Fwd: Received route with strange next-hop
Hello Community First I have to say, the problem occurs in a lab/soho environment, so it might be unusal to normal bird purposes. I'am running two routers who uses bird/OSPF to exchange their routing tables. One router represents the firewall and "internet-connection", the second runs several VPN daemons (IPSec, OpenVPN, L2TP). Some foreign Routers are connected via these VPNs and running OSPF as well (mix quagga/bird). All is running well except some "stange next-hop" messages. The Problem is, I don't understand why i get these messages. To me, the routes looks ok. So I don't understand the problem at all. Maybe someone can help me to understand it. OS: linux/openwrt Bird: version 1.3.3 I have two "problematic" routes who leads to "strange next-hop" messages: 1) network: 192.168.100.128 gateway 192.168.100.130 netmask 255.255.255.128 (/25) bird-message: KRT: Received route 192.168.100.128/25 with strange next-hop 192.168.100.130 add info: the network is a OpenVPN "Roadwarrior"-network. There is a tun0-ptp-interface with 192.168.100.129 as local an 192.168.100.130 as foreign address 2) network 0.0.0.0 (default) gateway 84.57.128.1 netmask 0.0.0.0 bird-message: KRT: Received route 0.0.0.0/0 with strange next-hop 84.57.128.1 add info: the default route is injected by the pppd when the router connects to my german-isp via pppoe (DSL). I have a ptp-interface with my dynamic ip an the GW-address as foreign address Both gateways are listed in the kernel-routing as directly connected via a /32 route (eg 84.57.128.1 gw 0.0.0.0 netmask 255.255.255.255) If I start the BIRD instances on both routers and the problematic routes are present in the kernel table, all works well. No Messages, the routes are "learned" trough the "kernel-protocol", handed over to the OSPF-protocol and propagated to the other routers. All is fine. But if the ISP forcing a reconnect (its a contract without static ip) or the openvpn-daemon needs to restart, the problem starts. The mentioned messages appears in syslog and no routes are learned and propagated. I get around this, whit defining some stub-networks in ospf or a static-default route. Interesting fact: even if a DON'T put activate the kernel learn-switch and set explicit import to none i get these message. I have to set the kernel scan-time to 0 to suppress continuous log-spamming with the message. protocol kernel { export all; import none; scan time 0; } So what I'm doing wrong? How can I connect bird and ptp-interfaces the right way? greetings Raptor 2101
On Mon, Apr 16, 2012 at 10:41:08PM +0200, Christian Kölpin wrote:
Hello Community
First I have to say, the problem occurs in a lab/soho environment, so it might be unusal to normal bird purposes.
I'am running two routers who uses bird/OSPF to exchange their routing tables. One router represents the firewall and "internet-connection", the second runs several VPN daemons (IPSec, OpenVPN, L2TP). Some foreign Routers are connected via these VPNs and running OSPF as well (mix quagga/bird). All is running well except some "stange next-hop" messages. The Problem is, I don't understand why i get these messages. To me, the routes looks ok. So I don't understand the problem at all. Maybe someone can help me to understand it.
OS: linux/openwrt Bird: version 1.3.3
I have two "problematic" routes who leads to "strange next-hop" messages: 1) network: 192.168.100.128 gateway 192.168.100.130 netmask 255.255.255.128 (/25) bird-message: KRT: Received route 192.168.100.128/25 with strange next-hop 192.168.100.130 add info: the network is a OpenVPN "Roadwarrior"-network. There is a tun0-ptp-interface with 192.168.100.129 as local an 192.168.100.130 as foreign address
2) network 0.0.0.0 (default) gateway 84.57.128.1 netmask 0.0.0.0 bird-message: KRT: Received route 0.0.0.0/0 with strange next-hop 84.57.128.1 add info: the default route is injected by the pppd when the router connects to my german-isp via pppoe (DSL). I have a ptp-interface with my dynamic ip an the GW-address as foreign address
Both gateways are listed in the kernel-routing as directly connected via a /32 route (eg 84.57.128.1 gw 0.0.0.0 netmask 255.255.255.255)
Hello BIRD generally assumes tha that gateway of routes is a direct neighbor according to IP addresses on interfaces, not according to routing tables. So having /32 device route does not help. But you could add ptp address on that iface: ip addr add a.b.c.d peer 84.57.128.1 dev XXX (where a.b.c.d is the current local IP of that device) This should fix these two problems. Don't know if OpenVPN could be configured to add these addresses instead of /32 routes, but there were similar OpenVPN questions in the past, like: http://permalink.gmane.org/gmane.network.bird.user/1131 If anyone succeded in it, it would be good to know.
Interesting fact: even if a DON'T put activate the kernel learn-switch and set explicit import to none i get these message. I have to set the kernel scan-time to 0 to suppress continuous log-spamming with the message.
This is expected, kernel is scanned not only to learn routes, but also to check whether exported routes are properly synced. BTW, ultimate olution to suppressing annoying log messages is to use some advanced log daemon like rsyslog with log filtering features :-). -- Elen sila lumenn' omentielvo Ondrej 'SanTiago' Zajicek (email: santiago@crfreenet.org) OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net) "To err is human -- to blame it on a computer is even more so."
