search

Exa-Networks / exabgp

The BGP swiss army knife of networking
Other
2.09k stars 447 forks source link

Problem with address family ipv6 #1065

Closed angeljgmx closed 2 years ago

angeljgmx commented 2 years ago

I am currently implementing Exabgp on a Ubuntu server 18.04 machine. I have a neighbor established with a Cisco IOS XR Software, Version 6.0.1 router with the role of route reflector.

everything works fine so far as can be seen in the outputs.

command: show neighbor summary Peer AS up/down state | #sent #recvd 172.16.2.5 64500 0:00:07 established 2 20

eve@ubuntu:/opt/exabgp$ /opt/exabgp/bin/./exabgpcli show adj-rib in command: show adj-rib in neighbor 172.16.2.5 ipv4 unicast 10.5.5.5/32 next-hop 10.2.2.2 neighbor 172.16.2.5 ipv4 unicast 10.0.0.11/32 next-hop 10.1.1.1 neighbor 172.16.2.5 ipv4 unicast 10.4.4.4/32 next-hop 10.1.1.1 neighbor 172.16.2.5 ipv4 unicast 10.22.22.22/32 next-hop 10.22.22.22 neighbor 172.16.2.5 ipv4 unicast 10.2.2.2/32 next-hop 10.2.2.2 neighbor 172.16.2.5 ipv4 unicast 10.1.1.1/32 next-hop 10.1.1.1 neighbor 172.16.2.5 ipv4 unicast 10.3.3.3/32 next-hop 10.3.3.3 neighbor 172.16.2.5 ipv4 unicast 10.99.1.55/32 next-hop 10.2.2.2 neighbor 172.16.2.5 ipv4 unicast 10.99.1.66/32 next-hop 10.3.3.3 neighbor 172.16.2.5 ipv4 unicast 10.6.6.6/32 next-hop 10.3.3.3 neighbor 172.16.2.5 ipv4 unicast 10.99.1.1/32 next-hop 172.16.2.5 neighbor 172.16.2.5 ipv4 unicast 10.11.11.11/32 next-hop 172.16.2.5 neighbor 172.16.2.5 ipv4 mpls-vpn 172.1.33.4/31 label 24021 next-hop 10.3.3.3 rd 1:300 neighbor 172.16.2.5 ipv4 mpls-vpn 10.99.1.0/24 label 24019 next-hop 10.1.1.1 rd 1:2000 neighbor 172.16.2.5 ipv4 mpls-vpn 172.1.31.2/31 label 24019 next-hop 10.2.2.2 rd 1:2000 neighbor 172.16.2.5 ipv4 mpls-vpn 172.1.31.0/31 label 24020 next-hop 10.1.1.1 rd 1:2000 neighbor 172.16.2.5 ipv4 mpls-vpn 150.1.200.1/32 label 24023 next-hop 10.3.3.3 rd 1:200 neighbor 172.16.2.5 ipv4 mpls-vpn 172.1.33.0/31 label 24019 next-hop 10.3.3.3 rd 1:100 neighbor 172.16.2.5 ipv4 mpls-vpn 150.1.30.1/32 label 24024 next-hop 10.3.3.3 rd 1:300 neighbor 172.16.2.5 ipv4 mpls-vpn 172.1.33.2/31 label 24020 next-hop 10.3.3.3 rd 1:200 neighbor 172.16.2.5 ipv4 mpls-vpn 150.1.100.1/32 label 24022 next-hop 10.3.3.3 rd 1:100

As soon as the IPv6 address family is configured in the router, the BGP session will be lost and stop working correctly.

Once the address family ipv6 configuration of the router is removed, the session is reestablished.

The router configuration is as follows:

RP/0/0/CPU0:P1(config-bgp-nbr-af)#do show run router bgp Tue Feb 1 00:18:39.890 UTC router bgp 64500 bgp router-id 10.11.11.11 bgp cluster-id 10.40.1.1 address-family ipv4 unicast maximum-paths ibgp 2 network 10.11.11.11/32 network 10.99.1.1/32 ! address-family vpnv4 unicast vrf all ! ! address-family ipv6 unicast network fec0:11::11/128 ! neighbor-group RR_PEs remote-as 64500 update-source Loopback0 address-family ipv4 unicast route-reflector-client next-hop-self ! address-family vpnv4 unicast route-reflector-client next-hop-self ! ! neighbor-group P-Nodes remote-as 64500 update-source Loopback0 address-family ipv4 unicast next-hop-self ! address-family vpnv4 unicast route-reflector-client next-hop-self ! address-family ipv6 unicast route-reflector-client next-hop-self ! ! neighbor 10.1.1.1 use neighbor-group RR_PEs description iBGP to PE-1 ! neighbor 10.2.2.2 use neighbor-group RR_PEs description iBGP to PE-2 ! neighbor 10.3.3.3 use neighbor-group RR_PEs description iBGP to PE-3 ! neighbor 172.16.2.6 remote-as 64500 description to Server_ExaBGP_Lnk-1 address-family ipv4 unicast route-reflector-client ! address-family vpnv4 unicast ! address-family ipv6 unicast ! ! neighbor 10.22.22.22 use neighbor-group P-Nodes description iBGP to P2 ! !

thomas-mangin commented 2 years ago

please provide the information requested in the template when asking for help as I can only take a guess to what is happening : You didn’t enable family ipv6 on both peers, so when a IPv6 route is sent it it cause a session reset as per the rfc.

