Community discussions

MikroTik App
 
BigDrive
just joined
Topic Author
Posts: 22
Joined: Tue Feb 09, 2021 9:49 pm

OSPF operation between ROS V6 and ROS V7

Wed May 17, 2023 12:30 pm

Hi all
I have several routers, RB4011 and Hap AC3, with a GRE tunnel built between them.
In my configuration, the OSPF protocol does not work with ROS V6 and ROS V7, and this configuration does not work when I have ROS V7 and ROS V7.
But this configuration works absolutely fine between ROS V6 and ROS V6.

Below are the configurations from the two systems:
R1:
/interface gre
add comment=gre-222 local-address=172.18.221.1 mtu=1280 name=gre-222 remote-address=172.18.221.2

/ip ipsec policy group
add name=mkrt-222

/ip ipsec profile
set [ find default=yes ] dh-group=modp2048 enc-algorithm=aes-128
add dh-group=modp1024 dpd-interval=10s name=profile_1 nat-traversal=no

/ip ipsec peer
add address=2.2.2.2/32 comment=peer-222 exchange-mode=ike2 local-address=1.1.1.1 name=peer-222 profile=profile_1

/ip ipsec proposal
set [ find default=yes ] enc-algorithms=aes-128-cbc
add enc-algorithms=aes-128-cbc,3des name=proposal1

/ip ipsec identity
add comment=peer-222 peer=peer-222 policy-template-group=mkrt-222 secret=^PQ~4LQ5P/iC5*D

/ip ipsec policy
add comment=IPSec-222 dst-address=172.18.221.2/32 peer=peer-222 proposal=proposal1 src-address=172.18.221.1/32 tunnel=yes
/ip route
add disabled=yes distance=150 dst-address=192.168.0.0/16 gateway=gre-222

/routing ospf instance
set [ find default=yes ] router-id=192.168.221.1

/routing ospf network
add area=backbone network=172.18.221.0/30

R2:
/ip ipsec peer
add address=1.1.1.1/32 exchange-mode=ike2 local-address=2.2.2.2 name=peer-222 profile=profile_1

/ip ipsec proposal
set [ find default=yes ] auth-algorithms=md5 enc-algorithms=aes-128-cbc,twofish
add enc-algorithms=aes-128-cbc,3des name=proposal1

/ip ipsec identity
add peer=peer-222 policy-template-group=mkrt-222

/ip ipsec policy
add comment=IPSec-222 dst-address=172.18.221.1/32 peer=peer-222 proposal=proposal1 src-address=172.18.221.2/32 tunnel=yes
/ip route
add disabled=no distance=1 dst-address=192.168.0.0/16 gateway=gre-222 pref-src="" routing-table=main scope=30 suppress-hw-offload=yes target-scope=10

/routing ospf interface-template
add area=backbone auth-id=1 cost=10 disabled=yes interfaces=bridge networks=192.168.222.0/24 priority=1
add area=backbone auth-id=1 cost=10 disabled=yes interfaces=gre-222 networks=172.18.222.0/30 priority=1 type=ptp

/routing rule
add action=lookup disabled=no dst-address=172.18.222.2/32 interface=gre-222 routing-mark=main src-address=172.18.222.1/32 table=main

/routing ospf instance
add disabled=yes name=default originate-default=never router-id=192.168.222.1

/routing ospf area
add disabled=yes instance=default name=backbone

/ip address
add address=172.18.221.2/30 comment=ipsec-222 interface=gre-221 network=172.18.221.0

Also, please see the block diagram:
ros6-vs-ros7.jpg
Log Ros V7
screen14.28.07.jpg
What are the options for solving the problem?
You do not have the required permissions to view the files attached to this post.
 
wiseroute
Member
Member
Posts: 352
Joined: Sun Feb 05, 2023 11:06 am

Re: OSPF operation between ROS V6 and ROS V7

Sun May 21, 2023 12:43 pm

hello,

are those routers and your v6 v7 setup in production state? or just still on the lab?

i am just curious about that router id : maybe it is ok, but don't you have any loopback set?
 
BigDrive
just joined
Topic Author
Posts: 22
Joined: Tue Feb 09, 2021 9:49 pm

Re: OSPF operation between ROS V6 and ROS V7

Mon May 22, 2023 3:20 pm

Hello
In production condition.
I did a loopback with and without it, I tried it still does not work, neither 7 with version 7 nor 7 with 6.
 
BigDrive
just joined
Topic Author
Posts: 22
Joined: Tue Feb 09, 2021 9:49 pm

Re: OSPF operation between ROS V6 and ROS V7

Mon May 22, 2023 3:29 pm

Today I changed my 4011 to 5009, all versions on Ros7
7.25.32.png
7.24.21.png
You do not have the required permissions to view the files attached to this post.
 
wiseroute
Member
Member
Posts: 352
Joined: Sun Feb 05, 2023 11:06 am

Re: OSPF operation between ROS V6 and ROS V7

Mon May 22, 2023 4:16 pm

hello,

ok. i have read your first post.

did you try to connect this hq and remote with gre, and run ospf on top of it?

and the only problem was that one on your ospf log?
/routing ospf interface-template
add area=backbone auth-id=1 cost=10 disabled=yes interfaces=bridge networks=192.168.222.0/24 priority=1
add area=backbone auth-id=1 cost=10 disabled=yes interfaces=gre-222 networks=172.18.222.0/30 priority=1 type=ptp
first, if you choose ospf interface as ptp - you should add your neighbor gre address.

second, your loopback address should in /32 form. this will be the ospf dr/bdr election. the highest loopback ip will be the dr.

example: 172.16.1.1/32 for hq, 1.2/32 for remote end.

third, i should leave any firewall settings to you since I don't have any idea about your network traffic.

+++ edit

and don't forget to check mtu on both sides, otherwise ospf won't be established.


give it a try and good luck 👍🏻
 
BigDrive
just joined
Topic Author
Posts: 22
Joined: Tue Feb 09, 2021 9:49 pm

Re: OSPF operation between ROS V6 and ROS V7

Mon May 22, 2023 5:41 pm

At the beginning, I set up the IP sec, after that I already start the GRE tunnel with addresses that I don’t use inside the network.
After that, I already run ospf.
I did your recommendations but nothing helps, it does not work even with version 7 on both routers.
Created a new clean install between 5009 and CHR.
Does not work.
What else can be done?
 
wiseroute
Member
Member
Posts: 352
Joined: Sun Feb 05, 2023 11:06 am

Re: OSPF operation between ROS V6 and ROS V7

Mon May 22, 2023 5:52 pm

hello bigdrive,

ok. let us have a look at your current, newly built, ospf log. does it still saying the same story?

and all those ospf related config, its interface details (mtu etc.), and neighbor status.

feel free to change their ips respectively.

the other end is chr platform on public cloud?

if yes, maybe this could be the problem.

and did you put any firewall for this new from scratch setup?
 
