Unable to fetch route from tunnel device
Ondrej Zajicek
santiago at crfreenet.org
Fri Feb 17 12:08:48 CET 2012
On Tue, Feb 14, 2012 at 11:57:07AM -0600, Dave Lloyd wrote:
> I'm trying to set up an OpenVPN server that routes for multiple sites and
> I'm having a bit of trouble getting Bird to add the routes that go through
> the tun0 device. I've configured Bird to import routes from both the OS
> and tun0, but filter out any routes that don't go through the tun0 IP (I
> only want to advertise routes that go through my OpenVPN tunnel). I'm
> running Bird 1.3.6. On startup, I receive messages like these:
...
> My network setup is as follows:
> Local IP of tun0 on OpenVPN server: [3]172.16.254.1/24
> IP of tun0 on remote server: [4]172.24.1.28/28
>
> Routes (from ip route) on OpenVPN server:
> 172.16.254.1 dev tun0 proto bird
> [5]172.24.1.0/28 via 172.16.254.1 dev tun0
> [6]172.24.1.16/28 via 172.16.254.1 dev tun0
>
> Routes (from ip route) on OpenVPN client:
> [7]172.16.0.0/24 via 172.24.1.28 dev tun0
This is strange, shouldn't that be reversed (via 172.24.1.28 on server
with IP 172.16.254.1 and vice versa)? This is the problem, BIRD does
not accept routes with local IP as a gateway. If the gw is not relevant
(for PTP VPN links), it is better to not have any gw (like in 'ip route
add 172.24.1.0/28 dev tun0').
OpenVPN seems to be a bit problematic in general, see this [*] thread
for more comments.
[*] http://permalink.gmane.org/gmane.network.bird.user/1131
--
Elen sila lumenn' omentielvo
Ondrej 'SanTiago' Zajicek (email: santiago at crfreenet.org)
OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net)
"To err is human -- to blame it on a computer is even more so."
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: Digital signature
URL: <http://trubka.network.cz/pipermail/bird-users/attachments/20120217/5448f841/attachment-0001.asc>
More information about the Bird-users
mailing list