Ни как не получается настроить связку quagga и gif.
Есть 2 маршрутизатора на FreeBSD 6.3 и 2 канала. Поверх этих двух каналов лежит IPSec работающий через гиф интерфейсы.
Вот настройки:
Первый сервер zebra:
Код: Выделить всё
hostname gw1
password zebra
enable password zebra
!
! Interface's description.
!
interface lo
description loop
interface gif0
description ISP1
interface gif1
description ISP2
!
log file /var/log/quagga/zebra.log
Код: Выделить всё
!
hostname cos
password zebra
enable password superzebra
log file /var/log/quagga/ospfd.log
!
!
!
!
interface lo
!
interface gif0
ip ospf network point-to-point
ip ospf cost 10
ip ospf mtu-ignore
!
interface gif1
ip ospf network point-to-point
ip ospf cost 20
ip ospf mtu-ignore
!
router ospf
ospf router-id 192.168.100.1
redistribute connected
redistribute static
network 192.168.100.0/24 area 0
network 192.168.73.0/24 area 0
network 192.168.101.0/24 area 0
Код: Выделить всё
gif0: flags=8050<POINTOPOINT,RUNNING,MULTICAST> mtu 1376
tunnel inet 10.10.10.4 --> 10.10.10.15
inet 192.168.73.2 --> 192.168.73.1 netmask 0xffffff00
gif1: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1376
tunnel inet 192.168.100.10 --> ччч.ччч.ччч.ччч
inet 192.168.101.2 --> 192.168.101.1 netmask 0xffffff00
zebra
Код: Выделить всё
hostname gw2
password zebra
enable password zebra
!
! Interface's description.
!
interface lo
description loop
interface gif0
description ISP1
interface gif1
description ISP2
!
log file /var/log/quagga/zebra.log
Код: Выделить всё
!
hostname brands
password zebra
enable password superzebra
log file /var/log/quagga/ospfd.log
!
!
!
!
interface lo
!
interface gif0
ip ospf network point-to-point
ip ospf cost 10
ip ospf mtu-ignore
!
interface gif1
ip ospf network point-to-point
ip ospf cost 20
ip ospf mtu-ignore
!
router ospf
ospf router-id 192.168.72.1
redistribute connected
redistribute static
network 192.168.72.0/24 area 0
network 192.168.73.0/24 area 0
network 192.168.101.0/24 area 0
Код: Выделить всё
gif0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1376
tunnel inet 10.10.10.15 --> 10.10.10.4
inet 192.168.73.1 --> 192.168.73.2 netmask 0xffffff00
gif1: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1376
tunnel inet ччч.ччч.ччч.ччч --> ххх.ххх.ххх.ххх
inet 192.168.101.1 --> 192.168.101.2 netmask 0xffffff00
Код: Выделить всё
# ping 192.168.72.1
PING 192.168.72.1 (192.168.72.1): 56 data bytes
ping: sendto: Input/output error
ping: sendto: Network is unreachable
ping: sendto: Input/output error
... пропущенно....
ping: sendto: Input/output error
ping: sendto: Input/output error
64 bytes from 192.168.72.1: icmp_seq=65 ttl=64 time=1.958 ms
ping: sendto: Input/output error
ping: sendto: Network is unreachable
ping: sendto: Input/output error
... пропущенно....
ping: sendto: Input/output error
ping: sendto: Input/output error
64 bytes from 192.168.72.1: icmp_seq=65 ttl=64 time=1.958 ms
Код: Выделить всё
2010/08/17 17:54:51 OSPF: *** sendmsg in ospf_write failed to 224.0.0.5, id 0, off 0, len 64, interface gif1, mtu 1376: Input/output error
2010/08/17 17:55:01 OSPF: Packet[DD]: Neighbor 192.168.72.1: Initial DBD from Slave, ignoring.
2010/08/17 17:55:01 OSPF: Packet[DD]: Neighbor 192.168.72.1 Negotiation done (Master).
2010/08/17 17:55:01 OSPF: nsm_change_state(192.168.72.1, Loading -> Full): scheduling new router-LSA origination
2010/08/17 17:55:21 OSPF: *** sendmsg in ospf_write failed to 224.0.0.5, id 0, off 0, len 68, interface gif1, mtu 1376: Network is unreachable
2010/08/17 17:55:31 OSPF: *** sendmsg in ospf_write failed to 224.0.0.5, id 0, off 0, len 68, interface gif1, mtu 1376: Input/output error
2010/08/17 17:55:41 OSPF: *** sendmsg in ospf_write failed to 224.0.0.5, id 0, off 0, len 68, interface gif1, mtu 1376: Network is unreachable
2010/08/17 17:55:51 OSPF: nsm_change_state(192.168.72.1, Full -> Deleted): scheduling new router-LSA origination
2010/08/17 17:55:51 OSPF: *** sendmsg in ospf_write failed to 224.0.0.5, id 0, off 0, len 68, interface gif1, mtu 1376: Input/output error
2010/08/17 17:56:01 OSPF: Packet[DD]: Neighbor 192.168.72.1: Initial DBD from Slave, ignoring.
2010/08/17 17:56:01 OSPF: Packet[DD]: Neighbor 192.168.72.1 Negotiation done (Master).
2010/08/17 17:56:01 OSPF: nsm_change_state(192.168.72.1, Loading -> Full): scheduling new router-LSA origination
2010/08/17 17:56:21 OSPF: *** sendmsg in ospf_write failed to 224.0.0.5, id 0, off 0, len 68, interface gif1, mtu 1376: Network is unreachable
2010/08/17 17:56:31 OSPF: *** sendmsg in ospf_write failed to 224.0.0.5, id 0, off 0, len 68, interface gif1, mtu 1376: Input/output error
2010/08/17 17:56:41 OSPF: *** sendmsg in ospf_write failed to 224.0.0.5, id 0, off 0, len 68, interface gif1, mtu 1376: Network is unreachable
2010/08/17 17:56:51 OSPF: nsm_change_state(192.168.72.1, Full -> Deleted): scheduling new router-LSA origination
2010/08/17 17:56:51 OSPF: *** sendmsg in ospf_write failed to 224.0.0.5, id 0, off 0, len 64, interface gif1, mtu 1376: Input/output error
2010/08/17 17:57:01 OSPF: Packet[DD]: Neighbor 192.168.72.1: Initial DBD from Slave, ignoring.
2010/08/17 17:57:01 OSPF: Packet[DD]: Neighbor 192.168.72.1 Negotiation done (Master).
2010/08/17 17:57:01 OSPF: nsm_change_state(192.168.72.1, Loading -> Full): scheduling new router-LSA origination
Кстати и без разницы, влючен ли IPSec или нет.