OSPF ADJ Problem

system · March 23, 2015, 7:33pm

Good afternoon. I am having problems getting vyOS to talk OSPF with a pfsense firewall which is essentially of course Quagga as the routing daemon.

I am trying to determine if this is a vyOS problem or a Quagga problem, but I decided to start here since I don’t have problems with adjacencies between Quagga and say IOS or JunOS.

Here is the Quagga config:

v-edge-01.emrlab.info# sh run

Current configuration:
!
password BlackD3ath6
log syslog
!
!
!
interface em0
!
interface em1
!
interface em2
!
interface em2_vlan200
!
interface em2_vlan600
!
interface em2_vlan666
!
interface em2_vlan1000
!
interface em2_vlan4000
!
interface enc0
!
interface gre0
!
interface gre1
!
interface gre3
!
interface lo0
!
interface ovpns1
!
interface pflog0
!
interface pfsync0
!
interface plip0
!
router ospf
ospf router-id 172.16.2.1
log-adjacency-changes detail
compatible rfc1583
passive-interface em1
passive-interface em2_vlan200
network 10.255.255.0/30 area 0.0.0.0
network 172.16.2.0/27 area 0.0.0.0
network 172.16.254.0/30 area 0.0.0.0
network 172.16.254.4/30 area 0.0.0.0
network 172.16.254.12/30 area 0.0.0.0
network 192.168.200.0/24 area 0.0.0.0
!
line vty
!
end

Here is the VyOS config:

ethernet eth1 {
    address 172.16.8.1/24
    duplex auto
    hw-id 00:0c:29:50:f5:6a
    policy {
        route FWD_DEFAULT
    }
    smp_affinity auto
    speed auto

tunnel tun1 {
    address 172.16.254.14/30
    encapsulation gre
    local-ip 209.81.x.x
    multicast disable
    remote-ip 209.81.x.x
}

policy {
route FWD_DEFAULT {
rule 1 {
destination {
address 0.0.0.0/0
}
log disable
protocol all
set {
table 1
}
source {
}
}
}
}
protocols {
ospf {
area 0.0.0.0 {
network 172.16.254.12/30
}
passive-interface eth1
}
static {
route 0.0.0.0/0 {
next-hop 209.81.97.121 {
}
}
table 1 {
route 0.0.0.0/0 {
next-hop 172.16.254.10 {
}
}
}
}
}

LOGS:

vyos@VYOS-01:~$ sh log tail | grep prefix
Mar 23 19:32:36 PHRM-VYOS-01 ospfd[2369]: Packet 172.16.2.1 [Hello:RECV]: NetworkMask mismatch on tun1:172.16.254.14 (configured prefix length is 30, but hello packet indicates 0).
Mar 23 19:32:46 PHRM-VYOS-01 ospfd[2369]: Packet 172.16.2.1 [Hello:RECV]: NetworkMask mismatch on tun1:172.16.254.14 (configured prefix length is 30, but hello packet indicates 0).

Any ideas here? I will certainly provide more information if it helps point me in the right direction. Thanks in advance.

pooshit · June 17, 2015, 9:01am

I’ve encountered the same problem using 1.1.5.
I did quick rollback to vyatta 6.5R1 which is my main production version since 2013 cause I had no time to test and solve the issue. Same configuration commands, same hypervisor, same environment, different version. Problem does not occur.

I also have 1.0.4 hydrogen in production, configured in the same meshed environment using ospf - the problem also does not occur.