利用OSPF协议实现WireGuard高可用

系统: Ubuntu 20.04.4 LTS

内核: 5.4.0-105-generic #119-Ubuntu SMP, 5.4.0-109-generic #123-Ubuntu SMP, 5.4.0-110-generic #124-Ubuntu SMP

本文以三台机器组网举例, 首先先用WireGuard组成一个Mesh网络(过程略). 在组网的过程中需要注意:

1. Table=off 关闭wg-quick自动添加路由表的功能.

2. Address=xxxx/xx CIDR网络号要写正确才能保证被BIRD识别. (刚开始没写, BIRD会默认为是/32 从而学习不到路由…)

3. sysctl net.ipv4.conf.all.forwarding=1 或 sysctl net.ipv4.ip_forward=1‘

4. (可选) iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE 如果需要从两端ping通对方的话

接下来安装BIRDv2 (BIRD Internet Routing Daemon): sudo apt install bird2 注意不要装错成 BIRDv1 了.

本次组网准备实现以下目标:

1. 将三台机器组成一个OSPF网络并学习基本概念

2. 实现WireGuard的Failover, 当Mesh网络间两点断开时, 自动切换路由为绕路.

3. 尝试实现Load balancing.

安装完BIRD之后编辑文件 /etc/bird/bird.conf, 配置可以参考下面(注释):

log syslog all;
debug protocols all;

#这个值对于不同的节点应该是不同的, 但不需要是真的IP地址.
router id 10.65.2.2;

# 对于边界的节点, 加上这部分
protocol direct {
    ipv4;
    interface "eth0";  # 根据主机上网卡实际名称填写.
}

protocol kernel {
    ipv4 {
        export where proto = "wg";
    };
}

protocol ospf v2 wg {
    # Cost一样的时候要不要启用负载均衡. ECMP默认是开的.
    ecmp yes;
    merge path yes;

    ipv4 {
        import where net !~ [10.65.2.0/24, 10.65.1.0/24];
        export all;
    };

    # 这个Area也不需要是真的IP地址, 但为了方便可以起这个名字
    area 10.65.2.0 {
        interface "test0" {
            # 默认Cost是10, Cost越低选路优先. 注意这个Cost是单向向外的.
            cost 5;
            
            # 密码, 对端没有的话就不能建立邻居关系, 可以去掉.
            authentication cryptographic;
            password "pass" {
                algorithm hmac sha256;
            }

            # 链接类型定义. 由于是基于WireGuard的, 所以可以改成PTP网络, 会稍微减少消耗加快速度, 但实际用途不大.
            type ptp;
        };
        interface "test1";
    };

    # 有其它的区域可以继续定义. Area号为0的区域是骨干网特殊区域.
}

# 如果还有其它OSPF网络可以在下面继续写.
#protocol ospf v2 lan {
#    ...
#}

运行 sudo birdc configure 生效配置.

可以看到本地经WireGuard发往多播地址 224.0.0.5 和 224.0.0.22 的包: sudo tcpdump -vvni test1

03:10:32.994883 IP (tos 0xc0, ttl 1, id 13399, offset 0, flags [none], proto OSPF (89), length 64)
    10.65.2.1 > 224.0.0.5: OSPFv2, Hello, length 44
        Router-ID 10.65.2.1, Area 10.65.2.0, Authentication Type: none (0)
        Options [External]
          Hello Timer 10s, Dead Timer 40s, Mask 255.255.255.0, Priority 1
03:10:33.006977 IP (tos 0xc0, ttl 1, id 0, offset 0, flags [DF], proto IGMP (2), length 40, options (RA))
    10.65.2.1 > 224.0.0.22: igmp v3 report, 1 group record(s) [gaddr 224.0.0.5 to_ex { }]
03:10:33.146978 IP (tos 0xc0, ttl 1, id 0, offset 0, flags [DF], proto IGMP (2), length 40, options (RA))
    10.65.2.1 > 224.0.0.22: igmp v3 report, 1 group record(s) [gaddr 224.0.0.5 to_ex { }]

224.0.0.5: The Open Shortest Path First (OSPF) All OSPF Routers address is used to send Hello packets to all OSPF routers on a network segment. Not routable.

