I've added "update-source" 172.16.0.20 in the bgp commands to see if any
difference but doesn't seem to have done anything. I thought possibly it
was binding to wrong interface and not causing ipsec to kick in.
Cheers,
Jon.
On Mon, 31 Jul 2017 at 11:32 M87tech [Jon] <m87t...@gmail.com> wrote:
> ok got systemd working
>
> Wondering if these earlier messages in frr.log are related, although they
> seem to stop.
>
> *2017/07/31 11:27:58.27 NHRP: INTERFACE_STATE: Cannot find IF ens18 in VRF
> 0*
>
> 2017/07/31 11:23:26.70 NHRP: NHS: Waiting link for 51.15.49.245
> 2017/07/31 11:23:32.69 NHRP: Netlink: Received msg_type 28, msg_flags 0
> 2017/07/31 11:23:32.72 NHRP: Netlink: Received msg_type 28, msg_flags 0
> 2017/07/31 11:24:06.23 NHRP: Netlink: Received msg_type 28, msg_flags 0
> 2017/07/31 11:24:37.97 NHRP: Netlink: Received msg_type 28, msg_flags 0
> 2017/07/31 11:24:37.97 NHRP: Netlink: Received msg_type 28, msg_flags 0
> 2017/07/31 11:25:11.76 NHRP: Netlink: Received msg_type 28, msg_flags 0
> 2017/07/31 11:25:24.05 NHRP: Netlink: Received msg_type 28, msg_flags 0
> 2017/07/31 11:25:26.70 NHRP: NHS: Waiting link for 51.15.49.245
> 2017/07/31 11:25:54.77 NHRP: Netlink: Received msg_type 28, msg_flags 0
> 2017/07/31 11:26:04.24 NHRP: Netlink: Received msg_type 28, msg_flags 0
> 2017/07/31 11:26:04.24 NHRP: Netlink: Received msg_type 28, msg_flags 0
> 2017/07/31 11:26:37.78 NHRP: Netlink: Received msg_type 28, msg_flags 0
> 2017/07/31 11:27:26.71 NHRP: NHS: Waiting link for 51.15.49.245
> 2017/07/31 11:27:30.26 NHRP: Netlink: Received msg_type 28, msg_flags 0
> 2017/07/31 11:27:58.27 NHRP: Netlink: Received msg_type 29, msg_flags 0
> 2017/07/31 11:27:58.27 NHRP: INTERFACE_ADDRESS_DEL: Cannot find IF 2 in
> VRF 0
> 2017/07/31 11:27:58.27 NHRP: Netlink: Received msg_type 29, msg_flags 0
> 2017/07/31 11:27:58.27 NHRP: Netlink: Received msg_type 29, msg_flags 0
> 2017/07/31 11:27:58.27 NHRP: Netlink: Received msg_type 29, msg_flags 0
> *2017/07/31 11:27:58.27 NHRP: INTERFACE_STATE: Cannot find IF ens18 in VRF
> 0*
> 2017/07/31 11:27:58.27 NHRP: Netlink: Received msg_type 29, msg_flags 0
> 2017/07/31 11:27:58.27 NHRP: INTERFACE_ADDRESS_DEL: Cannot find IF 2 in
> VRF 0
> 2017/07/31 11:27:58.27 NHRP: Netlink: Received msg_type 29, msg_flags 0
> 2017/07/31 11:27:58.27 NHRP: INTERFACE_ADDRESS_DEL: Cannot find IF 2 in
> VRF 0
> 2017/07/31 11:27:58.27 NHRP: Netlink: Received msg_type 29, msg_flags 0
> 2017/07/31 11:27:59.42 NHRP: vici_reconnect: failure connecting VICI
> socket: Connection refused
> 2017/07/31 11:28:00.21 BGP: Terminating on signal
> 2017/07/31 11:28:00.21 ZEBRA: release_daemon_chunks: Released 0 label
> chunks
> 2017/07/31 11:28:00.21 ZEBRA: client 15 disconnected. 0 vnc routes removed
> from the rib
> 2017/07/31 11:28:00.21 ZEBRA: release_daemon_chunks: Released 0 label
> chunks
> 2017/07/31 11:28:00.21 ZEBRA: client 14 disconnected. 0 bgp routes removed
> from the rib
> 2017/07/31 11:28:00.23 NHRP: Exiting...
> 2017/07/31 11:28:00.23 NHRP: Done.
> 2017/07/31 11:28:00.23 ZEBRA: release_daemon_chunks: Released 0 label
> chunks
> 2017/07/31 11:28:00.23 ZEBRA: client 16 disconnected. 0 nhrp routes
> removed from the rib
> 2017/07/31 11:28:00.26 ZEBRA: Terminating on signal
> 2017/07/31 11:28:00.26 ZEBRA: IRDP: Received shutdown notification.