BigDrive
just joined
Topic Author
Posts: 22
Joined: Tue Feb 09, 2021 9:49 pm

Re: OSPF operation between ROS V6 and ROS V7

Mon May 22, 2023 6:03 pm

Log with CHR

19:57:57 route,ospf,info default { version: 2 router-id: 10.255.254.1 } backbone { 0.0.0.0 } interface { broadcast 192.168.254.1%bridge-local } neighbor election
19:57:57 route,ospf,info log-ospf: default { version: 2 router-id: 10.255.254.1 } backbone { 0.0.0.0 } interface { broadcast 192.168.254.1%bridge-local } neighbor election
19:57:57 route,ospf,info default { version: 2 router-id: 10.255.254.1 } backbone { 0.0.0.0 } interface { broadcast 192.168.254.1%bridge-local } state change to DR
19:57:57 route,ospf,info log-ospf: default { version: 2 router-id: 10.255.254.1 } backbone { 0.0.0.0 } interface { broadcast 192.168.254.1%bridge-local } state change to DR
19:57:57 route,ospf,info default { version: 2 router-id: 10.255.254.1 } backbone { 0.0.0.0 } interface { broadcast 192.168.254.1%bridge-local } change DR: me
19:57:57 route,ospf,info log-ospf: default { version: 2 router-id: 10.255.254.1 } backbone { 0.0.0.0 } interface { broadcast 192.168.254.1%bridge-local } change DR: me
19:57:57 route,ospf,packet log-ospf: default { version: 2 router-id: 10.255.254.1 } backbone { 0.0.0.0 } interface { broadcast 192.168.254.1%bridge-local } send hello
19:57:57 route,ospf,debug log-ospf: default { version: 2 router-id: 10.255.254.1 } backbone { 0.0.0.0 } lsa { router originator: 10.255.254.1 id: 10.255.254.1 seq: 0x80000002 csum: 0xc133 } originator u
pdate
19:57:57 route,ospf,debug log-ospf: default { version: 2 router-id: 10.255.254.1 } backbone { 0.0.0.0 } lsa { router originator: 10.255.254.1 id: 10.255.254.1 seq: 0x80000003 csum: 0xbf34 } flooding
19:57:57 route,ospf,packet log-ospf: default { version: 2 router-id: 10.255.254.1 } backbone { 0.0.0.0 } interface { p2p 172.18.254.2%gre-bigdrive-kv } send hello
19:57:59 route,ospf,packet log-ospf: default { version: 2 router-id: 10.255.254.1 } backbone { 0.0.0.0 } interface { p2p 172.18.254.2%gre-bigdrive-kv } neighbor { router-id: 10.10.222.1 state: ExStart }
send DD to 172.18.254.1 Init Master More sequence 1650449610
19:58:04 route,ospf,packet log-ospf: default { version: 2 router-id: 10.255.254.1 } backbone { 0.0.0.0 } interface { p2p 172.18.254.2%gre-bigdrive-kv } neighbor { router-id: 10.10.222.1 state: ExStart }
send DD to 172.18.254.1 Init Master More sequence 1650449610
19:58:04 route,ospf,packet log-ospf: default { version: 2 router-id: 10.255.254.1 } backbone { 0.0.0.0 } interface { p2p 172.18.254.2%gre-bigdrive-kv } neighbor { router-id: 10.10.222.1 state: ExStart }
hello
19:58:07 route,ospf,packet log-ospf: default { version: 2 router-id: 10.255.254.1 } backbone { 0.0.0.0 } interface { broadcast 192.168.254.1%bridge-local } send hello
19:58:07 route,ospf,packet log-ospf: default { version: 2 router-id: 10.255.254.1 } backbone { 0.0.0.0 } interface { p2p 172.18.254.2%gre-bigdrive-kv } send hello
19:58:09 route,ospf,packet log-ospf: default { version: 2 router-id: 10.255.254.1 } backbone { 0.0.0.0 } interface { p2p 172.18.254.2%gre-bigdrive-kv } neighbor { router-id: 10.10.222.1 state: ExStart }
send DD to 172.18.254.1 Init Master More sequence 1650449610
19:58:14 route,ospf,packet log-ospf: default { version: 2 router-id: 10.255.254.1 } backbone { 0.0.0.0 } interface { p2p 172.18.254.2%gre-bigdrive-kv } neighbor { router-id: 10.10.222.1 state: ExStart }
send DD to 172.18.254.1 Init Master More sequence 1650449610
19:58:14 route,ospf,packet log-ospf: default { version: 2 router-id: 10.255.254.1 } backbone { 0.0.0.0 } interface { p2p 172.18.254.2%gre-bigdrive-kv } neighbor { router-id: 10.10.222.1 state: ExStart }
hello
19:58:17 route,ospf,packet log-ospf: default { version: 2 router-id: 10.255.254.1 } backbone { 0.0.0.0 } interface { broadcast 192.168.254.1%bridge-local } send hello
19:58:17 route,ospf,packet log-ospf: default { version: 2 router-id: 10.255.254.1 } backbone { 0.0.0.0 } interface { p2p 172.18.254.2%gre-bigdrive-kv } send hello
19:58:19 route,ospf,packet log-ospf: default { version: 2 router-id: 10.255.254.1 } backbone { 0.0.0.0 } interface { p2p 172.18.254.2%gre-bigdrive-kv } neighbor { router-id: 10.10.222.1 state: ExStart }
send DD to 172.18.254.1 Init Master More sequence 1650449610


