Re: Bird OSPF Problems

From: Tim Sedlmeyer <tim@sedlmeyer.org>
To: Zsolt Hegyi <hegyi.mokka@gmail.com>
Cc: WireGuard mailing list <wireguard@lists.zx2c4.com>
Subject: Re: Bird OSPF Problems
Date: Mon, 16 Apr 2018 08:00:16 -0400	[thread overview]
Message-ID: <CAK_h9uEaGd3JM8g9b03+OYbTx=M61g58qZ2iSaOgCwVve1diAw@mail.gmail.com> (raw)
In-Reply-To: <CAJqFBzx2=aQox=RhtK-L0FsLZ+xKL19v4jQ0WGO6hxwubBYuGQ@mail.gmail.com>

On Mon, Apr 16, 2018 at 6:31 AM, Zsolt Hegyi <hegyi.mokka@gmail.com> wrote:
> Hi Cedric,
>
> As far as I know, wireguard doesn't support multicasts yet, which OSPF uses
> for neighbor discovery. The reason why BGP works is because it uses unicast
> TCP packets as means of communication.
>
> To get around this, try telling BIRD that your wireguard interface is an
> NBMA network (or a point-to-point link).

When it is said that wireguard doesn't support multicast what is
really meant is that
multicast traffic won't be replicated across multiple peers on the
same interface. If
only a single peer is required to receive the multicast traffic than
assigning the multicast
address to that peer will allow the multicast traffic to traverse the
wireguard connection
to it. When using OSPF with wireguard I find it easiest to just
assign each peer to a seperate wireguard interface with an allowed-ip
of 0.0.0.0/0.
Then it just works because the multicast traffic passes and I don't
have to worry about
assigning every network that might ever use the peer to the allowed-ip list.

If you need to use OSPF over a single or multiple peers on the same
interface than
most likely you should set the interface type to point-to-multipoint.
point-to-point still
uses multicast and NBMA still has a DR election and expects all
neighbors to be fully
meshed and able to talk directly to each other over the network.
point-to-multipoint uses
unicast but treats each link as a point-to-point connection so there
is no DR election.

>
> vista
>
> On Mon, 16 Apr 2018, 11:27 cedric Kienzler, <cedrickienzler1@gmail.com>
> wrote:
>>
>> Hey List,
>>
>> i'm currently facing issues with OSPF over the wireguard tunnel.
>>
>> I use both, IPv4 and IPv6 and everything works fine. I can ping through
>> the tunnel, traffic flows perfectly, but when i try to configure OSPF using
>> the Bird routing daemon, i didn't even see a HELLO message. Also when trying
>> to list the interface using 'show ospf interfaces' i didn't even see the
>> Interface.
>>
>> For IPv6 i use 2a03.... as prefix.
>> Should i configure multicast IPv6 (fe80::) on the interface too to get
>> OSPF working?
>>
>> Interesting fact: BGB using Bird works just fine.
>>
>> Anyone here that could help me?
>>
>>
>> Thanks a lot.
>>
>> Best regards,
>> Cedi
>> _______________________________________________
>> WireGuard mailing list
>> WireGuard@lists.zx2c4.com
>> https://lists.zx2c4.com/mailman/listinfo/wireguard
>
>
> _______________________________________________
> WireGuard mailing list
> WireGuard@lists.zx2c4.com
> https://lists.zx2c4.com/mailman/listinfo/wireguard
>