<div dir="ltr">In that case it probably because you are using direct (not multihop) bgp session and bird binds to the interface which have this address in its direct network - wwan0. In that case only routes with dev wwan0 will be applied. I think you want to use multihop bgp session. If you want to use direct session and this address is accepted directly via tap0, than I think specifying source address from tap0 in bgp session should work.<br></div><div class="gmail_extra"><br><div class="gmail_quote">On Wed, Nov 8, 2017 at 10:47 AM, Magnus Löfqvist <span dir="ltr"><<a href="mailto:ml@vmi.se" target="_blank">ml@vmi.se</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div link="blue" vlink="purple" lang="SV">
<div class="m_1797177521083608046WordSection1">
<p class="MsoNormal"><a name="m_1797177521083608046__MailEndCompose"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1f497d" lang="EN-GB">Hi,<u></u><u></u></span></a></p>
<p class="MsoNormal"><span><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1f497d" lang="EN-GB"><u></u> <u></u></span></span></p>
<p class="MsoNormal"><span><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1f497d" lang="EN-GB">Yes, you are correct.<u></u><u></u></span></span></p>
<p class="MsoNormal"><span><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1f497d" lang="EN-GB">But we have routes for <a href="http://10.9.140.0/22" target="_blank">10.9.140.0/22</a> (OpenVPN transport network)<u></u><u></u></span></span></p>
<p class="MsoNormal"><span><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1f497d" lang="EN-GB"><u></u> <u></u></span></span></p>
<p class="MsoNormal"><span><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1f497d">ip ro sh:<u></u><u></u></span></span></p>
<p class="MsoNormal"><span><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1f497d">default via 10.6.52.59 dev wwan0<u></u><u></u></span></span></p>
<p class="MsoNormal"><span><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1f497d" lang="EN-GB"><a href="http://10.0.0.0/8" target="_blank">10.0.0.0/8</a> dev wwan0 proto kernel scope link src 10.6.52.58<u></u><u></u></span></span></p>
<p class="MsoNormal"><span><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1f497d" lang="EN-GB"><a href="http://10.9.140.0/22" target="_blank">10.9.140.0/22</a> dev tap0 proto kernel scope link src 10.9.140.33<u></u><u></u></span></span></p>
<p class="MsoNormal"><span><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1f497d" lang="EN-GB"><u></u> <u></u></span></span></p>
<p class="MsoNormal"><span><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1f497d" lang="EN-GB">Bird:<u></u><u></u></span></span></p>
<p class="MsoNormal"><span><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1f497d" lang="EN-GB">bird> show route<u></u><u></u></span></span></p>
<p class="MsoNormal"><span><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1f497d" lang="EN-GB"><a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> via 10.6.52.59 on wwan0 [kernel1 09:43:55] * (10)<u></u><u></u></span></span></p>
<p class="MsoNormal"><span><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1f497d" lang="EN-GB"><a href="http://10.9.140.0/22" target="_blank">10.9.140.0/22</a> dev tap0 [direct1 09:44:12] * (240)<u></u><u></u></span></span></p>
<p class="MsoNormal"><span><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1f497d"><u></u> <u></u></span></span></p>
