FreeBSD ifconfig failed: external program exited with error status: 1
-
Hi, I have strange issue with openvpn and ospf. May be ospf is not reason of the trouble, but I saw it when they worked together.
VPN interface go down and I can't understand whyPart of log
May 11 21:10:36 openvpn 8070 /sbin/ifconfig ovpnc2 10.44.0.10 10.44.0.9 mtu 1500 netmask 255.255.255.255 up
May 11 21:10:36 openvpn 8070 FreeBSD ifconfig failed: external program exited with error status: 1
May 11 21:10:36 openvpn 8070 Exiting due to fatal error
-
Maybe the route already exists?
-
Maybe the route already exists?
Yeah a conflict of some sort is usually the reason in that case, can't add an IP that's already configured elsewhere.
-
Yes, you are right. Thank you for the hint.
I checked interfaces and routes and found that in the server part ovpn interface is in up, and ospf had distributed route for this network to other.
ovpn interface is in a down on the client, but the route(tunneled) arrived with ospf and ovpn can't update it
-
there should be a checkbox on the ospf interface page to disable the distribution of tunnel networks.
if you are on 2.3 & quagga 1.x: https://forum.pfsense.org/index.php?topic=111108.0
quagga 1.x doesn't seem to update routes, even after link down. -
there should be a checkbox on the ospf interface page to disable the distribution of tunnel networks.
if you are on 2.3 & quagga 1.x: https://forum.pfsense.org/index.php?topic=111108.0
quagga 1.x doesn't seem to update routes, even after link down.What is the checkbox?
I use 2.3 with quagga 0.99
-
quagga > interface-settings > Accept Filter
-
The problem has not solved. Some tunnels also go down with the same reason.
in the log I see this
/sbin/ifconfig ovpnc4 10.44.0.54 10.44.0.53 mtu 1500 netmask 255.255.255.255 up
FreeBSD ifconfig failed: external program exited with error status: 1I was tried to do ifconfig command manually, and recieved the next result
[2.3-RELEASE][root@nlvz.local]/root: /sbin/ifconfig ovpnc4 10.44.0.54 10.44.0.53 mtu 1500 netmask 255.255.255.255 up
ifconfig: ioctl (SIOCAIFADDR): Address already in usebut i can't find, who and how is using this address
ifconfigovpnc2: flags=8051 <up,pointopoint,running,multicast>metric 0 mtu 1500
options=80000 <linkstate>inet6 fe80::20c:29ff:fe90:2047%ovpnc2 prefixlen 64 scopeid 0x8
inet 10.44.0.14 –> 10.44.0.13 netmask 0xffffffff
nd6 options=21 <performnud,auto_linklocal>Opened by PID 41437
ovpnc3: flags=8010 <pointopoint,multicast>metric 0 mtu 1500
options=80000 <linkstate>nd6 options=21 <performnud,auto_linklocal>ovpnc4: flags=8051 <up,pointopoint,running,multicast>metric 0 mtu 1500
options=80000 <linkstate>inet6 fe80::20c:29ff:fe90:2047%ovpnc4 prefixlen 64 scopeid 0xa
nd6 options=21 <performnud,auto_linklocal>ovpnc5: flags=8051 <up,pointopoint,running,multicast>metric 0 mtu 1500
options=80000 <linkstate>inet6 fe80::20c:29ff:fe90:2047%ovpnc5 prefixlen 64 scopeid 0xb
inet 10.44.0.74 --> 10.44.0.73 netmask 0xffffffff
nd6 options=21 <performnud,auto_linklocal>Opened by PID 92738</performnud,auto_linklocal></linkstate></up,pointopoint,running,multicast></performnud,auto_linklocal></linkstate></up,pointopoint,running,multicast></performnud,auto_linklocal></linkstate></pointopoint,multicast></performnud,auto_linklocal></linkstate></up,pointopoint,running,multicast> -
Check your routing table (diagnostics routing)
It will probably have /32 routes in there that match your tunnel network…. the same routes can be found in the ospf status screeni have one site where the accept filter isn't enough.
there, i fill in the tunnel subnets in the quagga 'disable acceptance' list (=bottom of global settings)The attached screenshot is at the SERVER end of the tunnel (hence the .1 address' )
On the client end its the same except it is for the .2 address'hope it helps.
-
SOLVED!!!!
Really thanks you!!!