Log rom 5009

19:56:54 route,ospf,info log-ospf: default { version: 2 router-id: 10.10.222.1 } backbone { 0.0.0.0 } interface { p2p 172.18.254.1%gre-justhost } state change to Point-to-Point
19:56:54 route,ospf,debug log-ospf: default { version: 2 router-id: 10.10.222.1 } backbone { 0.0.0.0 } lsa { router originator: 10.10.222.1 id: 10.10.222.1 seq: 0x80000001 csum: 0x2455 } originator update
19:56:54 route,ospf,debug log-ospf: default { version: 2 router-id: 10.10.222.1 } calc start
19:56:54 route,ospf,debug log-ospf: default { version: 2 router-id: 10.10.222.1 } backbone { 0.0.0.0 } calc spt
19:56:54 route,ospf,debug log-ospf: default { version: 2 router-id: 10.10.222.1 } process summaries for default { version: 2 router-id: 10.10.222.1 } backbone { 0.0.0.0 }
19:56:54 route,ospf,debug log-ospf: default { version: 2 router-id: 10.10.222.1 } process externals
19:56:54 route,ospf,debug log-ospf: default { version: 2 router-id: 10.10.222.1 } install routes
19:56:54 route,ospf,debug log-ospf: default { version: 2 router-id: 10.10.222.1 } post process summaries
19:56:54 route,ospf,debug log-ospf: default { version: 2 router-id: 10.10.222.1 } calc done
19:56:59 route,ospf,debug log-ospf: default { version: 2 router-id: 10.10.222.1 } calc schedule
19:56:59 route,ospf,debug log-ospf: default { version: 2 router-id: 10.10.222.1 } backbone { 0.0.0.0 } lsa { router originator: 10.10.222.1 id: 10.10.222.1 seq: 0x80000002 csum: 0x386b } flooding
19:56:59 route,ospf,debug log-ospf: default { version: 2 router-id: 10.10.222.1 } calc start
19:56:59 route,ospf,debug log-ospf: default { version: 2 router-id: 10.10.222.1 } backbone { 0.0.0.0 } calc spt
19:56:59 route,ospf,debug log-ospf: default { version: 2 router-id: 10.10.222.1 } process summaries for default { version: 2 router-id: 10.10.222.1 } backbone { 0.0.0.0 }
19:56:59 route,ospf,debug log-ospf: default { version: 2 router-id: 10.10.222.1 } process externals
19:56:59 route,ospf,debug log-ospf: default { version: 2 router-id: 10.10.222.1 } install routes
19:56:59 route,ospf,debug log-ospf: default { version: 2 router-id: 10.10.222.1 } post process summaries
19:56:59 route,ospf,debug log-ospf: default { version: 2 router-id: 10.10.222.1 } calc done
19:57:04 route,ospf,packet log-ospf: default { version: 2 router-id: 10.10.222.1 } backbone { 0.0.0.0 } interface { p2p 172.18.254.1%gre-justhost } send hello
19:57:14 route,ospf,packet log-ospf: default { version: 2 router-id: 10.10.222.1 } backbone { 0.0.0.0 } interface { p2p 172.18.254.1%gre-justhost } send hello
19:57:17 route,ospf,packet log-ospf: default { version: 2 router-id: 10.10.222.1 } backbone { 0.0.0.0 } interface { p2p 172.18.254.1%gre-justhost } neighbor { router-id: 0.0.0.0 state: Down } hello
19:57:17 route,ospf,info default { version: 2 router-id: 10.10.222.1 } backbone { 0.0.0.0 } interface { p2p 172.18.254.1%gre-justhost } neighbor { router-id: 10.255.254.1 state: Down } state change to Init
19:57:17 route,ospf,info log-ospf: default { version: 2 router-id: 10.10.222.1 } backbone { 0.0.0.0 } interface { p2p 172.18.254.1%gre-justhost } neighbor { router-id: 10.255.254.1 state: Down } state chan
ge to Init
19:57:24 route,ospf,packet log-ospf: default { version: 2 router-id: 10.10.222.1 } backbone { 0.0.0.0 } interface { p2p 172.18.254.1%gre-justhost } send hello
19:57:27 route,ospf,packet log-ospf: default { version: 2 router-id: 10.10.222.1 } backbone { 0.0.0.0 } interface { p2p 172.18.254.1%gre-justhost } neighbor { router-id: 10.255.254.1 state: Init } hello
19:57:27 route,ospf,info default { version: 2 router-id: 10.10.222.1 } backbone { 0.0.0.0 } interface { p2p 172.18.254.1%gre-justhost } neighbor { router-id: 10.255.254.1 state: Init } state change to ExSt
art
19:57:27 route,ospf,info log-ospf: default { version: 2 router-id: 10.10.222.1 } backbone { 0.0.0.0 } interface { p2p 172.18.254.1%gre-justhost } neighbor { router-id: 10.255.254.1 state: Init } state chan
ge to ExStart
19:57:27 route,ospf,packet log-ospf: default { version: 2 router-id: 10.10.222.1 } backbone { 0.0.0.0 } interface { p2p 172.18.254.1%gre-justhost } neighbor { router-id: 10.255.254.1 state: ExStart } send
DD to 172.18.254.2 Init Master More sequence 1712849818
19:57:32 route,ospf,packet log-ospf: default { version: 2 router-id: 10.10.222.1 } backbone { 0.0.0.0 } interface { p2p 172.18.254.1%gre-justhost } neighbor { router-id: 10.255.254.1 state: ExStart } send
DD to 172.18.254.2 Init Master More sequence 1712849818
19:57:34 route,ospf,packet log-ospf: default { version: 2 router-id: 10.10.222.1 } backbone { 0.0.0.0 } interface { p2p 172.18.254.1%gre-justhost } send hello
19:57:37 route,ospf,packet log-ospf: default { version: 2 router-id: 10.10.222.1 } backbone { 0.0.0.0 } interface { p2p 172.18.254.1%gre-justhost } neighbor { router-id: 10.255.254.1 state: ExStart } send
DD to 172.18.254.2 Init Master More sequence 1712849818
19:57:37 route,ospf,packet log-ospf: default { version: 2 router-id: 10.10.222.1 } backbone { 0.0.0.0 } interface { p2p 172.18.254.1%gre-justhost } neighbor { router-id: 10.255.254.1 state: ExStart } hello
19:57:42 route,ospf,packet log-ospf: default { version: 2 router-id: 10.10.222.1 } backbone { 0.0.0.0 } interface { p2p 172.18.254.1%gre-justhost } neighbor { router-id: 10.255.254.1 state: ExStart } send
DD to 172.18.254.2 Init Master More sequence 1712849818
19:57:44 route,ospf,packet log-ospf: default { version: 2 router-id: 10.10.222.1 } backbone { 0.0.0.0 } interface { p2p 172.18.254.1%gre-justhost } send hello
19:57:47 route,ospf,packet log-ospf: default { version: 2 router-id: 10.10.222.1 } backbone { 0.0.0.0 } interface { p2p 172.18.254.1%gre-justhost } neighbor { router-id: 10.255.254.1 state: ExStart } send
DD to 172.18.254.2 Init Master More sequence 1712849818
19:57:47 route,ospf,packet log-ospf: default { version: 2 router-id: 10.10.222.1 } backbone { 0.0.0.0 } interface { p2p 172.18.254.1%gre-justhost } neighbor { router-id: 10.255.254.1 state: ExStart } hello
19:57:52 route,ospf,packet log-ospf: default { version: 2 router-id: 10.10.222.1 } backbone { 0.0.0.0 } interface { p2p 172.18.254.1%gre-justhost } neighbor { router-id: 10.255.254.1 state: ExStart } send
DD to 172.18.254.2 Init Master More sequence 1712849818
19:57:54 route,ospf,packet log-ospf: default { version: 2 router-id: 10.10.222.1 } backbone { 0.0.0.0 } interface { p2p 172.18.254.1%gre-justhost } send hello
19:57:57 route,ospf,packet log-ospf: default { version: 2 router-id: 10.10.222.1 } backbone { 0.0.0.0 } interface { p2p 172.18.254.1%gre-justhost } neighbor { router-id: 10.255.254.1 state: ExStart } send
DD to 172.18.254.2 Init Master More sequence 1712849818
19:57:57 route,ospf,packet log-ospf: default { version: 2 router-id: 10.10.222.1 } backbone { 0.0.0.0 } interface { p2p 172.18.254.1%gre-justhost } neighbor { router-id: 10.255.254.1 state: ExStart } hello
19:58:02 route,ospf,packet log-ospf: default { version: 2 router-id: 10.10.222.1 } backbone { 0.0.0.0 } interface { p2p 172.18.254.1%gre-justhost } neighbor { router-id: 10.255.254.1 state: ExStart } send
DD to 172.18.254.2 Init Master More sequence 1712849818
19:58:04 route,ospf,packet log-ospf: default { version: 2 router-id: 10.10.222.1 } backbone { 0.0.0.0 } interface { p2p 172.18.254.1%gre-justhost } send hello
19:58:07 route,ospf,packet log-ospf: default { version: 2 router-id: 10.10.222.1 } backbone { 0.0.0.0 } interface { p2p 172.18.254.1%gre-justhost } neighbor { router-id: 10.255.254.1 state: ExStart } send
DD to 172.18.254.2 Init Master More sequence 1712849818
19:58:07 route,ospf,packet log-ospf: default { version: 2 router-id: 10.10.222.1 } backbone { 0.0.0.0 } interface { p2p 172.18.254.1%gre-justhost } neighbor { router-id: 10.255.254.1 state: ExStart } hello
19:58:12 route,ospf,packet log-ospf: default { version: 2 router-id: 10.10.222.1 } backbone { 0.0.0.0 } interface { p2p 172.18.254.1%gre-justhost } neighbor { router-id: 10.255.254.1 state: ExStart } send
DD to 172.18.254.2 Init Master More sequence 1712849818
19:58:14 route,ospf,packet log-ospf: default { version: 2 router-id: 10.10.222.1 } backbone { 0.0.0.0 } interface { p2p 172.18.254.1%gre-justhost } send hello
19:58:17 route,ospf,packet log-ospf: default { version: 2 router-id: 10.10.222.1 } backbone { 0.0.0.0 } interface { p2p 172.18.254.1%gre-justhost } neighbor { router-id: 10.255.254.1 state: ExStart } send
DD to 172.18.254.2 Init Master More sequence 1712849818
19:58:17 route,ospf,packet log-ospf: default { version: 2 router-id: 10.10.222.1 } backbone { 0.0.0.0 } interface { p2p 172.18.254.1%gre-justhost } neighbor { router-id: 10.255.254.1 state: ExStart } hello
19:58:22 route,ospf,packet log-ospf: default { version: 2 router-id: 10.10.222.1 } backbone { 0.0.0.0 } interface { p2p 172.18.254.1%gre-justhost } neighbor { router-id: 10.255.254.1 state: ExStart } send
DD to 172.18.254.2 Init Master More sequence 1712849818
19:58:24 route,ospf,packet log-ospf: default { version: 2 router-id: 10.10.222.1 } backbone { 0.0.0.0 } interface { p2p 172.18.254.1%gre-justhost } send hello
19:58:27 route,ospf,packet log-ospf: default { version: 2 router-id: 10.10.222.1 } backbone { 0.0.0.0 } interface { p2p 172.18.254.1%gre-justhost } neighbor { router-id: 10.255.254.1 state: ExStart } send
DD to 172.18.254.2 Init Master More sequence 1712849818