<p class="MsoNormal"><span><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1f497d" lang="EN-GB">So why are not BGP traffic to 10.9.140.1 going thru tap0 ?<u></u><u></u></span></span></p><span class="">
<p class="MsoNormal"><span><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1f497d" lang="EN-GB"><u></u> <u></u></span></span></p>
<p class="MsoNormal"><span><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1f497d" lang="EN-GB"><u></u> <u></u></span></span></p>
<p class="MsoNormal"><span><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1f497d" lang="EN-GB"><u></u> <u></u></span></span></p>
<p class="MsoNormal"><span><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1f497d" lang="EN-GB"><u></u> <u></u></span></span></p>
<p class="MsoNormal"><span><span style="font-size:10.0pt;font-family:"Calibri",sans-serif;color:#1f497d">Med vänlig hälsning / Best regards<u></u><u></u></span></span></p>
<p class="MsoNormal"><span><span style="font-size:10.0pt;font-family:"Calibri",sans-serif;color:#1f497d">Magnus Löfqvist<u></u><u></u></span></span></p>
<p class="MsoNormal"><span><span style="font-size:8.0pt;font-family:"Calibri",sans-serif;color:#595959"><u></u> <u></u></span></span></p>
</span><table class="m_1797177521083608046MsoNormalTable" style="border-collapse:collapse" cellspacing="0" cellpadding="0" border="0">
<tbody>
<tr style="height:7.05pt">
<td colspan="2" style="width:298.3pt;padding:0cm 0cm 0cm 0cm;height:7.05pt" width="398" valign="top">
<p class="MsoNormal"><span><b><span style="font-size:8.0pt;font-family:"Calibri",sans-serif;color:#595959">VMI IT Services AB</span></b></span><span><u><span style="font-size:8.0pt;font-family:"Calibri",sans-serif;color:#595959"><u></u><u></u></span></u></span></p>
</td>
<td><span></span>
</td></tr>
<tr style="height:24.9pt">
<td style="width:149.15pt;padding:0cm 0cm 0cm 0cm;height:24.9pt" width="199" valign="top">
<p class="MsoNormal"><span><u><span style="font-size:8.0pt;font-family:"Calibri",sans-serif;color:#595959">Head office:</span></u></span><span><span style="font-size:8.0pt;font-family:"Calibri",sans-serif;color:#595959"> <wbr> <wbr>
</span></span><span><span style="font-size:10.0pt;font-family:"Calibri",sans-serif;color:#1f497d"><u></u><u></u></span></span></p>
<p class="MsoNormal"><span><span style="font-size:8.0pt;font-family:"Calibri",sans-serif;color:#595959">Hantverksvägen 15</span></span><span><span style="font-size:10.0pt;font-family:"Calibri",sans-serif;color:#1f497d"><u></u><u></u></span></span></p>
<p class="MsoNormal" style="margin-bottom:12.0pt"><span><span style="font-size:8.0pt;font-family:"Calibri",sans-serif;color:#595959">764 93 VÄDDÖ, SWEDEN <wbr>
</span></span><span><span style="font-size:10.0pt;font-family:"Calibri",sans-serif;color:#1f497d"><u></u><u></u></span></span></p>
</td>
<td><span></span>
</td><td style="width:149.15pt;padding:0cm 0cm 0cm 0cm;height:24.9pt" width="199" valign="top">
<p class="MsoNormal"><span><u><span style="font-size:8.0pt;font-family:"Calibri",sans-serif;color:#595959">Visiting address:<u></u><u></u></span></u></span></p>
<p class="MsoNormal"><span><span style="font-size:8.0pt;font-family:"Calibri",sans-serif;color:#595959">Lilla Torget 1A<u></u><u></u></span></span></p>
<p class="MsoNormal"><span><span style="font-size:8.0pt;font-family:"Calibri",sans-serif;color:#595959" lang="EN-US">761 30 NORRTÄLJE, SWEDEN</span></span><span><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1f497d"><u></u><u></u></span></span></p>
