0

I am trying to configure OSPF (using bird) to reach a subnet from a router that has no direct connection to the node with the subnet, something like this:

ospf

The AS has two networks, but for testing purposes, I am announcing them in different VMs,

VM1 advertises fdad:23e:f50::/48

VM2 advertises fdba:54:32::/48

Between VM1 and VM2 I have a wireguard tunnel and can reach/ping the networks

In VM3 I would like to use network fdba:54:32::2/64, I have a wireguad tunnel between VM2 and VM3 and I can ping/reach the IP's.

The problem I have is that from VM1 I can't reach VM3 and vice versa, this is my OSPF config:

VM2 configuration:

protocol ospf v3 wg6 {
    ipv6 {
        export all;
    };
    area 0 {
        interface "wg.4242421477";
        interface "wg.stub";
    };
}

VM3 configuration

protocol ospf v3 wg6 {
    ipv6 {
        export all;
    };
    area 0 {
        interface "wg.stub";
        interface "ens192";
    };
}

From VM3 (the stub) This is the output of show route for the IP In VM1

bird> show route for fdad:23e:f50::1
Table master6:
fdad:23e:f50::/48    unicast [wg6 17:35:44.984] E2 (150/20/10000) [217.160.50.77]
        via fe80::1:45:136:71:70 on wg.stub

How to use VM2 as the router between VM1 and VM2?

nbari
  • 558
  • 1
  • 9
  • 28
  • 1) More like "Network Engineering" portal question rather than Serverfault. 2) show the output of `show ospf neigh` command, I doubt your routers have eastablished the neighborship. – drookie Oct 03 '22 at 07:30
  • I agree, but from the "network engineering" I got, "Unfortunately, questions about hosts/servers/VMs are off-topic here. You could try to ask this question on Server Fault for a business network.", anyway here is the output of `ipvm1 1 Full/PtP 38.668 wg.4242421477 fe80::217:160:50:77 ipvm3 1 Full/PtP 31.542 wg.stub fe80::1:94:177:230:124 ` – nbari Oct 03 '22 at 08:48
  • @drookie, questions about hosts/servers/VMs are off-topic on [networkengineering.se], and the Bird manufacturer does not offer optional, paid support, which is a requirement there, too. – Ron Maupin Oct 03 '22 at 10:18
  • Nope, they are not. This is an urban legend. – drookie Oct 03 '22 at 10:44
  • @nbari the lack of IPv4 addresses (router ids) on your diagram prevents [me] from understanding who's announcing the prefix. Furthermore, wireguard is more of a software router which tends to add his own concepts of routing (by defining "AllowedIPs" in the configuration). This proposition is kinda counterproductive, but if I were you, I'd construct a bunch of VTI tunnels - way more simple setup for dynamic rounting. – drookie Oct 03 '22 at 10:48
  • @drookie, it is _not_ an urban legend. I am a moderator there, and you can see on the [What topics can I ask about here?](https://networkengineering.stackexchange.com/help/on-topic) page, under the **Off-Topic** section, "_configuration or operation of hosts/servers/VMs_." Also, there is the caveat, "_hardware/software that has a paid support option from the manufacturer (enterprise/provider class products, some small business class devices)__." – Ron Maupin Oct 03 '22 at 12:03
  • 1
    well, then this is hilarious. this nonsense should be probably torn down, because it clearly explains why NE traffic is around one question per year. – drookie Oct 03 '22 at 13:36

0 Answers0