Community discussions

MikroTik App
 
misterm
just joined
Topic Author
Posts: 4
Joined: Sat Jan 22, 2022 1:23 pm

OSPF over GRE with pfsense on other side

Fri Feb 04, 2022 4:20 pm

Hi all,

I am trying to setup OSPF between two sites which are connected via a GRE tunnel.

site A with range 192.168.1.0/24
Site B with range 192.168.190.0/24

From side b i am able to ping side a but not vice versa
/routing ospf instance
set [ find default=yes ] router-id=10.255.255.1
/routing ospf interface
add interface="OSPF Loopback"
add interface=bridge-local
/routing ospf network
add area=backbone network=100.124.124.0/24
add area=backbone network=10.255.255.1/32
add area=backbone network=192.168.1.0/24
on the other side
frr.conf   vtysh.conf
[21.05.2-RELEASE][admin@xxx]/var/etc/frr: cat frr.conf
##################### DO NOT EDIT THIS FILE! ######################
###################################################################
# This file was created by an automatic configuration generator.  #
# The contents of this file will be overwritten without warning!  #
###################################################################
!
frr defaults traditional
hostname ****
password *****
service integrated-vtysh-config
!
ip router-id 10.255.255.2
!
interface ix0.3502
 ip ospf area 0.0.0.0
interface gre0
 ip ospf bfd
 ip ospf area 0.0.0.0
!
router ospf
 ospf router-id 10.255.255.2
 redistribute connected metric 5 metric-type 1
 neighbor 10.255.255.1
!
line vty
!
end
any idea what i am doing wrong?
Last edited by misterm on Mon Feb 07, 2022 9:06 am, edited 1 time in total.
 
tricksol
newbie
Posts: 29
Joined: Thu Sep 03, 2015 3:55 pm

Re: OSPF over GRE with pfsense on other side

Sat Feb 05, 2022 4:31 pm

I do not see on the MK side where you have added an IP to the GRE interface, you have to have an ip on each end and also added that subnet to the ospf networks

First add the IP to the MK
/ip address add address=172.16.0.1/30 netmask=255.255.255.252 interface=GRE_XXX
/routing ospf network add area=backbone network=172.16.0.0/30

Add the 172.16.0.2/30 to the pfsense gre interface and ensure that you've allowed traffic on the firewall tab as pfsense will block all by default. Then add the interface or the legacy way in FRR the network.
 
misterm
just joined
Topic Author
Posts: 4
Joined: Sat Jan 22, 2022 1:23 pm

Re: OSPF over GRE with pfsense on other side

Mon Feb 07, 2022 8:56 am

I do not see on the MK side where you have added an IP to the GRE interface, you have to have an ip on each end and also added that subnet to the ospf networks

First add the IP to the MK
/ip address add address=172.16.0.1/30 netmask=255.255.255.252 interface=GRE_XXX
/routing ospf network add area=backbone network=172.16.0.0/30

Add the 172.16.0.2/30 to the pfsense gre interface and ensure that you've allowed traffic on the firewall tab as pfsense will block all by default. Then add the interface or the legacy way in FRR the network.
Hi @tricksol that i have configured....
100.124.124.1/30 100.124.124.0 gre-tunnel1

on the pfsense side

Image

on the firewall all is allowed and no traffic is blocked.
Still no luck
/routing ospf instance
set [ find default=yes ] disabled=no distribute-default=never !domain-id \
    !domain-tag in-filter=ospf-in metric-bgp=auto metric-connected=20 \
    metric-default=1 metric-other-ospf=auto metric-rip=20 metric-static=20 \
    !mpls-te-area !mpls-te-router-id name=default out-filter=ospf-out \
    redistribute-bgp=no redistribute-connected=no redistribute-other-ospf=no \
    redistribute-rip=no redistribute-static=no router-id=10.255.255.1 \
    !routing-table !use-dn
/routing ospf area
set [ find default=yes ] area-id=0.0.0.0 disabled=no instance=default name=\
    backbone type=default
/routing ospf interface
add authentication=none authentication-key="" authentication-key-id=1 cost=10 \
    dead-interval=40s disabled=no hello-interval=10s instance-id=0 interface=\
    "OSPF Loopback" network-type=default passive=no priority=1 \
    retransmit-interval=5s transmit-delay=1s use-bfd=no
add authentication=none authentication-key="" authentication-key-id=1 cost=10 \
    dead-interval=40s disabled=no hello-interval=10s instance-id=0 interface=\
    bridge-local network-type=default passive=no priority=1 \
    retransmit-interval=5s transmit-delay=1s use-bfd=no
/routing ospf network
add area=backbone disabled=no network=10.255.255.1/32
add area=backbone disabled=no network=192.168.1.0/24
add area=backbone disabled=no network=100.124.124.0/30
Image

And here an visual overview of the Routes which as you can see are empty from a gateway or interface perspective

Image
 
Nekrasov
just joined
Posts: 1
Joined: Tue Feb 15, 2022 3:26 pm

Re: OSPF over GRE with pfsense on other side

Tue Feb 15, 2022 3:28 pm

I have same problem.
But it's FRR bug i think.
https://forum.netgate.com/topic/165873/ ... nnel-peers
Last edited by Nekrasov on Wed Feb 16, 2022 7:48 am, edited 1 time in total.

Who is online

Users browsing this forum: No registered users and 17 guests