[Xorp-users] bouncing interface kills OSPF - known behavior?
Mark Winter
mark.winter@clearwire.com
Mon, 27 Mar 2006 08:06:07 -0800
Yes that works just fine for my setup. Appreciate the help.
Thanks,
Mark
Pavlin Radoslavov wrote:
>> Ok as a workaround what I've done is setup Openvpn to restart XORP when
>> the tunnel is restarted. I am running openvpn 2.1 beta 11 which added
>> the topology feature, that may be the difference in messages.
>>
>> The logs and config were from the client side, started with command:
>> openvpn --config client.conf
>>
>> After it's connected and OSPF has established adjacency, I control C
>> openvpn and then restart it again.
>>
>
> In our testing we used OpenVPN 2.0.5 with just the minimum setup to
> have the tunnel created, and we also used Ctrl-C to restart it:
>
> openvpn --local xxx.xxx.xxx.xxx --remote yyy.yyy.yyy.yyy --ifconfig
> 10.10.10.1 10.10.10.2 --dev tun0
>
> Though, I don't know whether the different openvpn version and the
> different setup accounts for the different error messages.
>
> If the tunnel is restarted, can you try to reconfigure the
> interface:
>
> set interfaces interface tun0 disable true
> commit
> set interfaces interface tun0 disable false
> commit
>
> It worked for us, but I don't know whether it will work for your
> setup. If it works, you could run the above commands as part of your
> script. See the XORP user manual for examples how to run xorpsh as
> part of a shell script and supply it with the commands.
>
> Pavlin
>
>
>
>> --------- client.conf---------------
>> client
>> up "/etc/init.d/xorp restart"
>> dev tun5
>> proto udp
>> remote xxx.xxx.xxx.xxx 3194
>> resolv-retry infinite
>> nobind
>> user nobody
>> group nobody
>> persist-key
>> persist-tun
>> mute-replay-warnings
>> ca keys/ca.crt
>> cert keys/client-new.crt
>> key keys/client-new.key
>> tls-auth keys/ta.key 1
>> cipher AES-256-CBC
>> comp-lzo
>> verb 3
>> ping 15
>> ping-restart 45
>> ping-timer-rem
>> -------------------------------------
>> -----server.conf----------------
>> tls-server
>> local xxx.xxx.xxx.xxx
>> port 3194
>> proto udp
>> dev tun5
>> client-config-dir /etc/openvpn-poptest/ccd
>> ca keys/ca.crt
>> cert keys/myserver.crt
>> key keys/myserver.key
>> dh keys/dh2048.pem
>> crl-verify keys/crl.pem
>> # Configure server mode and supply a VPN subnet
>> topology subnet
>> mode server
>> server 172.25.3.0 255.255.255.0
>> ifconfig-pool-persist ipp.txt
>> client-to-client
>> ping 15
>> ping-restart 45
>> ping-timer-rem
>> tls-auth keys/ta.key 0
>> cipher AES-256-CBC
>> comp-lzo
>> user nobody
>> group nobody
>> persist-key
>> persist-tun
>> status openvpn-status.log
>> verb 3
>> mute 20
>>
>> Thanks,
>> Mark
>> Pavlin Radoslavov wrote:
>>
>>>> Is there a way to HUP the OSPF process when an interface that is defined
>>>> in OSPF toggles between up/down? Once this happens I have to restart
>>>> the XORP process and then the neighbor will go back into the 'full'
>>>> state. Currently running xorp 1.2.
>>>>
>>>> So with the config below tun5 goes down for about 30 seconds and then
>>>> when it's brought back up is when I have the problem.
>>>>
>>>>
>>> In general, have in mind that tunnels and VPNs are not supported
>>> (yet). It happens that tunnels are working (if configured before
>>> starting XORP), but so far we haven't got around to provide complete
>>> support for them. Hence, for the time being you may have to use some
>>> work-arounds if a tunnel is removed while XORP is running, etc.
>>>
>>> Could you provide the exact instuctions/commands about what you are
>>> doing. We tried to replicate the problem, but the messages we were
>>> seeing were different (e.g., we didn't see the
>>> "setsockopt(IP_MULTICAST_IF)" warnings).
>>>
>>> We saw some issues with bringing the tunnel down and up (by either
>>> using "ifconfig tun0 down/up" or just by killing and restarting the
>>> openvpn program), but we want to verify whether we are seeing same
>>> problem or something else before suggesting any possible
>>> work-around.
