Hi Theera,
We're using Mikrotik extensively as well, in combination with BIRD2.
In RouterOS 7 there's been quite some work done on OSPF specifically.
The latest release 7.7 (see
https://mikrotik.com/download/changelogs/stable) incorporates some fixes
for yet another bugs in this context.
Apart from BIRD configuration, I would suggest to upgrade to RouterOS
7.6 at least or even better 7.7.
Cheers,
Kees
On 13-01-2023 18:11, Theera Kittichareonpot wrote:
Hello,
I am very new to Bird so I could be doing something wrong. But it
seems Bird 2.0.11 could have compatibility issues with Mikrotik
routers when OSPF authentication is used.
When simple authentication is used, the neighbor state stays at Init
and doesn't change at all.
When cryptographic password is used, the Mikrotik router gave errors
about wrong SA/SP id: "ospf-instance-1 { version: 2 router-id:
192.168.120.1 } ospf-area-1 { 0.0.0.0 } interface { instance-id: 5
broadcast 192.168.10.1%br-lan } authentication failed from
192.168.10.197 wrong SA ID". I've tried md5 sha256 and sha512, but all
gave the same error.
Kindly let me know if I did something wrong or what additional info is
needed. Thank you.
The following is my bird.conf:
log syslog all;
#debug protocols all;
#router id 192.168.10.197;
ipv4 table master4;
protocol device {
}
protocol direct direct4 {
ipv4; # Connect to default IPv4 table
}
protocol kernel kernel4 {
ipv4 {
import all;
export all;
};
}
protocol static static4 {
ipv4;
}
protocol ospf v2 ospf4 {
instance id 5; # set to the same as other routers'
ipv4 {
import all;
export all;
};
area 0 {
interface "eth0" {
type broadcast;
hello 10; # same as other routers'
retransmit 5;
transmit delay 1;
dead 40;
#simple authentication doesn't work with Mikrotik
either. The state stays at Init and doesn't change at all.
#authentication simple;
#password "12345678";
# cryptographic password doesn't seem to work with
mikrotik too; got errors about wrong SA/SP id
#authentication cryptographic;
#password "12345678" { algorithm hmac sha512; };
};
};
}
Theera K.