frr 7.2: frr-reload failed to reload frr.conf

k0ste commented 4 years ago

Describe the bug

When administrator deploy custom configuration (frr.conf), that is compatible with frr (frr service startups with this configuration without any errors), frr-reload helper can't work with exactly this configuration file.

[x] Did you check if this is a duplicate issue?

To Reproduce

daemons.conf:

## daemons.conf
# Ansible managed: /home/k0ste/sandbox/GIT/ansible-role-frr/templates/daemons.j2 modified on 2019-11-19 14:37:34 by k0ste on WorkStation
# Do not edit manually

bgpd=yes
ospfd=yes
ospf6d=yes
ripd=yes
ripngd=yes
isisd=yes
pimd=yes
ldpd=yes
nhrpd=yes
eigrpd=yes
babeld=yes
sharpd=yes
pbrd=yes
bfdd=yes
fabricd=yes
vrrpd=yes
zebra=yes
zebra=yes
ospfd_instances="1,2"
vtysh_enable=yes
zebra_options="-A 127.0.0.1 -s 90000000 -d -f /etc/frr/zebra.conf"
bgpd_options="-A 127.0.0.1 -M rpki -d -f /etc/frr/bgpd.conf"
ospfd_options="-A 127.0.0.1 -d -f /etc/frr/ospfd.conf"
ospf6d_options="-A ::1 -d -f /etc/frr/ospf6d.conf"
ripd_options="-A 127.0.0.1 -d -f /etc/frr/ripd.conf"
ripngd_options="-A ::1 -d -f /etc/frr/ripngd.conf"
isisd_options="-A 127.0.0.1 -d -f /etc/frr/isisd.conf"
pimd_options="-A 127.0.0.1 -d -f /etc/frr/pimd.conf"
ldpd_options="-A 127.0.0.1 -d -f /etc/frr/ldpd.conf"
nhrpd_options="-A 127.0.0.1 -d -f /etc/frr/nhrdp.conf"
eigrpd_options="-A 127.0.0.1 -d -f /etc/frr/eigrpd.conf"
babeld_options="-A 127.0.0.1 -d -f /etc/frr/babeld.conf"
sharpd_options="-A 127.0.0.1 -d -f /etc/frr/sharpd.conf"
pbrd_options="-A 127.0.0.1 -d -f /etc/frr/pbrd.conf"
staticd_options="-A 127.0.0.1 -d -f /etc/frr/staticd.conf"
bfdd_options="-A 127.0.0.1 -d -f /etc/frr/bfdd.conf"
fabricd_options="-A 127.0.0.1 -d -f /etc/frr/fabricd.conf"
vrrpd_options="-A 127.0.0.1 -d -f /etc/frr/vrrpd.conf"
MAX_FDS=1024
watchfrr_enable=yes
watchfrr_options="-d -r '/usr/bin/frr restart %s' -s '/usr/bin/frr start %s' -k '/usr/bin/frr stop %s'"

frr.conf:

## frr.conf
# Ansible managed: /home/k0ste/sandbox/GIT/ansible-role-frr/templates/frr.j2 modified on 2019-11-22 16:37:34 by k0ste on WorkStation
# Do not edit manually

