As mentioned in Chapter 10, Routing and Bridging, FRRouting is a package that supports multiple dynamic routing protocols. Namely, it supports BGP, OSPF, and OSPF6. It is designed to take the place of Quagga OSPF and is incompatible with both Quagga and OpenOSPF. Installation of FRRouting will result in the automatic uninstalling of Quagga or OpenOSPF, if either of these packages are already installed.

Upon installation of FRRouting, four new items will appear in the Services menu: FRR BGP, FRR Global/Zebra, FRR OSPF, and FRR OSPF6. Each of these menu items takes you to a separate tab within the FRRouting configuration, so you also have the option of navigating between the configuration for each of these items by clicking on the corresponding tabs. 

If you navigate to Services | Global/Zebra, you can review the global settings as well as the settings for the Zebra daemon, which supports multiple protocols. Observe that the General Settings section has a setting called CARP Status IP. If this option is set and the CARP status IP indicates that CARP is in backup mode, FRR will not be started, but if it is promoted to master, FRR will start. Thus FRR is compatible with CARP failover groups, although you still must install and configure FRR on each firewall within the group.

The Route Handling section allows you to route specified subnets differently. You can enable the Do Not Accept option, which will cause routing protocols controlled by FRR to reject traffic from the specified subnet. You can also enable Null Route, which will cause FRR to drop traffic destined for the specified subnet. There is also a Static Route Target option (you can select a gateway or interface), which allows you to enter traffic from a subnet into FRR/Zebra's static routing table for route redistribution.

There are also two tabs, one called Access Lists and another called Prefix Lists. The Access Lists tab allows you to define a list of networks that are either allowed or denied in specific contexts. The Prefix Lists tab allows you to do the same thing, only instead of networks, you are defining portions of networks that are either allowed or denied in specific contexts.

You can utilize these lists in the next tab, Route Maps. Much like firewall rules allow you to match traffic based on a set of criteria and take action, route maps allow you to match traffic based on selected criteria and either route the traffic a certain way or possibly deny the traffic. Like firewall rules, route maps are evaluated in a certain order, and the first route map to match the traffic is executed while subsequent route maps are ignored as far as the matched traffic is concerned. The order in which route maps are evaluated depends on the value in the Sequence field, with lower-numbered route maps being evaluated first.

As of this writing, FRR is still a relatively new package, so if you value stability above all else, you may opt for Quagga OSPF instead. Otherwise, FRR is the recommended choice if you need to deploy BGP or OSPF, and especially if you need to run multiple routing protocols.