Fwd: Received route with strange next-hop

[Ondrej Zajicek]

On Mon, Apr 16, 2012 at 10:41:08PM +0200, Christian Kölpin wrote:
> Hello Community
> 
> First I have to say, the problem occurs in a lab/soho environment, so it
> might be unusal to normal bird purposes.
> 
> I'am running two routers who uses bird/OSPF to exchange their routing
> tables. One router represents the firewall and "internet-connection",
> the second runs several VPN daemons (IPSec, OpenVPN, L2TP). Some foreign
> Routers are connected via these VPNs and running OSPF as well (mix
> quagga/bird). All is running well except some "stange next-hop"
> messages. The Problem is, I don't understand why i get these messages.
> To me, the routes looks ok. So I don't understand the problem at all.
> Maybe someone can help me to understand it.
> 
> OS: linux/openwrt
> Bird: version 1.3.3
> 
> I have two "problematic" routes who leads to "strange next-hop" messages:
> 1) network: 192.168.100.128 gateway 192.168.100.130 netmask
> 255.255.255.128 (/25)
> bird-message: KRT: Received route 192.168.100.128/25 with strange
> next-hop 192.168.100.130
> add info: the network is a OpenVPN "Roadwarrior"-network. There is a
> tun0-ptp-interface with 192.168.100.129 as local an 192.168.100.130 as
> foreign address
> 
> 2) network 0.0.0.0 (default) gateway 84.57.128.1 netmask 0.0.0.0
> bird-message: KRT: Received route 0.0.0.0/0 with strange next-hop
> 84.57.128.1
> add info: the default route is injected by the pppd when the router
> connects to my german-isp via pppoe (DSL). I have a ptp-interface with
> my dynamic ip an the GW-address as foreign address
> 
> Both gateways are listed in the kernel-routing as directly connected via
> a /32 route (eg 84.57.128.1 gw 0.0.0.0 netmask 255.255.255.255)

Hello

BIRD generally assumes tha that gateway of routes is a direct neighbor
according to IP addresses on interfaces, not according to routing tables.
So having /32 device route does not help. But you could add ptp address
on that iface:

ip addr add a.b.c.d peer 84.57.128.1 dev XXX
(where a.b.c.d is the current local IP of that device)

This should fix these two problems.

Don't know if OpenVPN could be configured to add these addresses
instead of /32 routes, but there were similar OpenVPN questions
in the past, like:

http://permalink.gmane.org/gmane.network.bird.user/1131

If anyone succeded in it, it would be good to know.


> Interesting fact: even if a DON'T put activate the kernel learn-switch
> and set explicit import to none i get these message. I have to set the
> kernel scan-time to 0 to suppress continuous log-spamming with the message.

This is expected, kernel is scanned not only to learn routes, but also
to check whether exported routes are properly synced.

BTW, ultimate olution to suppressing annoying log messages is to use
some advanced log daemon like rsyslog with log filtering features :-).

-- 
Elen sila lumenn' omentielvo

Ondrej 'SanTiago' Zajicek (email: santiago at crfreenet.org)
OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net)
"To err is human -- to blame it on a computer is even more so."
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: Digital signature
URL: <http://trubka.network.cz/pipermail/bird-users/attachments/20120417/8b8ee44e/attachment-0001.asc>