hostname R1
log commands
log file vtysh.log
log monitor informational
log record-priority
log stdout informational
log syslog informational
log timestamp precision 1
service integrated-vtysh-config
service advanced-vty
service password-encryption
password this
enable password that
!
debug babel all
debug bgp allow-martians
debug bgp as4 segment
debug bgp bestpath 100.100.100.0/24
debug bgp bestpath 100.100.101.0/24
debug bgp keepalives
debug bgp labelpool
debug bgp neighbor-events
debug bgp nht
debug bgp pbr
debug bgp pbr error
debug bgp update-groups
debug bgp updates
debug bgp zebra
debug memstats-at-exit
debug ospf event
debug ospf ism
debug ospf nsm
debug ospf nssa
debug ospf sr
debug ospf te
debug ospf zebra
debug pbr events
debug pbr map
debug pbr nht
debug pbr zebra
debug route-map
debug rpki
debug vrf
debug vrrp
debug vrrp arp
debug vrrp autoconfigure
debug vrrp ndisc
debug vrrp packets
debug vrrp protocol
debug vrrp sockets
debug vrrp zebra
debug zebra dplane
debug zebra events
debug zebra fpm
debug zebra kernel
debug zebra mpls
debug zebra nht
debug zebra packet
debug zebra pseudowires
debug zebra rib
debug zebra vxlan
!
ip route 100.100.100.0/24 100.100.100.1 eth0 2
ip route 0.0.0.0/0 5.128.220.1 2
ip route 0.0.0.0/0 5.128.220.2 3
ip route 10.0.0.1/32 reject tag 222
!
interface lo
 description Loopback0
 link-detect
 multicast
!
interface tap0
 description openvpn0 description
 ip ospf cost 100
 ip ospf 1 area 0.0.0.2
 ip ospf 2 area 0.0.0.3
!
interface tap1
 description openvpn1 description
 ip ospf cost 10
 ip ospf 1 area 0.0.0.3
 ip ospf 2 area 0.0.0.3
!
interface tap2
 description openvpn2 description
 ip ospf cost 10
!
router ospf 1
 ospf router-id 172.16.255.1
 log-adjacency-changes
 default-information originate 
 redistribute connected route-map TO_OSPF_CONNECTED 
 redistribute static route-map TO_OSPF_STATIC 
 redistribute bgp route-map TO_OSPF_BGP 
 redistribute kernel route-map TO_OSPF_KERNEL 
 redistribute ospf 2 
!
router ospf 2
 ospf router-id 192.168.1.1
 log-adjacency-changes detail
 default-information originate always route-map DEFAULT_INFORMATION metric 40 metric-type 2 
 passive-interface Tunnel0
 passive-interface Tunnel1
 area 0.0.0.1 filter-list prefix FILTER_PREFIX_IN in
 area 0.0.0.1 filter-list prefix FILTER_PREFIX_OUT out
 area 0.0.0.1 import-list ACCESS_LIST_IMPORT
 area 0.0.0.1 export-list ACCESS_LIST_EXPORT
 redistribute connected route-map TO_OSPF_CONNECTED metric 27 metric-type 1 
 redistribute static route-map TO_OSPF_STATIC metric 28 metric-type 2 
 redistribute bgp route-map TO_OSPF_BGP metric 45 metric-type 2 
 redistribute kernel route-map TO_OSPF_KERNEL metric 46 metric-type 2 
 redistribute ospf 1 route-map FROM_OSPF_1_TO_OSPF_2 
!
access-list vty remark Disable connections to vtysh from non localhost
access-list vty seq 5 permit 127.0.0.1/8
access-list vty seq 10 deny any
access-list 101 remark Filter 0.0.0.0/0
access-list 101 seq 5 deny ip host 0.0.0.0 any
access-list 101 seq 10 permit ip any any
!
ip prefix-list EXAMPLE_PREFIX_LIST description Opentech OSPF
ip prefix-list EXAMPLE_PREFIX_LIST seq 5 permit 192.168.0.0/16 le 32
ip prefix-list EXAMPLE_PREFIX_LIST seq 10 deny any
ip prefix-list no_default_originate description Filter gateway of last resort
ip prefix-list no_default_originate seq 5 deny 0.0.0.0/0
ip prefix-list no_default_originate seq 10 permit 0.0.0.0/0 le 32
!
route-map DISTRIBUTE_TO_OSPF permit 10
 match ip address prefix-list opentech_ospf
!
route-map DISTRIBUTE_TO_OSPF deny 100
!
route-map TO_OSPF_NTK permit 10
 match ip address prefix-list EXAMPLE_PREFIX_LIST
 match ip next-hop prefix-list i_give_up
!
route-map TO_OSPF_NTK permit 11
 match ip address prefix-list FROM_TO
!
route-map TO_OSPF_NTK deny 100
!
line vty
 access-class this
 ipv6 access-class that
!

systemctl start frr
frr-reload --test /etc/frr/frr.conf

Traceback (most recent call last):
  File "/usr/bin/frr-reload.py", line 156, in load_from_show_running
    config_text = subprocess.check_output(
  File "/usr/lib/python3.8/subprocess.py", line 411, in check_output
    return run(*popenargs, stdout=PIPE, timeout=timeout, check=True,
  File "/usr/lib/python3.8/subprocess.py", line 512, in run
    raise CalledProcessError(retcode, process.args,
subprocess.CalledProcessError: Command '/usr/bin/vtysh -c 'show run' | /usr/bin/tail -n +4 | /usr/bin/vtysh -m -f -' returned non-zero exit status 2.

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/usr/bin/frr-reload.py", line 1267, in <module>
    running.load_from_show_running()
  File "/usr/bin/frr-reload.py", line 162, in load_from_show_running
    raise ve
__main__.VtyshMarkException: Command '/usr/bin/vtysh -c 'show run' | /usr/bin/tail -n +4 | /usr/bin/vtysh -m -f -' returned non-zero exit status 2.

Expected behavior Reload expected.