</td>
<td><span></span>
</td></tr>
</tbody>
</table>
<p class="MsoNormal"><span><span style="font-size:8.0pt;font-family:"Calibri",sans-serif;color:#595959" lang="EN-US">Tel +46 176 20 89 00 (02)</span></span><span><span style="font-size:10.0pt;font-family:"Calibri",sans-serif;color:#1f497d" lang="EN-US"><u></u><u></u></span></span></p>
<p class="MsoNormal"><span><span style="font-size:8.0pt;font-family:"Calibri",sans-serif;color:#595959" lang="EN-US">Fax +46 176 20 89 19</span></span><span><span style="font-size:10.0pt;font-family:"Calibri",sans-serif;color:#1f497d" lang="EN-US"><u></u><u></u></span></span></p>
<p class="MsoNormal"><span><span style="font-size:8.0pt;font-family:"Calibri",sans-serif;color:#595959" lang="EN-US"><br>
E-mail: </span></span><a href="mailto:ml@vmi.se" target="_blank"><span><span style="font-size:8.0pt;font-family:"Calibri",sans-serif;color:#0563c1" lang="EN-US">ml@vmi.se</span></span><span></span></a><span><span style="font-size:8.0pt;font-family:"Calibri",sans-serif;color:#595959">
<span lang="EN-US"><u></u><u></u></span></span></span></p>
<p class="MsoNormal"><span><span style="font-size:10.0pt;font-family:"Calibri",sans-serif;color:#1f497d" lang="EN-US"><u></u> <u></u></span></span></p>
<p class="MsoNormal"><span><i><span style="font-size:6.0pt;font-family:"Calibri",sans-serif;color:#595959" lang="EN-US">*** VMI E-mail disclaimer ***<u></u><u></u></span></i></span></p>
<p class="MsoNormal"><span><i><span style="font-size:6.0pt;font-family:"Calibri",sans-serif;color:#595959" lang="EN-US"><u></u> <u></u></span></i></span></p>
<p class="MsoNormal"><span><i><span style="font-size:6.0pt;font-family:"Calibri",sans-serif;color:#595959" lang="EN-US">The information in this e-mail is confidential and may be legally privileged.<u></u><u></u></span></i></span></p>
<p class="MsoNormal"><span><i><span style="font-size:6.0pt;font-family:"Calibri",sans-serif;color:#595959" lang="EN-US">It is intended solely for the addressee. Access to this email by anyone else is unauthorized.<u></u><u></u></span></i></span></p>
<p class="MsoNormal"><span><i><span style="font-size:6.0pt;font-family:"Calibri",sans-serif;color:#595959" lang="EN-US">If you are not the intended recipient, any disclosure, copying, distribution or any action taken
<u></u><u></u></span></i></span></p>
<p class="MsoNormal"><span><i><span style="font-size:6.0pt;font-family:"Calibri",sans-serif;color:#595959" lang="EN-US">or omitted to be taken in reliance on it, is prohibited and may be unlawful. Any opinions or
<u></u><u></u></span></i></span></p>
<p class="MsoNormal"><span><i><span style="font-size:6.0pt;font-family:"Calibri",sans-serif;color:#595959" lang="EN-US">advice contained in this e-mail are subject to the terms and conditions expressed in the
<u></u><u></u></span></i></span></p>
<p class="MsoNormal"><span><i><span style="font-size:6.0pt;font-family:"Calibri",sans-serif;color:#595959" lang="EN-US">VMI General terms and conditions.<u></u><u></u></span></i></span></p>
<p class="MsoNormal"><span><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1f497d" lang="EN-GB"><u></u> <u></u></span></span></p>
<span></span>
<p class="MsoNormal"><b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">Från:</span></b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif"> <a href="mailto:green@highloadlab.com" target="_blank">green@highloadlab.com</a> [mailto:<a href="mailto:green@highloadlab.com" target="_blank">green@highloadlab.com</a>]