>>>
>>> Pavlin
>>>
>>>
>>>
>>>> root@marklaptop.localdomain> show ospf4 neighbor
>>>> Address Interface State ID Pri Dead
>>>> 172.25.3.1 tun5/tun5 Down 11.10.10.10 0 0
>>>>
>>>> -------config file------------
>>>> interfaces {
>>>> interface tun5 {
>>>> default-system-config
>>>> description: "Openvpn-test-interface"
>>>> }
>>>> interface "eth0.100" {
>>>> default-system-config {
>>>> }
>>>> description: "Test interface"
>>>> }
>>>> }
>>>> fea {
>>>> unicast-forwarding4 {
>>>> }
>>>> }
>>>> policy {
>>>> policy-statement connected {
>>>> term export {
>>>> from {
>>>> protocol: "connected"
>>>> }
>>>> }
>>>> }
>>>> policy-statement static {
>>>> term export {
>>>> from {
>>>> protocol: "static"
>>>> }
>>>> }
>>>> }
>>>> }
>>>> protocols {
>>>> ospf4 {
>>>> router-id: 10.10.10.10
>>>> area 0.0.0.0 {
>>>> interface "eth0.100" {
>>>> vif "eth0.100" {
>>>> address 1.1.1.1 {
>>>> passive: true
>>>> }
>>>> }
>>>> }
>>>> interface tun5 {
>>>> vif tun5 {
>>>> address 172.25.3.4 {
>>>> authentication {
>>>> md5 1 {
>>>> password: "id10t"
>>>> }
>>>> }
>>>> }
>>>> }
>>>> }
>>>> }
>>>> traceoptions {
>>>> flag {
>>>> all {
>>>> }
>>>> }
>>>> }
>>>> }
>>>> }
>>>>
>>>> ---- LOG FILE-------
>>>> [ 2006/03/24 10:00:27 INFO xorp_rtrmgr:28544 RTRMGR +240
>>>> master_conf_tree.cc execute ] Changed modules: interfaces, fea, rib,
>>>> policy, ospf4
>>>> [ 2006/03/24 10:00:27 INFO xorp_rtrmgr:28544 RTRMGR +99
>>>> module_manager.cc execute ] Executing module: interfaces (fea/xorp_fea)
>>>> [ 2006/03/24 10:00:28 INFO xorp_fea MFEA ] MFEA enabled
>>>> [ 2006/03/24 10:00:28 INFO xorp_fea MFEA ] CLI enabled
>>>> [ 2006/03/24 10:00:28 INFO xorp_fea MFEA ] CLI started
>>>> [ 2006/03/24 10:00:28 INFO xorp_fea MFEA ] MFEA enabled
>>>> [ 2006/03/24 10:00:28 INFO xorp_fea MFEA ] CLI enabled
>>>> [ 2006/03/24 10:00:28 INFO xorp_fea MFEA ] CLI started
>>>> [ 2006/03/24 10:00:29 INFO xorp_rtrmgr:28544 RTRMGR +99
>>>> module_manager.cc execute ] Executing module: fea (fea/xorp_fea)
>>>> [ 2006/03/24 10:00:35 INFO xorp_rtrmgr:28544 RTRMGR +99
>>>> module_manager.cc execute ] Executing module: rib (rib/xorp_rib)
>>>> [ 2006/03/24 10:00:37 INFO xorp_rtrmgr:28544 RTRMGR +99
>>>> module_manager.cc execute ] Executing module: policy (policy/xorp_policy)
>>>> [ 2006/03/24 10:00:39 INFO xorp_rtrmgr:28544 RTRMGR +99
>>>> module_manager.cc execute ] Executing module: ospf4 (ospf/xorp_ospfv2)
>>>> [ 2006/03/24 10:00:41 TRACE xorp_ospfv2 OSPF ] Event(LoopInd)
>>>> Interface(eth0.100/eth0.100) State(Down)
>>>> [ 2006/03/24 10:00:41 TRACE xorp_ospfv2 OSPF ] Event(InterfaceUp)
>>>> Interface(tun5/tun5) State(Down)
>>>> [ 2006/03/24 10:00:41 INFO xorp_rtrmgr:28544 RTRMGR +2228 task.cc
>>>> run_task ] No more tasks to run
>>>> [ 2006/03/24 10:00:42 TRACE xorp_ospfv2 OSPF ] Event(HelloReceived)
>>>> Interface(tun5/tun5) Neighbour(172.25.3.1) State(Init)
>>>> [ 2006/03/24 10:00:42 TRACE xorp_ospfv2 OSPF ] Event(2-WayReceived)
>>>> Interface(tun5/tun5) Neighbour(172.25.3.1) State(Init)
>>>> [ 2006/03/24 10:00:42 TRACE xorp_ospfv2 OSPF ] Event(BackupSeen)
>>>> Interface(tun5/tun5) State(Waiting)
>>>> [ 2006/03/24 10:00:42 TRACE xorp_ospfv2 OSPF ] Event(AdjOK?)
