Multiple instances of OSPFD in different RDomains - rcctl behavior

classic Classic list List threaded Threaded
5 messages Options
Reply | Threaded
Open this post in threaded view
|

Multiple instances of OSPFD in different RDomains - rcctl behavior

Henry Bonath
Hello, I am seeing some strange behavior with my /etc/rc.conf.local
regarding my configuration for running two instances of OSPFD in
different RDomains.

The way I have this configured, is I have a symlink: /etc/rc.d/ospf2d
-> /etc/rc.d/ospfd so that the ospfd that runs in rdomain 2 has its
own entry in rc.conf.local, pointing to its own config file.

In my /etc/rc.conf.local I have the following:
#############################
bgpd_flags=
ldpd_flags=
ospf2d_flags=-f /etc/ospf2d.conf
ospf2d_rtable=2
ospfd_flags=
pf=NO
pkg_scripts=salt_minion ospf2d
salt_minion_rtable=3
#############################

However I notice that something is removing the "ospf2d_flags=..."
line as output from daily insecurity mail:

======
/etc/rc.conf.local diffs (-OLD  +NEW)
======
--- /var/backups/etc_rc.conf.local.current      Wed Jan 16 01:30:06 2019
+++ /etc/rc.conf.local  Fri Feb 15 13:05:17 2019
@@ -1,9 +1,7 @@
 bgpd_flags=
 ldpd_flags=
-ospf2d_flags=-f /etc/ospf2d.conf
 ospf2d_rtable=2
 ospfd_flags=
 pf=NO
 pkg_scripts=salt_minion ospf2d
 salt_minion_rtable=3

Is my syntax incorrect? Would /etc/daily be doing something here to my
configuration?
Why would this line keep being automatically removed?

Thanks in advance!

Reply | Threaded
Open this post in threaded view
|

Re: Multiple instances of OSPFD in different RDomains - rcctl behavior

Scott Reese-2
----- Original Message -----
> From: "Henry Bonath" <[hidden email]>
> To: "misc" <[hidden email]>
> Sent: Tuesday, February 19, 2019 2:03:31 PM
> Subject: Multiple instances of OSPFD in different RDomains - rcctl behavior

> Hello, I am seeing some strange behavior with my /etc/rc.conf.local
> regarding my configuration for running two instances of OSPFD in
> different RDomains.
>
> The way I have this configured, is I have a symlink: /etc/rc.d/ospf2d
> -> /etc/rc.d/ospfd so that the ospfd that runs in rdomain 2 has its
> own entry in rc.conf.local, pointing to its own config file.
>
> In my /etc/rc.conf.local I have the following:
> #############################
> bgpd_flags=
> ldpd_flags=
> ospf2d_flags=-f /etc/ospf2d.conf
> ospf2d_rtable=2
> ospfd_flags=
> pf=NO
> pkg_scripts=salt_minion ospf2d
> salt_minion_rtable=3
> #############################
>
> However I notice that something is removing the "ospf2d_flags=..."
> line as output from daily insecurity mail:
>
> ======
> /etc/rc.conf.local diffs (-OLD  +NEW)
> ======
> --- /var/backups/etc_rc.conf.local.current      Wed Jan 16 01:30:06 2019
> +++ /etc/rc.conf.local  Fri Feb 15 13:05:17 2019
> @@ -1,9 +1,7 @@
> bgpd_flags=
> ldpd_flags=
> -ospf2d_flags=-f /etc/ospf2d.conf
> ospf2d_rtable=2
> ospfd_flags=
> pf=NO
> pkg_scripts=salt_minion ospf2d
> salt_minion_rtable=3
>
> Is my syntax incorrect? Would /etc/daily be doing something here to my
> configuration?
> Why would this line keep being automatically removed?
>
> Thanks in advance!

Greetings Henry:

Looks like you're running Saltstack. Any chance that your Salt master
has a copy of the rc.conf.local that doesn't have the ospf2d_flags line
and is resetting the file back to its "correct" values?

-Scott

Reply | Threaded
Open this post in threaded view
|

Re: Multiple instances of OSPFD in different RDomains - rcctl behavior

Henry Bonath
That was actually how I noticed it in the first place. I was running a highstate and it kept wanting to change my rc.conf.local and put the ospf2d_flags line back in.

I do not run any salt states automatically, that would be an obvious workaround. I was just hoping to get some clarification as to my approach, and if I wasn’t doing something correctly in regards to working with multiple rdomains.

This is on OpenBSD 6.4 btw...

