Solaris 10 Quagga Packages. --------------------------- Package set: 0.99.1-20050926 / 0.99.1-20050927 These are beta packages of Quagga for Solaris, with SMF support. These packages were compiled for Solaris 10 and/or Solaris Nevada and/or Solaris Express. SMF support is provided by the quagga-smf package. These binaries were built with gcc with the following configure options: ./configure --prefix=/usr/local/quagga --localstatedir=/var/run/quagga \ --enable-gcc-rdynamic --enable-opaque-lsa --enable-ospf-te \ --enable-ospfapi=yes --enable-nssa --enable-opaque-lsa \ --enable-user=root --enable-group=root These binaries were built with following patches which, as of this date, are not yet integrated into Quagga: - Solaris Least Privilege support (man privileges) See: [quagga-dev 3684] solaris privileges - Kernel interface patches to enable support for logical interfaces To install: pkgadd -d pkgadd -d pkgadd -d To remove first disable all daemons with the 'svcadm' command and then remove the packages in the following order with the pkgrm command: pkgrm QUAGGAsmf pkgrm QUAGGAdaemons pkgrm QUAGGAlibs Notes: - The daemons will run as root, but with minimal privileges held in the 'permitted set', and with the 'effective set' clear (except for the basic privileges) for nearly all of operation. In particular, any IO (eg the telnet interface) is done with no privileges held but the basic set. - SMF: The telnet interface is configured off per default, to enable it set the quagga/vty_address and quagga/vty_port SMF properties for the daemon concerned. To enable a daemon use the 'svcadm' command, eg: svcadm enable zebra svcadm enable ospfd See: http://cvs.quagga.net/cgi-bin/viewcvs.cgi/*checkout*/quagga/solaris/README.txt?rev=1.3 for further details on how to use the SMF support provided with Quagga. - Previous packages were built to run Quagga as a 'quagga' user per default. If you had installed previous packages, you may need to adjust permissions of configuration files. - The daemons will try create their UNIX sockets in /var/run/quagga. This directory does not exist per default on Solaris, but will be created by the package, and will be recreated by the SMF method script as needs be (/var/run is on a swapfs and cleared on each boot). It must be writable to the user the daemons will effectively run as, eg if you created a quagga user and run the daemons as such, then /var/run/quagga should be owned by the user concerned and mode 0611. The SMF methods will take care of this automatically. - The daemons look to /usr/local/quagga/etc/.conf for their config file (which must be readable to the user the daemon is run as). See the 'quagga/config_file' SMF property for each service instance on how to configure alternate config file locations. - Previous versions of Quagga did not fully support logical interfaces. These packages should by treating logical interfaces simply as addresses of the primary interface. It is possible your configuration file may contain references to logical interface names, depending on which previous versions of Quagga (or even the Sun SFWzebra package) you have run. It is recommended to *remove* such references to logical interface names and consolidate any configuration into the section for the relevant primary interface name. - There is one outstanding issue with respect to interfaces: This package will treat 'ifconfig down' as taking down /all/ addresses attached to logical interfaces of that primary interface. Some operational care may be needed to work around this issue. This issue hopefully will be fixed very soon. - These binaries are not supported by Sun Microsystems in any way. Please use the normal Quagga channels for support and/or bug reports. However Sun Microsystems would be interested to receive feedback from customers on their experiences with Quagga. - These binaries were not compiled with vtysh, to avoid having it depend on readline. If you have a readline development environment, you can compile vtysh from the Quagga sources, using the above configure options, and it should work. You can of course use the telnet accessible interfaces.