19:58:27 route,ospf,packet log-ospf: default { version: 2 router-id: 10.10.222.1 } backbone { 0.0.0.0 } interface { p2p 172.18.254.1%gre-justhost } neighbor { router-id: 10.255.254.1 state: ExStart } hello
19:58:32 route,ospf,packet log-ospf: default { version: 2 router-id: 10.10.222.1 } backbone { 0.0.0.0 } interface { p2p 172.18.254.1%gre-justhost } neighbor { router-id: 10.255.254.1 state: ExStart } send
DD to 172.18.254.2 Init Master More sequence 1712849818
19:58:34 route,ospf,packet log-ospf: default { version: 2 router-id: 10.10.222.1 } backbone { 0.0.0.0 } interface { p2p 172.18.254.1%gre-justhost } send hello
19:58:37 route,ospf,packet log-ospf: default { version: 2 router-id: 10.10.222.1 } backbone { 0.0.0.0 } interface { p2p 172.18.254.1%gre-justhost } neighbor { router-id: 10.255.254.1 state: ExStart } send
DD to 172.18.254.2 Init Master More sequence 1712849818
19:58:37 route,ospf,packet log-ospf: default { version: 2 router-id: 10.10.222.1 } backbone { 0.0.0.0 } interface { p2p 172.18.254.1%gre-justhost } neighbor { router-id: 10.255.254.1 state: ExStart } hello
19:58:42 route,ospf,packet log-ospf: default { version: 2 router-id: 10.10.222.1 } backbone { 0.0.0.0 } interface { p2p 172.18.254.1%gre-justhost } neighbor { router-id: 10.255.254.1 state: ExStart } send
DD to 172.18.254.2 Init Master More sequence 1712849818
19:58:44 route,ospf,packet log-ospf: default { version: 2 router-id: 10.10.222.1 } backbone { 0.0.0.0 } interface { p2p 172.18.254.1%gre-justhost } send hello
19:58:47 route,ospf,packet log-ospf: default { version: 2 router-id: 10.10.222.1 } backbone { 0.0.0.0 } interface { p2p 172.18.254.1%gre-justhost } neighbor { router-id: 10.255.254.1 state: ExStart } send
DD to 172.18.254.2 Init Master More sequence 1712849818
19:58:47 route,ospf,packet log-ospf: default { version: 2 router-id: 10.10.222.1 } backbone { 0.0.0.0 } interface { p2p 172.18.254.1%gre-justhost } neighbor { router-id: 10.255.254.1 state: ExStart } hello
19:58:52 route,ospf,packet log-ospf: default { version: 2 router-id: 10.10.222.1 } backbone { 0.0.0.0 } interface { p2p 172.18.254.1%gre-justhost } neighbor { router-id: 10.255.254.1 state: ExStart } send
DD to 172.18.254.2 Init Master More sequence 1712849818
19:58:54 route,ospf,packet log-ospf: default { version: 2 router-id: 10.10.222.1 } backbone { 0.0.0.0 } interface { p2p 172.18.254.1%gre-justhost } send hello
19:58:57 route,ospf,packet log-ospf: default { version: 2 router-id: 10.10.222.1 } backbone { 0.0.0.0 } interface { p2p 172.18.254.1%gre-justhost } neighbor { router-id: 10.255.254.1 state: ExStart } send
DD to 172.18.254.2 Init Master More sequence 1712849818
19:58:57 route,ospf,packet log-ospf: default { version: 2 router-id: 10.10.222.1 } backbone { 0.0.0.0 } interface { p2p 172.18.254.1%gre-justhost } neighbor { router-id: 10.255.254.1 state: ExStart } hello
19:59:02 route,ospf,debug log-ospf: default { version: 2 router-id: 10.10.222.1 } lsa { external originator: 10.10.222.1 id: 0.0.0.0 seq: 0x80000002 csum: 0x9ebe } flooding
19:59:02 route,ospf,packet log-ospf: default { version: 2 router-id: 10.10.222.1 } backbone { 0.0.0.0 } interface { p2p 172.18.254.1%gre-justhost } neighbor { router-id: 10.255.254.1 state: ExStart } send
DD to 172.18.254.2 Init Master More sequence 1712849818
19:59:04 route,ospf,packet log-ospf: default { version: 2 router-id: 10.10.222.1 } backbone { 0.0.0.0 } interface { p2p 172.18.254.1%gre-justhost } send hello
19:59:07 route,ospf,packet log-ospf: default { version: 2 router-id: 10.10.222.1 } backbone { 0.0.0.0 } interface { p2p 172.18.254.1%gre-justhost } neighbor { router-id: 10.255.254.1 state: ExStart } send
DD to 172.18.254.2 Init Master More sequence 1712849818
19:59:07 route,ospf,packet log-ospf: default { version: 2 router-id: 10.10.222.1 } backbone { 0.0.0.0 } interface { p2p 172.18.254.1%gre-justhost } neighbor { router-id: 10.255.254.1 state: ExStart } hello
19:59:11 route,ospf,debug log-ospf: default { version: 2 router-id: 10.10.222.1 } lsa { external originator: 10.10.222.1 id: 192.168.221.0 seq: 0x80000002 csum: 0x64b1 } flooding
19:59:12 route,ospf,packet log-ospf: default { version: 2 router-id: 10.10.222.1 } backbone { 0.0.0.0 } interface { p2p 172.18.254.1%gre-justhost } neighbor { router-id: 10.255.254.1 state: ExStart } send
DD to 172.18.254.2 Init Master More sequence 1712849818
19:59:14 route,ospf,packet log-ospf: default { version: 2 router-id: 10.10.222.1 } backbone { 0.0.0.0 } interface { p2p 172.18.254.1%gre-justhost } send hello
19:59:17 route,ospf,packet log-ospf: default { version: 2 router-id: 10.10.222.1 } backbone { 0.0.0.0 } interface { p2p 172.18.254.1%gre-justhost } neighbor { router-id: 10.255.254.1 state: ExStart } send
DD to 172.18.254.2 Init Master More sequence 1712849818
19:59:17 route,ospf,packet log-ospf: default { version: 2 router-id: 10.10.222.1 } backbone { 0.0.0.0 } interface { p2p 172.18.254.1%gre-justhost } neighbor { router-id: 10.255.254.1 state: ExStart } hello
19:59:22 route,ospf,packet log-ospf: default { version: 2 router-id: 10.10.222.1 } backbone { 0.0.0.0 } interface { p2p 172.18.254.1%gre-justhost } neighbor { router-id: 10.255.254.1 state: ExStart } send
DD to 172.18.254.2 Init Master More sequence 1712849818
19:59:24 route,ospf,packet log-ospf: default { version: 2 router-id: 10.10.222.1 } backbone { 0.0.0.0 } interface { p2p 172.18.254.1%gre-justhost } send hello
19:59:27 route,ospf,packet log-ospf: default { version: 2 router-id: 10.10.222.1 } backbone { 0.0.0.0 } interface { p2p 172.18.254.1%gre-justhost } neighbor { router-id: 10.255.254.1 state: ExStart } send
DD to 172.18.254.2 Init Master More sequence 1712849818
19:59:27 route,ospf,packet log-ospf: default { version: 2 router-id: 10.10.222.1 } backbone { 0.0.0.0 } interface { p2p 172.18.254.1%gre-justhost } neighbor { router-id: 10.255.254.1 state: ExStart } hello
19:59:29 route,ospf,debug log-ospf: default { version: 2 router-id: 10.10.222.1 } lsa { external originator: 10.10.222.1 id: 172.18.221.0 seq: 0x80000002 csum: 0x665d } flooding
19:59:29 route,ospf,debug log-ospf: default { version: 2 router-id: 10.10.222.1 } lsa { external originator: 10.10.222.1 id: 172.19.221.0 seq: 0x80000002 csum: 0x5a68 } flooding
19:59:32 route,ospf,packet log-ospf: default { version: 2 router-id: 10.10.222.1 } backbone { 0.0.0.0 } interface { p2p 172.18.254.1%gre-justhost } neighbor { router-id: 10.255.254.1 state: ExStart } send
DD to 172.18.254.2 Init Master More sequence 1712849818
19:59:34 route,ospf,packet log-ospf: default { version: 2 router-id: 10.10.222.1 } backbone { 0.0.0.0 } interface { p2p 172.18.254.1%gre-justhost } send hello
19:59:37 route,ospf,packet log-ospf: default { version: 2 router-id: 10.10.222.1 } backbone { 0.0.0.0 } interface { p2p 172.18.254.1%gre-justhost } neighbor { router-id: 10.255.254.1 state: ExStart } send
DD to 172.18.254.2 Init Master More sequence 1712849818
19:59:37 route,ospf,packet log-ospf: default { version: 2 router-id: 10.10.222.1 } backbone { 0.0.0.0 } interface { p2p 172.18.254.1%gre-justhost } neighbor { router-id: 10.255.254.1 state: ExStart } hello
19:59:39 route,ospf,debug log-ospf: default { version: 2 router-id: 10.10.222.1 } lsa { external originator: 10.10.222.1 id: 172.18.254.0 seq: 0x80000002 csum: 0xf9a8 } flooding
19:59:42 route,ospf,packet log-ospf: default { version: 2 router-id: 10.10.222.1 } backbone { 0.0.0.0 } interface { p2p 172.18.254.1%gre-justhost } neighbor { router-id: 10.255.254.1 state: ExStart } send
DD to 172.18.254.2 Init Master More sequence 1712849818
19:59:44 route,ospf,packet log-ospf: default { version: 2 router-id: 10.10.222.1 } backbone { 0.0.0.0 } interface { p2p 172.18.254.1%gre-justhost } send hello
19:59:47 route,ospf,packet log-ospf: default { version: 2 router-id: 10.10.222.1 } backbone { 0.0.0.0 } interface { p2p 172.18.254.1%gre-justhost } neighbor { router-id: 10.255.254.1 state: ExStart } send
DD to 172.18.254.2 Init Master More sequence 1712849818
19:59:47 route,ospf,packet log-ospf: default { version: 2 router-id: 10.10.222.1 } backbone { 0.0.0.0 } interface { p2p 172.18.254.1%gre-justhost } neighbor { router-id: 10.255.254.1 state: ExStart } hello
19:59:52 route,ospf,packet log-ospf: default { version: 2 router-id: 10.10.222.1 } backbone { 0.0.0.0 } interface { p2p 172.18.254.1%gre-justhost } neighbor { router-id: 10.255.254.1 state: ExStart } send
DD to 172.18.254.2 Init Master More sequence 1712849818
19:59:54 route,ospf,packet log-ospf: default { version: 2 router-id: 10.10.222.1 } backbone { 0.0.0.0 } interface { p2p 172.18.254.1%gre-justhost } send hello
19:59:57 route,ospf,packet log-ospf: default { version: 2 router-id: 10.10.222.1 } backbone { 0.0.0.0 } interface { p2p 172.18.254.1%gre-justhost } neighbor { router-id: 10.255.254.1 state: ExStart } send
DD to 172.18.254.2 Init Master More sequence 1712849818
19:59:57 route,ospf,packet log-ospf: default { version: 2 router-id: 10.10.222.1 } backbone { 0.0.0.0 } interface { p2p 172.18.254.1%gre-justhost } neighbor { router-id: 10.255.254.1 state: ExStart } hello
20:00:02 route,ospf,packet log-ospf: default { version: 2 router-id: 10.10.222.1 } backbone { 0.0.0.0 } interface { p2p 172.18.254.1%gre-justhost } neighbor { router-id: 10.255.254.1 state: ExStart } send
DD to 172.18.254.2 Init Master More sequence 1712849818
20:00:04 route,ospf,packet log-ospf: default { version: 2 router-id: 10.10.222.1 } backbone { 0.0.0.0 } interface { p2p 172.18.254.1%gre-justhost } send hello


