OpenVPN and ospfd
lukas.macura last edited by
Hi to all,
first of all, thanks to developers for great product that we can use :)
I want to ask about problem with openvpn. I want to make two VPN tunnels which will be redundant and run ospfd over it.
Everything seems to work OK until I change some parameter of openvpn and it needs to reconnect.
We use 2.3.4-RELEASE-p1 (amd64)
Seems like some kernel related bug which makes it unable to set IP address on tun interface again.
From system log:
Sep 4 09:53:46 openvpn 34474 Exiting due to fatal error Sep 4 09:53:46 openvpn 34474 FreeBSD ifconfig failed: external program exited with error status: 1 Sep 4 09:53:46 openvpn 34474 /sbin/ifconfig ovpnc3 172.17.255.10 172.17.255.9 mtu 1400 netmask 255.255.255.255 up
runing ifconfig manualy:
/sbin/ifconfig ovpnc3 172.17.255.10 172.17.255.9 mtu 1400 netmask 255.255.255.255 up ifconfig: ioctl (SIOCAIFADDR): Address already in use
But this IP is not used elsewhere on system.
Seems that it is some stale route:
route get 172.17.255.9 route to: 172.17.255.9 destination: 172.17.255.9 fib: 0 interface: ovpnc3 flags: <up,host,done,pinned>recvpipe sendpipe ssthresh rtt,msec mtu weight expire 0 0 0 0 1400 1 0</up,host,done,pinned>
But it is not possible to delete:
route del 172.17.255.9 route: writing to routing socket: Address already in use del host 172.17.255.9 fib 0: gateway uses the same route
Only one way how to make it working again is reboot.
Thank you for any suggestions.
You have to add the interface addresses with /32 to the main page of OSPF settings, and mark them as do not redistribute and accept filter.
I've made that quite a bit better in frr but it's not out for 2.3.4 users just yet. Soon, though.