Dynamic routing

note

The NetFoundry zLAN firewall does not manage dynamic routing. You must configure and manage your own dynamic routing using standard Linux tools and protocols. This page covers common operations for enabling and managing dynamic routing with common Linux routing daemons.

What is dynamic routing?

Dynamic routing uses protocols to automatically discover network paths and adjust routes in response to network changes. Unlike static routes, dynamic routes are updated by routing daemons and protocols such as OSPF, BGP, or RIP. Dynamic routing is commonly used when:

Networks are large or frequently change
Redundancy and failover are required
Automatic route discovery is needed

Common Linux dynamic routing tools

FRRouting (FRR): Modern, full-featured routing suite supporting OSPF, BGP, RIP, and more.
Quagga: Older routing suite, replaced by FRR but still used in some environments.
Bird: Lightweight, flexible routing daemon supporting BGP, OSPF, and more.

Install FRRouting (FRR)

Ubuntu/Debian
RedHat/CentOS/Rocky/AlmaLinux

sudo apt update
sudo apt install frr frr-pythontools

sudo dnf install frr frr-pythontools

Enable a routing protocol (example: OSPF)

Edit the FRR configuration file (usually /etc/frr/frr.conf):
```
router ospf
  network 192.168.1.0/24 area 0.0.0.0
```

Enable and start FRR:

sudo systemctl enable frr
sudo systemctl start frr

Verify OSPF routes:
```
vtysh -c 'show ip route ospf'
```

Enable BGP (example)

Edit /etc/frr/frr.conf:

router bgp 65001
  bgp router-id 192.168.1.100
  neighbor 192.168.1.200 remote-as 65002
  network 10.0.2.0/24

Restart FRR:
```
sudo systemctl restart frr
```
Verify BGP routes:
```
vtysh -c 'show ip bgp'
```

Make dynamic routing persistent

FRR configuration files are persistent across reboots.
Ensure FRR is enabled to start on boot:
```
sudo systemctl enable frr
```

Summary of commands

Action	Command Example
Install FRR	`sudo apt install frr` / `sudo dnf install frr`
Edit config	`sudo nano /etc/frr/frr.conf`
Enable FRR	`sudo systemctl enable frr`
Start FRR	`sudo systemctl start frr`
Show OSPF routes	`vtysh -c 'show ip route ospf'`
Show BGP routes	`vtysh -c 'show ip bgp'`

Open dynamic routing ports in the firewall

warning

The NetFoundry zLAN firewall manages all firewall functions. Do not use ufw or firewall-cmd to open ports. Use the Add/Remove Rule UI in the console to allow traffic.

To allow traffic for common dynamic routing protocols, add rules using the UI as described in the Add and remove firewall rules guide:

BGP (TCP port 179):
- Type: Custom
- Protocol: TCP
- Direction: INBOUND
- Action: Allow
- Port Range: 179-179
- Source/Destination: as needed
RIP (UDP port 520):
- Type: Custom
- Protocol: UDP
- Direction: INBOUND
- Action: Allow
- Port Range: 520-520
- Source/Destination: as needed

For OSPF, enable the OSPF feature per interface in the global configuration page (see Firewall configuration options).

Troubleshoot routing issues

Check FRR service status:
```
sudo systemctl status frr
```
View FRR logs:
```
sudo journalctl -u frr
```
Test protocol connectivity:
- OSPF: vtysh -c 'show ip ospf neighbor'
- BGP: vtysh -c 'show ip bgp summary'
Confirm network interfaces:
```
ip link show
```

What is dynamic routing?​

Common Linux dynamic routing tools​

Install FRRouting (FRR)​

Enable a routing protocol (example: OSPF)​

Enable BGP (example)​

Make dynamic routing persistent​

Summary of commands​

Open dynamic routing ports in the firewall​

Troubleshoot routing issues​

References​