Page MenuHomeVyOS Platform
Create Task
Maniphest T7266

Multicast issues on GRE tunnels
Open, NormalPublicBUG
Actions

Description

Version
VyOS 1.5-rolling-202503030030

Summary
It seems like enabling multicast inside a GRE VPN tunnel interface is not possible, or at least not functioning properly. This breaks routing protocols configured inside the tunnel.

Symptomps Discovered

I enable multicast with following command,

set interfaces tunnel tun3 enable-multicast

Then i configure for example MPLS LDP with following parameters:

set protocols bgp interface tun3 mpls forwarding
set protocols mpls interface 'tun3'
set protocols mpls ldp discovery transport-ipv4-address '192.168.0.1'
set protocols mpls ldp interface 'tun3'
set protocols mpls ldp router-id '192.168.0.1'

But LDP won't form neighbor relationship over the tunnel interface, unless using targeted LDP. Similar issues happened with OSPF and I suspect it is related to this.

I figured out that the configuration in FRR doesn't show that multicast is enabled in the running configuration under the tunnel interface, because it seems to be the default. But it's not on by default in VyOS mode? Anyway, a "show interface tunX" from FRR shows that multicast is indeed enabled:

LBS-RO1# show int tun3
Interface tun3 is up, line protocol is up
  Link ups:       4    last: 2025/03/19 22:45:59.76
  Link downs:     3    last: 2025/03/17 19:24:02.23
  vrf: default
  index 21 metric 0 mtu 1400 speed 0 txqlen 1000
  flags: <UP,LOWER_UP,RUNNING,MULTICAST>
  MPLS enabled
  Ignore all v6 routes with linkdown
  Type: GRE over IP
  inet 192.168.2.1/32 unnumbered
  inet6 fe80::fc21:62ff:fe51:2629/64
  Interface Type GRE
  Interface Slave Type None
  Link Interface eth1.3004
  protodown: off 
  Parent interface: eth1.3004

but, when turning on "terminal monitor" from FRR, these messages shows up constantly:

LBS-RO1# terminal monitor 
2025-03-19 22:52:05.473 [WARN] ldpd: [HD2R1-Z7JJT] send_packet: error sending packet to 224.0.0.2
2025-03-19 22:52:10.478 [WARN] ldpd: [HD2R1-Z7JJT] send_packet: error sending packet to 224.0.0.2

Steps to reproduce

Configure a tunnel interface with GRE encapsulation. Enable a routing protocol, for example BGP between two routers. Also enable mpls ldp on the tunnel.

Alternatively configure OSPF point-to-multipoint or broadcast mode and see if you get similar multicast errors.

Full configuration can be found on my blog that will be released on April 14th, but I can let you have the secret preview link:
https://opensourceisfun.substack.com/p/37bf68c3-53a3-466e-8446-31b030b7a59b

Details

Version
VyOS 1.5-rolling-202503030030
Is it a breaking change?
Unspecified (possibly destroys the router)
Issue type
Bug (incorrect behavior)

Event Timeline

wlindberg created this task.Wed, Mar 19, 10:10 PM
pasik subscribed.Thu, Mar 20, 7:07 AM
wlindberg added a comment.Thu, Mar 20, 8:26 AM

I'm just sharing my thoughts here: Could it have something to do with the fact that the IPv4 prefix is a /32? why does it have to be a /32 anyway (when NHRP is configured)? On Cisco IOS there is no such restrictions.

Viacheslav triaged this task as Normal priority.Thu, Mar 20, 10:19 AM