Now I want to use OSPF and connect the OSPF to the OpenVPN tunnel
the OSPF Interfaces section does not show the OpenVPN tunnel
if I configure an OSPF Neighbour there is no OSPF traffic, presumably due to the slightly cryptic message “OSPF neighbors works only when an interface with type ‘Non-Broadcast’ or ‘Point-to-Multipoint’ is configured” at the top of the OSPF page
(As a side-note I tried configuring a Wireguard tunnel and couldn’t see how to make it appear in OSPF either).
Is there some way in the UI to use OSPF over OpenVPN (and Wireguard) tunnels?
I have worked out how to do this, however, it is quite possible that this is not the “correct” answer. I am leaving the information here in case it is useful to someone else.
This information is correct for a RUT360, with RUT36X_R_00.07.08.2 firmware, and packages: OSPF daemon version 1, FRR VTYSH version 8.4.2-1.
The ‘vtysh’ command is in a separate package. So if you need to use vtysh to debug/diagnose what is going on then you need to load this package. Just use the package search function and look for vtysh.
You can handcraft a FRR OSPF configuration file and then use the ‘Import config’ option on the Network/Routing/Dynamic_routes page. You click ‘Browse’ under OSPF - General Settings, locate your config file, then enable the service and then ‘Save & Apply’. This avoids the UI totally and allows you to select a config of your own choice.
To get a starting config I configured the non-Teltonika end of the OSPF connection (which was pfsense) and then grabbed the OSPF configuration file from pfsense. I then made changes to this configuration file so that it would be correct for the Teltonika end of things. I installed as described above and voila OSPF came up as required - and routes worked as expected. (You may need to log into the Teltonika and use various commands to find the name of the network interfaces for interfaces that you require).
I have yet to add additional complexity to my initial configuration, however, this works as a starting point and I see no reason that it won’t work as I require.
A side benefit of this mechanism is that you have the full configuration file for the Teltonika and are not left guessing as to what the UI actually generated.
If you want to find the ospf.conf file for a Teltonika UI generated OSPF configuration it is in /tmp/etc/frr/ospf.conf.
I think that for a wireguard connection you may need to enter the wireguard interface twice in the configuration because I read somewhere that the wireguard interface is renamed during it creation and that FRR starts before wireguard so there is a race condition and it is not certain which interface name will exist when FRR sees it. (At least that is my memory of what I read).
The configuration file that I tested with was this:
interface wlan0-2
description “ospfd: GuestWiFi network”
ip ospf area 0.0.0.40
!
interface tun_c_4G
description “ospfd: 4G OpenVPN”
ip ospf network point-to-point
ip ospf cost 100
ip ospf area 0.0.0.0
!
router ospf
ospf router-id 192.168.129.1
redistribute connected
passive-interface wlan0-2
area 0.0.0.0 shortcut default
area 0.0.0.40 stub
area 0.0.0.40 shortcut default
!
I hope that this helps anyone else who is trying to work out how this works,
Tim