Re: problem wireguard + ospf + unconnected tunnels
aeforeve at mail.ru
Tue Jul 4 19:10:07 CEST 2017
>Вторник, 4 июля 2017, 20:56 +05:00 от "Roelf \"rewbycraft\" Wichertjes" < mailings+wireguard at roelf.org >:
>From what you said, I surmise the following setup:
>- Three devices, A, B and C.
>- A talks ospf to B over wireguard.
>- A talks ospf to C over wireguard.
>- The connection between A and C has gotten interrupted. (maybe C is a
>- The error causes the entire ospf process to fail for all interfaces.
> In other words: A will suddenly also stop talking B when the
>connection A<->C fails?
Not at all
A-B normally installed tunnels
A-C with never working tunnel - there was no connection setup never
Both tunnels are described with a direct indication of the other side's feast (ip port)
There is a blocking of the work of the demon's ospfd - because of "No buffer space available"
Ospf uses ONE socket to send its message to all interfaces - and this socket is blocked due to buffer overflow - which occurs when it sends packets to a non-starting tunnel
>If I am correct in that, there are a few things to note:
> - The "No buffer space available" error is normal from wireguard when
>an interface cannot reach the peer.
Can and normal - but it blocks ospfd - and as a result to use them together is simply impossible
Would he rather have dropped them?
> - A single "failing" interface shouldn't kill the ospf process for all
not kill - blocked yes
> - This sounds more like a quagga problem, as I have a similar setup (I
>use my laptop for device C in my case) except I use the BIRD routing
>daemon instead of quagga (and this setup works fine for me).
This is a problem with vireguard
No other tunnels - I did not allow myself to do this
About the inability to reach the addressee - packets just drop out
But here he accumulates and accumulate ....
>Of course, before any definitive conclusions can be made, we'll need a
>bit more information. Could you possibly provide us with the following
>pieces of information:
> - What distribution are you using?
> - What kernel (version) are you using?
> - What wireguard version are you using?
> - What quagga version are you using?
> - Please provide the kernel logs.
> - Please provide the quagga logs.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the WireGuard