224.0.0.22: Internet Group Management Protocol (IGMP) version 3. Not routable.

打开另一端的BIRD服务, 可以看到两方交换了路由信息:

03:10:42.003012 IP (tos 0xc0, ttl 1, id 33479, offset 0, flags [none], proto OSPF (89), length 68)
    10.65.2.2 > 224.0.0.5: OSPFv2, Hello, length 48
        Router-ID 10.65.2.2, Area 10.65.2.0, Authentication Type: none (0)
        Options [External]
          Hello Timer 10s, Dead Timer 40s, Mask 255.255.255.0, Priority 1
          Neighbor List:
            10.65.2.1
03:10:42.003332 IP (tos 0xc0, ttl 1, id 21524, offset 0, flags [none], proto OSPF (89), length 52)
    10.65.2.1 > 10.65.2.2: OSPFv2, Database Description, length 32
        Router-ID 10.65.2.1, Area 10.65.2.0, Authentication Type: none (0)
        Options [External, Opaque], DD Flags [Init, More, Master], MTU: 1420, Sequence: 0x5cf0abf6
03:10:42.337447 IP (tos 0xc0, ttl 1, id 39044, offset 0, flags [none], proto OSPF (89), length 52)
    10.65.2.2 > 10.65.2.1: OSPFv2, Database Description, length 32
        Router-ID 10.65.2.2, Area 10.65.2.0, Authentication Type: none (0)
        Options [External, Opaque], DD Flags [Init, More, Master], MTU: 1420, Sequence: 0x159cc5bf
03:10:42.337594 IP (tos 0xc0, ttl 1, id 21573, offset 0, flags [none], proto OSPF (89), length 92)
    10.65.2.1 > 10.65.2.2: OSPFv2, Database Description, length 72
        Router-ID 10.65.2.1, Area 10.65.2.0, Authentication Type: none (0)
        Options [External, Opaque], DD Flags [none], MTU: 1420, Sequence: 0x159cc5bf
          Advertising Router 10.65.2.1, seq 0x80000001, age 9s, length 16
            External LSA (5), LSA-ID: 192.168.50.255
            Options: [External]
          Advertising Router 10.65.2.1, seq 0x80000001, age 8s, length 28
            Router LSA (1), LSA-ID: 10.65.2.1
            Options: [External, Opaque]
03:10:42.671947 IP (tos 0xc0, ttl 1, id 39091, offset 0, flags [none], proto OSPF (89), length 92)
    10.65.2.2 > 10.65.2.1: OSPFv2, Database Description, length 72
        Router-ID 10.65.2.2, Area 10.65.2.0, Authentication Type: none (0)
        Options [External, Opaque], DD Flags [Master], MTU: 1420, Sequence: 0x159cc5c0
          Advertising Router 10.65.2.2, seq 0x80000001, age 393s, length 16
            External LSA (5), LSA-ID: 192.168.31.0
            Options: [External]
          Advertising Router 10.65.2.2, seq 0x80000003, age 74s, length 28
            Router LSA (1), LSA-ID: 10.65.2.2
            Options: [External, Opaque]
03:10:42.671966 IP (tos 0xc0, ttl 1, id 39092, offset 0, flags [none], proto OSPF (89), length 68)
    10.65.2.2 > 10.65.2.1: OSPFv2, LS-Request, length 48
        Router-ID 10.65.2.2, Area 10.65.2.0, Authentication Type: none (0)
          Advertising Router: 10.65.2.1, External LSA (5), LSA-ID: 192.168.50.255
          Advertising Router: 10.65.2.1, Router LSA (1), LSA-ID: 10.65.2.1
03:10:42.672043 IP (tos 0xc0, ttl 1, id 21603, offset 0, flags [none], proto OSPF (89), length 52)
    10.65.2.1 > 10.65.2.2: OSPFv2, Database Description, length 32
        Router-ID 10.65.2.1, Area 10.65.2.0, Authentication Type: none (0)
        Options [External, Opaque], DD Flags [none], MTU: 1420, Sequence: 0x159cc5c0
03:10:42.672065 IP (tos 0xc0, ttl 1, id 21604, offset 0, flags [none], proto OSPF (89), length 68)
    10.65.2.1 > 10.65.2.2: OSPFv2, LS-Request, length 48
        Router-ID 10.65.2.1, Area 10.65.2.0, Authentication Type: none (0)
