Hi all I want to update on this. I have disabled the (cryptographic) authentication on all bird routers in that LAN segment for ospfv6 and the issue is gone.
Currently only "ttl security yes;" is set. Normally, this kind of security would be sufficient I suppose... I hope this information is helpful to someone. Kind regards Dries ---------- Forwarded message --------- From: Dries <[email protected]> Date: Mon, 7 Dec 2020 at 12:42 Subject: Fwd: ospfv6 cryptographic crashes bird To: <[email protected]> Hi I am having an issue that crashes bird 2.0.7 running on latest centos 7.9.2009, most of the time, but sometimes not. Running the same config on other machines, and there is no problem, only on this particular one. So I am maybe missing some (cryptographic) libraries? I don't see any error messages during compilation or build. It has to do with ospfv6 because, when I remove this config, it runs fine. Example config that is causing issues: protocol ospf v3 ospfv6 { ipv6 { import filter import_ospfv6; export filter export_ospfv6; }; area 0.0.0.0 { interface "eth1" { cost 1; authentication cryptographic; password "password" { algorithm hmac sha512; }; type broadcast; ttl security yes; }; interface "xenbr0" { cost 100; type broadcast; ttl security yes; }; }; } When bird runs in debug mode, I get these error messages before bird crashes: sometimes this one: Assertion '*plen < ifa->sk->tbsize' failed at proto/ospf/packet.c:147 sometimes this one: Assertion '*plen < ifa->sk->tbsize' failed at proto/ospf/packet.c:97 These messages also appear during startup: ospfv6: Authentication failed for nbr 123.123.123.123 on eth1 - missing authentication trailer (0) Thank you in advance. Kind regards Dries