Am 17.04.2012 12:28, schrieb Ondrej Zajicek:
On Mon, Apr 16, 2012 at 10:41:08PM +0200, Christian Kölpin wrote:
Hello Community
First I have to say, the problem occurs in a lab/soho environment, so it might be unusal to normal bird purposes.
I'am running two routers who uses bird/OSPF to exchange their routing tables. One router represents the firewall and "internet-connection", the second runs several VPN daemons (IPSec, OpenVPN, L2TP). Some foreign Routers are connected via these VPNs and running OSPF as well (mix quagga/bird). All is running well except some "stange next-hop" messages. The Problem is, I don't understand why i get these messages. To me, the routes looks ok. So I don't understand the problem at all. Maybe someone can help me to understand it.
OS: linux/openwrt Bird: version 1.3.3
I have two "problematic" routes who leads to "strange next-hop" messages: 1) network: 192.168.100.128 gateway 192.168.100.130 netmask 255.255.255.128 (/25) bird-message: KRT: Received route 192.168.100.128/25 with strange next-hop 192.168.100.130 add info: the network is a OpenVPN "Roadwarrior"-network. There is a tun0-ptp-interface with 192.168.100.129 as local an 192.168.100.130 as foreign address
2) network 0.0.0.0 (default) gateway 84.57.128.1 netmask 0.0.0.0 bird-message: KRT: Received route 0.0.0.0/0 with strange next-hop 84.57.128.1 add info: the default route is injected by the pppd when the router connects to my german-isp via pppoe (DSL). I have a ptp-interface with my dynamic ip an the GW-address as foreign address
Both gateways are listed in the kernel-routing as directly connected via a /32 route (eg 84.57.128.1 gw 0.0.0.0 netmask 255.255.255.255) Hello
BIRD generally assumes tha that gateway of routes is a direct neighbor according to IP addresses on interfaces, not according to routing tables. So having /32 device route does not help. But you could add ptp address on that iface:
ip addr add a.b.c.d peer 84.57.128.1 dev XXX (where a.b.c.d is the current local IP of that device Hello
pppd and openvpn does add this address already. If i run this command the message "RTNETLINK answers: File exists" appears. So i assumed the peer 84.57.128.1 should known as "directly connected". ifconfig output: tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 inet addr:192.168.100.129 P-t-P:192.168.100.130 Mask:255.255.255.255 UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1 pppoe-wan Link encap:Point-to-Point Protocol inet addr:84.57.179.177 P-t-P:84.57.128.1 Mask:255.255.255.255 UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1492 Metric:1 ip route output 192.168.100.130 dev tun0 proto kernel scope link src 192.168.100.129 84.57.128.1 dev pppoe-wan proto kernel scope link src 84.57.179.177 Yeah the ultimate solution is ... a ultimative ;) but till i start ignoring Error-Messages i try to find out why it appears. greetings Raptor 2101
On Tue, Apr 17, 2012 at 09:54:40PM +0200, Christian Kölpin wrote:
Hello
BIRD generally assumes tha that gateway of routes is a direct neighbor according to IP addresses on interfaces, not according to routing tables. So having /32 device route does not help. But you could add ptp address on that iface:
ip addr add a.b.c.d peer 84.57.128.1 dev XXX (where a.b.c.d is the current local IP of that device Hello
pppd and openvpn does add this address already. If i run this command the message "RTNETLINK answers: File exists" appears. So i assumed the peer 84.57.128.1 should known as "directly connected".
ifconfig output: tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 inet addr:192.168.100.129 P-t-P:192.168.100.130 Mask:255.255.255.255 UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
pppoe-wan Link encap:Point-to-Point Protocol inet addr:84.57.179.177 P-t-P:84.57.128.1 Mask:255.255.255.255 UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1492 Metric:1
ip route output 192.168.100.130 dev tun0 proto kernel scope link src 192.168.100.129 84.57.128.1 dev pppoe-wan proto kernel scope link src 84.57.179.177
In that case it is strange that the warning is still here. Could you send me an output of 'ip addr list' and 'birdc show interfaces' ? -- Elen sila lumenn' omentielvo Ondrej 'SanTiago' Zajicek (email: santiago@crfreenet.org) OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net) "To err is human -- to blame it on a computer is even more so."
Am 17.04.2012 23:14, schrieb Ondrej Zajicek:
On Tue, Apr 17, 2012 at 09:54:40PM +0200, Christian Kölpin wrote:
Hello
BIRD generally assumes tha that gateway of routes is a direct neighbor according to IP addresses on interfaces, not according to routing tables. So having /32 device route does not help. But you could add ptp address on that iface:
ip addr add a.b.c.d peer 84.57.128.1 dev XXX (where a.b.c.d is the current local IP of that device Hello
pppd and openvpn does add this address already. If i run this command the message "RTNETLINK answers: File exists" appears. So i assumed the peer 84.57.128.1 should known as "directly connected".
ifconfig output: tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 inet addr:192.168.100.129 P-t-P:192.168.100.130 Mask:255.255.255.255 UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
pppoe-wan Link encap:Point-to-Point Protocol inet addr:84.57.179.177 P-t-P:84.57.128.1 Mask:255.255.255.255 UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1492 Metric:1
ip route output 192.168.100.130 dev tun0 proto kernel scope link src 192.168.100.129 84.57.128.1 dev pppoe-wan proto kernel scope link src 84.57.179.177 In that case it is strange that the warning is still here. Could you send me an output of 'ip addr list' and 'birdc show interfaces' ?