          Advertising Router: 10.65.2.2, External LSA (5), LSA-ID: 192.168.31.0
          Advertising Router: 10.65.2.2, Router LSA (1), LSA-ID: 10.65.2.2
03:10:42.672092 IP (tos 0xc0, ttl 1, id 21605, offset 0, flags [none], proto OSPF (89), length 132)
    10.65.2.1 > 10.65.2.2: OSPFv2, LS-Update, length 112
        Router-ID 10.65.2.1, Area 10.65.2.0, Authentication Type: none (0), 2 LSAs
          LSA #1
          Advertising Router 10.65.2.1, seq 0x80000001, age 10s, length 16
            External LSA (5), LSA-ID: 192.168.50.255
            Options: [External]
            Mask 255.255.255.0
                topology default (0), type 2, metric 10000
            0x0000:  ffff ff00 8000 2710 0000 0000 0000 0000
          LSA #2
          Advertising Router 10.65.2.1, seq 0x80000001, age 9s, length 28
            Router LSA (1), LSA-ID: 10.65.2.1
            Options: [External, Opaque]
            Router LSA Options: [ASBR]
              Stub Network: 10.65.0.0, Mask: 255.255.255.0
                topology default (0), metric 5
              Stub Network: 10.65.2.0, Mask: 255.255.255.0
                topology default (0), metric 10
            0x0000:  0200 0002 0a41 0000 ffff ff00 0300 0005
            0x0010:  0a41 0200 ffff ff00 0300 000a
03:10:42.992559 IP (tos 0xc0, ttl 1, id 14826, offset 0, flags [none], proto OSPF (89), length 68)
    10.65.2.1 > 224.0.0.5: OSPFv2, Hello, length 48
        Router-ID 10.65.2.1, Area 10.65.2.0, Authentication Type: none (0)
        Options [External]
          Hello Timer 10s, Dead Timer 40s, Mask 255.255.255.0, Priority 1
          Neighbor List:
            10.65.2.2
03:10:43.005716 IP (tos 0xc0, ttl 1, id 39106, offset 0, flags [none], proto OSPF (89), length 132)
    10.65.2.2 > 10.65.2.1: OSPFv2, LS-Update, length 112
        Router-ID 10.65.2.2, Area 10.65.2.0, Authentication Type: none (0), 2 LSAs
          LSA #1
          Advertising Router 10.65.2.2, seq 0x80000001, age 395s, length 16
            External LSA (5), LSA-ID: 192.168.31.0
            Options: [External]
            Mask 255.255.255.0
                topology default (0), type 2, metric 10000
            0x0000:  ffff ff00 8000 2710 0000 0000 0000 0000
          LSA #2
          Advertising Router 10.65.2.2, seq 0x80000003, age 76s, length 28
            Router LSA (1), LSA-ID: 10.65.2.2
            Options: [External, Opaque]
            Router LSA Options: [ASBR]
              Stub Network: 10.65.1.0, Mask: 255.255.255.0
                topology default (0), metric 5
              Stub Network: 10.65.2.0, Mask: 255.255.255.0
                topology default (0), metric 10
            0x0000:  0200 0002 0a41 0100 ffff ff00 0300 0005
            0x0010:  0a41 0200 ffff ff00 0300 000a
03:10:44.093123 IP (tos 0xc0, ttl 1, id 21893, offset 0, flags [none], proto OSPF (89), length 108)
    10.65.2.1 > 10.65.2.2: OSPFv2, LS-Update, length 88
        Router-ID 10.65.2.1, Area 10.65.2.0, Authentication Type: none (0), 1 LSA
          LSA #1
          Advertising Router 10.65.2.1, seq 0x80000002, age 1s, length 40
            Router LSA (1), LSA-ID: 10.65.2.1
            Options: [External, Opaque]
            Router LSA Options: [ASBR]
              Stub Network: 10.65.0.0, Mask: 255.255.255.0
                topology default (0), metric 5
              Neighbor Router-ID: 10.65.2.2, Interface Address: 10.65.2.1
                topology default (0), metric 10
