Bird just doesn't want to find OSPF neighbors although they are there and can communicate

Tue Oct 19 07:49:09 CEST 2021

Hi Chriztoffer,

> Gesendet: Montag, 18. Oktober 2021 um 00:47 Uhr
> Von: "Chriztoffer Hansen" <ch at ntrv.dk>
> An: "Lukas Haase" <lukashaase at gmx.at>
> Cc: "BIRD Users List (bird-users at network.cz)" <bird-users at network.cz>
> Betreff: Re: Bird just doesn't want to find OSPF neighbors although they are there and can communicate
>
> On Mon, 18 Oct 2021 at 02:01, Lukas Haase <lukashaase at gmx.at> wrote:
> > I am having big trouble getting Bird/OSPF working. I broke it down to a simple setup:
> > Point-to-point wireguard link between Node1 (192.168.56.224/31) and Node2 (192.168.56.225/31) using nbma.
> > There were nothing but troubles with multicast and to avoid all these hassles for now, I directly switched to nbma.
> >
> > Config Station 1:
> >
> > protocol ospf test {
> >         area 0.0.0.0 {
> >                 interface "wg-tun" {
> >                         cost 10;
> >                         type nbma;
> >                         authentication cryptographic;
> >                         password "VWj3QH8LAtWIzQca";
> >                         neighbors {
> >                                 192.168.56.225;
> >                         };
> >                 };
> >         };
> > }
> >
> >
> > Config Station 2:
> >
> > protocol ospf test {
> >         area 0.0.0.0 {
> >                 interface "wg-tun" {
> >                         type nbma;
> >                         cost 10;
> >                         authentication cryptographic;
> >                         password "VWj3QH8LAtWIzQca";
> >                         neighbors {
> >                                 192.168.56.224;
> >                         };
> >                 };
> >         };
> > }
>
> https://duckduckgo.com/?q=ospf+over+wireguard&t=brave&ia=web
> https://idndx.com/ospf-over-wireguard/
> https://docs.nycmesh.net/networking/vpnwireguardospf/

I have googled like crazy but haven't found both pages yet.
Maybe I should use DuckDuckGo finally.
While those didn't fix the problem yet they are helpful. Thanks!

> Have you tried setting the type to 'ptmp' or 'ptp' instead of 'nbma'?

Yes, I tried ptp.
To my understanding, bird should stop sending multicast packets.
Instead, it continued to send packets to 224.0.0.5.
Why is that? Doesn't make sense to me at all.

For this reason I went for nbma.

Now I have tried ptmp and magically the two see each other now. Does make ZERO sense to me.
Why would ptmp work and nbma not?
I literally just replaced "nbma" with "ptmp" (kept "neighbors" the same, for example).

There is also another problem: One of my clients is a Mikrotik router.
This thing supports "broadcast, "ptp", "ptmp" and "nmba". However, I can weirdly only configure "NBMA Neighbors".
I have tried this link with ipip, GRE, all types of connections but still no luck yet.

Seriously, the last time setting something up was that much of a hassle was sendmail 25 years ago :-(

Based on one of your links it is also suggested that MTU could be the issue. I checked but all my MTUs are consistent (1420 for the wireguard tunnel and 1476 for the GRE tunnel). I still tried "tx length 1300". No change.

> WireGuard tunnels are default ptp between the server and clients (if
> multiple client-peers are configured on the same tunnel interface on
> the server).
>
> Or "just" ptp if only one peer is configured for a single wg tunnel on
> each side.

This is the case but as above, this is just not working.
And on eiher side of tcpdump are still multicast packets visible (224.0.0.5)

What are the exact conditions that the other station shows up as OSPF neighbor. I confirmed already with tcpdump that the OSPF Hello packages appear on the interface and both look *identical* (in terms of Hello Timer, Dead Timer, Mask, Priority).

What could possible happen that bird would not add such packets to the neighbor list?

Thanks,
Lukas