OSPF wireguard fallback
Ondrej Zajicek
santiago at crfreenet.org
Thu May 3 15:53:02 CEST 2018
On Thu, May 03, 2018 at 01:39:31PM +0000, chrono wrote:
> > Also i saw that your config files do not have 'log' option, so you have
> > no logging. You should enable logging and see if there are no error
> > messages.
>
> Ah, interesting:
>
> 2018-05-03 15:37:32 <TRACE> MyOSPF: HELLO packet sent via wg0
> 2018-05-03 15:37:32 <ERR> MyOSPF: Socket error on wg0: Required key not
> available
>
> That may also indicate AllowedIP issue, if I'm not mistaken?
Yes, that seems like a wireguard issue. Perhaps wireguard has problems
with multicast dst because it does not know which key to use? Just
guessing, i do not know wireguard.
Possible workaround would be to configure OSPF on that iface as ptmp and
specify neighbor address using 'neighbors' option. In such setting only
unicast is used.
> Although unrelated, i would suggest to remove these OSPF options;
>
> tick 2;
> rfc1583compat yes;
Care to elaborate why? I do trust that you will know better.
'tick 2' will increase convergence time form ~1 sec to ~2 sec.
'rfc1583compat' is an obscure OSPF option for compatibility with ancient
RFC 1583 in some multi-area setups for the price of persistent routing
loops in some other multi-area setups. Completely irrelevant for
single-area setups.
--
Elen sila lumenn' omentielvo
Ondrej 'Santiago' Zajicek (email: santiago at crfreenet.org)
OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net)
"To err is human -- to blame it on a computer is even more so."
More information about the Bird-users
mailing list