wireguard-vyatta-ubnt icon indicating copy to clipboard operation
wireguard-vyatta-ubnt copied to clipboard

Published 20 hours ago verified publisher icon WireGuard

Unable to add WireGuard interface to OSPFv3 area.

Open giga1699 opened this issue 3 years ago • 4 comments

I am unable to add a WireGuard interface to a OSPFv3 area. The error message states that no link-local address is assigned, as well as wg0 not matching any known interface name type, as shown below.

ubnt@RTR# set protocols ospfv3 area 0.0.0.0 interface wg0
[edit]
ubnt@RTR# commit
[ protocols ospfv3 area 0.0.0.0 interface wg0 ]
wg0 does not match any known interface name type
Link-Local address is not assigned to this interface

Commit failed

Interface config:

wireguard wg0 {
     address X.X.X.X/29
     address 2001:XXXX::2/64
     mtu 1420
     peer <pubkey> {
         allowed-ips 0.0.0.0/0
         allowed-ips ::/0
         endpoint <endpoint>
         preshared-key /config/auth/<key>
     }
     private-key /config/auth/<key>
     route-allowed-ips false
 }

EdgeRouter Version:

Version:      v2.0.9-hotfix.1
Build ID:     5371035
Build on:     01/22/21 10:15
Copyright:    2012-2020 Ubiquiti Networks, Inc.
HW model:     EdgeRouter 4

WireGuard version: ii wireguard 1.0.20210219-5 mips fast, modern, secure kernel VPN tunnel

giga1699 avatar Apr 13 '21 07:04 giga1699

Seems Ubiquiti also has quite the history of issues with OSPFv3.

Some reference links I've found, which I am showing similar issues over GRE and WireGuard.

https://community.ui.com/questions/Issues-with-OSPFv3-IPv6-over-GRE-and-SIT-Tunnels-/85f02527-211d-40ce-94f2-05bd1a7967a7

https://community.ui.com/questions/ERPro-8-cant-get-OSPFv3-to-work/e517b072-9501-4dec-aaa0-31834d8ebe28

giga1699 avatar Apr 13 '21 13:04 giga1699

Found another Ubiquiti posting specifically about WireGuard, and OSPFv3 not creating a neighbor relationship despite Hellos being seen via tcpdump.

https://community.ui.com/questions/ospfv3-over-wireguard-point-to-point-not-seeing-far-side-hellos-visible-in-tcpdump/3b6f9db6-737e-490a-a08c-022463f5e789

giga1699 avatar Apr 13 '21 13:04 giga1699

The working solution is to use Bird for ospfv3, the interface types supported for the included OSPF daemon, does not have the template for wireguard interface type so that's why it complains.

samip5 avatar May 11 '21 21:05 samip5

The error seems to come from: https://github.com/remfalc/vyt-vyatta-cfg-system/blob/master/scripts/vyatta-interfaces.pl, which is on the router at /opt/vyatta/sbin/vyatta-interfaces.pl

samip5 avatar May 11 '21 21:05 samip5