Hello,
I'm trying to establish OSPFv3 neighborships between hosts connected
with PTP tunnels.
The OSPF instances using interfaces that are attached to a VRF on each
host.
There was a similar thread in 2020, however the author didn't respond to
a question by Ondrej:
https://bird.network.cz/pipermail/bird-users/2020-March/014384.html
I can confirm that the issue exists at least on Wireguard and GRE PTP
tunnels fully attached to the VRF master interface.
This issue only exists with interfaces bound to a VRF. A similar OSPF
instance with interfaces that arent bound to a VRF works flawlessly.
This is the relevant configuration for the instance:
"SRV-FRA1":
protocol ospf v3 dfz {
vrf "vrf-dfz";
area 0 {
interface "lodfz" {
stub;
};
interface "wgdfzhome" {
type ptmp;
cost 20;
neighbors {
fe80::f806:ac67:55bb:847;
};
};
interface "dfznbg1" {
type ptp;
};
};
ipv6 {
table dfz6;
import where net != ::/0;
export where source = RTS_STATIC && net = ::/0;
};
}
"SRV-NBG1":
protocol ospf v3 dfz {
vrf "vrf-dfz";
area 0 {
interface "lodfz" {
stub;
};
interface "wgdfzhome" {
type ptmp;
cost 20;
neighbors {
fe80::6af0:4be5:bd4a:eff7;
};
};
interface "dfzfra1" {
type ptp;
};
};
ipv6 {
table dfz6;
import where net != ::/0;
export where source = RTS_STATIC && net = ::/0;
};
}
The interfaces "dfznbg1" and "dfzfra1" are GRE tunnel interfaces
connected to each other.
The neighbourship fully establishes when I'm using the PTMP type with a
fixed neighbor definition instead (like interface "wgdfzhome" -
different host).
It doesn't matter, if the protocol has the vrf parameter configured or
not (I think in this configuration it's optional nevertheless).
The hosts however, get Hello messages from each other in ptp mode:
root@srv-fra1:~# tcpdump -vni dfznbg1
tcpdump: listening on dfznbg1, link-type LINUX_SLL (Linux cooked v1),
snapshot length 262144 bytes
11:46:19.563505 IP6 (class 0xc0, flowlabel 0x6da57, hlim 1, next-header
OSPF (89) payload length: 36) srv-fra1 > ff02::5: OSPFv3, Hello, length
36
Router-ID 10.242.1.3, Backbone Area
Options [V6, External, Router, AFs Support]
Hello Timer 10s, Dead Timer 40s, Interface-ID 0.0.0.46,
Priority 1
11:46:22.224801 IP6 (class 0xc0, flowlabel 0x50f52, hlim 1, next-header
OSPF (89) payload length: 36) srv-nbg1 > ff02::5: OSPFv3, Hello, length
36
Router-ID 10.242.1.2, Backbone Area
Options [V6, External, Router, AFs Support]
Hello Timer 10s, Dead Timer 40s, Interface-ID 0.0.0.17,
Priority 1
11:46:29.563357 IP6 (class 0xc0, flowlabel 0x6da57, hlim 1, next-header
OSPF (89) payload length: 36) srv-fra1 > ff02::5: OSPFv3, Hello, length
36
Router-ID 10.242.1.3, Backbone Area
Options [V6, External, Router, AFs Support]
Hello Timer 10s, Dead Timer 40s, Interface-ID 0.0.0.46,
Priority 1
11:46:32.224643 IP6 (class 0xc0, flowlabel 0x50f52, hlim 1, next-header
OSPF (89) payload length: 36) srv-nbg1 > ff02::5: OSPFv3, Hello, length
36
Router-ID 10.242.1.2, Backbone Area
Options [V6, External, Router, AFs Support]
Hello Timer 10s, Dead Timer 40s, Interface-ID 0.0.0.17,
Priority 1
11:46:39.563020 IP6 (class 0xc0, flowlabel 0x6da57, hlim 1, next-header
OSPF (89) payload length: 36) srv-fra1 > ff02::5: OSPFv3, Hello, length
36
Router-ID 10.242.1.3, Backbone Area
Options [V6, External, Router, AFs Support]
Hello Timer 10s, Dead Timer 40s, Interface-ID 0.0.0.46,
Priority 1
root@srv-nbg1:~# tcpdump -vni dfzfra1
tcpdump: listening on dfzfra1, link-type LINUX_SLL (Linux cooked v1),
snapshot length 262144 bytes
11:46:19.573221 IP6 (class 0xc0, flowlabel 0x6da57, hlim 1, next-header
OSPF (89) payload length: 36) srv-fra1 > ff02::5: OSPFv3, Hello, length
36
Router-ID 10.242.1.3, Backbone Area
Options [V6, External, Router, AFs Support]
Hello Timer 10s, Dead Timer 40s, Interface-ID 0.0.0.46,
Priority 1
11:46:22.230884 IP6 (class 0xc0, flowlabel 0x50f52, hlim 1, next-header
OSPF (89) payload length: 36) srv-nbg1 > ff02::5: OSPFv3, Hello, length
36
Router-ID 10.242.1.2, Backbone Area
Options [V6, External, Router, AFs Support]
Hello Timer 10s, Dead Timer 40s, Interface-ID 0.0.0.17,
Priority 1
11:46:29.573123 IP6 (class 0xc0, flowlabel 0x6da57, hlim 1, next-header
OSPF (89) payload length: 36) srv-fra1 > ff02::5: OSPFv3, Hello, length
36
Router-ID 10.242.1.3, Backbone Area
Options [V6, External, Router, AFs Support]
Hello Timer 10s, Dead Timer 40s, Interface-ID 0.0.0.46,
Priority 1
11:46:32.230598 IP6 (class 0xc0, flowlabel 0x50f52, hlim 1, next-header
OSPF (89) payload length: 36) srv-nbg1 > ff02::5: OSPFv3, Hello, length
36
Router-ID 10.242.1.2, Backbone Area
Options [V6, External, Router, AFs Support]
Hello Timer 10s, Dead Timer 40s, Interface-ID 0.0.0.17,
Priority 1
11:46:39.572741 IP6 (class 0xc0, flowlabel 0x6da57, hlim 1, next-header
OSPF (89) payload length: 36) srv-fra1 > ff02::5: OSPFv3, Hello, length
36
Router-ID 10.242.1.3, Backbone Area
Options [V6, External, Router, AFs Support]
Hello Timer 10s, Dead Timer 40s, Interface-ID 0.0.0.46,
Priority 1
It seems to me that bird doesn't process the multicast packets when
interfaces are bound to a VRF. But that's just a speculation.
root@srv-fra1:~# bird --version
BIRD version 2.0.12
"Since I get a fully functional neighborhood with the above PTMP
configuration, this is certainly not critical (even considering the
protocol differences between modes) - but I think it's worth a look?"
If you need more information, just let me know.
Best wishes for 2024 from Germany.
Regards, Erik