              Stub Network: 10.65.2.0, Mask: 255.255.255.0
                topology default (0), metric 10
            0x0000:  0200 0003 0a41 0000 ffff ff00 0300 0005
            0x0010:  0a41 0202 0a41 0201 0100 000a 0a41 0200
            0x0020:  ffff ff00 0300 000a
03:10:44.427037 IP (tos 0xc0, ttl 1, id 39221, offset 0, flags [none], proto OSPF (89), length 108)
    10.65.2.2 > 10.65.2.1: OSPFv2, LS-Update, length 88
        Router-ID 10.65.2.2, Area 10.65.2.0, Authentication Type: none (0), 1 LSA
          LSA #1
          Advertising Router 10.65.2.2, seq 0x80000004, age 1s, length 40
            Router LSA (1), LSA-ID: 10.65.2.2
            Options: [External, Opaque]
            Router LSA Options: [ASBR]
              Stub Network: 10.65.1.0, Mask: 255.255.255.0
                topology default (0), metric 5
              Neighbor Router-ID: 10.65.2.1, Interface Address: 10.65.2.2
                topology default (0), metric 10
              Stub Network: 10.65.2.0, Mask: 255.255.255.0
                topology default (0), metric 10
            0x0000:  0200 0003 0a41 0100 ffff ff00 0300 0005
            0x0010:  0a41 0201 0a41 0202 0100 000a 0a41 0200
            0x0020:  ffff ff00 0300 000a
03:10:44.503378 IP (tos 0xc0, ttl 1, id 21953, offset 0, flags [none], proto OSPF (89), length 104)
    10.65.2.1 > 10.65.2.2: OSPFv2, LS-Ack, length 84
        Router-ID 10.65.2.1, Area 10.65.2.0, Authentication Type: none (0)
          Advertising Router 10.65.2.2, seq 0x80000001, age 395s, length 16
            External LSA (5), LSA-ID: 192.168.31.0
            Options: [External]
          Advertising Router 10.65.2.2, seq 0x80000003, age 76s, length 28
            Router LSA (1), LSA-ID: 10.65.2.2
            Options: [External, Opaque]
          Advertising Router 10.65.2.2, seq 0x80000004, age 1s, length 40
            Router LSA (1), LSA-ID: 10.65.2.2
            Options: [External, Opaque]
03:10:44.837345 IP (tos 0xc0, ttl 1, id 39305, offset 0, flags [none], proto OSPF (89), length 104)
    10.65.2.2 > 10.65.2.1: OSPFv2, LS-Ack, length 84
        Router-ID 10.65.2.2, Area 10.65.2.0, Authentication Type: none (0)
          Advertising Router 10.65.2.1, seq 0x80000001, age 10s, length 16
            External LSA (5), LSA-ID: 192.168.50.255
            Options: [External]
          Advertising Router 10.65.2.1, seq 0x80000001, age 9s, length 28
            Router LSA (1), LSA-ID: 10.65.2.1
            Options: [External, Opaque]
          Advertising Router 10.65.2.1, seq 0x80000002, age 1s, length 40
            Router LSA (1), LSA-ID: 10.65.2.1
            Options: [External, Opaque]
03:10:52.002272 IP (tos 0xc0, ttl 1, id 34658, offset 0, flags [none], proto OSPF (89), length 68)
    10.65.2.2 > 224.0.0.5: OSPFv2, Hello, length 48
        Router-ID 10.65.2.2, Area 10.65.2.0, Authentication Type: none (0)
        Options [External]
          Hello Timer 10s, Dead Timer 40s, Mask 255.255.255.0, Priority 1
          Neighbor List:
            10.65.2.1
03:10:52.993760 IP (tos 0xc0, ttl 1, id 14999, offset 0, flags [none], proto OSPF (89), length 68)
    10.65.2.1 > 224.0.0.5: OSPFv2, Hello, length 48
        Router-ID 10.65.2.1, Area 10.65.2.0, Authentication Type: none (0)
        Options [External]
          Hello Timer 10s, Dead Timer 40s, Mask 255.255.255.0, Priority 1
          Neighbor List:
            10.65.2.2

