[CentOS] 6.5 vpn/gre/ospf breakage
Steve Clark
sclark at netwolves.com
Thu Mar 27 12:53:15 UTC 2014
On 03/27/2014 08:44 AM, SilverTip257 wrote:
> On Thu, Mar 27, 2014 at 8:24 AM, Steve Clark <sclark at netwolves.com> wrote:
>
>> Hi List,
>>
>>
> Hi Steve,
>
>
>> FYI.
>>
>> We have been using CentOS 6.4 and have 2 vpn/gre tunnels to separate cisco
>> rtrs using ospf.
>> with kernel 2.6.32-358.23.2
>>
>> We have upgraded to 6.5 bit using kernel 2.6.32-431.5.1 and the exact same
>> configuration scripts for
>> our vpn/gre tunnels.
>>
> There was a brief thread (total of three posts) on multicast changes with
> the newer CentOS 6 kernel.
> http://lists.centos.org/pipermail/centos/2014-February/141062.html
>
> Apparently something odd going on in 2.6.32-431.x.x -- functionality that
> operates fine in the older 2.6.32-358.x.x kernels.
>
>
>> What I see is the first gre tunnel works great and I get an ospf neighbor.
>>
>> The second tunnel comes up and I can ping across it and I see our side
>> sending hello packets in the gre tunnel
>> but I never receive any hello packets from the cisco.
>>
>> The cisco sees our hellos because it goes into the Init state. I do a
>> tcpdump
>> and I see esp traffic coming from the cisco like it is sending hellos but
>> they never show up in a tcpdump
>> on the gre tunnel. It is like the kernel is not delivering them.
>>
>> Also my gre tunnels on CentOS 6.5 are named gre1 at NONE and gre2 at NONE with
>> an ip a s, while on the 6.4 CentOS system
>> they show up as only gre1 and gre2? Whats with the @NONE?
>>
>> Looking at the Changelog of the kernel a lot of changes to the ip_gre
>> module were made in 2.6.32-380
>>
>>
> Sounds like you might be aware of the post I linked to above.
> ( In case you're not, I'll send this message anyways. )
>
>
>
Hi Mike,
Thanks for the info - I had missed that thread. This appears to be similar to problem I am seeing.
I am getting the multicast hellos on the first gre/vpn but not the second one. Reverting to kernel
2.6.32-358.23.2 makes everything work again.
--
Stephen Clark
*NetWolves Managed Services, LLC.*
Director of Technology
Phone: 813-579-3200
Fax: 813-882-0209
Email: steve.clark at netwolves.com
http://www.netwolves.com
More information about the CentOS
mailing list