>>>> Interface(tun5/tun5) Neighbour(172.25.3.1) State(TwoWay)
>>>> [ 2006/03/24 10:00:51 TRACE xorp_ospfv2 OSPF ]
>>>> Event(DataDescriptionReceived-pseudo-event) Interface(tun5/tun5)
>>>> Neighbour(172.25.3.1) State(ExStart)
>>>> [ 2006/03/24 10:00:51 TRACE xorp_ospfv2 OSPF ] Event(NegotiationDone)
>>>> Interface(tun5/tun5) Neighbour(172.25.3.1) State(ExStart)
>>>> [ 2006/03/24 10:00:51 TRACE xorp_ospfv2 OSPF ]
>>>> Event(DataDescriptionReceived-pseudo-event) Interface(tun5/tun5)
>>>> Neighbour(172.25.3.1) State(Exchange)
>>>> [ 2006/03/24 10:00:51 TRACE xorp_ospfv2 OSPF ] Event(ExchangeDone)
>>>> Interface(tun5/tun5) Neighbour(172.25.3.1) State(Exchange)
>>>> [ 2006/03/24 10:00:52 TRACE xorp_ospfv2 OSPF ] Event(HelloReceived)
>>>> Interface(tun5/tun5) Neighbour(172.25.3.1) State(Loading)
>>>> [ 2006/03/24 10:00:52 TRACE xorp_ospfv2 OSPF ] Event(2-WayReceived)
>>>> Interface(tun5/tun5) Neighbour(172.25.3.1) State(Loading)
>>>> [ 2006/03/24 10:00:52 TRACE xorp_ospfv2 OSPF ] Event(NeighborChange)
>>>> Interface(tun5/tun5) State(Backup)
>>>> [ 2006/03/24 10:00:56 TRACE xorp_ospfv2 OSPF ]
>>>> Event(LinkStateUpdateReceived-pseudo-event) Interface(tun5/tun5)
>>>> Neighbour(172.25.3.1) State(Loading)
>>>> [ 2006/03/24 10:00:56 TRACE xorp_ospfv2 OSPF ] Event(LoadingDone)
>>>> Interface(tun5/tun5) Neighbour(172.25.3.1) State(Loading)
>>>> [ 2006/03/24 10:00:56 TRACE xorp_ospfv2 OSPF ]
>>>> Event(LinkStateRequestReceived-pseudo-event) Interface(tun5/tun5)
>>>> Neighbour(172.25.3.1) State(Full)
>>>> [ 2006/03/24 10:00:56 TRACE xorp_ospfv2 OSPF ]
>>>> Event(LinkStateAcknowledgementReceived-pseudo-event)
>>>> Interface(tun5/tun5) Neighbour(172.25.3.1) State(Full)
>>>> [ 2006/03/24 10:00:56 TRACE xorp_ospfv2 OSPF ]
>>>> Event(LinkStateUpdateReceived-pseudo-event) Interface(tun5/tun5)
>>>> Neighbour(172.25.3.1) State(Full)
>>>> [ 2006/03/24 10:00:56 TRACE xorp_ospfv2 OSPF ]
>>>> Event(LinkStateAcknowledgementReceived-pseudo-event)
>>>> Interface(tun5/tun5) Neighbour(172.25.3.1) State(Full)
>>>> [ 2006/03/24 10:00:56 TRACE xorp_ospfv2 OSPF ] Ack for LSA not in
>>>> retransmission list.
