OpenVPN and ospfd

  • Hi to all,
    first of all, thanks to developers for great product that we can use :)

    I want to ask about problem with openvpn. I want to make two VPN tunnels which will be redundant and run ospfd over it.
    Everything seems to work OK until I change some parameter of openvpn and it needs to reconnect.

    We use 2.3.4-RELEASE-p1 (amd64)

    Seems like some kernel related bug which makes it unable to set IP address on tun interface again.

    From system log:

    Sep 4 09:53:46	openvpn	34474	Exiting due to fatal error
    Sep 4 09:53:46	openvpn	34474	FreeBSD ifconfig failed: external program exited with error status: 1
    Sep 4 09:53:46	openvpn	34474	/sbin/ifconfig ovpnc3 mtu 1400 netmask up

    runing ifconfig manualy:

    /sbin/ifconfig ovpnc3 mtu 1400 netmask up
    ifconfig: ioctl (SIOCAIFADDR): Address already in use

    But this IP is not used elsewhere on system.

    Seems that it is some stale route:

    route get
       route to:
            fib: 0
      interface: ovpnc3
          flags: <up,host,done,pinned>recvpipe  sendpipe  ssthresh  rtt,msec    mtu        weight    expire
           0         0         0         0      1400         1         0</up,host,done,pinned> 

    But it is not possible to delete:

     route del
    route: writing to routing socket: Address already in use
    del host fib 0: gateway uses the same route

    Only one way how to make it working again is reboot.

    Thank you for any suggestions.

  • Rebel Alliance Developer Netgate

    You have to add the interface addresses with /32 to the main page of OSPF settings, and mark them as do not redistribute and accept filter.

    I've made that quite a bit better in frr but it's not out for 2.3.4 users just yet. Soon, though.

Log in to reply