Good afternoon. I am having problems getting vyOS to talk OSPF with a pfsense firewall which is essentially of course Quagga as the routing daemon.
I am trying to determine if this is a vyOS problem or a Quagga problem, but I decided to start here since I don’t have problems with adjacencies between Quagga and say IOS or JunOS.
Here is the Quagga config:
v-edge-01.emrlab.info# sh run
Current configuration:
!
password BlackD3ath6
log syslog
!
!
!
interface em0
!
interface em1
!
interface em2
!
interface em2_vlan200
!
interface em2_vlan600
!
interface em2_vlan666
!
interface em2_vlan1000
!
interface em2_vlan4000
!
interface enc0
!
interface gre0
!
interface gre1
!
interface gre3
!
interface lo0
!
interface ovpns1
!
interface pflog0
!
interface pfsync0
!
interface plip0
!
router ospf
ospf router-id 172.16.2.1
log-adjacency-changes detail
compatible rfc1583
passive-interface em1
passive-interface em2_vlan200
network 10.255.255.0/30 area 0.0.0.0
network 172.16.2.0/27 area 0.0.0.0
network 172.16.254.0/30 area 0.0.0.0
network 172.16.254.4/30 area 0.0.0.0
network 172.16.254.12/30 area 0.0.0.0
network 192.168.200.0/24 area 0.0.0.0
!
line vty
!
end
Here is the VyOS config:
ethernet eth1 {
address 172.16.8.1/24
duplex auto
hw-id 00:0c:29:50:f5:6a
policy {
route FWD_DEFAULT
}
smp_affinity auto
speed auto
tunnel tun1 {
address 172.16.254.14/30
encapsulation gre
local-ip 209.81.x.x
multicast disable
remote-ip 209.81.x.x
}
policy {
route FWD_DEFAULT {
rule 1 {
destination {
address 0.0.0.0/0
}
log disable
protocol all
set {
table 1
}
source {
}
}
}
}
protocols {
ospf {
area 0.0.0.0 {
network 172.16.254.12/30
}
passive-interface eth1
}
static {
route 0.0.0.0/0 {
next-hop 209.81.97.121 {
}
}
table 1 {
route 0.0.0.0/0 {
next-hop 172.16.254.10 {
}
}
}
}
}
LOGS:
vyos@VYOS-01:~$ sh log tail | grep prefix
Mar 23 19:32:36 PHRM-VYOS-01 ospfd[2369]: Packet 172.16.2.1 [Hello:RECV]: NetworkMask mismatch on tun1:172.16.254.14 (configured prefix length is 30, but hello packet indicates 0).
Mar 23 19:32:46 PHRM-VYOS-01 ospfd[2369]: Packet 172.16.2.1 [Hello:RECV]: NetworkMask mismatch on tun1:172.16.254.14 (configured prefix length is 30, but hello packet indicates 0).
Any ideas here? I will certainly provide more information if it helps point me in the right direction. Thanks in advance.