2018-04-04 12:31 GMT+02:00 Ondrej Zajicek <santiago@crfreenet.org>:
On Wed, Apr 04, 2018 at 11:35:03AM +0200, dawid k wrote:
2018-04-04 10:59 GMT+02:00 Jan Maria Matejka <jan.matejka@nic.cz>:
Hello,
please could you enable 'debug all' for the ospf protocol at server? It should tell you whether it receives the packets and what is it doing with them.
It is enabled, Here the logs:
no received packets, but with tcpdump on server I can see, that all devices are sending hello messages:
Hello
That is interesting, It is possible that there is some problem with multicast on OpenVPN, as mentioned by Michael McConnell, but not in the sense of multicast transmit (which works as seen by tcpdump), but multicast delivery to userspace sockets (so BIRD does not get them).
One workaround would be to use NBMA interface type in BIRD OSPF. That uses just unicast, so perhaps there would not be this problem. See 'type nbma' OSPF option. Then you have to use 'neighbors' option to specify client IPs on server and at least server IP (marked 'eligible') on clients and set priority to 0 on clients.
Thank you for your help, but it is still not working.
I tried the nmba connection between one client and server with following settings: client: interface "tun0" { cost 10; type nbma; strict nonbroadcast yes; #tried with disabled as well stub no; hello 10; transmit delay 5; wait 10; dead 40; priority 0; neighbors { 10.29.0.1 eligible; #server's IP }; }; server interface "tun0" { cost 10; type nbma; strict nonbroadcast yes; stub no; hello 10; transmit delay 5; wait 10; dead 40; neighbors { 10.26.0.4; # client's IP }; }; There are no error messages in logs only the info: HELLO packet sent via tun0. I started tcpdump -v -s 0 proto ospf -i tun0 now on both client and server and there is no traffic at all. The routes are set properly and ping is working. I tried ptp as well with similar result. Im using iptables, but for the test I deactivated it. I have no idea, why tcpdump shows no traffic. I suppose, that there is an issue with OpenVPN, what Michael McConnel and others mentioned.
-- Elen sila lumenn' omentielvo
Ondrej 'Santiago' Zajicek (email: santiago@crfreenet.org) OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net) "To err is human -- to blame it on a computer is even more so."