Closed CS-BryanP closed 1 week ago
use next hop self on peer router
Seeing the same thing here. 9.1.1-01.el7 from https://rpm.frrouting.org/ works, while 10.1-01.el7 is broken. This breaks BGP Unnumbered interop with Cumulus Linux at least.
My config is as follows:
!
frr version 9.1.1
frr defaults traditional
hostname node31-h23-osl3
!
interface lo
ip address 100.83.23.31/32
exit
!
router bgp 4283023031
bgp router-id 100.83.23.31
no bgp default ipv4-unicast
neighbor leafs peer-group
neighbor leafs remote-as external
neighbor eth1 interface peer-group leafs
!
address-family ipv4 unicast
network 100.83.23.31/32
neighbor leafs activate
neighbor leafs soft-reconfiguration inbound
neighbor leafs prefix-list default in
neighbor leafs prefix-list router-id out
exit-address-family
!
address-family l2vpn evpn
neighbor leafs activate
neighbor leafs soft-reconfiguration inbound
exit-address-family
exit
!
ip prefix-list default seq 5 permit 0.0.0.0/0
ip prefix-list router-id seq 5 permit 100.83.23.31/32
!
end
This results in the following working route seen on the Cumulus switch:
leaf2# show ip bgp 100.83.23.31/32
…
4283023031
fe80::a6bf:1ff:fe2d:689a from node31-h23-osl3(swp32) (100.83.23.31)
(fe80::a6bf:1ff:fe2d:689a) (used)
Origin IGP, metric 0, valid, external, bestpath-from-AS 4283023031, best (First path received)
Last update: Tue Aug 13 08:27:12 2024
If I upgrade to frr-10, then this changes as follows:
leaf2# show ip bgp 100.83.23.31/32
…
4283023031
::ffff:6453:171f (inaccessible) from node31-h23-osl3(swp32) (100.83.23.31)
(fe80::a6bf:1ff:fe2d:689a) (used)
Origin IGP, metric 0, invalid, external
Last update: Tue Aug 13 08:36:46 2024
Wondering if this could be the same or related to #15610 somehow.
FRR 10.0.1-01 works fine. So this bug must have been introduced in the 10.1 minor release.
@louis-6wind isn't this related to https://github.com/FRRouting/frr/pull/15368/commits/0325116a27258e1df773a046e8668a029bead60c?
@toreanderson would you be able to test a custom rpm/deb? Especially with this fix: https://github.com/FRRouting/frr/pull/16439. Taking rpm/deb from the artifacts here: https://ci1.netdef.org/browse/FRR-PULLREQ3-4302/artifact.
@ton31337 Tried frr-10.2_dev_20240725_git.368abf0-01.el7.x86_64.rpm
, it does not solve the problem. The upstream devices still see the advertised route with a ::ffff:6453:171f (inaccessible)
next-hop.
Regarding mapped IPv4... Could you check this also? https://ci1.netdef.org/browse/FRR-PULLREQ3-4501/artifact (Once the packages are built, now building...)
I can confirm that frr-10.2_dev_20240814_git.d506417-01.el7.x86_64.rpm
fixes the problem! :clap:
@ton31337 is it planned to backport a bugfix into 10.1 stable release?
@ton31337 is it planned to backport a bugfix into 10.1 stable release?
Actually, we discussed shortly that it's better to back out this IPv4 mapping into IPv6 change at all from 10.1, since it's not clear what was the real issue we were solving. Revert PR is here: https://github.com/FRRouting/frr/pull/16587.
@toreanderson could you test from these artifacts? https://ci1.netdef.org/browse/FRR-PULLREQ3-4527/artifact
@toreanderson could you test from these artifacts? https://ci1.netdef.org/browse/FRR-PULLREQ3-4527/artifact
LGTM :+1:
This has already backed out from 10.1, but we are still waiting for the release of 10.1.1. Hence closing.
Description
All IP Addresses are RFC1918 space or ipv6 link-local addresses, there is no sensitive data. I have an arista switch doing bgp peering with a VM running frr over ipv6 link-local neighbors. Prior to frr 10.1 The ipv4 address of the loopback would be learned by the arista switch and advertised out to the rest of the network.
The arista would see it like this: sh ip bgp 10.162.43.183/32 BGP routing table information for VRF default Router identifier 10.160.0.7, local AS number 4260167780 BGP routing table entry for 10.162.43.183/32 Paths: 1 available 65333 fe80::250:56ff:febf:a800%Vl2222 from fe80::250:56ff:febf:a800%Vl2222 (10.162.43.183) Origin INCOMPLETE, metric 0, localpref 100, IGP metric 1, weight 0, tag 0 Received 00:13:55 ago, valid, external, best Rx SAFI: Unicast
An excerpt of the FRR show ip bgp neighbors
External BGP neighbor may be up to 1 hops away. Local host: fe80::250:56ff:febf:a800, Local port: 179 Foreign host: fe80::febd:67ff:fe30:71c7, Foreign port: 43351 Nexthop: 10.162.43.183 Nexthop global: fe80::250:56ff:febf:a800 <--- Global address doesn't exist, so it is assigned to the link-local Nexthop local: fe80::250:56ff:febf:a800
This ran fine and the image would be upgraded sequentially to the latest release with no problems.
Once frr 10.1 was installed, peering establishes, however the next hop is no-long a (valid) Link-Local address. It's an invalid Global Address.
Arista Switches sees this. sh ip bgp 10.162.43.182/32 BGP routing table information for VRF default Router identifier 10.160.0.8, local AS number 4260167780 BGP routing table entry for 10.162.43.182/32 Paths: 1 available 65333 ::ffff:10.162.43.182 from fe80::250:56ff:febf:c5a2%Vl2222 (10.162.43.182) Origin INCOMPLETE, metric 0, localpref 100, IGP metric -, weight 0, tag 0 Received 7d16h ago, invalid, external Rx SAFI: Unicast
FRR Neighbor sees this:
sh bgp neighbor