Re: OSPF over OpenVPN

21 Mar 2018


      Thank you very much, it looks like that is the issue on the client side of the VPN connection. "show interfaces” returns nothing, which seems odd… 

Now to figure out why that is the case…

Thanks again,
Mike

--
Michael McConnell
WINK Streaming;
email: michael@winkstreaming.com
toll free: 877-GO-4-WINK x 7400
direct: +1 312 281-5434
cell: +506 8706-2389
skype: wink-michael
web: http://winkstreaming.com
...
On Mar 21, 2018, at 5:15 PM, Charles van Niman <charles@phukish.com> wrote:
Hello,
Based on the output you provided, it appears BIRD/OSPF is not seeing your interfaces? In BIRD CLI, if you compare "show interfaces" with "show ospf interfaces" do you see any difference? I am using a very basic config (only defining cost) for each OpenVPN tun interface I am using, and its working over here.
bird.conf:
protocol ospf SlothNet {
  rfc1583compat yes;
  area 0.0.0.0 {
    networks {
      172.22.150.64/26 <http://172.22.150.64/26>;
      172.23.158.64/26 <http://172.23.158.64/26>;
    };
    stub no;
    interface "tun-node43" {
        cost 20;
    };
    interface "tun-node69" {
        cost 180;
    };
    interface "tun-node96" {
        cost 70;
    };
    interface "tun-node28" {
        cost 130;
    };
    interface "eth1" {
        cost 10;
    };
    interface "lo" {
        stub;
    };
  };
}
bird output:
bird> show ospf
SlothNet:
RFC1583 compatibility: enabled
Stub router: No
RT scheduler tick: 1
Number of areas: 1
Number of LSAs in DB:   4
        Area: 0.0.0.0 (0) [BACKBONE]
                Stub:   No
                NSSA:   No
                Transit:        No
                Number of interfaces:   8
                Number of neighbors:    3
                Number of adjacent neighbors:   3
                Area networks:
                          172.22.150.64/26 <http://172.22.150.64/26>      Advertise
                          172.23.158.64/26 <http://172.23.158.64/26>      Advertise
/Charles van Niman
On Wed, Mar 21, 2018 at 4:32 PM, Michael McConnell <michael@winkstreaming.com <mailto:michael@winkstreaming.com>> wrote:
I’ve also tried with pointtopoint and declared my neighors under the tap interface and made it pointtopoint without success;
interface "tap*" {
                        type pointopoint;
                        cost 5;
                        hello 5;
                        wait 10;
                        dead 25;
                        authentication cryptographic; password “boogers";
                        neighbors {
                        10.10.10.34;
                        };
};
...
On Mar 21, 2018, at 3:08 PM, Michael McConnell <michael@winkstreaming.com <mailto:michael@winkstreaming.com>> wrote:
Hello all,
I am trying to establish OSPF over OpenVPN without any luck. The client side always turns up with no neighbours. I’ve tried pointtopoint and exclusively listing my neighbours all with no luck.
I originally was using the tun interface and switched to tap hoping that would help, but still nothing.
Below are my configurations, does anyone see anything obvious that I am missing?
Thanks so much for your time and thoughts!
===
show ospf 
ospf1:
RFC1583 compatibility: disabled
Stub router: No
RT scheduler tick: 1
Number of areas: 1
Number of LSAs in DB:	1
  Area: 0.0.0.0 (0) [BACKBONE]
      Stub:	No
      NSSA:	No
      Transit:	No
      Number of interfaces:	0
      Number of neighbors:	0
      Number of adjacent neighbors:	0
Server ===
protocol ospf {
       import all;
       export filter {
               ospf_metric1 = 1000;
               if source = RTS_STATIC then accept; else reject;
       };
       area 0 {
               networks {
      	10.40.32.0/24 <http://10.40.32.0/24>;
                   10.10.10.32/27 <http://10.10.10.32/27>;
               };
interface "bond1" {
                       type broadcast;
                       cost 5;
                       hello 5;
                       wait 10;
                       dead 25;
                       authentication cryptographic; password “boogers";
               };
interface "tap*" {
                       type broadcast;
                       cost 5;
                       hello 5;
                       wait 10;
                       dead 25;
                       authentication cryptographic; password “boogers";
               };
interface "*" {
                       cost 1000;
                       stub;
               #type pointopoint;
               };
};
Client  ===
protocol ospf {
       import all;
       export filter {
               ospf_metric1 = 1000;
               if source = RTS_STATIC then accept; else reject;
       };
       area 0 {
               networks {
               10.40.32.0/24 <http://10.40.32.0/24>;
                   10.10.10.32/27 <http://10.10.10.32/27>;
               };
interface "bond1" {
                       type broadcast;
                       cost 5;
                       hello 5;
                       wait 10;
                       dead 25;
                       authentication cryptographic; password “boogers";
               };
               interface "tap*" {
                       type broadcast;
                       cost 5;
                       hello 5;
                       wait 10;
                       dead 25;
                       authentication cryptographic; password "boogers";
               };
interface "*" {
                       cost 1000;
                       stub;
               #type pointopoint;
               };
       };
--
Michael McConnell
WINK Streaming;
email: michael@winkstreaming.com <mailto:michael@winkstreaming.com>
toll free: 877-GO-4-WINK x 7400
direct: +1 312 281-5434 <tel:(312)%20281-5434>
cell: +506 8706-2389 <tel:+506%208706%202389>
skype: wink-michael
web: http://winkstreaming.com <http://winkstreaming.com/>