[FROG] RIP route announcements & OpenVPN

Jim Carroll jim at carroll.com
Mon Oct 2 10:10:46 EDT 2017


We manage a large network of OpenVPN clients that connect into a central
location (think Hub & Spoke design). We have a need to distribute RIP routes
to these remote machines - but we've run into a design limitation of RIP and
was hoping for some guidance.

 

RIPd will not send out announcements through an interface that it knows it
learned the routes from (which I believe is 100% in keeping with the RFC).
The problem for us is these remote hosts connect into a single tap
interface, which OpenVPN uses to maintain their tunnels.  This means the Hub
can receive routes from the remote hosts, but it will not send out route
announcements to the tap that it learns from the remote hosts so that the
remotes can then reach other.

 

We have experimented with using the RIP neighbor statement to try to force
RIPd to override this restriction, but it looks like this is not honored.
That RIPd still will refuse to send out routes to a tap interface from which
it sees it learned the route from.

 

We know we could define a series of point-to-point gre tunnels between each
remote host and the RIPd hub, and then configure RIPd to distribute routes
over each individual gre interface, but this is pretty messy, and we were
hoping someone else might have a better idea.

 

Thanks

Jim C.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.frrouting.org/pipermail/frog/attachments/20171002/4ba030c8/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4722 bytes
Desc: not available
URL: <http://lists.frrouting.org/pipermail/frog/attachments/20171002/4ba030c8/attachment.bin>


More information about the frog mailing list