<div dir="ltr"><div><br></div><div class="gmail_extra"><div class="gmail_quote">2018-04-04 12:31 GMT+02:00 Ondrej Zajicek <span dir="ltr"><<a href="mailto:santiago@crfreenet.org" target="_blank">santiago@crfreenet.org</a>></span>:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><span class="gmail-">On Wed, Apr 04, 2018 at 11:35:03AM +0200, dawid k wrote:<br>
> 2018-04-04 10:59 GMT+02:00 Jan Maria Matejka <<a href="mailto:jan.matejka@nic.cz">jan.matejka@nic.cz</a>>:<br>
><br>
> > Hello,<br>
> ><br>
> > please could you enable 'debug all' for the ospf protocol at server?<br>
> > It should tell you whether it receives the packets and what is it doing<br>
> > with them.<br>
> ><br>
><br>
> It is enabled, Here the logs:<br>
><br>
><br>
</span><span class="gmail-">> no received packets, but with tcpdump on server I can see, that all devices<br>
> are sending hello messages:<br>
<br>
</span>Hello<br>
<br>
That is interesting, It is possible that there is some problem with<br>
multicast on OpenVPN, as mentioned by Michael McConnell, but not in the sense<br>
of multicast transmit (which works as seen by tcpdump), but multicast delivery<br>
to userspace sockets (so BIRD does not get them).<br>
<br>
One workaround would be to use NBMA interface type in BIRD OSPF. That<br>
uses just unicast, so perhaps there would not be this problem. See 'type<br>
nbma' OSPF option. Then you have to use 'neighbors' option to specify<br>
client IPs on server and at least server IP (marked 'eligible') on clients<br>
and set priority to 0 on clients.<br>
<span class="gmail-"><br></span></blockquote><div>Thank you for your help, but it is still not working. </div><div> </div><div>I tried the nmba connection between one client and server with following settings:<div><br></div><div>client:</div></div><div><div><br></div><div> interface "tun0" {</div><div> cost 10;</div><div> type nbma;</div><div> strict nonbroadcast yes; #tried with disabled as well</div><div> stub no;</div><div> hello 10;</div><div> transmit delay 5;</div><div> wait 10;</div><div> dead 40;</div><div> priority 0;</div><div> neighbors {</div><div> 10.29.0.1 eligible; #server's IP</div><div> };</div><div> };</div></div><div><br></div><div>server</div><div><div> interface "tun0" {</div><div> cost 10;</div><div> type nbma;</div><div> strict nonbroadcast yes;</div><div> stub no;<br></div><div> hello 10;</div><div> transmit delay 5;</div><div> wait 10;</div><div> dead 40;</div><div> neighbors {</div><div> 10.26.0.4; # client's IP</div><div> };<br></div><div> };</div></div><div><br></div><div>There are no error messages in logs only the info: HELLO packet sent via tun0. </div><div>I started tcpdump -v -s 0 proto ospf -i tun0 now on both client and server and there is no traffic at all. </div><div>The routes are set properly and ping is working. I tried ptp as well with similar result. Im using iptables, but for the test I deactivated it. </div><div>I have no idea, why tcpdump shows no traffic. I suppose, that there is an issue with OpenVPN, what Michael McConnel and others mentioned. </div><div><br></div><div><br></div><div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><span class="gmail-">
--<br>
Elen sila lumenn' omentielvo<br>
<br>
</span>Ondrej 'Santiago' Zajicek (email: <a href="mailto:santiago@crfreenet.org">santiago@crfreenet.org</a>)<br>
OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, <a href="http://wwwkeys.pgp.net" rel="noreferrer" target="_blank">wwwkeys.pgp.net</a>)<br>
<div class="gmail-HOEnZb"><div class="gmail-h5">"To err is human -- to blame it on a computer is even more so."<br>
</div></div></blockquote></div><br></div></div>