<b>För </b>Alexander Zubkov<br>
<b>Skickat:</b> den 8 november 2017 10:16<br>
<b>Till:</b> Magnus Löfqvist <<a href="mailto:ml@vmi.se" target="_blank">ml@vmi.se</a>><br>
<b>Kopia:</b> <a href="mailto:bird-users@network.cz" target="_blank">bird-users@network.cz</a><br>
<b>Ämne:</b> Re: BGP with wrong netmask on wan interface<u></u><u></u></span></p><div><div class="h5">
<p class="MsoNormal"><u></u> <u></u></p>
<div>
<div>
<p class="MsoNormal" style="margin-bottom:12.0pt"><span lang="EN-GB">Hi,<u></u><u></u></span></p>
</div>
<p class="MsoNormal" style="margin-bottom:12.0pt"><span lang="EN-GB">You have:<u></u><u></u></span></p>
<p class="MsoNormal"><span lang="EN-GB">WAN (Mobile): 10.6.90.187 / 255.0.0.0<u></u><u></u></span></p>
<p class="MsoNormal"><span lang="EN-GB">OpenVPN interface (tap0): 10.9.140.33 / 255.255.252.0<u></u><u></u></span></p>
<p class="MsoNormal"><span lang="EN-GB"><u></u> <u></u></span></p>
<p class="MsoNormal"><span lang="EN-GB">protocol bgp BGP1 from RR_LTE { neighbor 10.9.140.1 as 1; preference 140;};<u></u><u></u></span></p>
<p class="MsoNormal"><span lang="EN-GB"><u></u> <u></u></span></p>
<p class="MsoNormal"><span lang="EN-GB">So you are trying to reach 10.9.140.1. If you have no additional routes, than this address falls into
<u></u><u></u></span></p>
<p class="MsoNormal"><span lang="EN-GB">10.6.90.187 / 255.0.0.0 network, i.e. WAN interface and will be routed there.<u></u><u></u></span></p>
</div>
<div>
<p class="MsoNormal"><span lang="EN-GB"><u></u> <u></u></span></p>
<div>
<p class="MsoNormal"><span lang="EN-GB">On Wed, Nov 8, 2017 at 8:20 AM, Magnus Löfqvist <</span><a href="mailto:ml@vmi.se" target="_blank"><span lang="EN-GB">ml@vmi.se</span></a><span lang="EN-GB">> wrote:<u></u><u></u></span></p>
<blockquote style="border:none;border-left:solid #cccccc 1.0pt;padding:0cm 0cm 0cm 6.0pt;margin-left:4.8pt;margin-top:5.0pt;margin-right:0cm;margin-bottom:5.0pt">
<div>
<div>
<p class="MsoNormal"><span lang="EN-GB">Hi,<u></u><u></u></span></p>
<p class="MsoNormal"><span lang="EN-GB"> <u></u><u></u></span></p>
<p class="MsoNormal"><span lang="EN-GB">I have some mobile routers (connected over LTE) and with openvpn.<u></u><u></u></span></p>
<p class="MsoNormal"><span lang="EN-GB"> <u></u><u></u></span></p>
<p class="MsoNormal"><span lang="EN-GB">Over the openvpn we are running a BGP to allow distribute some routes and export routes.<u></u><u></u></span></p>
<p class="MsoNormal"><span lang="EN-GB"> <u></u><u></u></span></p>
<p class="MsoNormal"><span lang="EN-GB">Some of the routers are having wrong netmask (255.0.0.0 instead of 255.255.255.252).
<u></u><u></u></span></p>
<p class="MsoNormal"><span lang="EN-GB">This seems to work (ie internet are working, and the openvpn connection is established).<u></u><u></u></span></p>
<p class="MsoNormal"><span lang="EN-GB"> <u></u><u></u></span></p>
<p class="MsoNormal"><span lang="EN-GB">But when we are trying to get the BGP connection up, it tries to send the BGP connection over the WAN istead of openvpn connection.<u></u><u></u></span></p>
<p class="MsoNormal"><span lang="EN-GB">I guess that I have made some mistake in the config.<u></u><u></u></span></p>
<p class="MsoNormal"><span lang="EN-GB">It should take smaller path before matching the larger..<u></u><u></u></span></p>
<p class="MsoNormal"><span lang="EN-GB"> <u></u><u></u></span></p>
