Heho, > Looking at the show nexthop output it seem bgpd does not get the RTM_IFINFO > message with the IFP_UP flag set. It still thinks the interface is down. This > is a bug > in wg(4) which probably sends the rt message before applying the flag.
This makes a lot of sense; I am sadly not good enough with the codebase to supply a diff, but can test a patch if somebody writes one. With best regards, Tobias -----Original Message----- From: owner-m...@openbsd.org <owner-m...@openbsd.org> On Behalf Of Claudio Jeker Sent: Wednesday, 13 July 2022 13:13 To: Stuart Henderson <stu.li...@spacehopper.org> Cc: misc@openbsd.org Subject: Re: OpenBGPD via (WG?) Tunnel Not Learning Routes On Wed, Jul 13, 2022 at 11:01:09AM -0000, Stuart Henderson wrote: > On 2022-07-13, Tobias Fiebig <tob...@reads-this-mailinglist.com> wrote: > > Heho, > > > > When doing what i described in my message, I get the below messages. > > > > When I set static routes, packet forwarding works fine, i.e.: > > > > gw02.dus01.as59645.net ~ # route add -inet6 2a06:d1c2::/48 > > 2a06:d1c0::dead:beef:c02 add net 2a06:d1c2::/48: gateway > > 2a06:d1c0::dead:beef:c02 > > > > bgp-test.test /etc # route add -inet6 default > > 2a06:d1c0::dead:beef:c01 add net default: gateway > > 2a06:d1c0::dead:beef:c01 > > > > Removing those routes and restarting the BGPD then also leads to a > > successful import of routes, see bgpctl sh nex at the bottom of this mail. > > > > It somehow feels like bgpd does not register that wg0 came up. > > Yes. > > You can check with "route -n monitor" that the route messages are > correctly sent when the interface is brought up, also try running bgpd > in the foreground with debug logging (bgpd -vvvd or so) and see if any > errors/warnings are logged when wg comes up. Looking at the show nexthop output it seem bgpd does not get the RTM_IFINFO message with the IFP_UP flag set. It still thinks the interface is down. This is a bug in wg(4) which probably sends the rt message before applying the flag. > > Let me try if this behavior is the same for other tunnels (eoip). > > Worth a try. Also maybe different between v4 and v6, WireGuard doesn't > really do v6 properly. The v4 part is also not great to be honest. Doing dynamic routing via WireGuard is just close to impossible with the way WireGuard is specified. It is not a simple tunnel but applies some route limits on top which you can't really disable. Also because of multicast issues you can't run ospfd over wg(4) so I had to put a gif tunnel in a wg tunnel to have dynamic routing. -- :wq Claudio
