AW: Strange behavior, cannot reach 4th hop

TI2015: Kulesza, Dawid 4002225 at ba-glauchau.de
Mon Aug 13 08:10:09 CEST 2018 

Somebody any idea?

PS: In order to get the routing to work I had to add two iptables rules on CLIENT B:

-A FORWARD -i eth0 -o tun0 -j ACCEPT
-A FORWARD -i tun0 -o eth0 -j ACCEPT


________________________________
Von: TI2015: Kulesza, Dawid
Gesendet: Freitag, 10. August 2018 12:06
An: bird-users at network.cz
Betreff: Strange behavior, cannot reach 4th hop

Hello,

few days ago I struggled with bird configuration over openvpn. It's working now. I can see, that every host has proper routes and with birdc show ospf topology I can see, that every router sees everyone else. I have following setting.

CLIENT A
192.168.21.1/28
l
l
l
192.168.21.5/28
ROUTER X
192.168.21.25/28
l
l
l
192.168.21.17/28
CLIENT B (with openvpn tunnet to server)
10.29.0.4/22
l
l
l
10.29.0.1/22
SERVER


The connection from CLIENT B to SERVER is over internet, but it shouldn't matter here.

Now the issue is as following:
- I can ping from ROUTER X the SERVER
- I can ping from CLIENT A the address (CLIENT B) 10.29.0.4 (and with traceroute I can see, that it's going correctly)
- I cannot ping from CLIENT A the SERVER

and the same in opposite direction:
- I can ping from SERVER the address 192.168.21.25 (Router X)
- I cannot ping the address 192.168.21.5



For me it seems like it has something to do with time to live (TTL), because the packets cannot reach 4th hop, but I didn't find anything about it in internet.

Do you have some ideas what could be wrong?

Best regards
Dawid


Output from ospf topology on server:


BIRD 1.6.3 ready.

area 0.0.0.0

        router 10.29.0.1
                distance 0
                network 10.29.0.0/22 metric 100

        router 192.168.21.1
                distance 115
                network 192.168.21.0/28 metric 5

        router 192.168.21.5
                distance 105
                network 192.168.21.16/28 metric 10
                network 192.168.21.0/28 metric 10

        router 192.168.21.17
                distance 100
                network 192.168.21.16/28 metric 5
                network 10.29.0.0/22 metric 100

        network 10.29.0.0/22
                dr 10.29.0.1
                distance 100
                router 10.29.0.1
                router 192.168.21.17

        network 192.168.21.0/28
                dr 192.168.21.5
                distance 115
                router 192.168.21.5
                router 192.168.21.1

        network 192.168.21.16/28
                dr 192.168.21.5
                distance 105
                router 192.168.21.5
                router 192.168.21.17


route -n on server


2.2.2.2         10.29.0.4       255.255.255.255 UGH   17     0        0 tun0
1.1.1.1         192.168.20.94   255.255.255.255 UGH   17     0        0 eth1
3.3.3.3         10.29.0.4       255.255.255.255 UGH   17     0        0 tun0
192.168.21.16   10.29.0.4       255.255.255.240 UG    17     0        0 tun0
192.168.21.0    10.29.0.4       255.255.255.240 UG    17     0        0 tun0
192.168.20.0    0.0.0.0         255.255.255.0   U     0      0        0 eth1
10.29.0.0       0.0.0.0         255.255.252.0   U     0      0        0 tun0
XXXXXXXX    0.0.0.0         255.255.0.0     U     1002   0        0 eth1
0.0.0.0         YYYYYYYY  0.0.0.0         UG    0      0        0 eth1

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://trubka.network.cz/pipermail/bird-users/attachments/20180813/69750dcf/attachment.html>

More information about the Bird-users mailing list