OSPF over openvpn; adjacency problems
Ondrej Zajicek
santiago at crfreenet.org
Wed Oct 2 13:40:31 CEST 2019
On Tue, Oct 01, 2019 at 08:13:17PM +0200, Thorsten Alteholz wrote:
> Hi,
>
> I am trying to use OSPF over an openvpn link. tcpdump tells me that both
> ends send their HELLO packet but bird does not want to recognize them.
>
> When looking at ospf_rc_hook() in proto/ospf/packet.c the HELLO packet
> arrives in bird, but is discarded because of "strange address combinations":
Hi
This seems like BIRD does not recognize src IP address as from immediate
neighbor, so it ignores it. What is IP address reported by 'birdc show
interfaces' or 'ip addr list' for that iface?
BIRD expects only packets from 10.25.0.2 here.
We examined OpenVPN issues in the past and IIRC OpenVPN does some very
strange things with IP stack (like having 'virtual' router between VPN
links and VPN server) that breaks things. Not sure if these issues are
specific to tun mode or also appear in tap mode.
If you need to use OpenVPN and OSPF, i would suggest to just create
GRE tunnel inside it (between VPN server and client) and run OSPF
through the GRE tunnel.
--
Elen sila lumenn' omentielvo
Ondrej 'Santiago' Zajicek (email: santiago at crfreenet.org)
OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net)
"To err is human -- to blame it on a computer is even more so."
More information about the Bird-users
mailing list