>>>> LS age 1 Options 0x2 DC: 0 EA: 0 N/P: 0 MC: 0 E: 1 LS type 0x1 Link
>>>> State ID 10.10.10.10 Advertising Router 10.10.10.10 LS sequence number
>>>> 0x80000001 LS checksum 0x1246 length 48
>>>> Link State Acknowledgement Packet:
>>>> Version 2
>>>> Type 5
>>>> Router ID 11.10.10.10
>>>> Area ID 0.0.0.0
>>>> Auth Type 2
>>>>
>>>> LS age 1 Options 0x2 DC: 0 EA: 0 N/P: 0 MC: 0 E: 1 LS type
>>>> 0x1 Link State ID 10.10.10.10 Advertising Router 10.10.10.10 LS sequence
>>>> number 0x80000001 LS checksum 0x1246 length 48
>>>> [ 2006/03/24 10:00:57 TRACE xorp_ospfv2 OSPF ] Node: OSPFv2 Router
>>>> 11.10.10.10(0xb0a0a0a) 0.0.0.0(0) not reachable
>>>> [ 2006/03/24 10:00:57 TRACE xorp_ospfv2 OSPF ] Node: OSPFv2 Network
>>>> 172.25.3.255(0xac1903ff) 0.0.0.0(0) not reachable
>>>> [ 2006/03/24 10:00:57 TRACE xorp_ospfv2 OSPF ] Node: OSPFv2 Network
>>>> 172.25.100.10(0xac19640a) 0.0.0.0(0) not reachable
>>>> [ 2006/03/24 10:00:57 TRACE xorp_ospfv2 OSPF ] Node: OSPFv2 Router
>>>> 255.255.255.255(0xffffffff) 0.0.0.0(0) not reachable
>>>> [ 2006/03/24 10:01:01 TRACE xorp_ospfv2 OSPF ]
>>>> Event(LinkStateUpdateReceived-pseudo-event) Interface(tun5/tun5)
>>>> Neighbour(172.25.3.1) State(Full)
>>>> [ 2006/03/24 10:01:02 TRACE xorp_ospfv2 OSPF ] Event(HelloReceived)
>>>> Interface(tun5/tun5) Neighbour(172.25.3.1) State(Full)
>>>> [ 2006/03/24 10:01:02 TRACE xorp_ospfv2 OSPF ] Event(2-WayReceived)
>>>> Interface(tun5/tun5) Neighbour(172.25.3.1) State(Full)
>>>> [ 2006/03/24 10:01:02 TRACE xorp_ospfv2 OSPF ] Checking for virtual
>>>> links Router-LSA:
>>>> LS age 1 Options 0x2 DC: 0 EA: 0 N/P: 0 MC: 0 E: 1 LS type 0x1 Link
>>>> State ID 11.10.10.10 Advertising Router 11.10.10.10 LS sequence number
>>>> 0x80000005 LS checksum 0xb346 length 48
>>>> Nt-bit false
>>>> V-bit false
>>>> E-bit false
>>>> B-bit false
>>>> Type 2 Transit network IP address of Designated router
>>>> 172.25.100.10 Routers interface address 172.25.100.1 Metric 1
>>>> Type 2 Transit network IP address of Designated router
>>>> 172.25.3.1 Routers interface address 172.25.3.1 Metric 1
>>>> [ 2006/03/24 10:01:02 TRACE xorp_ospfv2 OSPF ] Checking for virtual
>>>> links Router-LSA:
>>>> LS age 1505 Options 0x22 DC: 1 EA: 0 N/P: 0 MC: 0 E: 1 LS type 0x1 Link
>>>> State ID 255.255.255.255 Advertising Router 255.255.255.255 LS sequence
>>>> number 0x80000816 LS checksum 0x5558 length 36
>>>> Nt-bit false
>>>> V-bit false
>>>> E-bit false
>>>> B-bit false
>>>> Type 2 Transit network IP address of Designated router
>>>> 172.25.100.10 Routers interface address 172.25.100.10 Metric 1
>>>> [ 2006/03/24 10:01:02 TRACE xorp_ospfv2 OSPF ] [OSPF] Running filter:
>>>> Import on route: 172.25.100.0/24
>>>> [ 2006/03/24 10:01:02 TRACE xorp_ospfv2 OSPF ] [OSPF] Running filter:
>>>> Export-SourceMatch on route: 172.25.100.0/24
>>>> [ 2006/03/24 10:01:02 TRACE xorp_ospfv2 OSPF ] Add route Net
>>>> 172.25.100.0/24 Nexthop 172.25.3.1 metric 2 equal false discard false policy
>>>> [ 2006/03/24 10:01:12 TRACE xorp_ospfv2 OSPF ] Event(HelloReceived)
>>>> Interface(tun5/tun5) Neighbour(172.25.3.1) State(Full)
