On Wed, Jul 08, 2015 at 09:56:44PM +0200, Bastien Durel wrote: > Hello, > > I use openvpn to connect 2 routers over 2 links. Sometimes one of these > links crashes, then I use OSPF to remove it from routing table. > But sometimes (I saw this twice since I upgraded to 5.7, ospfd don't > reconnect. > > Here are the relevant logs: > > Jul 8 09:04:05 root: Wed Jul 8 09:04:05 2015 [corrin.geekwu.org] > Inactivity timeout (--ping-restart), restarting > Jul 8 09:04:05 root: Wed Jul 8 09:04:05 2015 SIGUSR1[soft,ping-restart] > received, process restarting > Jul 8 09:04:07 root: Wed Jul 8 09:04:07 2015 NOTE: the current > --script-security setting may allow this configuration to call user-defined > scripts > Jul 8 09:04:07 root: Wed Jul 8 09:04:07 2015 WARNING: normally if you use > --mssfix and/or --fragment, you should also set --tun-mtu 1500 (currently it > is 1380) > Jul 8 09:04:07 ospfd[27052]: send_packet: error sending packet on interface > tun0: Host is down > Jul 8 09:04:07 ospfd[27052]: send_packet: error sending packet on interface > tun0: Host is down > Jul 8 09:04:07 ospfd[27052]: interface tun0 down > Jul 8 09:04:07 ospfd[27052]: interface tun0 down > Jul 8 09:04:07 ospf6d[19695]: send_packet: error sending packet on > interface tun0: Host is down > Jul 8 09:04:07 ospf6d[19695]: send_packet: error sending packet on > interface tun0: Host is down > Jul 8 09:04:07 ospf6d[19695]: interface tun0 down > Jul 8 09:04:07 ospf6d[19695]: interface tun0 down > Jul 8 09:04:07 root: Wed Jul 8 09:04:07 2015 OpenVPN 2.3.6 > x86_64-unknown-openbsd5.7 [SSL (OpenSSL)] [LZO] [MH] [IPv6] built on Mar 7 > 2015 > Jul 8 09:04:07 root: Wed Jul 8 09:04:07 2015 library versions: LibreSSL > 2.1, LZO 2.08 > Jul 8 09:04:07 root: Wed Jul 8 09:04:07 2015 NOTE: the current > --script-security setting may allow this configuration to call user-defined > scripts > Jul 8 09:04:07 root: Wed Jul 8 09:04:07 2015 Control Channel > Authentication: using '/etc/openvpn/pfs.key' as a OpenVPN static key file > Jul 8 09:04:07 root: Wed Jul 8 09:04:07 2015 WARNING: normally if you use > --mssfix and/or --fragment, you should also set --tun-mtu 1500 (currently it > is 1380) > Jul 8 09:04:07 root: Wed Jul 8 09:04:07 2015 TUN/TAP device tun0 exists > previously, keep at program end > Jul 8 09:04:07 ospf6d[19695]: interface tun0 up > Jul 8 09:04:07 ospf6d[19695]: interface tun0 up > Jul 8 09:04:07 ospfd[27052]: interface tun0 up > Jul 8 09:04:07 ospfd[27052]: interface tun0 up > Jul 8 09:04:07 root: Wed Jul 8 09:04:07 2015 TUN/TAP device /dev/tun0 > opened > Jul 8 09:04:07 root: Wed Jul 8 09:04:07 2015 do_ifconfig, tt->ipv6=0, > tt->did_ifconfig_ipv6_setup=0 > Jul 8 09:04:07 root: Wed Jul 8 09:04:07 2015 /sbin/ifconfig tun0 > 10.120.0.1 netmask 255.255.255.252 mtu 1380 broadcast 10.120.0.3 link0 > Jul 8 09:04:07 ospfd[27052]: interface tun0:10.120.0.1 gone > Jul 8 09:04:07 ospfd[27052]: interface tun0:10.120.0.1 gone > Jul 8 09:04:07 root: Wed Jul 8 09:04:07 2015 ./up.sh tun0 1380 1470 > 10.120.0.1 255.255.255.252 init > Jul 8 09:04:08 root: Wed Jul 8 09:04:08 2015 chroot to '/var/empty' and cd > to '/' succeeded > Jul 8 09:04:08 root: Wed Jul 8 09:04:08 2015 GID set to _isakmpd > Jul 8 09:04:08 root: Wed Jul 8 09:04:08 2015 UID set to _isakmpd > Jul 8 09:04:08 root: Wed Jul 8 09:04:08 2015 UDPv4 link local (bound): > [AF_INET]88.162.162.72 > Jul 8 09:04:08 root: Wed Jul 8 09:04:08 2015 UDPv4 link remote: > [AF_INET]94.23.38.211:1196 > Jul 8 09:04:23 root: Wed Jul 8 09:04:23 2015 [corrin.geekwu.org] Peer > Connection Initiated with [AF_INET]94.23.38.211:1196 > Jul 8 09:04:24 root: Wed Jul 8 09:04:24 2015 Initialization Sequence > Completed > > You can see ospfd loosing interface (interface tun0:10.120.0.1 gone) but > ospf6d don't > > # ospfctl sh int > Interface Address State HelloTimer Linkstate Uptime nc ac > em5 10.0.0.254/24 DOWN - active 00:00:00 0 0 > em4 10.255.255.254/24 DOWN - active 00:00:00 0 0 > tun1 10.120.0.5/30 BCKUP 00:00:02 active 01w1d11h 1 1 > tun0 10.120.0.1/30 DOWN - active 00:00:00 1 0 > em1 10.42.42.1/24 BCKUP 00:00:04 active 01w1d11h 1 1 > em0 10.42.0.254/24 DR 00:00:08 active 1d05h35m 0 0 > > # ospf6ctl sh int > Interface Address State HelloTimer Linkstate Uptime > em5 fe80::200:24ff:fed1:73f9 DOWN 7101w3d0 active 00:00:00 > em4 fe80::200:24ff:fed1:73f8 DOWN 7101w3d0 active 00:00:00 > tun1 fe80::fce1:baff:fed3:1cf0 BCKUP 00:00:02 active 5d11h03m > tun0 fe80::fce1:baff:fed1:7f67 BCKUP 00:00:01 active 11:58:17 > em1 fe80::200:24ff:fed1:420d BCKUP 00:00:09 active 5d11h03m > em0 fe80::200:24ff:fed1:420c DR 00:00:09 active 1d05h43m > > Is this know bug ? a feature ? Must I run ospfd in verbose mode to collect > more info ? >
Feature... with maybe a bug. > Jul 8 09:04:07 ospfd[27052]: interface tun0:10.120.0.1 gone So openvpn is reconfiguring the interface and ospfd does not like this all that much because of the way interface addresses are handled. A simple ospfctl reload should fix this. -- :wq Claudio
