing 50Information Base 51.Pq RIB 52using the LSDB as input. 53The Forwarding Information Base 54.Pq FIB , 55a.k.a. the kernel routing table, is updated with information from the RIB. 56.Pp 57OSPF routers discover one another automatically via OSPF hello packets. 58OSPF routers communicate via two multicast groups: ff02::5 (all Shortest 59Path First routers) and ff02::6 (all Designated Routers). 60OSPF runs directly on top of IP and uses neither TCP nor UDP. 61IP protocol number 89 is reserved for OSPF. 62.Pp 63All routers in an OSPF network spend most of their time keeping each others' 64LSDBs in sync. 65All routers must have the same information in the LSDB at all times. 66Every time the LSDB is updated the RIB is updated; if needed the FIB is 67also updated. 68.Pp 69In a multi-access network such as Ethernet, it is unfeasible for all routers 70to synchronize their LSDB with all other routers in the network. 71In such networks a Designated Router 72.Pq DR 73and a Backup Designated Router 74.Pq BDR 75are elected. 76The DR's responsibility is to synchronize with all routers; the BDR will 77not do much until the DR fails. 78The first router in a network is automatically elected DR, the second 79router BDR. 80All routers have a FULL adjacency with the DR and the BDR. 81Routers with FULL adjacency exchange information about their LSDBs. 82A router not elected either DR or BDR will have 2-WAY adjacency with all 83routers but the DR and BDR. 84Routers with 2-WAY adjacency recognize that they know each other, 85but do not exchange information about their LSDBs. 86If a DR or BDR fails another router is elected DR or BDR 87and all routers form FULL adjacencies with the newly elected DR or BDR. 88.Pp 89When routers are connected via point-to-point links, DR and BDR 90election is skipped since only two routers are connected to the link. 91.Pp 92To limit the impact changes in the network have on the LSDB it is possible 93to segment an OSPF network into areas. 94Area 0.0.0.0 (a.k.a. the backbone area) must always be present. 95Routers can be configured as Area Border Router 96.Pq ABR , 97being part of multiple areas. 98Every area must have direct access to the backbone area. 99ABRs not directly connected to the backbone area need to establish a 100virtual link to a router in the backbone area. 101.Pp 102AS Border Routers 103.Pq ASBR 104are connected to an OSPF network and other external networks via BGP, RIP, 105or static routing, and provide connectivity to networks outside the AS. 106.Pp 107.Nm 108is usually started at boot time, and can be enabled by 109setting the following in 110.Pa /etc/rc.conf.local : 111.Pp 112.Dl ospf6d_flags=\&"\&" 113.Pp 114See 115.Xr rc 8 116and 117.Xr rc.conf 8 118for more information on the boot process 119and enabling daemons. 120.Pp 121A running 122.Nm 123can be controlled with the 124.Xr ospf6ctl 8 125utility. 126.Pp 127The options are as follows: 128.Bl -tag -width Ds 129.It Fl D Ar macro Ns = Ns Ar value 130Define 131.Ar macro 132to be set to 133.Ar value 134on the command line. 135Overrides the definition of 136.Ar macro 137in the configuration file. 138.It Fl d 139Do not daemonize. 140If this option is specified, 141.Nm 142will run in the foreground and log to 143.Em stderr . 144.It Fl f Ar file 145Specify an alternative configuration file. 146.It Fl n 147Configtest mode. 148Only check the configuration file for validity. 149.It Fl s Ar socket 150Use an alternate location for the default control socket. 151.It Fl v 152Produce more verbose output. 153.El 154.Sh FILES 155.Bl -tag -width "/var/run/ospf6d.sockXX" -compact 156.It Pa /etc/ospf6d.conf 157Default 158.Nm 159configuration file. 160.It Pa /var/run/ospf6d.sock 161.Ux Ns -domain 162socket used for communication with 163.Xr ospf6ctl 8 . 164.El 165.Sh SEE ALSO 166.Xr ipsec.conf 5 , 167.Xr ospf6d.conf 5 , 168.Xr ospf6ctl 8 169.Sh STANDARDS 170.Rs 171.%A M. Gupta 172.%A N. Melam 173.%D June 2006 174.%R RFC 4552 175.%T Authentication/Confidentiality for OSPFv3 176.Re 177.Pp 178.Rs 179.%A R. Coltun 180.%A D. Ferguson 181.%A J. Moy 182.%A A. Lindem 183.%D July 2008 184.%R RFC 5340 185.%T OSPF for IPv6 186.Re 187.Sh HISTORY 188The 189.Nm 190program first appeared in 191.Ox 4.2 . 192.Sh BUGS 193Virtual links are currently not available in 194.Nm . 195.Pp 196Support for multiple areas is currently not available in 197.Nm . 198.Pp 199Unlike OSPF for IPv4, OSPF for IPv6 has no built-in support for 200authentication of OSPF packets. 201Instead, it relies on IPsec for packet authentication. 202Because OSPF uses multicast, IKE cannot be used for configuring IPsec 203flows securing OSPF traffic. 204.Nm 205is currently entirely unaware of IPsec and has no support for helping 206users setting up IPsec flows between OSPF routers. 207However, setting up IPsec flows between routers using manual keying is 208strongly recommended to protect the OSPF network against spoofing attacks. 209Note in particular that flows need to be configured for multicast groups 210ff02::5 and ff02::6. 211See 212.Xr ipsec.conf 5 . 213