Another way of adding link-state routing capabilities to pfSense is to install Quagga OSPF. This OSPF implementation is available as a package and can be installed via System | Packages in the same manner as the other packages described in this chapter. One warning included in the package description, however, is that Quagga OSPF is installed in the same location as OpenBGPD; installing both will break things. Therefore, it is recommended that you not install OpenBGPD if you have Quagga OSPF installed, and if you are going to install Quagga OSPF and you have OpenBGPD installed, you should uninstall OpenBGPD first.

Once you have it installed, you can navigate to Services | Quagga OSPFd and begin configuration. The first tab is Global Settings. You must enter the password for the Zebra and OSPFd daemons in the Master Password edit box. The Logging checkbox, if checked, will cause OSPF information to be written to the syslog. The Log Adjacency Changes checkbox allows you to have the OSPF daemon write adjacency changes to the syslog. The Router ID edit box is where you specify the router ID for this router. The router ID is customarily written in the dotted decimal format in which IP addresses are written (for example, 1.1.1.1). The router ID, although usually expressed in dotted decimal notation, does not represent an actual IP address. Moreover, expressing the router ID in dotted decimal notation is optional.

The Area edit box is where you enter the OSPFd area. What distinguishes an OSPF area is that it has its own link-state database. Areas, like Router ID, are usually expressed in IPv4 (dotted decimal) format, but they do not have to be formatted in this way. The Disable FIB updates checkbox, if checked, will turn the router into a stub router. Such routers only receive route advertisements within the autonomous system (AS).

Checking Redistribute connected subnets enables the redistribution of connected networks. The Redistribute default route checkbox, if checked, enables the redistribution of a default route to pfSense. Checking Redistribute static enables the redistribution of static routes if you are using Quagga static routes, whereas checking Redistribute Kernel enables redistribution of the kernel routing table and is required if you are using pfSense static routes.

The SPF Hold Time field is where you can specify the SPF hold time in milliseconds; this specifies the minimum time between two consecutive shortest path first calculations. The default value is 5 seconds. The SPF Delay field is where you can specify the SPF delay, also in milliseconds; this is the delay between receiving an update to the link-state database and starting the shortest path first calculation. The default value is 1 second.

Checking the RFC 1583 compatible checkbox will cause decisions regarding AS-external routes to be evaluated according to RFC 1583. Without RFC 1583 compatibility, intra-area routes will always be favored over inter-area routes, regardless of the metric costs. Enabling RFC 1583 compatibility will cause OSPF to learn routes based on costs.

The next section allows you to generate rules for certain areas that will take precedence over any redistribute options otherwise specified on the page. You need to specify the subnet to the route and the area ID, and for each entry, you can disable redistribution and disable acceptance. Click on the Add button to add an entry. Finally, the CARP Status IP edit box allows you to specify the IP address used to determine the CARP status. This is similar to the identical setting in OpenBGPD, where if the IP address specified has a status of BACKUP, then OSPF will be disabled. When you have finished making changes, click on the Save button.

The Interface Settings tab is where you specify which interfaces will send and receive OSPF data. Click on the Add button below the table and to the right to add a new interface. On the Interface Settings configuration page there are several settings. The Interface drop-down box is where you specify the desired participating interface. The Network Type drop-down box allows you to specify the OSPF network type of the interface. The allowed values are:

• Broadcast: This is the most efficient way of making OSPF data available to a large number of routers. Running OSPF in broadcast mode requires the election of a designated router (DR) and backup designated router (BDR) with which all non-designated routers will form an adjacency. This keeps the number of adjacencies from becoming too large.
• Non-Broadcast: This router will be able to receive OSPF data, but won't make it available to other routers.
• Point-to-Multipoint: This sends OSPF data to a collection of point-to-point networks. It does not require having a DR or BDR.
• Point-to-Point: This sends OSPF data to one router at a time.

Note that non-broadcast and point-to-multipoint are the only two modes officially supported by OSPF (defined in RFC 2328); broadcast and point-to-point modes were defined by Cisco for use in non-broadcast (NMBA) networks.

In the Metric edit box, you can enter the cost for the OSPF interface. In the Area edit box, you can specify the area for this interface. You may enter a brief description in the Description edit box. Checking the Interface is Passive checkbox prevents the transmission and receiving of OSPF packets on the interface, thus making the interface appear as a stub network. Checking the Accept Filter checkbox will result in the OSPF daemon not adding routes for this interface subnet from OSPF into the routing table, which is helpful in multi-WAN environments. The Enable MD5 password checkbox, if checked, will enable the use of an MD5 password on this interface. If it is checked, you will have to specify a password in the next field.

In the Router Priority edit box, you can specify the router priority in a DR election. The default is 1. In the Hello Interval edit box, you can specify the interval (in seconds) at which Hello discovery packets are sent out. The default is 10 seconds. In the Retransmit Interval edit box, you can specify the retransmit interval in seconds. The default is 5 seconds. Finally, in the Dead Timer edit box, you can specify the dead timer, which is the interval at which OSPF will check to see if a neighbor is still alive. The default is 40 seconds. 

As with OpenBGPD, there is a Raw Config tab where you can edit the OSPF config files manually. On this tab, you can also enter the physical IP address and virtual IP address of interfaces along with an MD5 password for each interface. Enter the physical address in the edit box labeled Source Address (this FW); enter the CARP virtual IP for the interface in the edit box labeled Peer Address, and enter the password in the third edit box in the row (currently unlabeled). Click on the Add button when you have finished; repeat the process for as many CARP virtual IPs as you have. The textbox labeled SAVED ospfd.conf is where you can make changes to ofpfd.conf. The textbox labeled RUNNING ospfd.conf shows a copy of the current ospfd.conf. The Copy OSPFd Running to Saved button copies the contents of the first textbox into the second, which ensures any configuration changes you made are saved. In a similar way, there are textboxes for SAVED ofpf6d.conf and RUNNING ospfd6.conf, and a Copy OSPF6d Running to Save button to save changes. The ospfd.conf config file is for the Open Shortest Path First daemon that supports OSPF version 2, and the ofpf6d.conf config file is for the OSPF daemon that supports version 3 (which is currently the only version that supports IPv6). There are similar textboxes and buttons for bgpd.conf (the config file for the BGP daemon) and zebra.conf (the Zebra daemon, a routing daemon which supports RIP, BGP and OSPF). 

Finally, the Status tab aggregates information about the OSPF daemon as it runs. It provides a summary of data for the OSPF Dameon, the BGP Dameon, and the Zebra daemon, including routes associated with each of them.