Bug #15028
closed
OpenVPN + FRR BGP routing failure(Unable to contact daemon/Service not running?)
0%
Description
Up to version 2.6.0, it works normally without bugs. The new versions 2.7.0 and 2.7.1 report inconsistency according to the logs.
Situation 1:
When an internet link goes down, the OpenVPN BGP redundancy converges traffic according to metrics (10 > 30 > 50) - okay.
Situation 2:
When the link is restored, the process of reconverging the traffic (50 > 30 > 10) does not work because the tunnel goes offline (service not running?).
Note: Workaround applied = stopping and starting the FRR BGP service, the tunnels come back online.
Topology: VPN Site to Site OpenVPN + FRR BGP
Tunnel 1 | BGP metric 10
Tunnel 2 | BGP metric 30
Tunnel 3 | BGP metric 50
Logs: /var/log/openvpn.log
fw01.local openvpn 6656 - - FreeBSD ifconfig failed: external program exited with error status: 1
fw01.local openvpn 6656 - - Exiting due to fatal error
ifconfig: "Does not display the IP addressing of the network tunnel."
ovpnc2: flags=8010<POINTOPOINT,MULTICAST> metric 0 mtu 1500
options=80000<LINKSTATE>
groups: tun openvpn
nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
Files
Updated by Jim Pingle 5 months ago
- Project changed from pfSense to pfSense Packages
- Category changed from Routing to FRR
- Release Notes deleted (
Default)
Updated by Jim Pingle 5 months ago
- Status changed from New to Not a Bug
That is the kind of error you'll get if there is a conflicting route already in the table which prevents it from configuring the address on the interface.
Usually this ends up being a configuration problem in FRR, it's receiving a route remotely for a network you have locally. It's probably best to review the config and discuss it on the forum since it's more than likely not a bug.
If it does turn out to be a bug, this can be reopened with more accurate details.