When set to ptp, I see the traffic and nothing is being blocked (have a log on all firewall rules that drop), but the routers never discover each other (no entries in neighbors). However, if I set nbma and static neighbor entries everything is discovered and routes are shared.
My Wireguard config is set to allow `0.0.0.0/0` right now, but I've allowed 224.0.0.0/24 specifically as well alongside my other networks. Not sure what else needs to be configured.
You can see the config that works below, but I'd like to change it to use ptp if possible. Thoughts?
ATL router:
Code: Select all
/interface bridge
add name=loopback
/ip/address/print where interface=loopback
Columns: ADDRESS, NETWORK, INTERFACE
# ADDRESS NETWORK INTERFACE
14 172.18.0.1/32 172.18.0.1 loopback
/routing id
add disabled=no id=172.18.0.1 name=ospf-id select-dynamic-id=""
/routing ospf instance
add disabled=no name=ospf-instance-1 router-id=ospf-id
/routing ospf area
add disabled=no instance=ospf-instance-1 name=backbone
/routing ospf interface-template
add area=backbone disabled=no interfaces=wireguard-db type=nbma
add area=backbone disabled=no interfaces=all-lans passive
add area=backbone disabled=no interfaces=loopback passive
/routing ospf static-neighbor
add address=192.168.99.2%wireguard-db area=backbone disabled=no poll-interval=15s
Code: Select all
/interface bridge
add name=loopback
/ip/address/print where interface=loopback
Columns: ADDRESS, NETWORK, INTERFACE
# ADDRESS NETWORK INTERFACE
1 172.18.0.2/32 172.18.0.2 loopback
/routing id
add disabled=no id=172.18.0.2 name=ospf-id select-dynamic-id=""
/routing ospf instance
add disabled=no name=ospf-instance-1 router-id=ospf-id
/routing ospf area
add disabled=no instance=ospf-instance-1 name=backbone
/routing ospf interface-template
add area=backbone disabled=no interfaces=wireguard-atl type=nbma
add area=backbone disabled=no interfaces=all-lans passive
add area=backbone disabled=no interfaces=loopback passive
/routing ospf static-neighbor
add address=192.168.99.1%wireguard-atl area=backbone disabled=no poll-interval=15s
Code: Select all
/ip/address/print where interface=wireguard-db
Columns: ADDRESS, NETWORK, INTERFACE
# ADDRESS NETWORK INTERFACE
4 192.168.99.1/30 192.168.99.0 wireguard-db
/interface wireguard
add listen-port=13231 mtu=1420 name=wireguard-db
/interface wireguard peers
add allowed-address=192.168.0.0/24,192.168.100.1/24,192.168.3.0/24,192.168.99.2/32,192.168.97.0/24,224.0.0.0/24,0.0.0.0/0 endpoint-address=x endpoint-port=13231 interface=wireguard-db persistent-keepalive=25s ...
Code: Select all
/ip/address/print where interface=wireguard-atl
Columns: ADDRESS, NETWORK, INTERFACE
# ADDRESS NETWORK INTERFACE
0 192.168.99.2/30 192.168.99.0 wireguard-atl
/interface wireguard
add listen-port=13231 mtu=1420 name=wireguard-atl
/interface wireguard peers
add allowed-address=172.16.32.0/22,192.168.99.1/32,192.168.98.0/24,172.26.0.0/16,224.0.0.0/24,0.0.0.0/0 endpoint-address=x endpoint-port=13231 interface=wireguard-atl persistent-keepalive=25s ...