I am having some difficulty getting my OSPF configuration to play nicely
with OpenVPN tunnels on FreeBSD. I have a number of point-to-point tunnels
between sites, with a BIRD instance running on each tunnel endpoint.
Endpoint addresses for a tunnel use a logical /31. Initially, the BIRD
instances would talk to each other, but the endpoint addresses were not
advertised by OSPF, making them unreachable.
I remedied this by adding stubnet declarations (/32) for each of the tunnel
endpoints. This has the effect of making all of my endpoint addresses
reachable, but causes another issue. In this configuration, if I restart
one of my OpenVPN tunnels, it fails to set addressing on the tunnel,
because the host route already exists in the routing table (due to the
stubnet).
I have attached my OSPF configuration below. Is there some better way of
configuring this, to make my tunnel endpoints advertise properly without
declaring them as stubnets?
Thanks!
protocol ospf {
tick 2;
area 0 {
stub no;
stubnet 10.70.0.3/32;
stubnet 172.26.26.5/32;
stubnet 1.2.3.221/32;
interface "re0" {
stub;
cost 100;
hello 2;
dead 10;
authentication cryptographic;
password "password";
};
interface "tun*" {
type ptp;
hello 2;
dead 10;
authentication cryptographic;
password "password";
};
};
}
