I am having some issues getting ospf to propagate over pptp.

I can establish the pptp connection without problem, and I very much understand that you need a static route with a lower distance to allow the pptp tunnel to stay open. Simply put it would try to send the pptp encapsulation packets over the ospf route which is in the pptp link if you did not do this.

Everything works fine until I enable ospf on each router. When I enable OSPF everything dies for about 10 seconds, then comes back on for a few seconds, then dies again, then repeats over and over. My guess is that the pptp link is being established, then ospf is propagating routes which causes pptp to die.

If you look below, you will see that I have routes with a distance of 0 which are added by pptp that should take care of the static route with a lower cost for the pptp encapsulation packets to traverse.

Anyone have any ideas on how to resolve this? Many thanks!

Here is the simple network layout:

Router 1:
pptp server
static public address

Router 2:
pptp client
dynamic wan address which is behind nat


Router 1 settings:

[admin@shark] > /ip address print
Flags: X - disabled, I - invalid, D - dynamic
# ADDRESS NETWORK BROADCAST INTERFACE
0 192.168.40.1/24 192.168.40.0 192.168.40.255 ether1
1 10.0.0.1/29 10.0.0.0 10.0.0.7 ether3
2 PPTPSERVERIP/30 PPTPSERVERNETMASK PPTPSERVERBROADCAST ether2

/ppp secret
add caller-id="" comment="" disabled=no limit-bytes-in=0 limit-bytes-out=0 local-address=192.168.39.3 name=blackbox \
password=blackbox profile=default remote-address=192.168.39.4 routes="192.168.70.0/24 192.168.39.4" service=any

[admin@shark] > /routing ospf network print
Flags: X - disabled, I - invalid
# NETWORK AREA
0 10.0.0.0/29 backbone
1 X 192.168.39.4/32 backbone

[admin@shark] > /routing ospf interface print
Flags: X - disabled, I - inactive, D - dynamic, P - passive
# INTERFACE COST PRIORITY NETWORK-TYPE AUTHENTICATION AUTHENTICATION-KEY
0 <pptp-blackbox> 50 1 broadcast none
1 D ether3 10 1 broadcast none

[admin@shark] > /ip route print
Flags: X - disabled, A - active, D - dynamic, C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme,
B - blackhole, U - unreachable, P - prohibit
# DST-ADDRESS PREF-SRC GATEWAY-STATE GATEWAY DISTANCE INTERFACE
0 A S ;;; Default Route
0.0.0.0/0 reachable PPTPSERVERGW 1 ether2
1 ADC 10.0.0.0/29 10.0.0.1 0 ether3
2 ADo 10.0.0.8/29 reachable 10.0.0.2 110 ether3
3 ADo 10.0.0.16/29 reachable 10.0.0.2 110 ether3
4 ADo 10.1.0.0/16 reachable 10.0.0.2 110 ether3
5 ADo 63.99.9.0/24 reachable 10.0.0.2 110 ether3
6 ADC 75.140.233.124/30 75.140.233.126 0 ether2
7 ADo 192.168.2.0/24 reachable 10.0.0.2 110 ether3
8 ADC 192.168.39.4/32 192.168.39.3 0 <pptp-blackbox>
9 ADC 192.168.39.6/32 192.168.39.5 0 <pptp-blowfish>
10 ADC 192.168.40.0/24 192.168.40.1 0 ether1
11 ADo 192.168.41.0/24 reachable 10.0.0.2 110 ether3
12 ADo 192.168.42.0/24 reachable 10.0.0.2 110 ether3
13 ADo 192.168.43.0/24 reachable 10.0.0.2 110 ether3
14 ADS 192.168.44.0/24 reachable 192.168.39.6 1 <pptp-blowfish>
15 ADS 192.168.70.0/24 reachable 192.168.39.4 1 <pptp-blackbox>


Router 2 settings:

[admin@blackbox] > /ip address print
Flags: X - disabled, I - invalid, D - dynamic
# ADDRESS NETWORK BROADCAST INTERFACE
0 192.168.70.1/24 192.168.70.0 192.168.70.255 bridge1
1 D 192.168.1.179/24 192.168.1.0 192.168.1.255 wlan1
2 D 192.168.39.4/32 192.168.39.3 0.0.0.0 pptp-out1

[admin@blackbox] > /interface pptp-client print
Flags: X - disabled, R - running
0 R name="pptp-out1" max-mtu=1460 max-mru=1460 mrru=disabled
connect-to=PPTPSERVERIP user="blackbox" password="blackbox"
profile=default-encryption add-default-route=no
allow=pap,chap,mschap1,mschap2

[admin@blackbox] > /routing ospf interface print
Flags: X - disabled, I - inactive, D - dynamic, P - passive
# INTERFACE COST PRIORITY NETWORK-TYPE AUTHENTICATION AUTHENTICATION-KEY
0 pptp-out1 50 1 broadcast none

[admin@blackbox] > /routing ospf network print
Flags: X - disabled, I - invalid
# NETWORK AREA
0 192.168.39.3/32 backbone

[admin@blackbox] > /ip route print
Flags: X - disabled, A - active, D - dynamic, C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme,
B - blackhole, U - unreachable, P - prohibit
# DST-ADDRESS PREF-SRC GATEWAY-STATE GATEWAY DISTANCE INTERFACE
0 ADS 0.0.0.0/0 reachable 192.168.1.254 0 wlan1
1 ADC 192.168.1.0/24 192.168.1.179 0 wlan1
2 ADC 192.168.39.3/32 192.168.39.4 0 pptp-out1
3 A S ;;; home route
192.168.40.0/24 reachable 192.168.39.3 1 pptp-out1
4 ADC 192.168.70.0/24 192.168.70.1 0 bridge1

Most likely OSPF installs more specific route into routing table. PPTP will start to use that route and will try to reconnect. At this point OSPF also will loose connectivity. Use routing filters to filter out specific routes that are causing this behavior.

mrz is right, i have same situation with cobianet and now i have oveercome the problem by add filters to allow only prefix you need only.

my routing filter on pptp server:



0 chain=ospf-in prefix=10.162.0.0/16 prefix-length=0-32 invert-match=no
action=accept

1 chain=ospf-in invert-match=no action=discard

2 chain=ospf-out invert-match=no action=discard