Bird just doesn't want to find OSPF neighbors although they are there and can communicate

Tue Oct 19 17:15:55 CEST 2021

On Tue, Oct 19, 2021 at 07:49:09AM +0200, Lukas Haase wrote:
> I have googled like crazy but haven't found both pages yet.
> Maybe I should use DuckDuckGo finally.
> While those didn't fix the problem yet they are helpful. Thanks!
> 
> > Have you tried setting the type to 'ptmp' or 'ptp' instead of 'nbma'?
> 
> Yes, I tried ptp.
> To my understanding, bird should stop sending multicast packets.
> Instead, it continued to send packets to 224.0.0.5.
> Why is that? Doesn't make sense to me at all.

Hi

OSPF on PtP interfaces should always use multicast (by specification).
It is generally assumed that if you have (real) ptp iface, you do not
need dst address, you just send it to the other end (so you can also
always deliver multicast).

> For this reason I went for nbma.
> 
> Now I have tried ptmp and magically the two see each other now. Does make ZERO sense to me.
> Why would ptmp work and nbma not?
> I literally just replaced "nbma" with "ptmp" (kept "neighbors" the same, for example).

I am not sure whether NBMA in BIRD works with /31 prefixes. These are
really ptp prefixes and are usually used with PtP mode. Could you try
/30 prefix?

Although technically, Wireguard is more PtMP than NBMA, but for two peers
it should not matter.

> There is also another problem: One of my clients is a Mikrotik router.
> This thing supports "broadcast, "ptp", "ptmp" and "nmba". However, I can weirdly only configure "NBMA Neighbors".
> I have tried this link with ipip, GRE, all types of connections but still no luck yet.
> 
> Seriously, the last time setting something up was that much of a hassle was sendmail 25 years ago :-(

For some reason, VPN interfaces often have rather strange quirks, like
missing link-local addressess, not working multicast, or completely
broken routing in OpenVPN.

OTOH, i use BIRD OSPF on PtP GRE tunnels without any problems or tweaks
(in PtP mode).

> Based on one of your links it is also suggested that MTU could be the issue. I checked but all my MTUs are consistent (1420 for the wireguard tunnel and 1476 for the GRE tunnel). I still tried "tx length 1300". No change.

This should not be necessary, BIRD learns tx length from iface MTU.

> > WireGuard tunnels are default ptp between the server and clients (if
> > multiple client-peers are configured on the same tunnel interface on
> > the server).
> >
> > Or "just" ptp if only one peer is configured for a single wg tunnel on
> > each side.
> 
> This is the case but as above, this is just not working.
> And on eiher side of tcpdump are still multicast packets visible (224.0.0.5)
> 
> What are the exact conditions that the other station shows up as OSPF neighbor. I confirmed already with tcpdump that the OSPF Hello packages appear on the interface and both look *identical* (in terms of Hello Timer, Dead Timer, Mask, Priority).
> What could possible happen that bird would not add such packets to the neighbor list?

It is possible that BIRD just ignores the packet as it does not match its src/dst address.
You could enable 'debug all' to see if there are Hello packets logged by BIRD.

-- 
Elen sila lumenn' omentielvo

Ondrej 'Santiago' Zajicek (email: santiago at crfreenet.org)
OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net)
"To err is human -- to blame it on a computer is even more so."