Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    OpenVPN and ospfd

    Scheduled Pinned Locked Moved OpenVPN
    2 Posts 2 Posters 541 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • L Offline
      lukas.macura
      last edited by

      Hi to all,
      first of all, thanks to developers for great product that we can use :)

      I want to ask about problem with openvpn. I want to make two VPN tunnels which will be redundant and run ospfd over it.
      Everything seems to work OK until I change some parameter of openvpn and it needs to reconnect.

      We use 2.3.4-RELEASE-p1 (amd64)

      Seems like some kernel related bug which makes it unable to set IP address on tun interface again.

      From system log:

      
Sep 4 09:53:46	openvpn	34474	Exiting due to fatal error
Sep 4 09:53:46	openvpn	34474	FreeBSD ifconfig failed: external program exited with error status: 1
Sep 4 09:53:46	openvpn	34474	/sbin/ifconfig ovpnc3 172.17.255.10 172.17.255.9 mtu 1400 netmask 255.255.255.255 up

      runing ifconfig manualy:

      
/sbin/ifconfig ovpnc3 172.17.255.10 172.17.255.9 mtu 1400 netmask 255.255.255.255 up
ifconfig: ioctl (SIOCAIFADDR): Address already in use

      But this IP is not used elsewhere on system.

      Seems that it is some stale route:

      
route get 172.17.255.9
   route to: 172.17.255.9
destination: 172.17.255.9
        fib: 0
  interface: ovpnc3
      flags: <up,host,done,pinned>recvpipe  sendpipe  ssthresh  rtt,msec    mtu        weight    expire
       0         0         0         0      1400         1         0</up,host,done,pinned>

      But it is not possible to delete:

      
 route del 172.17.255.9
route: writing to routing socket: Address already in use
del host 172.17.255.9 fib 0: gateway uses the same route

      Only one way how to make it working again is reboot.

      Thank you for any suggestions.

      1 Reply Last reply Reply Quote 0
      • jimpJ Offline
        jimp Rebel Alliance Developer Netgate
        last edited by

        You have to add the interface addresses with /32 to the main page of OSPF settings, and mark them as do not redistribute and accept filter.

        I've made that quite a bit better in frr but it's not out for 2.3.4 users just yet. Soon, though.

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.