[OSPF] Making OSPF _not_ set the E bit in the router-lsa when redistributing

Vlad Olariu <florinvlad.olariu@gmail.com> Tue, 15 December 2015 20:42 UTC

Return-Path: <ilcon7e@gmail.com>
X-Original-To: ospf@ietfa.amsl.com
Delivered-To: ospf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com []) by ietfa.amsl.com (Postfix) with ESMTP id 483911ACD95 for <ospf@ietfa.amsl.com>; Tue, 15 Dec 2015 12:42:57 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.599
X-Spam-Status: No, score=-0.599 tagged_above=-999 required=5 tests=[BAYES_05=-0.5, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id WCYSuR-qzJTT for <ospf@ietfa.amsl.com>; Tue, 15 Dec 2015 12:42:55 -0800 (PST)
Received: from mail-wm0-x235.google.com (mail-wm0-x235.google.com [IPv6:2a00:1450:400c:c09::235]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7AABC1ACD8A for <ospf@ietf.org>; Tue, 15 Dec 2015 12:42:55 -0800 (PST)
Received: by mail-wm0-x235.google.com with SMTP id n186so112946079wmn.0 for <ospf@ietf.org>; Tue, 15 Dec 2015 12:42:55 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:date:message-id:subject:from:to:content-type; bh=NcVuFHnZLFkFJlif8Uh+tDDQUoff8L7AW6zOsypNGVE=; b=gMFKHott2Td/gxvKQ+/XjmOK59iyuy7P5O5WUOL+KA3sIQOcZ2L8O1qGk5SD5RNwDm grZv0DeG4UYOyXidqfC5a+Z1L7KCROxwK1i47C86BbkXIsnZl3nGBvb0RKexhdY2uoGP IT8M7xiktdOxHJfG86vD92dVUHSBWEJyt/suTFieeKHaSNVyCsYRwwlVeia3hwqm7po3 drh4na+yy2J4PPKJofMP0BrFXF+NuFw7I8aIUO5v1DOuYcbh2c1DTCkbyo30YdUT3vIV wkrFed1XTsBaeu16jd7aE7E/wX+R/ORE2tTD8OOnQj55r03XA0s8zoJRx7SgKFJv0uQB C7Bw==
MIME-Version: 1.0
X-Received: by with SMTP id p69mr7692831wmg.14.1450212174133; Tue, 15 Dec 2015 12:42:54 -0800 (PST)
Sender: ilcon7e@gmail.com
Received: by with HTTP; Tue, 15 Dec 2015 12:42:53 -0800 (PST)
Date: Tue, 15 Dec 2015 21:42:53 +0100
X-Google-Sender-Auth: fSVBpkAdWSklEZfz8EwY37EL7sE
Message-ID: <CABE=0MUt68YRTFMmrtdEPXEdpyL2KSFae6xu7ELob=4JCqN7Hw@mail.gmail.com>
From: Vlad Olariu <florinvlad.olariu@gmail.com>
To: ospf@ietf.org
Content-Type: multipart/alternative; boundary=001a11469ac87d02110526f5d5f0
Archived-At: <http://mailarchive.ietf.org/arch/msg/ospf/8hhf78ub0Quny4IWKUW4bqLbKEc>
Subject: [OSPF] Making OSPF _not_ set the E bit in the router-lsa when redistributing
X-BeenThere: ospf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: The Official IETF OSPG WG Mailing List <ospf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ospf>, <mailto:ospf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ospf/>
List-Post: <mailto:ospf@ietf.org>
List-Help: <mailto:ospf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ospf>, <mailto:ospf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 15 Dec 2015 20:42:57 -0000

Hi All,

I am unsure this is the right place to ask this, but there aren't many OSPF
forums around the net.

In dealing with a Cisco box I encountered a bug where the router would
originate a default route in OSPF but it wouldn't set the E bit in the
router-lsa (indicating it is an ASBR).

I wanted to replicate the bug on my home computer by making OSPF behave
_not_ according to RFC, yet I found it rather difficult to do.

With linux I created a bridge and connected two routers on each side, yet
now I am only able to see traffic go *through* but I have no power over
changing the actual packet contents.

People have been talking about "divert sockets" but those appear to me:

1. Related to TCP/IP ports
2. To work best on FreeBSD of which I have no particular knowledge

Doing a "man in the middle" "attack" is a lot harder than what it seemed,
as no tool I have looked at lets you change particular bits in packets
passing through your linux box (not any with the same feel like wireshark
at least).

I would guess that people implementing the protocol for years now would
have found a simpler way of testing things like these, hence here I am in
search of any advice.

I also looked into scapy which, while great in capturing, changing and
sending packets it does not let me do this "real time". In reality it lets
you make a copy of a packet passing through which it then lets you change
and send at your will (meanwhile the original packet is long gone).

Any help would be very appreciated.