I can not help you more without the exabgp configuration and the full logs of exabgp with the option -d

thomas-mangin commented 2 years ago

RP/0/0/CPU0:P1(config-bgp-nbr-af)#do show run router bgp Tue Feb 1 00:18:39.890 UTC router bgp 64500 bgp router-id 10.11.11.11 bgp cluster-id 10.40.1.1 address-family ipv4 unicast maximum-paths ibgp 2 network [10.11.11.11/32](http://10.11.11.11/32) network [10.99.1.1/32](http://10.99.1.1/32)

I have not used Cisco in years but no address-family ipv6 unicast In there too if it was required.

angeljgmx commented 2 years ago

These are the outputs of the exabgp -d command with the router without the ipv6 family address configured, the output then with the ipv6 family address configured on the router (it is observed how the session is dropped), and the file with the exabgp.conf output-con address-family ipv6.txt output-sin-ipv6.txt exabgp-conf.txt

thomas-mangin commented 2 years ago

Can you please run 4.2.17 and not 4.2.6, the problem was most likely already resolved

angeljgmx commented 2 years ago

Kind regards. Thank you very much for your time. We tested with the most recent version in the repository (4.2.18) and the result was the same: when we configure on the router that neighbors the ubuntu machine that contains exabgp the family ipv6 address, the bgp session drops. in the output of Exabgp -d messages of the type begin to appear 22:37:02 5400 outgoing-13 outgoing-13 172.16.2.6-172.16.2.5, closing connection 22:37:02 5400 outgoing-13 outgoing-13 172.16.2.6-172.16.2.5 172.16.2.5 problem sending message ([Errno ECONNRESET] [Errno 104] Connection reset by peer) . Attached complete output in plain text. The configuration file is the same as the one we attached earlier. exabgp-d-version-master-84ce015f4a19b5bdc45a6864b5a7bc2bd63aa673.txt

thomas-mangin commented 2 years ago

Extract from the logs:

22:35:48 5400   outgoing-1      sending TCP payload (  83) FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF 0053 0104 FBF4 00B4 AC10 0208 3602 0601 0400 0100 0102 0601 0400 0100 8002 0601 0400 0200 0102 0641 0400 00FB F402 1040 0E80 B400 0101 8000 0180 8000 0201 8002 0206 00
22:35:48 5400   outgoing-1      >> OPEN version=4 asn=64500 hold_time=180 router_id=172.16.2.8 capabilities=[Multiprotocol(ipv4 unicast,ipv4 mpls-vpn,ipv6 unicast), Extended Message(65535), Graceful Restart Flags 0x8 Time 180 ipv4/unicast=0x80 ipv4/mpls-vpn=0x80 ipv6/unicast=0x80, ASN4(64500)]
22:35:48 5400   outgoing-1      received TCP payload (  19) FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF 003D 01
22:35:48 5400   outgoing-1      received TCP payload (  42) 04FB F400 B40A 1616 1620 0206 0104 0001 0001 0206 0104 0001 0080 0202 8000 0202 0200 0206 4104 0000 FBF4
22:35:48 5400   outgoing-1      << message of type OPEN
22:35:48 5400   outgoing-1      << OPEN version=4 asn=64500 hold_time=180 router_id=10.22.22.22 capabilities=[Multiprotocol(ipv4 unicast,ipv4 mpls-vpn), Route Refresh, ASN4(64500), Route Refresh]

In particular

22:35:48 5400   outgoing-1      >> OPEN version=4 asn=64500 hold_time=180 router_id=172.16.2.8 capabilities=[Multiprotocol(ipv4 unicast,ipv4 mpls-vpn,ipv6 unicast), Extended Message(65535), Graceful Restart Flags 0x8 Time 180 ipv4/unicast=0x80 ipv4/mpls-vpn=0x80 ipv6/unicast=0x80, ASN4(64500)]
22:35:48 5400   outgoing-1      << OPEN version=4 asn=64500 hold_time=180 router_id=10.22.22.22 capabilities=[Multiprotocol(ipv4 unicast,ipv4 mpls-vpn), Route Refresh, ASN4(64500), Route Refresh]

More exactly:

(exabgp -> cisco) >> OPEN [Multiprotocol(ipv4 unicast,ipv4 mpls-vpn,ipv6 unicast)]
(cisco -> exabgp) << OPEN [Multiprotocol(ipv4 unicast,ipv4 mpls-vpn)]

Your router is not announcing it supports IPv6, as I suggested previously:

I have not used Cisco in years but no address-family ipv6 unicast In there too if it was required.

So I will let you look at how to configure your Cisco router correctly for IPv6. Until then you can not send IPv6 messages without causing the session to drop.

Not an ExaBGP problem so I will close the issue.

Good luck.