> 2017/07/31 11:28:27.12 NHRP: VICI: Connected
> 2017/07/31 11:28:27.27 NHRP: VICI: Message 5, 1 bytes
> 2017/07/31 11:28:27.27 NHRP: VICI: Message 5, 1 bytes
> 2017/07/31 11:28:27.27 NHRP: VICI: Message 5, 1 bytes
> 2017/07/31 11:28:27.27 NHRP: VICI: Message 5, 1 bytes
> 2017/07/31 11:28:27.27 NHRP: VICI: Message 1, 1 bytes
> 2017/07/31 11:28:27.33 NHRP: [0x563ae8cffc40] Resolving '
> hub6.wizznet.co.uk'
> 2017/07/31 11:28:27.33 NHRP: Netlink: Received msg_type 28, msg_flags 0
> 2017/07/31 11:28:27.36 NHRP: [0x563ae8cffc40] Resolved with 1 results
> 2017/07/31 11:28:27.41 NHRP: NHS: Waiting link for 51.15.49.245
>
> On Mon, 31 Jul 2017 at 11:26 M87tech [Jon] <m87t...@gmail.com> wrote:
>
>> Sorted the pre-shared key bit, but its still not loading at boot - that's
>> another matter though.
>>
>> now I manually load it with load-conn I see some new info
>>
>> root@hub2-nhrp:/home/jon# swanctl --list-conn
>>
>> dmvpn: IKEv2, reauthentication every 46800s, rekeying every 14400s
>> local: %any
>> remote: %any
>> local pre-shared key authentication:
>> id: hub2@mynet.cloud
>> remote pre-shared key authentication:
>> id: hub6@mynet.cloud
>> dmvpn: TRANSPORT, rekeying every 6000s
>> local: dynamic[gre]
>> remote: dynamic[gre]
>>
>>
>> However tcpdump still showing no attempts for 500 or 4500 :(
>>
>> and i see bgp sourcing from the wrong address, still not kicking it into
>> life.
>> also same messages in frr.log
>>
>> 2017/07/31 11:21:26.65 NHRP: [0x55e9835b6d30] Resolved with 1 results
>> 2017/07/31 11:21:26.70 NHRP: NHS: Waiting link for 51.15.49.245
>> 2017/07/31 11:22:11.38 NHRP: Netlink: Received msg_type 28, msg_flags 0
>> 2017/07/31 11:22:27.67 NHRP: Netlink: Received msg_type 28, msg_flags 0
>> 2017/07/31 11:23:01.20 NHRP: Netlink: Received msg_type 28, msg_flags 0
>> 2017/07/31 11:23:26.70 NHRP: NHS: Waiting link for 51.15.49.245
>> 2017/07/31 11:23:32.69 NHRP: Netlink: Received msg_type 28, msg_flags 0
>> 2017/07/31 11:23:32.72 NHRP: Netlink: Received msg_type 28, msg_flags 0
>> 2017/07/31 11:24:06.23 NHRP: Netlink: Received msg_type 28, msg_flags 0
>> 2017/07/31 11:24:37.97 NHRP: Netlink: Received msg_type 28, msg_flags 0
>> 2017/07/31 11:24:37.97 NHRP: Netlink: Received msg_type 28, msg_flags 0
>> 2017/07/31 11:25:11.76 NHRP: Netlink: Received msg_type 28, msg_flags 0
>>
>>
>> On Mon, 31 Jul 2017 at 11:22 Timo Teras <timo.te...@iki.fi> wrote:
>>
>>> On Mon, 31 Jul 2017 10:11:51 +0000
>>> "M87tech [Jon]" <m87t...@gmail.com> wrote:
>>>
>>> > I wonder now if its something to do with the PSK / secret as it just
>>> > said it was ignoring the unsupported secret when I did the reload.
>>>
>>> Could be related.
>>>
>>> > root@hub2-nhrp:/home/jon# swanctl --list-conns
>>>
>>> If --list-conns returns nothing, it means that charon does not have the
>>> configuration files loaded. This should print information about the
>>> 'dmvpn' configuration.
>>>
>>> > root@hub2-nhrp:/home/jon# swanctl --reload-settings
>>> >
>>> > *root@hub2-nhrp:/home/jon# swanctl --load-all*
>>> > *ignoring unsupported secret 'dmvpn-secret'*
>>> > *no authorities found, 0 unloaded*
>>> > *no pools found, 0 unloaded*
>>> > *loaded connection 'dmvpn'*
>>> > *successfully loaded 1 connections, 0 unloaded*
>>>
>>> So this loaded the config files. Sounds like systemd did not do it. The
>>> problem with the secret is also an issue. But after swanctl says it's
>>> loaded the connection and the secret, then things might look better.
>>>
>>> Timo
>>>
>> --
>> M87 TECH
>> Jon Clayton
>>
>> --
> M87 TECH
> Jon Clayton
>
> --
M87 TECH
Jon Clayton
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
opennhrp-devel mailing list
opennhrp-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/opennhrp-devel