可以看到BIRD运行的日志: sudo journalctl -f -u bird.service

May 17 03:10:42 ubuntu-ss-new bird[99124]: wg: HELLO packet received from nbr 10.65.2.2 on test1
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg: New neighbor 10.65.2.2 on test1, IP address 10.65.2.2
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg: Neighbor 10.65.2.2 on test1 changed state from Down to Init
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg: Neighbor 10.65.2.2 on test1 changed state from Init to 2-Way
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg: Neighbor 10.65.2.2 on test1 changed state from 2-Way to ExStart
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg: DBDES packet sent to nbr 10.65.2.2 on test1
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg:     length   32
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg:     router   10.65.2.1
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg:     mtu      1420
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg:     imms     I M MS
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg:     ddseq    1559276534
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg: DBDES packet received from nbr 10.65.2.2 on test1
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg:     length   32
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg:     router   10.65.2.2
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg:     mtu      1420
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg:     imms     I M MS
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg:     ddseq    362595775
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg: Neighbor 10.65.2.2 on test1 changed state from ExStart to Exchange
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg: DBDES packet sent to nbr 10.65.2.2 on test1
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg:     length   72
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg:     router   10.65.2.1
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg:     mtu      1420
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg:     imms
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg:     ddseq    362595775
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg:     LSA      Type: 0005, Id: 192.168.50.255, Rt: 10.65.2.1, Seq: 80000001, Age: 9, Sum: 9120
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg:     LSA      Type: 0001, Id: 10.65.2.1, Rt: 10.65.2.1, Seq: 80000001, Age: 8, Sum: 2c90
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg: DBDES packet received from nbr 10.65.2.2 on test1
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg:     length   72
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg:     router   10.65.2.2
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg:     mtu      1420
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg:     imms     MS
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg:     ddseq    362595776
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg:     LSA      Type: 0005, Id: 192.168.31.0, Rt: 10.65.2.2, Seq: 80000001, Age: 393, Sum: 5d66
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg:     LSA      Type: 0001, Id: 10.65.2.2, Rt: 10.65.2.2, Seq: 80000003, Age: 74, Sum: 2196
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg: DBDES packet sent to nbr 10.65.2.2 on test1
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg:     length   32
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg:     router   10.65.2.1
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg:     mtu      1420
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg:     imms
