On 2009-05-31, Stuart Henderson <s...@spacehopper.org> wrote: > On 2009-05-29, Stuart Henderson <s...@spacehopper.org> wrote: >> >> OSPF over gre's or gif's (which can then themselves be protected by >> ipsec) is probably the fastest option at present on OpenBSD. > > Hrmm. And then I try it... > > Does anyone actually have this working and if so would they mind > sharing config? I'm seeing the hellos go out the physical interface > rather than the gre. > > # tcpdump -nivr0 -vv proto ospf > 13:00:18.661860 85.158.44.158 > 224.0.0.5: OSPFv2-hello 44: rtrid > 85.158.44.149 backbone auth MD5 E mask 255.255.255.255 int 1 pri 1 dead 4 > nbrs [tos 0xc0] [ttl 1] (id 53330, len 80) > 13:00:19.672022 85.158.44.158 > 224.0.0.5: OSPFv2-hello 44: rtrid > 85.158.44.149 backbone auth MD5 E mask 255.255.255.255 int 1 pri 1 dead 4 > nbrs [tos 0xc0] [ttl 1] (id 23013, len 80) > 13:00:20.682184 85.158.44.158 > 224.0.0.5: OSPFv2-hello 44: rtrid > 85.158.44.149 backbone auth MD5 E mask 255.255.255.255 int 1 pri 1 dead 4 > nbrs [tos 0xc0] [ttl 1] (id 23179, len 80) > 13:00:21.692350 85.158.44.158 > 224.0.0.5: OSPFv2-hello 44: rtrid > 85.158.44.149 backbone auth MD5 E mask 255.255.255.255 int 1 pri 1 dead 4 > nbrs [tos 0xc0] [ttl 1] (id 60275, len 80) > > # tcpdump -nigre0 -vv proto ospf ><nothing> > > The gre itself is fine, I can ping over it and the packets show up > correctly on gre0, and also correctly on vr0 marked with "(gre encap)". > It's correct (per RFC2328 8.1) that AllSPFRouters is used rather than > the tunnel endpoint addresses even on point-to-point. > >
Hrmm and double hrmm. startup orig_rtr_lsa: area 0.0.0.0 orig_rtr_lsa: stub net, interface vr0 if_fsm: event UP resulted in action START and changing state for interface vr0 from DOWN to WAIT if_join_group: error IP_ADD_MEMBERSHIP, interface gre0 address 224.0.0.5: Address already in use <st...@troll:~:3>$ sudo grep -A3 area /etc/ospfd.conf area 0.0.0.0 { interface gre0 { metric 200 } interface vr0 } <st...@troll:~:4>$ ifconfig gre0 gre0: flags=9011<UP,POINTOPOINT,LINK0,MULTICAST> mtu 1476 priority: 0 groups: gre physical address inet 85.158.44.158 --> 195.95.187.1 inet6 fe80::20d:b9ff:fe13:5198%gre0 -> prefixlen 64 scopeid 0x6 inet 85.158.44.158 --> 195.95.187.1 netmask 0xffffffff <st...@troll:~:5>$ route -n get 195.95.187.1 route to: 195.95.187.1 destination: 195.95.187.1 interface: gre0 if address: 85.158.44.158 priority: 4 (connected) flags: <UP,HOST,DONE> use mtu expire 118 0 0 <st...@troll:~:6>$ route -n get 195.95.187.0 route to: 195.95.187.0 destination: default mask: default gateway: 85.158.44.145 interface: vr0 if address: 85.158.44.158 priority: 8 (static) flags: <UP,GATEWAY,DONE,STATIC> use mtu expire 151 0 0