Screenshots

Versions

OS Kernel:

Linux linux01 5.3.9-arch1-1-nfcustom #1 SMP PREEMPT Thu, 07 Nov 2019 06:31:16 +0000 x86_64 GNU/Linux

FRR Version:

Name            : frr
Version         : 7.2-2
Description     : FRRouting (quagga fork) supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, LDP, BFD, VRRP, NHRP and EIGRP.
Architecture    : any
URL             : https://frrouting.org/
Licenses        : GPL2
Groups          : None
Provides        : quagga  quagga_cumulus
Depends On      : libcap  libnl  readline  ncurses  perl  pam  json-c  net-snmp  rtrlib  libyang  libunwind  c-ares
Optional Deps   : rsyslog: syslog support
Required By     : None
Optional For    : None
Conflicts With  : quagga  babeld  quagga_cumulus
Replaces        : None
Installed Size  : 10.07 MiB
Packager        : Konstantin Shalygin <k0ste@k0ste.ru>
Build Date      : Tue 12 Nov 2019 07:07:07 AM UTC
Install Date    : Tue 12 Nov 2019 07:20:31 AM UTC
Install Reason  : Explicitly installed
Install Script  : No
Validated By    : SHA-256 Sum

k0ste commented 4 years ago

Output from vtysh -c 'show run' | tail -n +4 | vtysh -m -f -

line 72: % Unknown command: debug ospf 1 sr

!
frr version 7.2
frr defaults traditional
hostname linux01
log file vtysh.log
log stdout informational
log monitor informational
log syslog informational
log record-priority
log timestamp precision 1
service advanced-vty
service password-encryption
no ip forwarding
no ipv6 forwarding
log commands
service advanced-vty
service password-encryption
service advanced-vty
service password-encryption
service advanced-vty
service password-encryption
service advanced-vty
service password-encryption
service advanced-vty
service password-encryption
service advanced-vty
service password-encryption
service advanced-vty
service password-encryption
service advanced-vty
service password-encryption
service advanced-vty
service password-encryption
service advanced-vty
service password-encryption
service advanced-vty
service password-encryption
service advanced-vty
service password-encryption
service advanced-vty
service password-encryption
service advanced-vty
service password-encryption
service advanced-vty
service password-encryption
service advanced-vty
service password-encryption
service advanced-vty
service password-encryption
service integrated-vtysh-config
!
debug babel all
debug bgp allow-martians
debug bgp as4 segment
debug bgp bestpath 100.100.100.0/24
debug bgp bestpath 100.100.101.0/24
debug bgp keepalives
debug bgp labelpool
debug bgp neighbor-events
debug bgp nht
debug bgp pbr
debug bgp pbr error
debug bgp update-groups
debug bgp updates in
debug bgp updates out
debug bgp zebra
debug memstats-at-exit
debug ospf 1 event
debug ospf 1 ism
debug ospf 1 nsm
debug ospf 1 nssa

qlyoung commented 4 years ago

@k0ste looks like we have a bug in frr-reload.py or vtysh, but I noticed you have -f statements in your daemon options lines although you're using integrated config - is that intentional or not?

eqvinox commented 4 years ago

We need show running-config output to debug this since it crashes there

k0ste commented 4 years ago

@qlyoung it's just a defaults. I use only frr.conf (all-in-one-file config).

k0ste commented 4 years ago

@eqvinox

linux01# sh run
Building configuration...

Current configuration:

