OSPF: neighborship issues with interfaces bound to VRF

Erik Stomp mail at erik-stomp.de
Fri Dec 29 12:31:48 CET 2023


Hello,

I'm trying to establish OSPFv3 neighborships between hosts connected 
with PTP tunnels.
The OSPF instances using interfaces that are attached to a VRF on each 
host.

There was a similar thread in 2020, however the author didn't respond to 
a question by Ondrej: 
https://bird.network.cz/pipermail/bird-users/2020-March/014384.html

I can confirm that the issue exists at least on Wireguard and GRE PTP 
tunnels fully attached to the VRF master interface.

This issue only exists with interfaces bound to a VRF. A similar OSPF 
instance with interfaces that arent bound to a VRF works flawlessly.

This is the relevant configuration for the instance:

"SRV-FRA1":
protocol ospf v3 dfz {
     vrf "vrf-dfz";
     area 0 {
         interface "lodfz" {
             stub;
         };
         interface "wgdfzhome" {
             type ptmp;
             cost 20;
             neighbors {
                 fe80::f806:ac67:55bb:847;
             };
         };
         interface "dfznbg1" {
             type ptp;
         };
     };
     ipv6 {
         table dfz6;
         import where net != ::/0;
         export where source = RTS_STATIC && net = ::/0;
     };
}

"SRV-NBG1":
protocol ospf v3 dfz {
     vrf "vrf-dfz";
     area 0 {
         interface "lodfz" {
             stub;
         };
         interface "wgdfzhome" {
             type ptmp;
             cost 20;
             neighbors {
                 fe80::6af0:4be5:bd4a:eff7;
             };
         };
         interface "dfzfra1" {
             type ptp;
         };
     };
     ipv6 {
         table dfz6;
         import where net != ::/0;
         export where source = RTS_STATIC && net = ::/0;
     };
}

The interfaces "dfznbg1" and "dfzfra1" are GRE tunnel interfaces 
connected to each other.

The neighbourship fully establishes when I'm using the PTMP type with a 
fixed neighbor definition instead (like interface "wgdfzhome" - 
different host).

It doesn't matter, if the protocol has the vrf parameter configured or 
not (I think in this configuration it's optional nevertheless).

The hosts however, get Hello messages from each other in ptp mode:

root at srv-fra1:~# tcpdump -vni dfznbg1
tcpdump: listening on dfznbg1, link-type LINUX_SLL (Linux cooked v1), 
snapshot length 262144 bytes
11:46:19.563505 IP6 (class 0xc0, flowlabel 0x6da57, hlim 1, next-header 
OSPF (89) payload length: 36) srv-fra1 > ff02::5: OSPFv3, Hello, length 
36
         Router-ID 10.242.1.3, Backbone Area
         Options [V6, External, Router, AFs Support]
           Hello Timer 10s, Dead Timer 40s, Interface-ID 0.0.0.46, 
Priority 1
11:46:22.224801 IP6 (class 0xc0, flowlabel 0x50f52, hlim 1, next-header 
OSPF (89) payload length: 36) srv-nbg1 > ff02::5: OSPFv3, Hello, length 
36
         Router-ID 10.242.1.2, Backbone Area
         Options [V6, External, Router, AFs Support]
           Hello Timer 10s, Dead Timer 40s, Interface-ID 0.0.0.17, 
Priority 1
11:46:29.563357 IP6 (class 0xc0, flowlabel 0x6da57, hlim 1, next-header 
OSPF (89) payload length: 36) srv-fra1 > ff02::5: OSPFv3, Hello, length 
36
         Router-ID 10.242.1.3, Backbone Area
         Options [V6, External, Router, AFs Support]
           Hello Timer 10s, Dead Timer 40s, Interface-ID 0.0.0.46, 
Priority 1
11:46:32.224643 IP6 (class 0xc0, flowlabel 0x50f52, hlim 1, next-header 
OSPF (89) payload length: 36) srv-nbg1 > ff02::5: OSPFv3, Hello, length 
36
         Router-ID 10.242.1.2, Backbone Area
         Options [V6, External, Router, AFs Support]
           Hello Timer 10s, Dead Timer 40s, Interface-ID 0.0.0.17, 
Priority 1
11:46:39.563020 IP6 (class 0xc0, flowlabel 0x6da57, hlim 1, next-header 
OSPF (89) payload length: 36) srv-fra1 > ff02::5: OSPFv3, Hello, length 
36
         Router-ID 10.242.1.3, Backbone Area
         Options [V6, External, Router, AFs Support]
           Hello Timer 10s, Dead Timer 40s, Interface-ID 0.0.0.46, 
Priority 1

root at srv-nbg1:~# tcpdump -vni dfzfra1
tcpdump: listening on dfzfra1, link-type LINUX_SLL (Linux cooked v1), 
snapshot length 262144 bytes
11:46:19.573221 IP6 (class 0xc0, flowlabel 0x6da57, hlim 1, next-header 
OSPF (89) payload length: 36) srv-fra1 > ff02::5: OSPFv3, Hello, length 
36
         Router-ID 10.242.1.3, Backbone Area
         Options [V6, External, Router, AFs Support]
           Hello Timer 10s, Dead Timer 40s, Interface-ID 0.0.0.46, 
Priority 1
11:46:22.230884 IP6 (class 0xc0, flowlabel 0x50f52, hlim 1, next-header 
OSPF (89) payload length: 36) srv-nbg1 > ff02::5: OSPFv3, Hello, length 
36
         Router-ID 10.242.1.2, Backbone Area
         Options [V6, External, Router, AFs Support]
           Hello Timer 10s, Dead Timer 40s, Interface-ID 0.0.0.17, 
Priority 1
11:46:29.573123 IP6 (class 0xc0, flowlabel 0x6da57, hlim 1, next-header 
OSPF (89) payload length: 36) srv-fra1 > ff02::5: OSPFv3, Hello, length 
36
         Router-ID 10.242.1.3, Backbone Area
         Options [V6, External, Router, AFs Support]
           Hello Timer 10s, Dead Timer 40s, Interface-ID 0.0.0.46, 
Priority 1
11:46:32.230598 IP6 (class 0xc0, flowlabel 0x50f52, hlim 1, next-header 
OSPF (89) payload length: 36) srv-nbg1 > ff02::5: OSPFv3, Hello, length 
36
         Router-ID 10.242.1.2, Backbone Area
         Options [V6, External, Router, AFs Support]
           Hello Timer 10s, Dead Timer 40s, Interface-ID 0.0.0.17, 
Priority 1
11:46:39.572741 IP6 (class 0xc0, flowlabel 0x6da57, hlim 1, next-header 
OSPF (89) payload length: 36) srv-fra1 > ff02::5: OSPFv3, Hello, length 
36
         Router-ID 10.242.1.3, Backbone Area
         Options [V6, External, Router, AFs Support]
           Hello Timer 10s, Dead Timer 40s, Interface-ID 0.0.0.46, 
Priority 1

It seems to me that bird doesn't process the multicast packets when 
interfaces are bound to a VRF. But that's just a speculation.

root at srv-fra1:~# bird --version
BIRD version 2.0.12

"Since I get a fully functional neighborhood with the above PTMP 
configuration, this is certainly not critical (even considering the 
protocol differences between modes) - but I think it's worth a look?"

If you need more information, just let me know.

Best wishes for 2024 from Germany.
Regards, Erik


More information about the Bird-users mailing list