problem wireguard + ospf + unconnected tunnels

Roelf "rewbycraft" Wichertjes mailings+wireguard at roelf.org
Fri Jul 7 17:08:34 CEST 2017


So, is the problem you actually want help with actually getting A and C 
to talk to eachother?
If so, we'll need to see the configs you're using on both ends of the 
tunnel. I'd also suggest checking your firewalls in this case.

And ospf is simply refusing to use the A<->C but is still working just 
fine across A<->B?
If so, that's normal.
If A<->B also stops working due to the "No buffer space available" 
error, that is a bug with quagga. (which we can try to (get) fix(ed) in 
that situation)

Sorry if it seems obvious, I'm simply trying to get a grasp as to what 
the actual problem you want help with is.


On 07/04/2017 07:10 PM, ae wrote:
> 
> 
>     Вторник, 4 июля 2017, 20:56 +05:00 от "Roelf \"rewbycraft\"
>     Wichertjes" <mailings+wireguard at roelf.org
>     <https://e.mail.ru/compose?To=mailings%2bwireguard@roelf.org>>:
> 
>      From what you said, I surmise the following setup:
>     - Three devices, A, B and C.
>     - A talks ospf to B over wireguard.
>     - A talks ospf to C over wireguard.
>     - The connection between A and C has gotten interrupted. (maybe C is a
>     laptop)
>     - The error causes the entire ospf process to fail for all interfaces.
>         In other words: A will suddenly also stop talking B when the
>     connection A<->C fails?
> 
> Not at all
> A-B normally installed tunnels
> A-C with never working tunnel - there was no connection setup never
> Both tunnels are described with a direct indication of the other side's 
> feast (ip port)
> 
> There is a blocking of the work of the demon's ospfd - because of "No 
> buffer space available"
> Ospf uses ONE socket to send its message to all interfaces - and this 
> socket is blocked due to buffer overflow - which occurs when it sends 
> packets to a non-starting tunnel
> 
> 
>     If I am correct in that, there are a few things to note:
>        - The "No buffer space available" error is normal from wireguard
>     when
>     an interface cannot reach the peer.
> 
> Can and normal - but it blocks ospfd - and as a result to use them 
> together is simply impossible
> Would he rather have dropped them?
> 
> 
>        - A single "failing" interface shouldn't kill the ospf process
>     for all
>     interfaces.
> 
> not kill - blocked yes
> 
> 
>        - This sounds more like a quagga problem, as I have a similar
>     setup (I
>     use my laptop for device C in my case) except I use the BIRD routing
>     daemon instead of quagga (and this setup works fine for me).
> 
> This is a problem with vireguard
> No other tunnels - I did not allow myself to do this
> About the inability to reach the addressee - packets just drop out
> But here he accumulates and accumulate ....
> 
> 
>     Of course, before any definitive conclusions can be made, we'll need a
>     bit more information. Could you possibly provide us with the following
>     pieces of information:
>        - What distribution are you using?
> 
> debian9
> 
> 
>        - What kernel (version) are you using?
> 
> 4.9.30-2+deb9u2
> 
> 
>        - What wireguard version are you using?
> 
> wireguard-0.0.20170613-1
> 
> 
>        - What quagga version are you using?
> 
> 0.99.23.1-1+deb8u3
> 
> 
>        - Please provide the kernel logs.
> 
> empty
> 
> 
>        - Please provide the quagga logs.
> 
> empty
> 


More information about the WireGuard mailing list