ospf - how to publish openvpn roadwarrior subnet
-
Hi,
for whatever reason, just adding the openVPN-server as a stub-interface does not seem to work.
depending on the interface-type you select you get either- no route being published
- a /31 being published while the openvpn subnet is for example a /29
I've worked around it by selecting 'distribute connected networks' and then setting up a distribution list that allows the vpn-subnet & denies 'any'
this is a pain in the ass to manage
could someone tell me what the correct way to handle this is ?
-
it seems nobody has an answer.
@jimp first of all: sorry to tag you in this post
are you still the package maintainer for frr ?
could you provide some insight about this behaviour ?thanks
-
OSPF will only advertise networks it sees on the interfaces directly. If OpenVPN is in subnet topology mode (not net30) it may work, more likely to be correct with tap than tun but I'm not certain there.
If you are setup with an ABR style OSPF config (local areas on each end with a 0.0.0.0 backbone on the link between routers) you can setup a summary route entry with an entry that you want to advertise.
The docs have an example like this:
https://docs.netgate.com/pfsense/en/latest/packages/frr/ospf/example.html