Hello here we go ip addr list: 66: pppoe-wan: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1492 qdisc pfifo_fast state UNKNOWN qlen 3 link/ppp inet 84.57.179.177 peer 84.57.128.1/32 scope global pppoe-wan 41: tun0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 100 link/none inet 192.168.100.129 peer 192.168.100.130/32 scope global tun0 birdc show interfaces: pppoe-wan DOWN (index=67) PtP Multicast AdminUp LinkUp MTU=1492 tun0 DOWN (index=41) PtP Multicast AdminUp LinkUp MTU=1500 192.168.100.129/32 (Primary, opposite 192.168.100.130, scope site) interesting: link/ppp is interpreted as "DOWN"... greetings Raptor 2101
On Tue, Apr 17, 2012 at 11:21:26PM +0200, Christian Kölpin wrote:
Am 17.04.2012 23:14, schrieb Ondrej Zajicek:
On Tue, Apr 17, 2012 at 09:54:40PM +0200, Christian Kölpin wrote:
Hello
BIRD generally assumes tha that gateway of routes is a direct neighbor according to IP addresses on interfaces, not according to routing tables. So having /32 device route does not help. But you could add ptp address on that iface:
ip addr add a.b.c.d peer 84.57.128.1 dev XXX (where a.b.c.d is the current local IP of that device Hello
pppd and openvpn does add this address already. If i run this command the message "RTNETLINK answers: File exists" appears. So i assumed the peer 84.57.128.1 should known as "directly connected".
ifconfig output: tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 inet addr:192.168.100.129 P-t-P:192.168.100.130 Mask:255.255.255.255 UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
pppoe-wan Link encap:Point-to-Point Protocol inet addr:84.57.179.177 P-t-P:84.57.128.1 Mask:255.255.255.255 UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1492 Metric:1
ip route output 192.168.100.130 dev tun0 proto kernel scope link src 192.168.100.129 84.57.128.1 dev pppoe-wan proto kernel scope link src 84.57.179.177 In that case it is strange that the warning is still here. Could you send me an output of 'ip addr list' and 'birdc show interfaces' ?
Hello
here we go
ip addr list: 66: pppoe-wan: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1492 qdisc pfifo_fast state UNKNOWN qlen 3
link/ppp
inet 84.57.179.177 peer 84.57.128.1/32 scope global pppoe-wan
41: tun0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 100
link/none
inet 192.168.100.129 peer 192.168.100.130/32 scope global tun0
birdc show interfaces:
pppoe-wan DOWN (index=67) PtP Multicast AdminUp LinkUp MTU=1492
tun0 DOWN (index=41) PtP Multicast AdminUp LinkUp MTU=1500 192.168.100.129/32 (Primary, opposite 192.168.100.130, scope site)
The problem is that these ifaces are down, which is strange. Don't you still have 'scan time 0' in BIRD config? Could you add 'debug all;' to the device section of BIRD config and send me a log file? -- Elen sila lumenn' omentielvo Ondrej 'SanTiago' Zajicek (email: santiago@crfreenet.org) OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net) "To err is human -- to blame it on a computer is even more so."
Am 18.04.2012 10:50, schrieb Ondrej Zajicek:
The problem is that these ifaces are down, which is strange. Don't you still have 'scan time 0' in BIRD config? Could you add 'debug all;' to the device section of BIRD config and send me a log file?
Cause i'am using a mysql-db as rsyslog-dropzone the logfiles might look unfamiliar. You will received 2 Logfiles. One peer router. I restarted bird, switch off/on the interfaces, and wait till some interface-scannes of bird appear. Strange-fact: if i start bird, both interfaces (tun/ppp) are listed as up (birdc show interfaces) after the switch off/on the interfaces stay down. Could this caused by the fact that the interfaces disappear completely "out off the kernel" and appear again instead of switching the state like normal interfaces do? my bird.config looks like this: router id 192.168.2.1; log syslog all; protocol device { debug all; scan time 60; } protocol kernel { export all; scan time 0; } protocol ospf { export all; debug { states, routes, interfaces }; area 0 { .... }; } Logfiles are appended in csv-format.
Hello Did the debug-output helps you to determine what is going wrong? greetings Raptor 2101
On Thu, May 03, 2012 at 10:16:59PM +0200, Christian Kölpin wrote:
Hello
Did the debug-output helps you to determine what is going wrong?
I have some idea what probably happened, but the fix is not simple and will need more work. -- Elen sila lumenn' omentielvo Ondrej 'SanTiago' Zajicek (email: santiago@crfreenet.org) OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net) "To err is human -- to blame it on a computer is even more so."
participants (2)
-
Christian Kölpin -
Ondrej Zajicek