Firewall configuration ported from 4011 and further by his wife 5009
 
BigDrive
just joined
Topic Author
Posts: 22
Joined: Tue Feb 09, 2021 9:49 pm

Re: OSPF operation between ROS V6 and ROS V7

Mon May 22, 2023 6:07 pm

mtu interfaces gre
2023-05-22-2.png
2023-05-22-1.png
You do not have the required permissions to view the files attached to this post.
 
wiseroute
Member
Member
Posts: 352
Joined: Sun Feb 05, 2023 11:06 am

Re: OSPF operation between ROS V6 and ROS V7

Mon May 22, 2023 6:35 pm

@ bigdrive,

while I try to read your post,
maybe you could read this first.
the same problem and solution for you.

viewtopic.php?t=187422

and btw, those mtu 1100 are too small.
 
BigDrive
just joined
Topic Author
Posts: 22
Joined: Tue Feb 09, 2021 9:49 pm

Re: OSPF operation between ROS V6 and ROS V7

Mon May 22, 2023 7:11 pm

With the values ​​of MTU, I changed them out of desperation
It defaults to 1350.
I set up the fire wall rule right away, turned on logging and noticed one peculiarity, for some reason traffic goes through the external interface, although it should not go there, it should go inside the protocol gre

fi-ospf input: in:ether1 out:(unknown 0), connection-state:established src-mac 3c:61:04:4c:db:c0, proto 89, 172.18.254.1->172.18.254.2, len 52

the same on the second router
fi-ospf input: in:sfp-sfpplus1 out:(unknown 0), connection-state:established src-mac 00:07:b3:ca:1a:40, proto 89, 172.18.254.2->172.18.254.1, len 52

How to fix it ?
 
wiseroute
Member
Member
Posts: 352
Joined: Sun Feb 05, 2023 11:06 am

Re: OSPF operation between ROS V6 and ROS V7

Mon May 22, 2023 7:38 pm

hello,

I set up the fire wall rule right away, turned on logging and noticed one peculiarity, for some reason traffic goes through the external interface, although it should not go there, it should go inside the protocol gre
from your latest ospf log ...
19:58:17 route,ospf,packet log-ospf: default { version: 2 router-id: 10.10.222.1 } backbone { 0.0.0.0 } interface { p2p 172.18.254.1%gre-justhost } neighbor { router-id: 10.255.254.1 state: ExStart } send
DD to 172.18.254.2 Init Master More sequence 1712849818
that would be impossible for the ospf to have split routing.

exstart means both ospf routers are in touch.

your previous log even said dr/bdr election: me - that means there are no split routing. the ospf router are ok but the mtu is too small.

if your isp has icmp filter along the path - that could be overcome with fragmentation set to yes.

there are ospf interface passive options - but i don't think that it will help. neither with ip route rule/pbr to direct the ospf hello to go into the tunnel.

hmm... how about injecting a static route with Lower metrics than those to internet, on both router to be used by the ospf?

ok. have a try and good luck 👍🏻 I'm off for rest.
 