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg:     ddseq    362595776
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg: Neighbor 10.65.2.2 on test1 changed state from Exchange to Loading
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg: LSREQ packet sent to nbr 10.65.2.2 on test1
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg:     length   48
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg:     router   10.65.2.1
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg:     LSR      Type: 0005, Id: 192.168.31.0, Rt: 10.65.2.2
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg:     LSR      Type: 0001, Id: 10.65.2.2, Rt: 10.65.2.2
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg: LSREQ packet received from nbr 10.65.2.2 on test1
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg:     length   48
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg:     router   10.65.2.2
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg:     LSR      Type: 0005, Id: 192.168.50.255, Rt: 10.65.2.1
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg:     LSR      Type: 0001, Id: 10.65.2.1, Rt: 10.65.2.1
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg: LSUPD packet sent to nbr 10.65.2.2 on test1
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg:     length   112
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg:     router   10.65.2.1
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg:     LSA      Type: 0005, Id: 192.168.50.255, Rt: 10.65.2.1, Seq: 80000001, Age: 10, Sum: 9120
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg:     LSA      Type: 0001, Id: 10.65.2.1, Rt: 10.65.2.1, Seq: 80000001, Age: 9, Sum: 2c90
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg: HELLO packet sent via test0
May 17 03:10:42 ubuntu-ss-new bird[99124]: wg: HELLO packet sent via test1
May 17 03:10:43 ubuntu-ss-new bird[99124]: wg: LSUPD packet received from nbr 10.65.2.2 on test1
May 17 03:10:43 ubuntu-ss-new bird[99124]: wg:     length   112
May 17 03:10:43 ubuntu-ss-new bird[99124]: wg:     router   10.65.2.2
May 17 03:10:43 ubuntu-ss-new bird[99124]: wg:     LSA      Type: 0005, Id: 192.168.31.0, Rt: 10.65.2.2, Seq: 80000001, Age: 395, Sum: 5d66
May 17 03:10:43 ubuntu-ss-new bird[99124]: wg:     LSA      Type: 0001, Id: 10.65.2.2, Rt: 10.65.2.2, Seq: 80000003, Age: 76, Sum: 2196
May 17 03:10:43 ubuntu-ss-new bird[99124]: wg: Installing LSA: Type: 4005, Id: 192.168.31.0, Rt: 10.65.2.2, Seq: 80000001, Age: 395
May 17 03:10:43 ubuntu-ss-new bird[99124]: wg: Scheduling routing table calculation
May 17 03:10:43 ubuntu-ss-new bird[99124]: wg: Installing LSA: Type: 2001, Id: 10.65.2.2, Rt: 10.65.2.2, Seq: 80000003, Age: 76
May 17 03:10:43 ubuntu-ss-new bird[99124]: wg: Neighbor 10.65.2.2 on test1 changed state from Loading to Full
May 17 03:10:43 ubuntu-ss-new bird[99124]: wg: Updating router state for area 10.65.2.0
May 17 03:10:43 ubuntu-ss-new bird[99124]: wg: Originating LSA: Type: 2001, Id: 10.65.2.1, Rt: 10.65.2.1, Seq: 80000002
May 17 03:10:43 ubuntu-ss-new bird[99124]: wg: Starting routing table calculation
May 17 03:10:43 ubuntu-ss-new bird[99124]: wg: Starting routing table calculation for area 10.65.2.0
May 17 03:10:43 ubuntu-ss-new bird[99124]: wg: Starting routing table calculation for inter-area (area 10.65.2.0)
May 17 03:10:43 ubuntu-ss-new bird[99124]: wg: Starting routing table calculation for ext routes
May 17 03:10:43 ubuntu-ss-new bird[99124]: wg: Starting routing table synchronization
May 17 03:10:44 ubuntu-ss-new bird[99124]: wg: LSUPD packet flooded via test1
May 17 03:10:44 ubuntu-ss-new bird[99124]: wg:     length   88