<p class="MsoNormal"><span lang="EN-GB"> <u></u><u></u></span></p>
<p class="MsoNormal"><span lang="EN-GB">WAN (Mobile): 10.6.90.187 / 255.0.0.0<u></u><u></u></span></p>
<p class="MsoNormal"><span lang="EN-GB">OpenVPN interface (tap0): 10.9.140.33 / 255.255.252.0<u></u><u></u></span></p>
<p class="MsoNormal"><span lang="EN-GB"> <u></u><u></u></span></p>
<p class="MsoNormal"><span lang="EN-GB">Bird config:<u></u><u></u></span></p>
<p class="MsoNormal"><span lang="EN-GB"> <u></u><u></u></span></p>
<p class="MsoNormal"><span lang="EN-GB">template bgp RR_LTE {<u></u><u></u></span></p>
<p class="MsoNormal"><span lang="EN-GB"> debug all; <wbr> # debug BGP<u></u><u></u></span></p>
<p class="MsoNormal"><span lang="EN-GB"> description "BIRD RR";<u></u><u></u></span></p>
<p class="MsoNormal"><span lang="EN-GB"> local as 1; <wbr> # the AS used by the local BGP speaker<u></u><u></u></span></p>
<p class="MsoNormal"><span lang="EN-GB"> direct;<u></u><u></u></span></p>
<p class="MsoNormal"><span lang="EN-GB"> gateway direct;<u></u><u></u></span></p>
<p class="MsoNormal"><span lang="EN-GB"> import filter import_ATM; <wbr> # just accept everything<u></u><u></u></span></p>
<p class="MsoNormal"><span lang="EN-GB"> export filter export_ATM; <wbr> # and advertise it to all the neigbors<u></u><u></u></span></p>
<p class="MsoNormal"><span lang="EN-GB"> connect retry time 10; # reconnect try after 10s<u></u><u></u></span></p>
<p class="MsoNormal"><span lang="EN-GB"> hold time 240; <wbr> # hold time send in BGP messages<u></u><u></u></span></p>
<p class="MsoNormal"><span lang="EN-GB">}<u></u><u></u></span></p>
<p class="MsoNormal"><span lang="EN-GB"> <u></u><u></u></span></p>
<p class="MsoNormal"><span lang="EN-GB">protocol bgp BGP1 from RR_LTE { neighbor 10.9.140.1 as 1; preference 140;};<u></u><u></u></span></p>
<p class="MsoNormal"><span lang="EN-GB"> <u></u><u></u></span></p>
<p class="MsoNormal"><span lang="EN-GB">root@client1:/etc# tcpdump -ni wwan0 tcp port 179 and host 10.9.140.1<u></u><u></u></span></p>
<p class="MsoNormal"><span lang="EN-GB">tcpdump: verbose output suppressed, use -v or -vv for full protocol decode<u></u><u></u></span></p>
<p class="MsoNormal"><span lang="EN-GB">listening on wwan0, link-type EN10MB (Ethernet), capture size 65535 bytes<u></u><u></u></span></p>
<p class="MsoNormal"><span lang="EN-GB">15:29:08.755188 IP 10.6.90.187.34974 > 10.9.140.1.179: Flags [S], seq 1482209106, win 14600, options [mss 1460,sackOK,TS val 88007 ecr 0,nop,wscale 8], length
0<u></u><u></u></span></p>
<p class="MsoNormal"><span lang="EN-GB">15:29:11.762726 IP 10.6.90.187.45591 > 10.9.140.1.179: Flags [S], seq 1681977930, win 14600, options [mss 1460,sackOK,TS val 88307 ecr 0,nop,wscale 8], length
0<u></u><u></u></span></p>
<p class="MsoNormal"><span lang="EN-GB"> <u></u><u></u></span></p>
<p class="MsoNormal"><span lang="EN-GB"> <u></u><u></u></span></p>
<p class="MsoNormal"><span lang="EN-GB"> <u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:10.0pt">Med vänlig hälsning / Best regards</span><u></u><u></u></p>
<p class="MsoNormal"><span style="font-size:10.0pt;color:#888888">Magnus Löfqvist</span><span style="color:#888888"><u></u><u></u></span></p>
<p class="MsoNormal"><span style="color:#888888"> <u></u><u></u></span></p>
</div>
</div>
</blockquote>
</div>
<p class="MsoNormal"><u></u> <u></u></p>
</div>
</div></div></div>
</div>
</blockquote></div><br></div>