BigDrive
just joined
Topic Author
Posts: 22
Joined: Tue Feb 09, 2021 9:49 pm

Re: OSPF operation between ROS V6 and ROS V7

Mon May 22, 2023 8:40 pm

Thanks for the answer
I registered metrics for routes for both routers, pings fly and traffic too.
I left the MTU value of 1350, the tunnel stops working above. I set the fragmentation and the MTU value to 1500, the tunnel works, but the OSPF does not want to turn on.
In vain, apparently, I bought devices with an OS 7 router.
We have more than 200 devices and do not feel like writing routes with our hands and digging in loops in the future.
 
mducharme
Trainer
Trainer
Posts: 1777
Joined: Tue Jul 19, 2016 6:45 pm
Location: Vancouver, BC, Canada

Re: OSPF operation between ROS V6 and ROS V7

Mon May 22, 2023 11:13 pm

This might be a firewall issue and your OSPF issues might be just a symptom and not the cause.
 
BigDrive
just joined
Topic Author
Posts: 22
Joined: Tue Feb 09, 2021 9:49 pm

Re: OSPF operation between ROS V6 and ROS V7

Tue May 23, 2023 7:42 am

Hello mducharme
I added rules on both routers
add action=accept chain=input in-interface=gre-justhost log-prefix=fi-ospf protocol=ospf src-address=172.16.0.0/12.
I tried to disable all rules in all chains, but the result is negative
 
mducharme
Trainer
Trainer
Posts: 1777
Joined: Tue Jul 19, 2016 6:45 pm
Location: Vancouver, BC, Canada

Re: OSPF operation between ROS V6 and ROS V7

Tue May 23, 2023 9:23 am

Export your full config from both routers instead of just part of the config. hide-sensitive is used as the default in RouterOS v7 so the export should not share any sensitive details.
 
BigDrive
just joined
Topic Author
Posts: 22
Joined: Tue Feb 09, 2021 9:49 pm

Re: OSPF operation between ROS V6 and ROS V7

Tue May 23, 2023 11:15 am

CHR
chr.rsc
5009
5009.rsc
You do not have the required permissions to view the files attached to this post.
 
mducharme
Trainer
Trainer
Posts: 1777
Joined: Tue Jul 19, 2016 6:45 pm
Location: Vancouver, BC, Canada

Re: OSPF operation between ROS V6 and ROS V7

Tue May 23, 2023 5:09 pm

All of your OSPF config is disabled on the 5009 router - the interface is disabled, area is disabled, and interface templates are disabled. OSPF isn't going to work like that.

You're also doing masquerade on the GRE tunnel on the 5009, which is probably going to prevent a neighbor relationship from forming even if OSPF was enabled.
 
BigDrive
just joined
Topic Author
Posts: 22
Joined: Tue Feb 09, 2021 9:49 pm

Re: OSPF operation between ROS V6 and ROS V7

Tue May 23, 2023 5:21 pm

Yes, I turned it off so that errors were not written to the device log.
The settings should have been done already from hopelessness, I tried different variations
I post the modified version, but the result is negative
5009-2.rsc
You do not have the required permissions to view the files attached to this post.
 
wiseroute
Member
Member
Posts: 352
Joined: Sun Feb 05, 2023 11:06 am

Re: OSPF operation between ROS V6 and ROS V7

Tue May 23, 2023 7:40 pm

hello bigdrive, and @mcducharme.

just to let you know,
just done the local back to back test for @bigdrive :

that v6.49 and v7.6 are working.
as well both v7.6.

i could only test gre. mtu 1476.

yes. there are slightly different settings on the ospf interface. i choose broadcast for the gre interface.

v7.6 as hub. v7.6 and v6.49 as spokes. those spokes with physical interface srcnat, not on the gre tunnel. and the hub is plain no nat.

+++ edit, ok.

tested v7.6 as hub, and v6.49 as spoke (with srcnat).
hub properties :							spoke :
wan ip	:	10.10.10.1/30					10.10.10.2/30
gre ip	:	172.16.1.1/30					172.16.1.2/30
lo0		:	172.16.1.11/32				172.16.1.12/32
dummy-servers	:	192.168.2.0/24		dummy-LAN	:	192.168.1.0/24

hub config :

interfaces,
---
[admin@hub] >  /interface/print
Flags: R - RUNNING
Columns: NAME, TYPE, ACTUAL-MTU, L2MTU, MAC-ADDRESS
#   NAME     TYPE        ACTUAL-MTU  L2MTU  MAC-ADDRESS
0 R ether1   ether             1500         52:54:00:00:01:01
1 R gre1     gre-tunnel        1476  65535
2 R lo0      bridge            1500  65535  5E:E0:F0:3D:42:C6
3 R servers  bridge            1500  65535  22:A9:AD:57:D8:6E ---> dummy for connectivity test.

ip addresses,
---
[admin@hub] > /ip address/print
Columns: ADDRESS, NETWORK, INTERFACE
# ADDRESS         NETWORK      INTERFACE
0 10.10.10.1/30   10.10.10.0   ether1
1 172.16.1.11/32  172.16.1.11  lo0
2 192.168.2.1/24  192.168.2.0  servers
3 172.16.1.1/30   172.16.1.0   gre1

gre interface,
---
[admin@hub] > /interface/gre print detail
Flags: X - disabled; R - running
 0  R name="gre1" mtu=auto actual-mtu=1476 local-address=10.10.10.1 remote-address=10.10.10.2 keepalive=10s,10
      dscp=inherit clamp-tcp-mss=yes dont-fragment=no allow-fast-path=yes

ospf instance,
---
[admin@hub] > /routing/ospf/instance/print detail
Flags: X - disabled, I - inactive
 0   name="default" version=2 vrf=main router-id=172.16.1.11 redistribute=connected

ospf area,
---
[admin@hub] > /routing/ospf/area/print detail
Flags: X - disabled, I - inactive, D - dynamic; T - transit-capable
 0    name="backbone" instance=default area-id=0.0.0.0 type=default

ospf interface
---
[admin@hub] > /routing/ospf/interface/print
Flags: D - dynamic
 0 D address=172.16.1.1%gre1 area=backbone state=dr network-type=broadcast bdr=172.16.1.2 cost=1 priority=128
     retransmit-interval=5s transmit-delay=1s hello-interval=10s dead-interval=40s

ospf neighbor,
---
[admin@hub] > /routing/ospf/neighbor/print detail
Flags: V - virtual; D - dynamic
 0  D instance=default area=backbone address=172.16.1.2 priority=1 router-id=172.16.1.12 dr=172.16.1.1 bdr=172.16.1.2
      state="Full" state-changes=10 adjacency=8m34s timeout=35s

lsa,
---
[admin@hub] > /routing/ospf/lsa/print detail
Flags: S - self-originated, F - flushing, W - wraparound; D - dynamic
 0 SD instance=default type="external" originator=172.16.1.11 id=10.10.10.0 sequence=0x80000005 age=1422 checksum=0xA6>
      body=
        options=E
        netmask=255.255.255.252
        forwarding-address=0.0.0.0
        metric=1 type-1
        route-tag=0

 1  D instance=default type="external" originator=172.16.1.12 id=10.10.10.0 sequence=0x80000002 age=1467
      checksum=0xC890 body=
        options=E
        netmask=255.255.255.252
        forwarding-address=0.0.0.0
        metric=20 type-1
        route-tag=0

 2 SD instance=default type="external" originator=172.16.1.11 id=172.16.1.0 sequence=0x80000003 age=1373
      checksum=0xE6E5 body=
        options=E
        netmask=255.255.255.252
        forwarding-address=0.0.0.0
        metric=1 type-1
        route-tag=0

 3 SD instance=default type="external" originator=172.16.1.11 id=172.16.1.11 sequence=0x80000005 age=1572
      checksum=0x8636 body=
        options=E
        netmask=255.255.255.255
        forwarding-address=0.0.0.0
        metric=1 type-1
        route-tag=0

 4 SD instance=default type="external" originator=172.16.1.11 id=192.168.2.0 sequence=0x80000005 age=1561
      checksum=0xBD5C body=
        options=E
        netmask=255.255.255.0
        forwarding-address=0.0.0.0
        metric=1 type-1
        route-tag=0

