Community discussions

 
lz1dsb
Member Candidate
Member Candidate
Topic Author
Posts: 222
Joined: Wed Aug 07, 2013 11:48 am

OSPFv3 over l2tp tunnel fails

Thu Sep 18, 2014 2:16 pm

Today I've noticed the following issue, the Link Local IPv6 address in RouterOS for L2TP tunnels is chosen somehow strange.
Here's what the situation is on the L2TP server:
[router82] > ipv6 address print
Flags: X - disabled, I - invalid, D - dynamic, G - global, L - link-local
# ADDRESS FROM-POOL INTERFACE ADVERTISE
2 DL fe80::4d46:431c/64 sit1 no
3 DL fe80::cad7:19ff:feec:2900/64 ether1-gateway no
4 DL fe80::d6ca:6dff:fe99:f557/64 bridge-local no
5 DL fe80::d/64 l2tp-router79 no
6 DL fe80::e/64 l2tp-router73 no
7 DL fe80::fc63:34ff:fe7d:24b9/64 <ovpn-remote_user> no
8 DL fe80::fc63:34ff:fe7d:24b9/64 <ovpn-ovpn-user> no

And here's how it looks like on one of the two clients:
[router73] > ipv6 address print
Flags: X - disabled, I - invalid, D - dynamic, G - global, L - link-local
# ADDRESS FROM-POOL INTERFACE ADVERTISE
0 DL fe80::d6ca:6dff:fed6:b8ce/64 ether1-gateway no
1 DL fe80::d6ca:6dff:fed6:b8cf/64 bridge-local no
2 DL fe80::d6ca:6dff:fed6:b8d3/64 *FFFFFFFF no
3 DL fe80::d/64 l2tp-to-router82 no
4 DL fe80::da:83ff:fe92:caa8/64 ovpn-out1 no

So router73 is not able to establish neighbor relationship with router82(the L2TP server), because the Link Local IPv6 address on one of router82 l2tp interfaces is the same. And I can see the router complaining about this in the log:
13:02:36 route,ospf,error Discarding packet: locally originated
13:02:36 route,ospf,error src address=fe80::d
Router82 thinks the link local address from router73 has been originated locally.

How can I fix this?
I just checked that I cannot change the link local address, RouterOS does not allow that...
Also, I have a few OVPN tunnels on router82, I just noticed that their IPv6 link local addresses are - the same!

Who is online

Users browsing this forum: No registered users and 4 guests