Important

Netgate is offering COVID-19 aid for pfSense software users, learn more.

Dynamic Routing Protocol Basics

At the time of this writing, three routing protocols are supported with pfSense® software:

  • RIP (Routing Information Protocol)

  • BGP (Border Gateway Protocol)

  • OSPF (Open Shortest Path First).

This section is light on details, and presumes understanding of the routing protocols as a prerequisite. An in depth discussion of routing protocols is outside the scope of this documentation.

RIP

RIP is part of the routed package. To install it:

  • Navigate to System > Package Manager

  • Click Available Packages

  • Locate routed in the list, or search for it

  • Click the fa-plus Install to the right of the routed package entry.

  • Click fa-check Confirm

  • Wait for the installation to complete

  • Navigate to Services > RIP

To configure RIP:

  • Check the Enable RIP box

  • Choose the Interfaces RIP will listen and send routing updates on

  • Select the RIP version

  • Enter a RIPv2 password if RIPv2 is in use and requires a password on the network.

  • Click Save

RIP will immediately launch and start sending and receiving routing updates on the specified interfaces.

BGP

A BGP package using OpenBGPD from OpenBSD is available. To install it:

  • Navigate to System > Package Manager

  • Click Available Packages

  • Locate OpenBGPD in the list, or search for it

  • Click the fa-plus Install to the right of the OpenBGPD package entry.

  • Click fa-check Confirm

  • Wait for the installation to complete

  • Navigate to Services > OpenBGPD

BGP is a complex beast, and describing it in detail is outside the scope of this documentation. Configuration of OpenBGPD on pfSense is straight forward for those with knowledge of BGP. During development of this package, we relied on O’Reilly’s BGP book and recommend it for anyone looking to deploy BGP.

The general form of configuration for the OpenBGPD package is:

  • Configure a group on the Group tab with the remote AS

  • Configure one or more neighbors on the Neighbors tab as members of the defined Group

  • Configure the Settings tab as desired for the local AS and networks to announce.

OSPF

An OSPF package using the Quagga routing daemon is also available. As with BGP, to install it:

  • Navigate to System > Package Manager

  • Click Available Packages

  • Locate Quagga_OSPF in the list, or search for it

  • Click the fa-plus Install to the right of the Quagga_OSPF package entry.

  • Click fa-check Confirm

  • Wait for the installation to complete

  • Navigate to Services > Quagga OSPF

OSPF is also a fairly complex routing protocol, though not as complex to setup as BGP can be. The details of configuring OSPFD are also outside the scope of this documentation, though for someone accustomed to OSPF the configuration options found in the GUI will be familiar.

The general form of configuration for the Quagga OSPF package is:

  • Add interfaces as needed, with local interface subnets being marked passive, and those facing other OSPF routers as active.

  • Configure the general settings as needed with the router ID, area ID, and so on.

See also

OpenVPN Site-to-Site with Multi-WAN and OSPF contains an example configuration of OSPF.