May 17 03:10:44 ubuntu-ss-new bird[99124]: wg:     router   10.65.2.1
May 17 03:10:44 ubuntu-ss-new bird[99124]: wg:     LSA      Type: 0001, Id: 10.65.2.1, Rt: 10.65.2.1, Seq: 80000002, Age: 1, Sum: 4cb9
May 17 03:10:44 ubuntu-ss-new bird[99124]: wg: LSUPD packet received from nbr 10.65.2.2 on test1
May 17 03:10:44 ubuntu-ss-new bird[99124]: wg:     length   88
May 17 03:10:44 ubuntu-ss-new bird[99124]: wg:     router   10.65.2.2
May 17 03:10:44 ubuntu-ss-new bird[99124]: wg:     LSA      Type: 0001, Id: 10.65.2.2, Rt: 10.65.2.2, Seq: 80000004, Age: 1, Sum: 45bb
May 17 03:10:44 ubuntu-ss-new bird[99124]: wg: Installing LSA: Type: 2001, Id: 10.65.2.2, Rt: 10.65.2.2, Seq: 80000004, Age: 1
May 17 03:10:44 ubuntu-ss-new bird[99124]: wg: Scheduling routing table calculation
May 17 03:10:44 ubuntu-ss-new bird[99124]: wg: LSACK packet sent via test1
May 17 03:10:44 ubuntu-ss-new bird[99124]: wg:     length   84
May 17 03:10:44 ubuntu-ss-new bird[99124]: wg:     router   10.65.2.1
May 17 03:10:44 ubuntu-ss-new bird[99124]: wg:     LSA      Type: 0005, Id: 192.168.31.0, Rt: 10.65.2.2, Seq: 80000001, Age: 395, Sum: 5d66
May 17 03:10:44 ubuntu-ss-new bird[99124]: wg:     LSA      Type: 0001, Id: 10.65.2.2, Rt: 10.65.2.2, Seq: 80000003, Age: 76, Sum: 2196
May 17 03:10:44 ubuntu-ss-new bird[99124]: wg:     LSA      Type: 0001, Id: 10.65.2.2, Rt: 10.65.2.2, Seq: 80000004, Age: 1, Sum: 45bb
May 17 03:10:44 ubuntu-ss-new bird[99124]: wg: LSACK packet received from nbr 10.65.2.2 on test1
May 17 03:10:44 ubuntu-ss-new bird[99124]: wg:     length   84
May 17 03:10:44 ubuntu-ss-new bird[99124]: wg:     router   10.65.2.2
May 17 03:10:44 ubuntu-ss-new bird[99124]: wg:     LSA      Type: 0005, Id: 192.168.50.255, Rt: 10.65.2.1, Seq: 80000001, Age: 10, Sum: 9120
May 17 03:10:44 ubuntu-ss-new bird[99124]: wg:     LSA      Type: 0001, Id: 10.65.2.1, Rt: 10.65.2.1, Seq: 80000001, Age: 9, Sum: 2c90
May 17 03:10:44 ubuntu-ss-new bird[99124]: wg:     LSA      Type: 0001, Id: 10.65.2.1, Rt: 10.65.2.1, Seq: 80000002, Age: 1, Sum: 4cb9
May 17 03:10:44 ubuntu-ss-new bird[99124]: wg: Strange LSACK from nbr 10.65.2.2 on test1
May 17 03:10:44 ubuntu-ss-new bird[99124]: wg:     Type: 2001, Id: 10.65.2.1, Rt: 10.65.2.1
May 17 03:10:44 ubuntu-ss-new bird[99124]: wg:     I have: Seq: 80000002, Age:    0, Sum: 4cb9
May 17 03:10:44 ubuntu-ss-new bird[99124]: wg:     It has: Seq: 80000001, Age:    9, Sum: 2c90
May 17 03:10:45 ubuntu-ss-new bird[99124]: wg: Starting routing table calculation
May 17 03:10:45 ubuntu-ss-new bird[99124]: wg: Starting routing table calculation for area 10.65.2.0
May 17 03:10:45 ubuntu-ss-new bird[99124]: wg: Starting routing table calculation for inter-area (area 10.65.2.0)
May 17 03:10:45 ubuntu-ss-new bird[99124]: wg: Starting routing table calculation for ext routes
May 17 03:10:45 ubuntu-ss-new bird[99124]: wg: Starting routing table synchronization
May 17 03:10:45 ubuntu-ss-new bird[99124]: wg > added [best] 192.168.31.0/24 unicast
May 17 03:10:45 ubuntu-ss-new bird[99124]: kernel1 < added 192.168.31.0/24 unicast
May 17 03:10:45 ubuntu-ss-new bird[99124]: wg < rejected by protocol 192.168.31.0/24 unicast
May 17 03:10:45 ubuntu-ss-new bird[99124]: wg > added [best] 10.65.1.0/24 unicast
May 17 03:10:45 ubuntu-ss-new bird[99124]: kernel1 < added 10.65.1.0/24 unicast
May 17 03:10:45 ubuntu-ss-new bird[99124]: wg < rejected by protocol 10.65.1.0/24 unicast
May 17 03:10:52 ubuntu-ss-new bird[99124]: wg: HELLO packet received from nbr 10.65.2.2 on test1
May 17 03:10:52 ubuntu-ss-new bird[99124]: wg: HELLO packet sent via test1
May 17 03:10:52 ubuntu-ss-new bird[99124]: wg: HELLO packet sent via test0