 5 SD instance=default area=backbone type="router" originator=172.16.1.11 id=172.16.1.11 sequence=0x80000016 age=552
      checksum=0x62CA body=
        options=E bits=E
            type=network id=172.16.1.1 data=172.16.1.1 metric=1

  6  D instance=default area=backbone type="router" originator=172.16.1.12 id=172.16.1.12 sequence=0x80000008 age=556
      checksum=0x7C4A body=
        options=E bits=E
            type=stub id=192.168.1.0 data=255.255.255.0 metric=10
            type=stub id=172.16.1.12 data=255.255.255.255 metric=10
            type=network id=172.16.1.1 data=172.16.1.2 metric=10

 7 SD instance=default area=backbone type="network" originator=172.16.1.11 id=172.16.1.1 sequence=0x80000003 age=553
      checksum=0x87B9 body=
        netmask=255.255.255.252
            router-id=172.16.1.11
            router-id=172.16.1.12

ip route print,
---
[admin@hub] > /ip route/print
Flags: D - DYNAMIC; A - ACTIVE; c, o, y - COPY
Columns: DST-ADDRESS, GATEWAY, DISTANCE
    DST-ADDRESS     GATEWAY          DISTANCE
D o 10.10.10.0/30   172.16.1.2%gre1       110
DAc 10.10.10.0/30   ether1                  0
DAc 172.16.1.0/30   gre1                    0
DAc 172.16.1.11/32  lo0                     0
DAo 172.16.1.12/32  172.16.1.2%gre1       110
DAo 192.168.1.0/24  172.16.1.2%gre1       110
DAc 192.168.2.0/24  servers                 0

ping and traceroute test,
---
[admin@hub] > /ping count=3 192.168.1.1 src-address=192.168.2.1
  SEQ HOST                                     SIZE TTL TIME       STATUS
    0 192.168.1.1                                56  64 41ms512us
    1 192.168.1.1                                56  64 236ms625us
    2 192.168.1.1                                56  64 32ms937us
    sent=3 received=3 packet-loss=0% min-rtt=32ms937us avg-rtt=103ms691us max-rtt=236ms625us

[admin@hub] > /tool/traceroute 192.168.1.1 src-address=192.168.2.1
Columns: ADDRESS, LOSS, SENT, LAST, AVG, BEST, WORST, STD-DEV
#  ADDRESS      LOSS  SENT  LAST   AVG  BEST  WORST  STD-DEV
1  192.168.1.1  0%       4  5.9ms   10  5.2   22.3   7.1
spoke v6.49 config
interface,
---
[admin@spoke649] > /interface print
Flags: D - dynamic, X - disabled, R - running, S - slave
 #     NAME                                TYPE       ACTUAL-MTU L2MTU  MAX-L2MTU MAC-ADDRESS
 0  R  ether1                              ether            1500                  52:54:00:00:02:01
 1  R  LAN                                 bridge           1500 65535            72:C6:C9:6A:15:82
 2  R  gre1                                gre-tunnel       1476 65535
 3  R  lo0                                 bridge           1500 65535            2A:79:11:82:99:2D

ip addresses,
---
[admin@spoke649] > /ip address print
Flags: X - disabled, I - invalid, D - dynamic
 #   ADDRESS            NETWORK         INTERFACE
 0   10.10.10.2/30      10.10.10.0      ether1
 1   172.16.1.12/32     172.16.1.12     lo0
 2   192.168.1.1/24     192.168.1.0     LAN
 3   172.16.1.2/30      172.16.1.0      gre1

srcnat on wan interface,
---
[admin@spoke649] > /ip firewall nat print de  detail
Flags: X - disabled, I - invalid, D - dynamic
 0    chain=srcnat action=masquerade out-interface=ether1

gre interface,
---
[admin@spoke649] > /interface gre print de    detail
Flags: X - disabled, R - running
 0  R name="gre1" mtu=auto actual-mtu=1476 local-address=10.10.10.2 remote-address=10.10.10.1 keepalive=10s,10
      dscp=inherit clamp-tcp-mss=yes dont-fragment=no allow-fast-path=yes

ospf instance,
---
[admin@spoke649] > /routing ospf instance print detail
Flags: X - disabled, * - default
 0  * name="default" router-id=172.16.1.12 distribute-default=never redistribute-connected=as-type-1
      redistribute-static=no redistribute-rip=no redistribute-bgp=no redistribute-other-ospf=no metric-default=1
      metric-connected=20 metric-static=20 metric-rip=20 metric-bgp=auto metric-other-ospf=auto in-filter=ospf-in
      out-filter=ospf-out

ospf area,
---
[admin@spoke649] > /routing ospf area print detail
Flags: X - disabled, I - invalid, * - default
 0  * name="backbone" instance=default type=default area-id=0.0.0.0

ospf interface
---
[admin@spoke649] > /routing ospf interface print detail
Flags: X - disabled, I - inactive, D - dynamic, P - passive
 0    interface=gre1 cost=10 priority=1 authentication=none authentication-key="" authentication-key-id=1
      network-type=broadcast instance-id=0 retransmit-interval=5s transmit-delay=1s hello-interval=10s
      dead-interval=40s use-bfd=no

 1 DP interface=lo0 cost=10 priority=1 authentication=none authentication-key="" authentication-key-id=1
      network-type=broadcast instance-id=0 retransmit-interval=5s transmit-delay=1s hello-interval=10s
      dead-interval=40s use-bfd=no

 2 D  interface=LAN cost=10 priority=1 authentication=none authentication-key="" authentication-key-id=1
      network-type=broadcast instance-id=0 retransmit-interval=5s transmit-delay=1s hello-interval=10s
      dead-interval=40s use-bfd=no

ospf network,
---
[admin@spoke649] > /routing ospf network print detail
Flags: X - disabled, I - invalid
 0   network=172.16.1.0/30 area=backbone
 1   network=172.16.1.12/32 area=backbone
 2   network=192.168.1.0/24 area=backbone

ospf neighbor,
---
[admin@spoke649] > /routing ospf neighbor print detail
 0 instance=default router-id=172.16.1.11 address=172.16.1.1 interface=gre1 priority=128 dr-address=172.16.1.1
   backup-dr-address=172.16.1.2 state="Full" state-changes=5 ls-retransmits=0 ls-requests=0 db-summaries=0
   adjacency=16m35s


ospf lsa,
---
[admin@spoke649] > /routing ospf interface print detail
Flags: X - disabled, I - inactive, D - dynamic, P - passive
 0    interface=gre1 cost=10 priority=1 authentication=none authentication-key="" authentication-key-id=1
      network-type=broadcast instance-id=0 retransmit-interval=5s transmit-delay=1s hello-interval=10s
      dead-interval=40s use-bfd=no

 1 DP interface=lo0 cost=10 priority=1 authentication=none authentication-key="" authentication-key-id=1
      network-type=broadcast instance-id=0 retransmit-interval=5s transmit-delay=1s hello-interval=10s
      dead-interval=40s use-bfd=no