Thanks!
-Henry


> On Feb 19, 2019, at 9:47 PM, Scott Reese <[hidden email]> wrote:
>
> ----- Original Message -----
>> From: "Henry Bonath" <[hidden email]>
>> To: "misc" <[hidden email]>
>> Sent: Tuesday, February 19, 2019 2:03:31 PM
>> Subject: Multiple instances of OSPFD in different RDomains - rcctl behavior
>
>> Hello, I am seeing some strange behavior with my /etc/rc.conf.local
>> regarding my configuration for running two instances of OSPFD in
>> different RDomains.
>>
>> The way I have this configured, is I have a symlink: /etc/rc.d/ospf2d
>> -> /etc/rc.d/ospfd so that the ospfd that runs in rdomain 2 has its
>> own entry in rc.conf.local, pointing to its own config file.
>>
>> In my /etc/rc.conf.local I have the following:
>> #############################
>> bgpd_flags=
>> ldpd_flags=
>> ospf2d_flags=-f /etc/ospf2d.conf
>> ospf2d_rtable=2
>> ospfd_flags=
>> pf=NO
>> pkg_scripts=salt_minion ospf2d
>> salt_minion_rtable=3
>> #############################
>>
>> However I notice that something is removing the "ospf2d_flags=..."
>> line as output from daily insecurity mail:
>>
>> ======
>> /etc/rc.conf.local diffs (-OLD  +NEW)
>> ======
>> --- /var/backups/etc_rc.conf.local.current      Wed Jan 16 01:30:06 2019
>> +++ /etc/rc.conf.local  Fri Feb 15 13:05:17 2019
>> @@ -1,9 +1,7 @@
>> bgpd_flags=
>> ldpd_flags=
>> -ospf2d_flags=-f /etc/ospf2d.conf
>> ospf2d_rtable=2
>> ospfd_flags=
>> pf=NO
>> pkg_scripts=salt_minion ospf2d
>> salt_minion_rtable=3
>>
>> Is my syntax incorrect? Would /etc/daily be doing something here to my
>> configuration?
>> Why would this line keep being automatically removed?
>>
>> Thanks in advance!
>
> Greetings Henry:
>
> Looks like you're running Saltstack. Any chance that your Salt master
> has a copy of the rc.conf.local that doesn't have the ospf2d_flags line
> and is resetting the file back to its "correct" values?
>
> -Scott
>

Reply | Threaded
Open this post in threaded view
|

Re: Multiple instances of OSPFD in different RDomains - rcctl behavior

Stuart Henderson
In reply to this post by Henry Bonath
On 2019-02-19, Henry Bonath <[hidden email]> wrote:

> --- /var/backups/etc_rc.conf.local.current      Wed Jan 16 01:30:06 2019
> +++ /etc/rc.conf.local  Fri Feb 15 13:05:17 2019
> @@ -1,9 +1,7 @@
>  bgpd_flags=
>  ldpd_flags=
> -ospf2d_flags=-f /etc/ospf2d.conf
>  ospf2d_rtable=2
>  ospfd_flags=
>  pf=NO
>  pkg_scripts=salt_minion ospf2d
>  salt_minion_rtable=3
>
> Is my syntax incorrect? Would /etc/daily be doing something here to my
> configuration?
>
> Why would this line keep being automatically removed?

It's unlikely to be /etc/daily at 13:05:17. Check system logs for around
that time, consider turning on process accounting to see if it gives any
clues?


Reply | Threaded
Open this post in threaded view
|

Re: Multiple instances of OSPFD in different RDomains - rcctl behavior

Henry Bonath
Thanks Stuart.

I did some more digging and found that salt itself was the culprit.
In my formula, I had a state to write out /etc/rc.conf.local followed
by a state to start the ospf2d service.
I created the state for /etc/rc.conf.local, as a file.managed state,
not understanding that the service.running state was responsible for
the modification of /etc/rc.conf.local in the first place.

The state that starts the ospf2d service uses the results of
'/usr/sbin/rcctl getdef ospf2d flags' in order to set the flags,
unless additional arguments are fed via **kwargs.

Here is my resultant working state:

enable_ospf2_service:
  service.running:
    - name: ospf2d
    - enable: True
    - kwarg:
      flags: '-f /etc/ospf2d.conf'

This should be helpful for anyone else running Saltstack in an OpenBSD
environment and needing to feed custom flags to a process in the
future.


On Wed, Feb 20, 2019 at 5:07 AM Stuart Henderson <[hidden email]> wrote:

>
> On 2019-02-19, Henry Bonath <[hidden email]> wrote:
> > --- /var/backups/etc_rc.conf.local.current      Wed Jan 16 01:30:06 2019
> > +++ /etc/rc.conf.local  Fri Feb 15 13:05:17 2019
> > @@ -1,9 +1,7 @@
> >  bgpd_flags=
> >  ldpd_flags=
> > -ospf2d_flags=-f /etc/ospf2d.conf
> >  ospf2d_rtable=2
> >  ospfd_flags=
> >  pf=NO
> >  pkg_scripts=salt_minion ospf2d
> >  salt_minion_rtable=3
> >
> > Is my syntax incorrect? Would /etc/daily be doing something here to my
> > configuration?
> >
> > Why would this line keep being automatically removed?
>
> It's unlikely to be /etc/daily at 13:05:17. Check system logs for around
> that time, consider turning on process accounting to see if it gives any
> clues?
>
>