OSPF信息交换完成后, 由于三个节点在同一个Area, 每个节点拿到的路由信息都是完整且相同的.

查看当前节点建立的OSPF邻居关系: sudo birdc show ospf neighbors

BIRD 2.0.7 ready.
wg:
Router ID       Pri          State      DTime   Interface  Router IP
10.65.2.1         1     Full/PtP        34.935  test0      10.65.0.2
10.65.2.2         1     Full/PtP        32.671  test1      10.65.1.2

查看OSPF状态 sudo birdc show ospf state:

BIRD 2.0.7 ready.

area 10.65.2.0

        router 10.65.1.1
                distance 0
                router 10.65.2.1 metric 5
                router 10.65.2.2 metric 5
                stubnet 10.65.0.0/24 metric 5
                stubnet 10.65.1.0/24 metric 5

        router 10.65.2.1
                distance 5
                router 10.65.1.1 metric 5
                router 10.65.2.2 metric 10
                stubnet 10.65.0.0/24 metric 5
                stubnet 10.65.2.0/24 metric 10
                external 192.168.50.0/24 metric2 10000

        router 10.65.2.2
                distance 5
                router 10.65.1.1 metric 5
                router 10.65.2.1 metric 10
                stubnet 10.65.1.0/24 metric 5
                stubnet 10.65.2.0/24 metric 10
                external 192.168.31.0/24 metric2 10000

查看BIRD控制的路由: sudo birdc show route

BIRD 2.0.7 ready.
Table master4:
192.168.31.0/24      unicast [wg 11:21:02.317] E2 (150/5/10000) [10.65.2.2]
        via 10.65.1.2 on test1
10.65.2.0/24         unicast [wg 11:21:06.318] I (150/15) [10.65.2.2]
        via 10.65.0.2 on test0 weight 1
        via 10.65.1.2 on test1 weight 1
192.168.50.0/24      unicast [wg 11:21:06.318] E2 (150/5/10000) [10.65.2.1]
        via 10.65.0.2 on test0

参考

OSPF Explained | Step by Step

OSPF Multi Area Explained

HIGH AVAILABILITY WIREGUARD SITE TO SITE 非常有用, 不过如果搞OSPFv2的话只需要读前半段, 后面OSPFv3和IPv6可以先不看.

The BIRD Internet Routing Daemon Project - 4. Remote control birdc所有支持的命令

The BIRD Internet Routing Daemon Project - 6.8 OSPF

使用BIRD+OSPF动态路由加速游戏 这个写的比较乱,而且有BIRDv1和BIRDv2混在一起, 看起来很累…

BGP and OSPF. How do they interact. BGP是AS之间交互的协议, 目前还没有这种需求, 可能后面玩DN42的时候会遇到.

Solved: ospf path selection!! - Cisco Community 决定OSPF选路的三个因素: 路由前缀, 管理距离, 其它参数(Metric, 比如Cost)

4.4. Securing Network Access Red Hat Enterprise Linux 7 | Red Hat Customer Portal

以下是一些次选参考:

Understanding OSPF External Route Path Selection | INE

How to Influence Routes in OSPF to Take Precedence Over Static Routes

Commands to Influence OSPF Routing Decisions - Directed Broadcast

debian - OSPF route costs in BIRD - Unix & Linux Stack Exchange

ospf的链路类型分类，ospf 链路的transnet和stub net有什么区别 - 网络工程师培训、思科认证、华为认证培训-onelab网络实验室

subject:”Re: Bird just doesn’t want to find OSPF neighbors although they are there and can communicate”

wireguard “server” HA set-up 有提到浮动IP的, 但是又加了一层Header, 但是MTU一共就只有1420诶…