[FROG] OSPF over GRE over IPSec
David Lamparter
equinox at diac24.net
Fri Mar 11 17:53:00 UTC 2022
On Fri, Mar 11, 2022 at 05:46:32PM +0100, Volodymyr Litovka wrote:
> # tcpdump -i gre1 -v
> [ ... ]
> 15:34:49.132222 IP (tos 0xc0, ttl 1, id 15017, offset 0, flags [none], proto OSPF (89), length 68)
...
> 6: gre1 at NONE: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1400 qdisc noqueue state UNKNOWN group default qlen 1000
> link/gre x.x.x.x peer x.x.x.y
> inet 100.99.0.66/30 brd 100.99.0.67 scope global gre1
> valid_lft forever preferred_lft forever
You probably have "ttl inherit" set on the tunnel (it is the default).
Since the TTL on the OSPF multicast packets is 1, the tunnel packets
will not arrive at the destination. Try:
"ip link set gre1 type gre ttl 64"
-David
More information about the frog
mailing list