Дано:
Внешние IP:
Микрот - 1.1.1.1
Debian - 2.2.2.2
Туннель:
Микрот - 10.0.0.1/30
Debian - 10.0.0.2/30
Что было сделано: На микроте:
Shell
/interface ipip add !keepalive remote-address=2.2.2.2 local-address=1.1.1.1
/ip address add address=10.0.0.1/30 interface=ipip-tunnel1
Shell
cat /etc/systemd/network/ipip-home.netdev
[NetDev]
Name=ipip-home
Kind=ipip
[Tunnel]
Remote=1.1.1.1
Local=2.2.2.2
Shell
cat /etc/systemd/network/ipip-home.network
[Match]
Name=ipip-home
[Network]
Address=10.0.0.1/30
Shell
cat /etc/systemd/network/isp.network
[Match]
Name=enp10s0
[Network]
Description=RosTelekom network
Address=Внешний
Gateway=Шлюз
DNS=ДНС’ы
LinkLocalAddressing=no
IPv6AcceptRA = no
Tunnel=ipip-home
На микротике
Shell
/interface/ipip/ print
0 R ipip-tunnel1 auto 1480 1.1.1.1 2.2.2.2 inherit
Shell
ip a
ipip-home@enp10s0: <POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1480 qdisc noqueue state UNKNOWN group default qlen 1000
link/ipip 2.2.2.2 peer 1.1.1.1
inet 10.0.0.1/30 brd 10.0.0.3 scope global ipip-home
valid_lft forever preferred_lft forever
Shell
/routing ospf instance add name=instance1 router-id=10.0.0.2
/routing ospf area add instance=instance1 name=backbone
/routing ospf interface-template add area=backbone networks=10.0.0.0/30 type=ptp
/routing ospf interface-template add area=backbone networks=172.16.96.0/29 passive
Shell
vim /etc/frr/daemons
ospfd=yes
Esc + Z + Z
systemctl restart frr
vtysh
confugure terminal
(conf)$ ip forwarding
(conf)$ router ospf
(conf-router)$ network 172.16.3.0/27 area 0
(conf-router)$ network 10.0.0.0/30 area 0
(conf-router)$ neighbor 10.0.0.2
(conf-router)$ exit
(conf)$ interface ipip-home
(conf-if)$ ip ospf network point-to-point
(conf-if)$ end
$ wr
$ exit
systemctl restart frr
Хэлоуки посылаются с обеих сторон. Вот -> тут <- со стороны микрота, а -> тут <- со стороны дебина, где последней строкой видно активного соседа.
Одно из предположений, почему так может быть - это hello пакеты со значением 1 в ttl. Пакет может протухнуть на границе микротика.
Shell
tcpdump: listening on ipip-home, link-type LINUX_SLL (Linux cooked v1), snapshot length 262144 bytes
08:13:40.847463 IP (tos 0x0, ttl 64, id 0, offset 0, flags [none], proto UDP (17), length 153)
T2.primorye.net.ru.5678 > 255.255.255.255.5678: UDP, length 125
08:13:42.094290 IP (tos 0xc0, ttl 1, id 21048, offset 0, flags [none], proto OSPF (89), length 68)
10.0.0.1 > ospf-all.mcast.net: OSPFv2, Hello, length 48
Router-ID 10.0.0.1, Backbone Area, Authentication Type: none (0)
Options [External]
Hello Timer 10s, Dead Timer 40s, Mask 255.255.255.252, Priority 1
Neighbor List:
T2.primorye.net.ru
08:13:43.726103 IP (tos 0x0, ttl 1, id 56167, offset 0, flags [DF], proto OSPF (89), length 64)
T2.primorye.net.ru > ospf-all.mcast.net: OSPFv2, Hello, length 44
Router-ID T2.primorye.net.ru, Backbone Area, Authentication Type: none (0)
Options [External]
Hello Timer 10s, Dead Timer 40s, Mask 255.255.255.252, Priority 128
Может кто из сетевых инженеров подскажет ТЯДНТ...?