!
frr version 7.2
frr defaults traditional
hostname linux01
log file vtysh.log
log stdout informational
log monitor informational
log syslog informational
log record-priority
log timestamp precision 1
service advanced-vty
service password-encryption
no ip forwarding
no ipv6 forwarding
log commands
service advanced-vty
service password-encryption
service advanced-vty
service password-encryption
service advanced-vty
service password-encryption
service advanced-vty
service password-encryption
service advanced-vty
service password-encryption
service advanced-vty
service password-encryption
service advanced-vty
service password-encryption
service advanced-vty
service password-encryption
service advanced-vty
service password-encryption
service advanced-vty
service password-encryption
service advanced-vty
service password-encryption
service advanced-vty
service password-encryption
service advanced-vty
service password-encryption
service advanced-vty
service password-encryption
service advanced-vty
service password-encryption
service advanced-vty
service password-encryption
service advanced-vty
service password-encryption
!
debug babel all
debug bgp allow-martians
debug bgp as4 segment
debug bgp bestpath 100.100.100.0/24
debug bgp bestpath 100.100.101.0/24
debug bgp keepalives
debug bgp labelpool
debug bgp neighbor-events
debug bgp nht
debug bgp pbr
debug bgp pbr error
debug bgp update-groups
debug bgp updates in
debug bgp updates out
debug bgp zebra
debug memstats-at-exit
debug ospf 1 event
debug ospf 1 ism
debug ospf 1 nsm
debug ospf 1 nssa
debug ospf 1 sr
debug ospf 1 te
debug ospf 1 zebra
debug ospf 2 event
debug ospf 2 ism
debug ospf 2 nsm
debug ospf 2 nssa
debug ospf 2 sr
debug ospf 2 te
debug ospf 2 zebra
debug pbr events
debug pbr map
debug pbr nht
debug pbr zebra
debug vrrp arp
debug vrrp autoconfigure
debug vrrp ndisc
debug vrrp packets
debug vrrp protocol
debug vrrp sockets
debug vrrp zebra
debug zebra dplane
debug zebra events
debug zebra fpm
debug zebra kernel
debug zebra mpls
debug zebra nht
debug zebra packet
debug zebra pseudowires
debug zebra rib
debug zebra vxlan
!
debug vrf
!
debug route-map
!
enable password 8 L5zoVHXWGJTps
enable password 8 NAkXFkPM3nirQ
enable password 8 nNb3Dc0Ht4cCc
enable password 8 qqM2se3cWC5oc
password 8 GZWIut1x49PCg
password 8 XjZUIcRxKexcA
password 8 cjms1VRGbh8P2
password 8 xv1hD5qiZDXJc
!
ip route 0.0.0.0/0 5.128.220.1 2
ip route 0.0.0.0/0 5.128.220.2 3
ip route 10.0.0.1/32 reject tag 222
ip route 100.100.100.0/24 100.100.100.1 eth0 2
!
interface lo
 description Loopback0
 multicast
!
interface tap0
 description openvpn0 description
 ip ospf 2 area 0.0.0.3
 ip ospf cost 100
!
interface tap1
 description openvpn1 description
 ip ospf 2 area 0.0.0.3
 ip ospf cost 10
!
interface tap2
 description openvpn2 description
 ip ospf cost 10
!
router ospf 1
 ospf router-id 172.16.255.1
 log-adjacency-changes
 redistribute kernel route-map TO_OSPF_KERNEL
 redistribute connected route-map TO_OSPF_CONNECTED
 redistribute static route-map TO_OSPF_STATIC
 redistribute ospf 2
 redistribute bgp route-map TO_OSPF_BGP
 default-information originate
!
router ospf 2
 ospf router-id 192.168.1.1
 log-adjacency-changes detail
 redistribute kernel metric 46 route-map TO_OSPF_KERNEL
 redistribute connected metric 27 metric-type 1 route-map TO_OSPF_CONNECTED
 redistribute static metric 28 route-map TO_OSPF_STATIC
 redistribute ospf 1 route-map FROM_OSPF_1_TO_OSPF_2
 redistribute bgp metric 45 route-map TO_OSPF_BGP
 passive-interface Tunnel0
 passive-interface Tunnel1
 area 0.0.0.1 export-list ACCESS_LIST_EXPORT
 area 0.0.0.1 import-list ACCESS_LIST_IMPORT
 area 0.0.0.1 filter-list prefix FILTER_PREFIX_IN in
 area 0.0.0.1 filter-list prefix FILTER_PREFIX_OUT out
 default-information originate always metric 40 route-map DEFAULT_INFORMATION
!
access-list 101 remark Filter 0.0.0.0/0
access-list 101 seq 10 permit ip any any
access-list 101 seq 5 deny ip host 0.0.0.0 any
access-list vty remark Disable connections to vtysh from non localhost
access-list vty seq 10 deny any
access-list vty seq 5 permit 127.0.0.1/8
!
ip prefix-list EXAMPLE_PREFIX_LIST description Opentech OSPF
ip prefix-list EXAMPLE_PREFIX_LIST seq 10 deny any
ip prefix-list EXAMPLE_PREFIX_LIST seq 5 permit 192.168.0.0/16 le 32
ip prefix-list no_default_originate description Filter gateway of last resort
ip prefix-list no_default_originate seq 10 permit 0.0.0.0/0 le 32
ip prefix-list no_default_originate seq 5 deny 0.0.0.0/0
!
route-map DISTRIBUTE_TO_OSPF deny 100
!
route-map DISTRIBUTE_TO_OSPF permit 10
 match ip address prefix-list opentech_ospf
!
route-map TO_OSPF_NTK deny 100
!
route-map TO_OSPF_NTK permit 10
 match ip address prefix-list EXAMPLE_PREFIX_LIST
 match ip next-hop prefix-list i_give_up
!
route-map TO_OSPF_NTK permit 11
 match ip address prefix-list FROM_TO
!
line vty
 access-class this
 ipv6 access-class that
!
end

sworleys commented 3 weeks ago

This issue is five years old, I am closing it for now

FRRouting / frr

frr 7.2: frr-reload failed to reload frr.conf #5424