On 2009-05-31, Claudio Jeker <cje...@diehard.n-r-g.com> wrote: > On Sun, May 31, 2009 at 01:13:25PM +0000, Stuart Henderson wrote: >> On 2009-05-31, Stuart Henderson <s...@spacehopper.org> wrote: >> > On 2009-05-29, Stuart Henderson <s...@spacehopper.org> wrote: >> >> >> >> OSPF over gre's or gif's (which can then themselves be protected by >> >> ipsec) is probably the fastest option at present on OpenBSD. >> > >> > Hrmm. And then I try it... >> > >> > Does anyone actually have this working and if so would they mind >> > sharing config? I'm seeing the hellos go out the physical interface >> > rather than the gre. >> > >> > # tcpdump -nivr0 -vv proto ospf >> > 13:00:18.661860 85.158.44.158 > 224.0.0.5: OSPFv2-hello 44: rtrid >> > 85.158.44.149 backbone auth MD5 E mask 255.255.255.255 int 1 pri 1 dead 4 >> > nbrs [tos 0xc0] [ttl 1] (id 53330, len 80) >> > 13:00:19.672022 85.158.44.158 > 224.0.0.5: OSPFv2-hello 44: rtrid >> > 85.158.44.149 backbone auth MD5 E mask 255.255.255.255 int 1 pri 1 dead 4 >> > nbrs [tos 0xc0] [ttl 1] (id 23013, len 80) >> > 13:00:20.682184 85.158.44.158 > 224.0.0.5: OSPFv2-hello 44: rtrid >> > 85.158.44.149 backbone auth MD5 E mask 255.255.255.255 int 1 pri 1 dead 4 >> > nbrs [tos 0xc0] [ttl 1] (id 23179, len 80) >> > 13:00:21.692350 85.158.44.158 > 224.0.0.5: OSPFv2-hello 44: rtrid >> > 85.158.44.149 backbone auth MD5 E mask 255.255.255.255 int 1 pri 1 dead 4 >> > nbrs [tos 0xc0] [ttl 1] (id 60275, len 80) >> > >> > # tcpdump -nigre0 -vv proto ospf >> ><nothing> >> > >> > The gre itself is fine, I can ping over it and the packets show up >> > correctly on gre0, and also correctly on vr0 marked with "(gre encap)". >> > It's correct (per RFC2328 8.1) that AllSPFRouters is used rather than >> > the tunnel endpoint addresses even on point-to-point. >> > >> > >> >> Hrmm and double hrmm. >> >> startup >> orig_rtr_lsa: area 0.0.0.0 >> orig_rtr_lsa: stub net, interface vr0 >> if_fsm: event UP resulted in action START and changing state for interface >> vr0 from DOWN to WAIT >> if_join_group: error IP_ADD_MEMBERSHIP, interface gre0 address 224.0.0.5: >> Address already in use >> >> <st...@troll:~:3>$ sudo grep -A3 area /etc/ospfd.conf >> >> area 0.0.0.0 { >> interface gre0 { metric 200 } >> interface vr0 >> } >> >> <st...@troll:~:4>$ ifconfig gre0 >> gre0: flags=9011<UP,POINTOPOINT,LINK0,MULTICAST> mtu 1476 >> priority: 0 >> groups: gre >> physical address inet 85.158.44.158 --> 195.95.187.1 >> inet6 fe80::20d:b9ff:fe13:5198%gre0 -> prefixlen 64 scopeid 0x6 >> inet 85.158.44.158 --> 195.95.187.1 netmask 0xffffffff >> > > Uhm. The tunnel endpoints and the gre src and dest IPs are the same. I > have a bad feeling about that.
ahh, changing that gets me a lot further, thanks. gre's nasty hack to toggle the address's LSB isn't quite enough then; not a problem. > Additionally I remember some strange issues with gre(4) and ospfd but I > thought I fixed that. let's see if I can work out how to get beyond EXCHG...