Community discussions

MUM Europe 2020
 
ste
Forum Guru
Forum Guru
Topic Author
Posts: 1819
Joined: Sun Feb 13, 2005 11:21 pm

OSPF needs connection tracking?

Thu Nov 01, 2007 5:54 am

Hi,

I'd strange effects when I disable connection tracking on a
router which talks ospf to it's neighbors. To some neighbors
he did not manage to build neighborhood?

Filtering allows all addresses within my network (input)
to talk to this router.

Any Idea?

Stefan
 
User avatar
tneumann
Member
Member
Posts: 394
Joined: Sat Apr 16, 2005 6:38 pm
Location: Germany

Re: OSPF needs connection tracking?

Thu Nov 01, 2007 9:47 am

Did you take into account that OSPF does send
some packets to a Multicast destination address
in some situations? You'd need to allow these
packets to reach your router as well...


--Tom
 
ste
Forum Guru
Forum Guru
Topic Author
Posts: 1819
Joined: Sun Feb 13, 2005 11:21 pm

Re: OSPF needs connection tracking?

Thu Nov 01, 2007 11:49 am

Did you take into account that OSPF does send
some packets to a Multicast destination address
in some situations? You'd need to allow these
packets to reach your router as well...


--Tom
Yes. I've an input rule which allows all packets from all ips on my network.
I sniffed and can see the Packets to 224.0.0.5 from the problem neighbor.
Source is an allowed ip.

Stefan

Who is online

Users browsing this forum: gibi13, IL76 and 120 guests