]>
Commit | Line | Data |
---|---|---|
4d916382 DS |
1 | * SAFETY MEASURES: |
2 | ================== | |
3 | ||
4 | Please consider setting this package "on hold" by typing | |
d8e4c438 | 5 | echo "frr hold" | dpkg --set-selections |
4d916382 DS |
6 | and verifying this using |
7 | dpkg --get-selections | grep 'hold$' | |
8 | ||
9 | Setting a package "on hold" means that it will not automatically be upgraded. | |
10 | Instead apt-get only displays a warning saying that a new version would be | |
d8e4c438 | 11 | available forcing you to explicitly type "apt-get install frr" to upgrade it. |
4d916382 DS |
12 | |
13 | ||
d8e4c438 | 14 | * What is frr? |
4d916382 DS |
15 | ================= |
16 | ||
d6180888 | 17 | http://www.frrouting.org/ |
63a79ae1 MW |
18 | FRR is a routing software suite, providing implementations of OSPFv2, |
19 | OSPFv3, RIP v1 and v2, RIPng, ISIS, PIM, BGP and LDP for Unix platforms, particularly | |
20 | FreeBSD and Linux and also NetBSD, to mention a few. FRR is a fork of Quagga | |
21 | which itself is a fork of Zebra. | |
22 | Zebra was developed by Kunihiro Ishiguro. | |
4d916382 DS |
23 | |
24 | ||
25 | * Why has SNMP support been disabled? | |
26 | ===================================== | |
63a79ae1 | 27 | FRR used to link against the NetSNMP libraries to provide SNMP |
4d916382 DS |
28 | support. Those libraries sadly link against the OpenSSL libraries |
29 | to provide crypto support for SNMPv3 among others. | |
30 | OpenSSL now is not compatible with the GNU GENERAL PUBLIC LICENSE (GPL) | |
63a79ae1 | 31 | licence that FRR is distributed under. For more explanation read: |
4d916382 DS |
32 | http://www.gnome.org/~markmc/openssl-and-the-gpl.html |
33 | http://www.gnu.org/licenses/gpl-faq.html#GPLIncompatibleLibs | |
34 | Updating the licence to explecitly allow linking against OpenSSL | |
35 | would requite the affirmation of all people that ever contributed | |
63a79ae1 | 36 | a significant part to Zebra / Quagga or FRR and thus are the collective |
4d916382 DS |
37 | "copyright holder". That's too much work. Using a shrinked down |
38 | version of NetSNMP without OpenSSL or convincing the NetSNMP people | |
39 | to change to GnuTLS are maybe good solutions but not reachable | |
40 | during the last days before the Sarge release :-( | |
41 | ||
42 | *BUT* | |
43 | ||
44 | It is allowed by the used licence mix that you fetch the sources and | |
63a79ae1 | 45 | build FRR yourself with SNMP with |
d8e4c438 | 46 | <remove the "grep ^smux" block at the end of debian/frr.preinst> |
4d916382 | 47 | # export WANT_SNMP=1 |
d8e4c438 | 48 | # apt-get -b source frr |
4d916382 DS |
49 | Just distributing it in binary form, linked against OpenSSL, is forbidden. |
50 | ||
51 | ||
52 | * Daemon selection: | |
53 | =================== | |
54 | ||
d8e4c438 | 55 | The Debian package uses /etc/frr/daemons to tell the |
4d916382 DS |
56 | initscript which daemons to start. It's in the format |
57 | <daemon>=<yes|no|priority> | |
58 | with no spaces (it's simply source-d into the initscript). | |
59 | Default is not to start anything, since it can hose your | |
60 | system's routing table if not set up properly. | |
61 | ||
62 | Priorities were suggested by Dancer <dancer@zeor.simegen.com>. | |
63a79ae1 | 63 | They're used to start the FRR daemons in more than one step |
4d916382 | 64 | (for example start one or two at network initialization and the |
63a79ae1 | 65 | rest later). The number of FRR daemons being small, priorities |
4d916382 | 66 | must be between 1 and 9, inclusive (or the initscript has to be |
d8e4c438 | 67 | changed). /etc/init.d/frr then can be started as |
4d916382 | 68 | |
d8e4c438 | 69 | /etc/init.d/frr <start|stop|restart|<priority>> |
4d916382 DS |
70 | |
71 | where priority 0 is the same as 'stop', priority 10 or 'start' | |
72 | means 'start all' | |
73 | ||
74 | ||
75 | * Error message "privs_init: initial cap_set_proc failed": | |
76 | ========================================================== | |
77 | ||
78 | This error message means that "capability support" has to be built | |
79 | into the kernel. | |
80 | ||
81 | ||
82 | * Error message "netlink-listen: overrun: No buffer space available": | |
83 | ===================================================================== | |
84 | ||
85 | If this message occurs the receive buffer should be increased by adding the | |
82e6e358 | 86 | following to /etc/sysctl.conf and "--nl-bufsize" to /etc/frr/daemons.conf. |
4d916382 DS |
87 | > net.core.rmem_default = 262144 |
88 | > net.core.rmem_max = 262144 | |
63a79ae1 | 89 | See message #4525 from 2005-05-09 in the quagga-users mailing list. |
4d916382 DS |
90 | |
91 | ||
92 | * vtysh immediately exists: | |
93 | =========================== | |
94 | ||
d8e4c438 | 95 | Check /etc/pam.d/frr, it probably denies access to your user. The passwords |
685e701e | 96 | configured in /etc/frr/frr.conf are only for telnet access. |
4d916382 | 97 |