 2 D  interface=LAN cost=10 priority=1 authentication=none authentication-key="" authentication-key-id=1
      network-type=broadcast instance-id=0 retransmit-interval=5s transmit-delay=1s hello-interval=10s
      dead-interval=40s use-bfd=no
[admin@spoke649] > /routing ospf lsa print detail
 instance=default area=backbone type=router id=172.16.1.11 originator=172.16.1.11 sequence-number=0x80000013 age=1437
   checksum=0x68C7 options="E" body=
     flags=EXTERNAL
     links (type, id, data, metric)
         Transit 172.16.1.1 172.16.1.1 1

 instance=default area=backbone type=router id=172.16.1.12 originator=172.16.1.12 sequence-number=0x80000005 age=1413
   checksum=0x8247 options="E" body=
     flags=EXTERNAL
     links (type, id, data, metric)
         Stub 192.168.1.0 255.255.255.0 10
         Stub 172.16.1.12 255.255.255.255 10
         Transit 172.16.1.1 172.16.1.2 10

 instance=default area=backbone type=network id=172.16.1.1 originator=172.16.1.11 sequence-number=0x80000001 age=1437
   checksum=0x8BB7 options="E" body=
     netmask=255.255.255.252
         routerId=172.16.1.11
         routerId=172.16.1.12

 instance=default area=external type=as-external id=10.10.10.0 originator=172.16.1.11 sequence-number=0x80000004
   age=1420 checksum=0xC5F options="E" body=
     netmask=255.255.255.252
     forwarding-address=0.0.0.0
     route-tag=0x0
     metric=1
     type1

 instance=default area=external type=as-external id=10.10.10.0 originator=172.16.1.12 sequence-number=0x80000001
   age=1439 checksum=0xCA8F options="E" body=
     netmask=255.255.255.252
     forwarding-address=0.0.0.0
     route-tag=0x0
     metric=20
     type1

 instance=default area=external type=as-external id=172.16.1.0 originator=172.16.1.11 sequence-number=0x80000002
   age=1283 checksum=0xE8E4 options="E" body=
     netmask=255.255.255.252
     forwarding-address=0.0.0.0
     route-tag=0x0
     metric=1
     type1

 instance=default area=external type=as-external id=172.16.1.11 originator=172.16.1.11 sequence-number=0x80000004
   age=1553 checksum=0x8835 options="E" body=
      netmask=255.255.255.255
     forwarding-address=0.0.0.0
     route-tag=0x0
     metric=1
     type1

 instance=default area=external type=as-external id=192.168.2.0 originator=172.16.1.11 sequence-number=0x80000004
   age=1487 checksum=0xBF5B options="E" body=
     netmask=255.255.255.0
     forwarding-address=0.0.0.0
     route-tag=0x0
     metric=1
     type1

ip route print,
---
[admin@spoke649] > /ip route print
Flags: X - disabled, A - active, D - dynamic, C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme,
B - blackhole, U - unreachable, P - prohibit
 #      DST-ADDRESS        PREF-SRC        GATEWAY            DISTANCE
 0 ADC  10.10.10.0/30      10.10.10.2      ether1                    0
 1 ADC  172.16.1.0/30      172.16.1.2      gre1                      0
 2 ADo  172.16.1.11/32                     172.16.1.1              110
 3 ADC  172.16.1.12/32     172.16.1.12     lo0                       0
 4 ADC  192.168.1.0/24     192.168.1.1     LAN                       0
 5 ADo  192.168.2.0/24                     172.16.1.1              110

ping and traceroute test,
---
[admin@spoke649] > ping count=3 172.16.1.11 src-address=172.16.1.12
  SEQ HOST                                     SIZE TTL TIME  STATUS
    0 172.16.1.11                                56  64 30ms
    1 172.16.1.11                                56  64 8ms
    2 172.16.1.11                                56  64 40ms
    sent=3 received=3 packet-loss=0% min-rtt=8ms avg-rtt=26ms max-rtt=40ms

	 [admin@spoke649] > /tool traceroute 192.168.2.1 src-address=192.168.1.1
 # ADDRESS                          LOSS SENT    LAST     AVG    BEST   WORST STD-DEV STATUS
 1 192.168.2.1                        0%    4   3.5ms    16.4     3.5    36.2    13.7
 

ok. hope this helps, and have a nice try. i'm sorry for this bad layout - i dont know how to fix it.
 
BigDrive
just joined
Topic Author
Posts: 22
Joined: Tue Feb 09, 2021 9:49 pm

Re: OSPF operation between ROS V6 and ROS V7

Wed May 24, 2023 7:58 am

thanks wiseroute
I set the value of MTU 1476, but the result is negative.
I also chose the broadcast for the gre interface.
It seems to me that the problem is not in the mtu values ​​and the ospf settings, but in the firewall itself.
If it's not difficult, can you export your settings to gre, ospf and a piece of firewall?
 
wiseroute
Member
Member
Posts: 352
Joined: Sun Feb 05, 2023 11:06 am

Re: OSPF operation between ROS V6 and ROS V7

Wed May 24, 2023 8:08 am

hello bigdrive,

i have put everything on my post above.

the hub is v7.6 config,
the spoke is v6.49 config.

no firewall at all, only srcnat on the spoke side (physical interface, not on the gre tunnel). since I just doing this test solely for you.

just copy those code to notepad so they don't cluttered for easier reading.

good luck 👍🏻
 
BigDrive
just joined
Topic Author
Posts: 22
Joined: Tue Feb 09, 2021 9:49 pm

Re: OSPF operation between ROS V6 and ROS V7

Wed May 24, 2023 8:18 am

Hello
Yes, with a physical interface, everything also works for me, but in my configuration it doesn’t.
But this scheme works on Router OS version 6
 
BigDrive
just joined
Topic Author
Posts: 22
Joined: Tue Feb 09, 2021 9:49 pm

Re: OSPF operation between ROS V6 and ROS V7  [SOLVED]

Wed May 31, 2023 11:37 pm

Everything worked out, it started on my scheme of work, in the IPsec policy I put 47 in place 255, everything worked, and from 7 to 7 version of Ros and from 6 to 7 RoS, everything now works at any MTU value if it is set at both ends.
 
wiseroute
Member
Member
Posts: 352
Joined: Sun Feb 05, 2023 11:06 am

Re: OSPF operation between ROS V6 and ROS V7

Thu Jun 01, 2023 6:55 am

hello bigdrive,

[*]
Everything worked out,
[*]
glad to hear that 👍🏻

what filter did you have for 47 and 255?
 
BigDrive
just joined
Topic Author
Posts: 22
Joined: Tue Feb 09, 2021 9:49 pm

Re: OSPF operation between ROS V6 and ROS V7

Thu Jun 01, 2023 8:56 am

Hello wiseroute

Settings
/ip ipsec policy
The default is 255
255.png
I put up only gre protocol
47.png
After that everything worked

Of course, you need to change on both sides
You do not have the required permissions to view the files attached to this post.
 
wiseroute
Member
Member
Posts: 352
Joined: Sun Feb 05, 2023 11:06 am

Re: OSPF operation between ROS V6 and ROS V7

Thu Jun 01, 2023 10:36 am

[*]
Settings
/ip ipsec policy
The default is 255
[*]

👍🏻

did you move the hub to the cloud already?
 
BigDrive
just joined
Topic Author
Posts: 22
Joined: Tue Feb 09, 2021 9:49 pm

Re: OSPF operation between ROS V6 and ROS V7

Thu Jun 01, 2023 10:38 am

Yes, it's already in production.
 
BigDrive
just joined
Topic Author
Posts: 22
Joined: Tue Feb 09, 2021 9:49 pm

Re: OSPF operation between ROS V6 and ROS V7

Thu Jun 01, 2023 10:46 am

For some reason, there is no protocol in the choice in policy 47
47.2.png
You do not have the required permissions to view the files attached to this post.
 
wiseroute
Member
Member
Posts: 352
Joined: Sun Feb 05, 2023 11:06 am

Re: OSPF operation between ROS V6 and ROS V7

Thu Jun 01, 2023 4:16 pm

Yes, it's already in production.
👍🏻

how about 'gre' ? 😉
 
BigDrive
just joined
Topic Author
Posts: 22
Joined: Tue Feb 09, 2021 9:49 pm

Re: OSPF operation between ROS V6 and ROS V7

Thu Jun 01, 2023 4:27 pm

everything works through gre at the beginning of the ipsec, then gre and then ospf, it was possible to do without this change, but only ospf would not work, everything else worked

Who is online

Users browsing this forum: wittytttbb and 18 guests