[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Frame Relay under Linux report and questions




Hello everybody,

About half a year ago we started using Frame Relay connection with our
Linux system. I'd like to share my experience and ask some questions.

The configuration was the following: our local router has a Frame
Relay card (Sangoma S508). There are two VCs (virtual circuits) on the
line: one goes to our remote office where it gets connected to one
more Linux machine with the same Frame Relay card. Another one goes to
the Internet router of our ISP.

The Linux kernel we are using is 2.0.30 (although 2.0.27 gave the same
results).

To setup the things I had two possibilities:

1. Stay with a driver provided with the Linux kernel; or
2. Use a package provided by Sangoma.

I started with option 2 - you know, after all THEY made the card, THEY
have to support it. Immediately, I found that their package
(wantools-1.?) was a) very sysadmin-unfriendly. It's ironic - they
tried to make it as friendly as possible; so instead of using the
"standard" UNIX standards for packaging/installation (make; make
install), they put a requirement that the package had to be originally
extracted under the root directory and then some shell script had to
be run, which "installed" the package in a very unclear way. b) The
kernel patch they provided was intended for use with Linux 2.0[.0] and
refused to apply cleanly to more recent kernels.

Therefore, I started looking at option 1. The default drivers compiled
and installed just fine, but they required some package called 'frad',
which could be found only in
ftp://ftp.invlogic.com/pub/linux/fr/frad-0.15.tgz

I got the package and installed it without much hassle. Thanks to Ira,
he provided us with a sample configuration, so I managed to tailor it
to our needs as much as I could. The thing started working and it is
working, although I have a couple problems which I'd like to fix:


1. At a boot time I get a message:

     ... Bc/CIR overflow, acceptable size is 2

I think it has to do with the following parameters from
/etc/router.conf. I use the default ones, since I haven't found any
documentation on their meaning:

DLCIFlags=TX,RX,B               #Flags defined by Sangoma
CIRfwd=0
Bc_fwd=16
Be_fwd=0
CIRbak=0
Bc_bak=16
Be_bak=0

Our link is of Cir0 type, so I am not sure whether I can change the
Cir* values.


2. I get an 'invalid flag' message every minute. The message is:

	kernel: dlci01: Invalid header flag 0x20.

   it shows up only on that dlci (link to the Internet router) - not
on the first one.


3. Every 10 seconds (!!!) I receive a packet from the Internet
router. The firewall message is:

kernel: IP fw-in deny dlci01 PROTO=89 192.116.75.157 224.0.0.5 L=80 S=0xC0 I=3770 F=0x0000 T=1

There are several points about it:

a) The protocol field of the packets is IP_OSPFIGP
b) I *don't* run any OSPF-related software - all routes are static.
c) 192.116.75.157 (source IP) is the Internet router we are connected to.
d) 224.0.0.5 (dest IP) is OSPF-ALL.MCAST.NET (what the heck?!)
e) The only thing changing in those packets is the 'I' field (I take
it is the Identification field of the IP packet)


I talked to the ISP guys and after some investigation they told me
that "their router is replying to *our* OSPF messages which we send
out". According to the firewall setup, I only let TCP and UDP outgoing
packets, so either they are wrong or some low-level software (drivers)
is sending OSPF packets avoiding the firewall, or even the card send
them itself (!). My wild guess is that it is *their router's*
misconfiguration.

I'm dying to know what you gurus are thinking about it.

-- 
-Alexander

==============================================================================
Alexander L. Belikoff			belikoff@netvision.net.il
Berger Financial Research Ltd.
=============================================================================


Follow-Ups: