积少成多, 聚沙成塔

in39内网专用DNS服务器搭建(dnsmasq)

Posted on 2022-12-04 Edited on 2024-07-07 Disqus:

内网dns服务器可以参考的一些配置

# Never forward plain names (without a dot or domain part)
# 不包含点(.)的域名不要发给上游DNS服务器(不会流出当前节点)
domain-needed

# Never forward addresses in the non-routed address spaces.
# 无法路由的地址不要发给上游DNS服务器(不会流出当前节点)
bogus-priv

# If you don't want dnsmasq to read /etc/resolv.conf or any other
# file, getting its servers from this file instead (see below), then
# uncomment this.
# 不读取/etc/resolv.conf, 因为里面只有namserver 127.0.0.1
no-resolv

# Add other name servers here, with domain specs if they are for
# non-public domains.
# 对于解析不了的域名, 转发某个上游DNS服务器
server=192.168.50.1

# Add local-only domains here, queries in these domains are answered
# from /etc/hosts or DHCP only.
# 对于.in39结尾的域名都视为内网, 不转发给上游DNS服务器.
local=/in39/

# Add domains which you want to force to an IP address here.
# The example below send any host in double-click.net to a local
# web-server.
# 解析, 泛解析域名到IP, 如下*.helloworld.in39和helloworld.in39都会解析到这个IP
# 域名本身也可以加通配符来做字符串匹配解析.
address=/helloworld.in39/192.168.50.1

# If you don't want dnsmasq to read /etc/hosts, uncomment the
# following line.
# 不要读取/etc/hosts
no-hosts

# or if you want it to read another file, as well as /etc/hosts, use
# this.
# 但是读取以下指定的文件作为hosts内容 格式和hosts保持一致. 多个IP可以解析到同一个域名, dnsmasq可以正确解析.
addn-hosts=...

# Include another lot of configuration options.
# conf-file=/etc/dnsmasq.more.conf
# 可以把配置文件分离到其他文件或文件夹里, 可以有多个
conf-dir=...

参考

dnsmasq - ArchWiki

Wildcard subdomains with dnsmasq

Stop DNSMasq From Forwarding Local Hostnames

Assign multiple IPs to 1 Entry in hosts file

Is there a way to use a specific DNS for a specific domain?

有个简短的视频可以参考 Configuring DNS With Dnsmasq and Ubuntu Server

路由器UDP端口转发无效, 竟然是conntrack的问题

Posted on 2022-11-21 Edited on 2024-07-07 Disqus:

问题现象

需求是将服务的UDP流量从机器A切换到机器B. 路由器操作前机器A和机器B相关服务已准备就绪. 切换期间上游会一直有流量过来.

路由器设置端口转发, UDP协议, 外部端口保持不变的情况下改变内部IP, 保存后不生效, UDP包仍然会发送到原来的内网IP.

在机器A上运行tcpdump:

1 2	06:13:05.130930 IP (tos 0x28, ttl 61, id 60828, offset 0, flags [none], proto UDP (17), length 176) ##.##.##.##.51820 > ##.##.##.##.51820: UDP, length 148

注意此时机器A上已没有服务监听在目标端口, 已通过iptables DROP来源包, 否则会有ICMP不可达报文

05:48:51.052956 IP (tos 0xc8, ttl 64, id 24675, offset 0, flags [none], proto ICMP (1), length 204)
    ##.##.##.## > ##.##.##.##: ICMP ##.##.##.## udp port 51820 unreachable, length 184
        IP (tos 0x28, ttl 61, id 15781, offset 0, flags [none], proto UDP (17), length 176)
    ##.##.##.##.51820 > ##.##.##.##.51820: UDP, length 148

在机器B(新的目标机)运行tcpdump接收不到包.

问题排查

机器A和B本地排查无果, 登录路由器进行排查.

运行conntrack -L:

1
2

udp      17 47 src=[远端机器的IP] dst=[路由器公网侧IP] sport=51820 dport=53820 src=[机器A的IP] dst=[远端机器的IP] sport=51820 dport=51820 [ASSURED] mark=0 use=1
conntrack v1.4.5 (conntrack-tools): 686 flow entries have been shown.

运行iptables -t nat -vnL

1	0 0 DNAT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:53820 to:192.168.50.3:53820

可以看到端口转发配置是生效的, 但是因为有conntrack规则的存在所以后续来的包并没有被当成”新的链接”走iptables, 而是继续按照conntrack中的规则进行转发.

这里比较怀疑这个特定版本的conntrack可能经过魔改, 查到的标准是180秒内如果没有回包, conntrack规则就应该被移除. 但实际上在路由器上可以看到:

udp      17 1 src=##.##.##.## dst=##.##.##.## sport=51820 dport=53820 src=##.##.##.## dst=##.##.##.## sport=51820 dport=51820 [ASSURED] mark=0 use=1
conntrack v1.4.5 (conntrack-tools): 710 flow entries have been shown.
udp      17 0 src=##.##.##.## dst=##.##.##.## sport=51820 dport=53820 src=##.##.##.## dst=##.##.##.## sport=51820 dport=51820 [ASSURED] mark=0 use=1
conntrack v1.4.5 (conntrack-tools): 710 flow entries have been shown.
udp      17 179 src=##.##.##.## dst=##.##.##.## sport=51820 dport=53820 src=##.##.##.## dst=##.##.##.## sport=51820 dport=51820 [ASSURED] mark=0 use=1
conntrack v1.4.5 (conntrack-tools): 707 flow entries have been shown.

很明显, 规则定时归0时没有被删除而是重置了倒计时.

解决方案

在路由器上, 使用命令删除这条规则: conntrack -D -p udp --dport 53820

删除后马上在机器B的tcpdump上就可以看到来自远端机器的UDP流量了.

参考

portmap: delete UDP conntrack entries on teardown · Issue #123 · containernetworking/plugins

在CNI github issue里找到了一个类似的问题, 带udp端口转发的pod移除的时候需要手动调conntrack删除掉NAT规则, 否则流量将无法分配到新的pod上. 但这种场景里路由器(上层NAT设备)一般是不在控制范围内的, 可能除了在远端发起换端口之外没有任何办法了…

netfilter: Kill unreplied conntracks by ICMP errors

这里有一个patch提议说可以用ICMP错误回包来剔除掉netfilter conntrack里无效的规则, 但应该没有被merge到linux kernel里.

Linux Packet Filtering and iptables - 7.5. UDP connections

Iptables Tutorial 1.2.1 - 7.5. UDP connections

The conntrack-tools user manual

Conntrack tales - one thousand and one flows

Connection Tracking (conntrack): Design and Implementation Inside Linux Kernel

近期优秀作品推荐 2022年11月-12月

Posted on 2022-11-16 Edited on 2024-07-07 Disqus:

勇敢勇敢我的拓海

【公式】ベノム／かいりきベア feat.flower

【公式】ダーリンダンス／かいりきベア feat.初音ミク

学 E U R O B E A T

軟硬為Eason打做麥當勞新廣告歌麦当劳无限好完整版

【抖音热歌】越南神曲See Tình 叮叮当当中文字幕无损音质 | See Tình (Cucak Remix DJ抖音版) - Hoàng Thùy Linh『叮叮当当 Tình tình tình tang tang tính。』【動態歌詞】♪ 抖音 waywayway 叮叮当当

Funkytown 鸡块旋转一分钟BGM

Illusionary Daytime (抖音 Tiktok Remix FKhouse 2022) || Hot Tiktok Douyin 抖音热播坤坤摇BGM

ブルーアーカイブ Blue Archive OST 7. Unwelcome School

兔裹煎蛋捲 - 覓紅【歌詞字幕 / 完整高清音質】♫「不愁無處覓紅去尋香自相見…」Tuguo Jiandan Juan - Seek Red 某个水浒传混剪用的BGM

Sunseting Billows 惊涛落日昊京变身BGM

Tower of Flower

Lycoris Recoil ED - Tower of Flower Remix v2

Sad Eye, Chris Kilroy - California Crush (feat. Swedish Red Elephant)

BENEE - Supalonely ft. Gus Dapperton

【maimai】花と、雪と、ドラムンベース。/kanone feat. せんざい据说是maimai圈的梗曲

Mike Williams X Curbi - Take Me There (Official Music Video)

Dimitri Vegas, Martin Garrix, Like Mike - Tremor (Official Music Video)

Hardwell, KAAZE & Jonathan Mendelsohn - We Are Legends (Full Video)

Darren Styles - The Dragon (Official Video) | 致命节奏

Imagine Dragons - Thunder (Lyrics)

The Tech Thieves - Fake

Brooks & GRX - Boomerang (Official Video)

Don’t Care - S3RL & IC3MANIA ft Kayliana

Aiobahn feat. KOTOKO - INTERNET OVERDOSE (Official Music Video) [Theme for NEEDY GIRL OVERDOSE]

⚡团长在沈阳当姬吧⚡

Calvin Harris - Outside (Official Video) ft. Ellie Goulding

KSHMR - Wildcard (ft. Sidnie Tipton) 结尾有特殊变化的Wildcard KSHMR - The Lion Across The Field EP

「补档」理塘金曲：I Got Smoke（1376届格莱美说唱钻石单曲）1080P 新的大山

蔡健雅-紅色高跟鞋『你像窝在被子里的舒服』【動態歌詞Lyrics】红色高跟鞋

【香蜜沉沉燼如霜】左手指月–薩頂頂《自製歌詞MV》左手指月

春天的芭蕾原唱常思思

Snow Halation - µ’s [FULL ENG/ROM LYRICS + COLOR CODED] | Love Live!

往期优秀作品推荐

2022年9-10月

PiHole添加泛解析DNS

Posted on 2022-11-02 Edited on 2024-07-07 Disqus:

WebUI上的Local DNS只支持添加完整域名的解析, 输入泛解析会报错.

创建dnsmasq配置文件: sudo vim /etc/dnsmasq.d/02-wildcard-dns.conf

1	address=/域名/IP

此处域名不需要带*.前缀, 直接写完整部分即可. 例如 example.com, 添加后 *.example.com 都会被解析到这个IP地址.

重新加载配置 sudo systemctl reload pihole-FTL.service 也可以使用restart

参考

Wildcard DNS in Pihole

Is it possible to add a wildcard CNAME into dnsmasq?

近期优秀作品推荐 2022年9月-10月

Posted on 2022-09-22 Edited on 2024-07-07 Disqus:

我想静静 - 秋裤大叔 (DJ阿遠Remix)

雪十郎 - 伤过的心（DJ小鱼儿 Remix）『世上的人总有千千万万没有了谁都能继续表演』【可视化音乐歌词版】超高无损音质

雪十郎、龙左 - 爷们要战斗 (抖音热播DJ版) Nam Tử Hán Phải Chiến Đấu (Remix)『我爸说了，是个爷们儿，就应该去战斗，爷们要战斗』【抖音火流行歌曲推荐TikTok】

Five Nights at Freddy’s 2 Song - The Living Tombstone (FNAF2)

Five Nights at Freddy’s 4 Song - I Got No Time (FNAF4) - The Living Tombstone

【陰キャの逆襲】イナくなっちゃえ大作戦 / みつあくま feast. 初音ミク（DOMESTIC Revenger）

Orange Range - Sushi Tabetai feat. Soy Sauce

Full Sail - Demented Sound Mafia

往期优秀作品推荐

2022年8月

基于WireGuard组网,利用GRE+Bonding实现负载均衡

Posted on 2022-08-15 Edited on 2024-07-07 Disqus:

本文主要关注基于ip命令的配置, 尽量避免使用ifconfig, route, brctl等传统命令, 尽量避开使用systemd-network等网络管理器.

本文基于利用OSPF协议实现WireGuard高可用并假设已存在一个由WireGuard安全点对点连接组成的网络, 且网络中运行一种IGP协议(例如OSPF).

网络拓扑如上图. 其中点对点链路均使用/30网段, 各路由器均运行OSPF协议. 现在想利用Router 10.65.1.1, 10.65.1.2 两台机器实现Router 10.65.2.2 和 10.65.2.1 流量最大化通信.

由于WireGuard本身运行在L3/IP层, 且官方版本不支持设置mac地址(有魔改版据说做到了), 我们无法利用Linux本身提供的Bonding功能来做原生负载均衡. 因此可以在 10.65.2.2 和 10.65.2.1 之间分别搭建两条经过不同路由的GRE隧道, 然后在两侧分别将两个GRE端口绑定起来.

需要注意的是, GRE隧道分为GRE和GRETAP, 其中GRE也是运行在L3的, GRETAP则是运行在L2的. 尽管GRE没有加密功能, 但由于外层隧道本身是加密的, 所以不会有安全问题, 也避免了多次加密带来的性能损耗.

首先加载必要的kernel module (不过这一步似乎可以省略, 因为新建gre设备的时候会自动加载)

1 2	modprobe ip_gre modprobe bonding

创建GRE隧道

在Router 10.65.2.2上:

ip link add gre1 type gretap local 10.65.0.2 remote 10.65.0.6 ttl 255
ip addr add 10.66.0.1/24 dev gre1
ip link set dev gre1 up

ip link add gre2 type gretap local 10.65.0.14 remote 10.65.0.10 ttl 255
ip addr add 10.66.1.1/24 dev gre2
ip link set dev gre2 up

在Router 10.65.2.1上:

ip link add gre1 type gretap local 10.65.0.6 remote 10.65.0.2
ip addr add 10.66.0.2/24 dev gre1
ip link set dev gre1 up

ip link add gre2 type gretap local 10.65.0.10 remote 10.65.0.14
ip addr add 10.66.1.2/24 dev gre2
ip link set dev gre2 up

此时两侧应该可以通过gre隧道ping通:

1
2
3

PING 10.66.0.2 (10.66.0.2) 56(84) bytes of data.
64 bytes from 10.66.0.2: icmp_seq=1 ttl=64 time=...
...

创建Bonding

注意: 向bonding添加slave时, 对应的设备状态不能为up.

在Router 10.65.2.2上:

ip link add bond0 type bond
ip link set dev bond0 type bond mode balance-rr
ip addr add 10.67.0.1/24 dev bond0

ip link set dev gre1 down
ip link set dev gre1 master bond0
ip link set dev gre1 up

ip link set dev gre2 down
ip link set dev gre2 master bond0
ip link set dev gre2 up

ip link set dev bond0 up

这里, 由于需求是尽量使用带宽, 这里采用了balance-rr模式, 即平均分配入流量到两个接口上. 此外还有 active-backup, balance-xor, broadcase, 802.3ad, balance-tlb, balance-alb 等模式.

在Router 10.65.2.1上:

ip link add bond0 type bond
ip link set dev bond0 type bond mode balance-rr
ip addr add 10.67.0.2/24 dev bond0

ip link set dev gre1c down
ip link set dev gre1c master bond0
ip link set dev gre1c up

ip link set dev gre2c down
ip link set dev gre2c master bond0
ip link set dev gre2c up

ip link set dev bond0 up

此时两侧应该可以通过bond0的地址ping通:

1
2
3

PING 10.67.0.1 (10.67.0.1) 56(84) bytes of data.
64 bytes from 10.67.0.1: icmp_seq=1 ttl=64 time=...
...

不知道为什么, 在两侧bond0都启动完成后, 如果只从一侧开始ping刚开始并不能ping通, 如果此时从另一侧也开始ping, 那么两侧从此都可以互相ping通. 推测可能是没有给bond0设置miimon等参数导致的. (MIIMON是Media Independent Interface Monitoring的缩写)

bonding的状态可以通过 /proc/net/bonding/bond0 获取:

Ethernet Channel Bonding Driver: v3.7.1 (April 27, 2011)

Bonding Mode: load balancing (round-robin)
MII Status: up
MII Polling Interval (ms): 0
Up Delay (ms): 0
Down Delay (ms): 0
Peer Notification Delay (ms): 0

Slave Interface: gre1
MII Status: up
Speed: Unknown
Duplex: Unknown
Link Failure Count: 0
Permanent HW addr: ...
Slave queue ID: 0

Slave Interface: gre2
MII Status: up
Speed: Unknown
Duplex: Unknown
Link Failure Count: 0
Permanent HW addr: ...
Slave queue ID: 0

至此已基本搭建完毕. 在两侧通过bond0的地址使用iperf3进行测速, 实测可以达到几乎双倍的速度.

另外, 由于底层网络基于WG+OSPF, 当网络中有节点掉线的时, bond接口会有短暂的丢包(实际观测看要>50%, 几乎65%) 经过一段时间OSPF完成收敛后(默认配置下大约45秒), bond接口就会恢复正常. 推测如果bond接口本身配置了miimon可能在bond层会先剔除掉超时的slave.

最后我们来计算一下开销:

只考虑IPv4的情况下, 从外到内分别是:

外层IPv4, 20 bytes
UDP, 8 bytes
WireGuard, 32 bytes
内层IPv4, 20 bytes
GRE, 4 bytes
以太网帧头部, 14 bytes (因为用的是L2 GRETAP)

最终在基础MTU=1500的前提下, 最内层MTU还剩下1402. 如果外层内层均更换为IPv6, 由于IPv6 header为40 bytes, 那么最后留给最内层的MTU还剩下1362, 距离IPv6要求的最低1280还有一点空间.

最开始给gre隧道挂到bridge下面了, 结果两边bridge一开直接回环网络风暴… = =||

参考资料

GRE bridging, IPsec and NFQUEUE

SETUP GRE TUNNEL ON UBUNTU 20 LINUX SERVER

Syntax for changing the bond mode of an interface

ip-link(8) — Linux manual page

networking:bonding [Wiki]

Bonding - Debian Wiki

7.7. Using Channel Bonding

10.5 Configuring Network Interface Bonding

Switch flooding when bonding interfaces in Linux

A Beginner’s Guide to Generic Routing Encapsulation

How to create a GRE tunnel on Linux

近期优秀作品推荐 2022年8月

Posted on 2022-08-11 Edited on 2024-07-07 Disqus:

Marnik - Up & Down (Official Video)

Schadenfreude - S3RL

OUTRAGE & Jetty Rachers & Hi3ND - Desire

YOASOBI「三原色」Official Music Video

Doki Doki ドキドキ - S3RL ft Kawaiiconic

Wanna Fight Huh - S3RL

PinocchioP - Magical Girl and Chocolate feat. Hatsune Miku | 【初音ミク】魔法少女とチョコレゐト【ピノキオピー】

PinocchioP - SLoWMoTIoN feat. Hatsune Miku

【脈アリ？】最近カレ死が冷たいの / みつあくま feat. 初音ミク【プロセカNEXT】 (Necro-Fantasista)

【ママに内緒で】ショウコ隠滅、少女純潔 / みつあくま fealty. 初音ミク【プロセカNEXT】 (Virgin birth) | 【初音ミク】【对妈妈保密】消灭证据，少女纯洁【みつあくま】 (Virgin birth)

“終わカレ”はブロックで / みつあくま fear. 初音ミク【プロセカNEXT】(My ex Blocker)

Anemone / mitsu_devil

Ephemeral Melody

往期优秀作品推荐

2022年6-7月

近期优秀作品推荐 2022年6-7月

Posted on 2022-07-17 Edited on 2024-07-07 Disqus:

Jannik - Grace 惊鸿 / 网易云音乐

PinocchioP - God-ish feat. Hatsune Miku / 【初音ミク】神っぽいな (像神一样呐)【ピノキオピー】

【五学】像阁下一样呐

The Weeknd - Out of Time (Official Video) 103.5 DAWN FM

R3HAB & KSHMR - Strong (Official Music Video)

Marnik, LUNAX - Bye Bye Bye (Lyrics Video)

Doja Cat - Vegas (From the Original Motion Picture Soundtrack ELVIS) (Official Video)

伊格赛听 & 叶里 - 谪仙(DJ名龙)「称谪仙瑶宫难留，去凡间红楼斗酒」【動態歌詞/pīn yīn gē cí】

麦小兜 - 下山【動態歌詞/Lyrics Video】

往期优秀作品推荐

2022年5月

修复Ryzen Master引起的WmiPrvSE.exe CPU高占用

Posted on 2022-06-03 Edited on 2024-07-07 Disqus:

现象: WmiPrvSE.exe(SYSTEM)高CPU占用.

排查原因: 事件查看器 应用程序和服务日志/Microsoft/Windows/WMI-Activity/Trace 右键启用日志. 可以看到里面提示了发起WMI调用的ClientProcessId, 定位到进程 AUEPMaster.exe

解决方案: Ryzen Master 设置/用户体验计划/AMD用户体验计划 选择退订即可.

参考

WMI Provider Host at high usage due to AUEPMaster.exe causing errors.

Web-Based Enterprise Management Wbem

WMI-Activity Event 5858 logged frequently with ResultCode 0x80041032

利用OSPF协议实现WireGuard高可用

Posted on 2022-05-16 Edited on 2024-07-07 Disqus:

系统: Ubuntu 20.04.4 LTS

内核: 5.4.0-105-generic #119-Ubuntu SMP, 5.4.0-109-generic #123-Ubuntu SMP, 5.4.0-110-generic #124-Ubuntu SMP

本文以三台机器组网举例, 首先先用WireGuard组成一个Mesh网络(过程略). 在组网的过程中需要注意:

Table=off 关闭wg-quick自动添加路由表的功能.
Address=xxxx/xx CIDR网络号要写正确才能保证被BIRD识别. (刚开始没写, BIRD会默认为是/32 从而学习不到路由…)
sysctl net.ipv4.conf.all.forwarding=1 或 sysctl net.ipv4.ip_forward=1‘
(可选) iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE 如果需要从两端ping通对方的话

接下来安装BIRDv2 (BIRD Internet Routing Daemon): sudo apt install bird2 注意不要装错成 BIRDv1 了.

本次组网准备实现以下目标:

将三台机器组成一个OSPF网络并学习基本概念
实现WireGuard的Failover, 当Mesh网络间两点断开时, 自动切换路由为绕路.
尝试实现Load balancing.

安装完BIRD之后编辑文件 /etc/bird/bird.conf, 配置可以参考下面(注释):

log syslog all;
debug protocols all;

#这个值对于不同的节点应该是不同的, 但不需要是真的IP地址.
router id 10.65.2.2;

# 对于边界的节点, 加上这部分
protocol direct {
    ipv4;
    interface "eth0";  # 根据主机上网卡实际名称填写.
}

protocol kernel {
    ipv4 {
        export where proto = "wg";
    };
}

protocol ospf v2 wg {
    # Cost一样的时候要不要启用负载均衡. ECMP默认是开的.
    ecmp yes;
    merge path yes;

    ipv4 {
        import where net !~ [10.65.2.0/24, 10.65.1.0/24];
        export all;
    };

    # 这个Area也不需要是真的IP地址, 但为了方便可以起这个名字
    area 10.65.2.0 {
        interface "test0" {
            # 默认Cost是10, Cost越低选路优先. 注意这个Cost是单向向外的.
            cost 5;
            
            # 密码, 对端没有的话就不能建立邻居关系, 可以去掉.
            authentication cryptographic;
            password "pass" {
                algorithm hmac sha256;
            }

            # 链接类型定义. 由于是基于WireGuard的, 所以可以改成PTP网络, 会稍微减少消耗加快速度, 但实际用途不大.
            type ptp;
        };
        interface "test1";
    };

    # 有其它的区域可以继续定义. Area号为0的区域是骨干网特殊区域.
}

# 如果还有其它OSPF网络可以在下面继续写.
#protocol ospf v2 lan {
#    ...
#}

运行 sudo birdc configure 生效配置.

可以看到本地经WireGuard发往多播地址 224.0.0.5 和 224.0.0.22 的包: sudo tcpdump -vvni test1

03:10:32.994883 IP (tos 0xc0, ttl 1, id 13399, offset 0, flags [none], proto OSPF (89), length 64)
    10.65.2.1 > 224.0.0.5: OSPFv2, Hello, length 44
        Router-ID 10.65.2.1, Area 10.65.2.0, Authentication Type: none (0)
        Options [External]
          Hello Timer 10s, Dead Timer 40s, Mask 255.255.255.0, Priority 1
03:10:33.006977 IP (tos 0xc0, ttl 1, id 0, offset 0, flags [DF], proto IGMP (2), length 40, options (RA))
    10.65.2.1 > 224.0.0.22: igmp v3 report, 1 group record(s) [gaddr 224.0.0.5 to_ex { }]
03:10:33.146978 IP (tos 0xc0, ttl 1, id 0, offset 0, flags [DF], proto IGMP (2), length 40, options (RA))
    10.65.2.1 > 224.0.0.22: igmp v3 report, 1 group record(s) [gaddr 224.0.0.5 to_ex { }]

224.0.0.5: The Open Shortest Path First (OSPF) All OSPF Routers address is used to send Hello packets to all OSPF routers on a network segment. Not routable.

224.0.0.22: Internet Group Management Protocol (IGMP) version 3. Not routable.

打开另一端的BIRD服务, 可以看到两方交换了路由信息:

03:10:42.003012 IP (tos 0xc0, ttl 1, id 33479, offset 0, flags [none], proto OSPF (89), length 68)
    10.65.2.2 > 224.0.0.5: OSPFv2, Hello, length 48
        Router-ID 10.65.2.2, Area 10.65.2.0, Authentication Type: none (0)
        Options [External]
          Hello Timer 10s, Dead Timer 40s, Mask 255.255.255.0, Priority 1
          Neighbor List:
            10.65.2.1
03:10:42.003332 IP (tos 0xc0, ttl 1, id 21524, offset 0, flags [none], proto OSPF (89), length 52)
    10.65.2.1 > 10.65.2.2: OSPFv2, Database Description, length 32
        Router-ID 10.65.2.1, Area 10.65.2.0, Authentication Type: none (0)
        Options [External, Opaque], DD Flags [Init, More, Master], MTU: 1420, Sequence: 0x5cf0abf6
03:10:42.337447 IP (tos 0xc0, ttl 1, id 39044, offset 0, flags [none], proto OSPF (89), length 52)
    10.65.2.2 > 10.65.2.1: OSPFv2, Database Description, length 32
        Router-ID 10.65.2.2, Area 10.65.2.0, Authentication Type: none (0)
        Options [External, Opaque], DD Flags [Init, More, Master], MTU: 1420, Sequence: 0x159cc5bf
03:10:42.337594 IP (tos 0xc0, ttl 1, id 21573, offset 0, flags [none], proto OSPF (89), length 92)
    10.65.2.1 > 10.65.2.2: OSPFv2, Database Description, length 72
        Router-ID 10.65.2.1, Area 10.65.2.0, Authentication Type: none (0)
        Options [External, Opaque], DD Flags [none], MTU: 1420, Sequence: 0x159cc5bf
          Advertising Router 10.65.2.1, seq 0x80000001, age 9s, length 16
            External LSA (5), LSA-ID: 192.168.50.255
            Options: [External]
          Advertising Router 10.65.2.1, seq 0x80000001, age 8s, length 28
            Router LSA (1), LSA-ID: 10.65.2.1
            Options: [External, Opaque]
03:10:42.671947 IP (tos 0xc0, ttl 1, id 39091, offset 0, flags [none], proto OSPF (89), length 92)
    10.65.2.2 > 10.65.2.1: OSPFv2, Database Description, length 72
        Router-ID 10.65.2.2, Area 10.65.2.0, Authentication Type: none (0)
        Options [External, Opaque], DD Flags [Master], MTU: 1420, Sequence: 0x159cc5c0
          Advertising Router 10.65.2.2, seq 0x80000001, age 393s, length 16
            External LSA (5), LSA-ID: 192.168.31.0
            Options: [External]
          Advertising Router 10.65.2.2, seq 0x80000003, age 74s, length 28
            Router LSA (1), LSA-ID: 10.65.2.2
            Options: [External, Opaque]
03:10:42.671966 IP (tos 0xc0, ttl 1, id 39092, offset 0, flags [none], proto OSPF (89), length 68)
    10.65.2.2 > 10.65.2.1: OSPFv2, LS-Request, length 48
        Router-ID 10.65.2.2, Area 10.65.2.0, Authentication Type: none (0)
          Advertising Router: 10.65.2.1, External LSA (5), LSA-ID: 192.168.50.255
          Advertising Router: 10.65.2.1, Router LSA (1), LSA-ID: 10.65.2.1
03:10:42.672043 IP (tos 0xc0, ttl 1, id 21603, offset 0, flags [none], proto OSPF (89), length 52)
    10.65.2.1 > 10.65.2.2: OSPFv2, Database Description, length 32
        Router-ID 10.65.2.1, Area 10.65.2.0, Authentication Type: none (0)
        Options [External, Opaque], DD Flags [none], MTU: 1420, Sequence: 0x159cc5c0
03:10:42.672065 IP (tos 0xc0, ttl 1, id 21604, offset 0, flags [none], proto OSPF (89), length 68)
    10.65.2.1 > 10.65.2.2: OSPFv2, LS-Request, length 48
        Router-ID 10.65.2.1, Area 10.65.2.0, Authentication Type: none (0)
          Advertising Router: 10.65.2.2, External LSA (5), LSA-ID: 192.168.31.0
          Advertising Router: 10.65.2.2, Router LSA (1), LSA-ID: 10.65.2.2
03:10:42.672092 IP (tos 0xc0, ttl 1, id 21605, offset 0, flags [none], proto OSPF (89), length 132)
    10.65.2.1 > 10.65.2.2: OSPFv2, LS-Update, length 112
        Router-ID 10.65.2.1, Area 10.65.2.0, Authentication Type: none (0), 2 LSAs
          LSA #1
          Advertising Router 10.65.2.1, seq 0x80000001, age 10s, length 16
            External LSA (5), LSA-ID: 192.168.50.255
            Options: [External]
            Mask 255.255.255.0
                topology default (0), type 2, metric 10000
            0x0000:  ffff ff00 8000 2710 0000 0000 0000 0000
          LSA #2
          Advertising Router 10.65.2.1, seq 0x80000001, age 9s, length 28
            Router LSA (1), LSA-ID: 10.65.2.1
            Options: [External, Opaque]
            Router LSA Options: [ASBR]
              Stub Network: 10.65.0.0, Mask: 255.255.255.0
                topology default (0), metric 5
              Stub Network: 10.65.2.0, Mask: 255.255.255.0
                topology default (0), metric 10
            0x0000:  0200 0002 0a41 0000 ffff ff00 0300 0005
            0x0010:  0a41 0200 ffff ff00 0300 000a
03:10:42.992559 IP (tos 0xc0, ttl 1, id 14826, offset 0, flags [none], proto OSPF (89), length 68)
    10.65.2.1 > 224.0.0.5: OSPFv2, Hello, length 48
        Router-ID 10.65.2.1, Area 10.65.2.0, Authentication Type: none (0)
        Options [External]
          Hello Timer 10s, Dead Timer 40s, Mask 255.255.255.0, Priority 1
          Neighbor List:
            10.65.2.2
03:10:43.005716 IP (tos 0xc0, ttl 1, id 39106, offset 0, flags [none], proto OSPF (89), length 132)
    10.65.2.2 > 10.65.2.1: OSPFv2, LS-Update, length 112
        Router-ID 10.65.2.2, Area 10.65.2.0, Authentication Type: none (0), 2 LSAs
          LSA #1
          Advertising Router 10.65.2.2, seq 0x80000001, age 395s, length 16
            External LSA (5), LSA-ID: 192.168.31.0
            Options: [External]
            Mask 255.255.255.0
                topology default (0), type 2, metric 10000
            0x0000:  ffff ff00 8000 2710 0000 0000 0000 0000
          LSA #2
          Advertising Router 10.65.2.2, seq 0x80000003, age 76s, length 28
            Router LSA (1), LSA-ID: 10.65.2.2
            Options: [External, Opaque]
            Router LSA Options: [ASBR]
              Stub Network: 10.65.1.0, Mask: 255.255.255.0
                topology default (0), metric 5
              Stub Network: 10.65.2.0, Mask: 255.255.255.0
                topology default (0), metric 10
            0x0000:  0200 0002 0a41 0100 ffff ff00 0300 0005
            0x0010:  0a41 0200 ffff ff00 0300 000a
03:10:44.093123 IP (tos 0xc0, ttl 1, id 21893, offset 0, flags [none], proto OSPF (89), length 108)
    10.65.2.1 > 10.65.2.2: OSPFv2, LS-Update, length 88
        Router-ID 10.65.2.1, Area 10.65.2.0, Authentication Type: none (0), 1 LSA
          LSA #1
          Advertising Router 10.65.2.1, seq 0x80000002, age 1s, length 40
            Router LSA (1), LSA-ID: 10.65.2.1
            Options: [External, Opaque]
            Router LSA Options: [ASBR]
              Stub Network: 10.65.0.0, Mask: 255.255.255.0
                topology default (0), metric 5
              Neighbor Router-ID: 10.65.2.2, Interface Address: 10.65.2.1
                topology default (0), metric 10
              Stub Network: 10.65.2.0, Mask: 255.255.255.0
                topology default (0), metric 10
            0x0000:  0200 0003 0a41 0000 ffff ff00 0300 0005
            0x0010:  0a41 0202 0a41 0201 0100 000a 0a41 0200
            0x0020:  ffff ff00 0300 000a
03:10:44.427037 IP (tos 0xc0, ttl 1, id 39221, offset 0, flags [none], proto OSPF (89), length 108)
    10.65.2.2 > 10.65.2.1: OSPFv2, LS-Update, length 88
        Router-ID 10.65.2.2, Area 10.65.2.0, Authentication Type: none (0), 1 LSA
          LSA #1
          Advertising Router 10.65.2.2, seq 0x80000004, age 1s, length 40
            Router LSA (1), LSA-ID: 10.65.2.2
            Options: [External, Opaque]
            Router LSA Options: [ASBR]
              Stub Network: 10.65.1.0, Mask: 255.255.255.0
                topology default (0), metric 5
              Neighbor Router-ID: 10.65.2.1, Interface Address: 10.65.2.2
                topology default (0), metric 10
              Stub Network: 10.65.2.0, Mask: 255.255.255.0
                topology default (0), metric 10
            0x0000:  0200 0003 0a41 0100 ffff ff00 0300 0005
            0x0010:  0a41 0201 0a41 0202 0100 000a 0a41 0200
            0x0020:  ffff ff00 0300 000a
03:10:44.503378 IP (tos 0xc0, ttl 1, id 21953, offset 0, flags [none], proto OSPF (89), length 104)
    10.65.2.1 > 10.65.2.2: OSPFv2, LS-Ack, length 84
        Router-ID 10.65.2.1, Area 10.65.2.0, Authentication Type: none (0)
          Advertising Router 10.65.2.2, seq 0x80000001, age 395s, length 16
            External LSA (5), LSA-ID: 192.168.31.0
            Options: [External]
          Advertising Router 10.65.2.2, seq 0x80000003, age 76s, length 28
            Router LSA (1), LSA-ID: 10.65.2.2
            Options: [External, Opaque]
          Advertising Router 10.65.2.2, seq 0x80000004, age 1s, length 40
            Router LSA (1), LSA-ID: 10.65.2.2
            Options: [External, Opaque]
03:10:44.837345 IP (tos 0xc0, ttl 1, id 39305, offset 0, flags [none], proto OSPF (89), length 104)
    10.65.2.2 > 10.65.2.1: OSPFv2, LS-Ack, length 84
        Router-ID 10.65.2.2, Area 10.65.2.0, Authentication Type: none (0)
          Advertising Router 10.65.2.1, seq 0x80000001, age 10s, length 16
            External LSA (5), LSA-ID: 192.168.50.255
            Options: [External]
          Advertising Router 10.65.2.1, seq 0x80000001, age 9s, length 28
            Router LSA (1), LSA-ID: 10.65.2.1
            Options: [External, Opaque]
          Advertising Router 10.65.2.1, seq 0x80000002, age 1s, length 40
            Router LSA (1), LSA-ID: 10.65.2.1
            Options: [External, Opaque]
03:10:52.002272 IP (tos 0xc0, ttl 1, id 34658, offset 0, flags [none], proto OSPF (89), length 68)
    10.65.2.2 > 224.0.0.5: OSPFv2, Hello, length 48
        Router-ID 10.65.2.2, Area 10.65.2.0, Authentication Type: none (0)
        Options [External]
          Hello Timer 10s, Dead Timer 40s, Mask 255.255.255.0, Priority 1
          Neighbor List:
            10.65.2.1
03:10:52.993760 IP (tos 0xc0, ttl 1, id 14999, offset 0, flags [none], proto OSPF (89), length 68)
    10.65.2.1 > 224.0.0.5: OSPFv2, Hello, length 48
        Router-ID 10.65.2.1, Area 10.65.2.0, Authentication Type: none (0)
        Options [External]
          Hello Timer 10s, Dead Timer 40s, Mask 255.255.255.0, Priority 1
          Neighbor List:
            10.65.2.2

可以看到BIRD运行的日志: sudo journalctl -f -u bird.service

May 17 03:10:42 ubuntu-ss-new bird[99124]: wg: HELLO packet received from nbr 10.65.2.2 on test1
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg: New neighbor 10.65.2.2 on test1, IP address 10.65.2.2
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg: Neighbor 10.65.2.2 on test1 changed state from Down to Init
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg: Neighbor 10.65.2.2 on test1 changed state from Init to 2-Way
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg: Neighbor 10.65.2.2 on test1 changed state from 2-Way to ExStart
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg: DBDES packet sent to nbr 10.65.2.2 on test1
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg:     length   32
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg:     router   10.65.2.1
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg:     mtu      1420
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg:     imms     I M MS
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg:     ddseq    1559276534
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg: DBDES packet received from nbr 10.65.2.2 on test1
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg:     length   32
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg:     router   10.65.2.2
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg:     mtu      1420
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg:     imms     I M MS
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg:     ddseq    362595775
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg: Neighbor 10.65.2.2 on test1 changed state from ExStart to Exchange
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg: DBDES packet sent to nbr 10.65.2.2 on test1
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg:     length   72
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg:     router   10.65.2.1
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg:     mtu      1420
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg:     imms
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg:     ddseq    362595775
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg:     LSA      Type: 0005, Id: 192.168.50.255, Rt: 10.65.2.1, Seq: 80000001, Age: 9, Sum: 9120
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg:     LSA      Type: 0001, Id: 10.65.2.1, Rt: 10.65.2.1, Seq: 80000001, Age: 8, Sum: 2c90
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg: DBDES packet received from nbr 10.65.2.2 on test1
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg:     length   72
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg:     router   10.65.2.2
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg:     mtu      1420
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg:     imms     MS
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg:     ddseq    362595776
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg:     LSA      Type: 0005, Id: 192.168.31.0, Rt: 10.65.2.2, Seq: 80000001, Age: 393, Sum: 5d66
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg:     LSA      Type: 0001, Id: 10.65.2.2, Rt: 10.65.2.2, Seq: 80000003, Age: 74, Sum: 2196
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg: DBDES packet sent to nbr 10.65.2.2 on test1
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg:     length   32
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg:     router   10.65.2.1
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg:     mtu      1420
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg:     imms
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg:     ddseq    362595776
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg: Neighbor 10.65.2.2 on test1 changed state from Exchange to Loading
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg: LSREQ packet sent to nbr 10.65.2.2 on test1
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg:     length   48
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg:     router   10.65.2.1
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg:     LSR      Type: 0005, Id: 192.168.31.0, Rt: 10.65.2.2
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg:     LSR      Type: 0001, Id: 10.65.2.2, Rt: 10.65.2.2
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg: LSREQ packet received from nbr 10.65.2.2 on test1
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg:     length   48
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg:     router   10.65.2.2
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg:     LSR      Type: 0005, Id: 192.168.50.255, Rt: 10.65.2.1
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg:     LSR      Type: 0001, Id: 10.65.2.1, Rt: 10.65.2.1
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg: LSUPD packet sent to nbr 10.65.2.2 on test1
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg:     length   112
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg:     router   10.65.2.1
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg:     LSA      Type: 0005, Id: 192.168.50.255, Rt: 10.65.2.1, Seq: 80000001, Age: 10, Sum: 9120
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg:     LSA      Type: 0001, Id: 10.65.2.1, Rt: 10.65.2.1, Seq: 80000001, Age: 9, Sum: 2c90
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg: HELLO packet sent via test0
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg: HELLO packet sent via test1
May 17 03:10:43 ubuntu-ss-new bird[99124]: wg: LSUPD packet received from nbr 10.65.2.2 on test1
May 17 03:10:43 ubuntu-ss-new bird[99124]: wg:     length   112
May 17 03:10:43 ubuntu-ss-new bird[99124]: wg:     router   10.65.2.2
May 17 03:10:43 ubuntu-ss-new bird[99124]: wg:     LSA      Type: 0005, Id: 192.168.31.0, Rt: 10.65.2.2, Seq: 80000001, Age: 395, Sum: 5d66
May 17 03:10:43 ubuntu-ss-new bird[99124]: wg:     LSA      Type: 0001, Id: 10.65.2.2, Rt: 10.65.2.2, Seq: 80000003, Age: 76, Sum: 2196
May 17 03:10:43 ubuntu-ss-new bird[99124]: wg: Installing LSA: Type: 4005, Id: 192.168.31.0, Rt: 10.65.2.2, Seq: 80000001, Age: 395
May 17 03:10:43 ubuntu-ss-new bird[99124]: wg: Scheduling routing table calculation
May 17 03:10:43 ubuntu-ss-new bird[99124]: wg: Installing LSA: Type: 2001, Id: 10.65.2.2, Rt: 10.65.2.2, Seq: 80000003, Age: 76
May 17 03:10:43 ubuntu-ss-new bird[99124]: wg: Neighbor 10.65.2.2 on test1 changed state from Loading to Full
May 17 03:10:43 ubuntu-ss-new bird[99124]: wg: Updating router state for area 10.65.2.0
May 17 03:10:43 ubuntu-ss-new bird[99124]: wg: Originating LSA: Type: 2001, Id: 10.65.2.1, Rt: 10.65.2.1, Seq: 80000002
May 17 03:10:43 ubuntu-ss-new bird[99124]: wg: Starting routing table calculation
May 17 03:10:43 ubuntu-ss-new bird[99124]: wg: Starting routing table calculation for area 10.65.2.0
May 17 03:10:43 ubuntu-ss-new bird[99124]: wg: Starting routing table calculation for inter-area (area 10.65.2.0)
May 17 03:10:43 ubuntu-ss-new bird[99124]: wg: Starting routing table calculation for ext routes
May 17 03:10:43 ubuntu-ss-new bird[99124]: wg: Starting routing table synchronization
May 17 03:10:44 ubuntu-ss-new bird[99124]: wg: LSUPD packet flooded via test1
May 17 03:10:44 ubuntu-ss-new bird[99124]: wg:     length   88
May 17 03:10:44 ubuntu-ss-new bird[99124]: wg:     router   10.65.2.1
May 17 03:10:44 ubuntu-ss-new bird[99124]: wg:     LSA      Type: 0001, Id: 10.65.2.1, Rt: 10.65.2.1, Seq: 80000002, Age: 1, Sum: 4cb9
May 17 03:10:44 ubuntu-ss-new bird[99124]: wg: LSUPD packet received from nbr 10.65.2.2 on test1
May 17 03:10:44 ubuntu-ss-new bird[99124]: wg:     length   88
May 17 03:10:44 ubuntu-ss-new bird[99124]: wg:     router   10.65.2.2
May 17 03:10:44 ubuntu-ss-new bird[99124]: wg:     LSA      Type: 0001, Id: 10.65.2.2, Rt: 10.65.2.2, Seq: 80000004, Age: 1, Sum: 45bb
May 17 03:10:44 ubuntu-ss-new bird[99124]: wg: Installing LSA: Type: 2001, Id: 10.65.2.2, Rt: 10.65.2.2, Seq: 80000004, Age: 1
May 17 03:10:44 ubuntu-ss-new bird[99124]: wg: Scheduling routing table calculation
May 17 03:10:44 ubuntu-ss-new bird[99124]: wg: LSACK packet sent via test1
May 17 03:10:44 ubuntu-ss-new bird[99124]: wg:     length   84
May 17 03:10:44 ubuntu-ss-new bird[99124]: wg:     router   10.65.2.1
May 17 03:10:44 ubuntu-ss-new bird[99124]: wg:     LSA      Type: 0005, Id: 192.168.31.0, Rt: 10.65.2.2, Seq: 80000001, Age: 395, Sum: 5d66
May 17 03:10:44 ubuntu-ss-new bird[99124]: wg:     LSA      Type: 0001, Id: 10.65.2.2, Rt: 10.65.2.2, Seq: 80000003, Age: 76, Sum: 2196
May 17 03:10:44 ubuntu-ss-new bird[99124]: wg:     LSA      Type: 0001, Id: 10.65.2.2, Rt: 10.65.2.2, Seq: 80000004, Age: 1, Sum: 45bb
May 17 03:10:44 ubuntu-ss-new bird[99124]: wg: LSACK packet received from nbr 10.65.2.2 on test1
May 17 03:10:44 ubuntu-ss-new bird[99124]: wg:     length   84
May 17 03:10:44 ubuntu-ss-new bird[99124]: wg:     router   10.65.2.2
May 17 03:10:44 ubuntu-ss-new bird[99124]: wg:     LSA      Type: 0005, Id: 192.168.50.255, Rt: 10.65.2.1, Seq: 80000001, Age: 10, Sum: 9120
May 17 03:10:44 ubuntu-ss-new bird[99124]: wg:     LSA      Type: 0001, Id: 10.65.2.1, Rt: 10.65.2.1, Seq: 80000001, Age: 9, Sum: 2c90
May 17 03:10:44 ubuntu-ss-new bird[99124]: wg:     LSA      Type: 0001, Id: 10.65.2.1, Rt: 10.65.2.1, Seq: 80000002, Age: 1, Sum: 4cb9
May 17 03:10:44 ubuntu-ss-new bird[99124]: wg: Strange LSACK from nbr 10.65.2.2 on test1
May 17 03:10:44 ubuntu-ss-new bird[99124]: wg:     Type: 2001, Id: 10.65.2.1, Rt: 10.65.2.1
May 17 03:10:44 ubuntu-ss-new bird[99124]: wg:     I have: Seq: 80000002, Age:    0, Sum: 4cb9
May 17 03:10:44 ubuntu-ss-new bird[99124]: wg:     It has: Seq: 80000001, Age:    9, Sum: 2c90
May 17 03:10:45 ubuntu-ss-new bird[99124]: wg: Starting routing table calculation
May 17 03:10:45 ubuntu-ss-new bird[99124]: wg: Starting routing table calculation for area 10.65.2.0
May 17 03:10:45 ubuntu-ss-new bird[99124]: wg: Starting routing table calculation for inter-area (area 10.65.2.0)
May 17 03:10:45 ubuntu-ss-new bird[99124]: wg: Starting routing table calculation for ext routes
May 17 03:10:45 ubuntu-ss-new bird[99124]: wg: Starting routing table synchronization
May 17 03:10:45 ubuntu-ss-new bird[99124]: wg > added [best] 192.168.31.0/24 unicast
May 17 03:10:45 ubuntu-ss-new bird[99124]: kernel1 < added 192.168.31.0/24 unicast
May 17 03:10:45 ubuntu-ss-new bird[99124]: wg < rejected by protocol 192.168.31.0/24 unicast
May 17 03:10:45 ubuntu-ss-new bird[99124]: wg > added [best] 10.65.1.0/24 unicast
May 17 03:10:45 ubuntu-ss-new bird[99124]: kernel1 < added 10.65.1.0/24 unicast
May 17 03:10:45 ubuntu-ss-new bird[99124]: wg < rejected by protocol 10.65.1.0/24 unicast
May 17 03:10:52 ubuntu-ss-new bird[99124]: wg: HELLO packet received from nbr 10.65.2.2 on test1
May 17 03:10:52 ubuntu-ss-new bird[99124]: wg: HELLO packet sent via test1
May 17 03:10:52 ubuntu-ss-new bird[99124]: wg: HELLO packet sent via test0

OSPF信息交换完成后, 由于三个节点在同一个Area, 每个节点拿到的路由信息都是完整且相同的.

查看当前节点建立的OSPF邻居关系: sudo birdc show ospf neighbors

BIRD 2.0.7 ready.
wg:
Router ID       Pri          State      DTime   Interface  Router IP
10.65.2.1         1     Full/PtP        34.935  test0      10.65.0.2
10.65.2.2         1     Full/PtP        32.671  test1      10.65.1.2

查看OSPF状态 sudo birdc show ospf state:

BIRD 2.0.7 ready.

area 10.65.2.0

        router 10.65.1.1
                distance 0
                router 10.65.2.1 metric 5
                router 10.65.2.2 metric 5
                stubnet 10.65.0.0/24 metric 5
                stubnet 10.65.1.0/24 metric 5

        router 10.65.2.1
                distance 5
                router 10.65.1.1 metric 5
                router 10.65.2.2 metric 10
                stubnet 10.65.0.0/24 metric 5
                stubnet 10.65.2.0/24 metric 10
                external 192.168.50.0/24 metric2 10000

        router 10.65.2.2
                distance 5
                router 10.65.1.1 metric 5
                router 10.65.2.1 metric 10
                stubnet 10.65.1.0/24 metric 5
                stubnet 10.65.2.0/24 metric 10
                external 192.168.31.0/24 metric2 10000

查看BIRD控制的路由: sudo birdc show route

BIRD 2.0.7 ready.
Table master4:
192.168.31.0/24      unicast [wg 11:21:02.317] E2 (150/5/10000) [10.65.2.2]
        via 10.65.1.2 on test1
10.65.2.0/24         unicast [wg 11:21:06.318] I (150/15) [10.65.2.2]
        via 10.65.0.2 on test0 weight 1
        via 10.65.1.2 on test1 weight 1
192.168.50.0/24      unicast [wg 11:21:06.318] E2 (150/5/10000) [10.65.2.1]
        via 10.65.0.2 on test0