Subject: Re: gre(4) and multicast
To: Miles Nordin <carton@Ivy.NET>
From: Greg Troxel <firstname.lastname@example.org>
Date: 05/15/2005 08:33:59
May 15 02:35:43 ezln ospf6d: Network: Join AllSPFRouters on ifindex 16 failed: Operation not permitted
That certainly explains your symptoms.
quagga tries to use systems capabilities (on linux), and emulates this
on NetBSD by running as uid quagga most of the time and switching back
to root for operations that need it. Joining a multicast group is not
an operation that should require privs, of course.
See sys/net/if_gre.c:gre_ioctl and look for
if ((error = suser(p->p_ucred, &p->p_acflag)) != 0)
This perhaps got copied from if_gif.c.
I believe these two lines should just be deleted.
(I'm looking at 2.99.15 sources, where gre seems not to support v6 at
all, but I you must have something newer.)
Greg Troxel <email@example.com>