>>>> [ 2006/03/24 10:01:12 TRACE xorp_ospfv2 OSPF ] Event(2-WayReceived)
>>>> Interface(tun5/tun5) Neighbour(172.25.3.1) State(Full)
>>>> [ 2006/03/24 10:01:21 WARNING xorp_fea XrlFeaTarget ] Handling method
>>>> for raw_packet4/0.1/send failed: XrlCmdError 102 Command failed
>>>> setsockopt(IP_MULTICAST_IF, 172.25.3.4) failed: Cannot assign requested
>>>> address
>>>> [ 2006/03/24 10:01:21 ERROR xorp_ospfv2:28549 OSPF +181 xrl_io.cc
>>>> send_cb ] Cannot send a packet on interface tun5 vif tun5: 102 Command
>>>> failed setsockopt(IP_MULTICAST_IF, 172.25.3.4) failed: Cannot assign
>>>> requested address
>>>> [ 2006/03/24 10:01:52 TRACE xorp_ospfv2 OSPF ] Event(InactivityTimer)
>>>> Interface(tun5/tun5) Neighbour(172.25.3.1) State(Full)
>>>> [ 2006/03/24 10:01:52 TRACE xorp_ospfv2 OSPF ] Event(NeighborChange)
>>>> Interface(tun5/tun5) State(Backup)
>>>> [ 2006/03/24 10:01:53 TRACE xorp_ospfv2 OSPF ] Node: OSPFv2 Router
>>>> 11.10.10.10(0xb0a0a0a) 0.0.0.0(0) not reachable
>>>> [ 2006/03/24 10:01:53 TRACE xorp_ospfv2 OSPF ] Node: OSPFv2 Network
>>>> 172.25.3.1(0xac190301) 0.0.0.0(0) not reachable
>>>> [ 2006/03/24 10:01:53 TRACE xorp_ospfv2 OSPF ] Node: OSPFv2 Network
>>>> 172.25.100.10(0xac19640a) 0.0.0.0(0) not reachable
>>>> [ 2006/03/24 10:01:53 TRACE xorp_ospfv2 OSPF ] Node: OSPFv2 Router
>>>> 255.255.255.255(0xffffffff) 0.0.0.0(0) not reachable
>>>> [ 2006/03/24 10:01:53 TRACE xorp_ospfv2 OSPF ] Delete route Net
>>>> 172.25.100.0/24
>>>> [ 2006/03/24 10:01:53 ERROR xorp_fea:28545 FEA +503
>>>> fticonfig_entry_set_netlink.cc delete_entry ] Error checking netlink
>>>> request: AF_NETLINK NLMSG_ERROR message: No such process
>>>> [ 2006/03/24 10:01:53 ERROR xorp_fea:28545 FEA +71 fti_transaction.cc
>>>> operation_result ] FTI transaction commit failed on DeleteEntry4: net =
>>>> 172.25.100.0/24 nexthop = 0.0.0.0 ifname = vifname = metric = 0
>>>> admin_distance = 0 xorp_route = false is_deleted = false is_unresolved =
>>>> false is_connected_route = false
>>>> [ 2006/03/24 10:01:53 WARNING xorp_fea XrlFeaTarget ] Handling method
>>>> for redist_transaction4/0.1/commit_transaction failed: XrlCmdError 102
>>>> Command failed DeleteEntry4: net = 172.25.100.0/24 nexthop = 0.0.0.0
>>>> ifname = vifname = metric = 0 admin_distance = 0 xorp_route = false
>>>> is_deleted = false is_unresolved = false is_connected_route = false
>>>> [ 2006/03/24 10:01:53 ERROR xorp_rib:28547 RIB +914 redist_xrl.cc
>>>> dispatch_complete ] Failed to commit transaction: 102 Command failed
>>>> DeleteEntry4: net = 172.25.100.0/24 nexthop = 0.0.0.0 ifname = vifname
>>>> = metric = 0 admin_distance = 0 xorp_route = false is_deleted = false
>>>> is_unresolved = false is_connected_route = false
>>>>
>>>> _______________________________________________
>>>> Xorp-users mailing list
>>>> Xorp-users@xorp.org
>>>> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/xorp-users
>>>>
>>>>
>>>
>>>
>> _______________________________________________
>> Xorp-users mailing list
>> Xorp-users@xorp.org
>> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/xorp-users
>>
>
>