taspelund
commented
3 years ago Can we get the output of show ip bgp neighbor 10.10.10.10 advertised-routes ?
Closed mipxman closed 3 years ago
taspelund
commented
3 years ago Can we get the output of show ip bgp neighbor 10.10.10.10 advertised-routes ?
taspelund
commented
3 years ago Also show ip bgp vrf all
mipxman
commented
3 years ago here is my topolgy in gns3 :
mipxman
commented
3 years ago Also
show ip bgp vrf all
Rtr- SONiC1.1-1 :
sonic# show ip bgp vrf all
Instance Vrf_A:
BGP table version is 7, local router ID is 10.10.10.6, vrf id 76
Default local pref 100, local AS 500
Status codes: s suppressed, d damped, h history, * valid, > best, = multipath,
i internal, r RIB-failure, S Stale, R Removed
Nexthop codes: @NNN nexthop's vrf id, < announce-nh-self
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*>i10.10.10.0/30 10.10.10.5 0 100 0 100 i
* i10.10.10.4/30 10.10.10.5 0 100 0 i
*> 0.0.0.0 0 32768 i
*>i55.0.0.0/8 10.10.10.5 0 100 0 100 i
*>i185.5.5.0/24 10.10.10.5 0 100 0 100 i
*>i185.170.30.12/30 10.10.10.5 0 100 0 i
Displayed 5 routes and 6 total paths
Instance default:
No BGP prefixes displayed, 0 exist
Instance Vrf_B:
BGP table version is 16, local router ID is 10.10.10.9, vrf id 77
Default local pref 100, local AS 500
Status codes: s suppressed, d damped, h history, * valid, > best, = multipath,
i internal, r RIB-failure, S Stale, R Removed
Nexthop codes: @NNN nexthop's vrf id, < announce-nh-self
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*>i8.8.8.8/32 10.10.10.10 0 100 0 1000 i
*> 10.10.10.0/30 10.10.10.5@76< 0 100 0 100 i
*> 10.10.10.4/30 10.10.10.5@76< 0 100 0 i
0.0.0.0@76< 0 32768 i
*> 10.10.10.8/30 0.0.0.0 0 32768 i
*>i20.20.20.0/30 10.10.10.10 0 100 0 i
*> 55.0.0.0/8 10.10.10.5@76< 0 100 0 100 i
*> 185.5.5.0/24 10.10.10.5@76< 0 100 0 100 i
*> 185.170.30.12/30 10.10.10.5@76< 0 100 0 i
Displayed 8 routes and 9 total paths
sonic# and for router SONiC1.2-1 :
sonic# show ip bgp vrf all
Instance Vrf_C:
BGP table version is 4, local router ID is 10.10.10.2, vrf id 91
Default local pref 100, local AS 500
Status codes: s suppressed, d damped, h history, * valid, > best, = multipath,
i internal, r RIB-failure, S Stale, R Removed
Nexthop codes: @NNN nexthop's vrf id, < announce-nh-self
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
* 10.10.10.0/30 10.10.10.1 0 0 100 i
*> 0.0.0.0 0 32768 i
*> 10.10.10.4/30 10.10.10.6@90< 0 100 0 i
0.0.0.0@90< 0 32768 i
*> 55.0.0.0/8 10.10.10.1 0 0 100 i
*> 185.5.5.0/24 10.10.10.1 0 0 100 i
185.170.30.12/30 0.0.0.0@90< 0 32768 i
Displayed 5 routes and 7 total paths
Instance default:
No BGP prefixes displayed, 0 exist
Instance Vrf_A:
BGP table version is 5, local router ID is 10.10.10.5, vrf id 90
Default local pref 100, local AS 500
Status codes: s suppressed, d damped, h history, * valid, > best, = multipath,
i internal, r RIB-failure, S Stale, R Removed
Nexthop codes: @NNN nexthop's vrf id, < announce-nh-self
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
10.10.10.0/30 0.0.0.0@91< 0 32768 i
*> 10.10.10.1@91< 0 0 100 i
* i10.10.10.4/30 10.10.10.6 0 100 0 i
*> 0.0.0.0 0 32768 i
*> 55.0.0.0/8 10.10.10.1@91< 0 0 100 i
*> 185.5.5.0/24 10.10.10.1@91< 0 0 100 i
*> 185.170.30.12/30 0.0.0.0 0 32768 i
Displayed 5 routes and 7 total paths
sonic# here is my topolgy in gns3 :
in R1:
R1#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
185.5.0.0/24 is subnetted, 1 subnets
C 185.5.5.0 is directly connected, Loopback0
C 55.0.0.0/8 is directly connected, Loopback10
10.0.0.0/30 is subnetted, 2 subnets
C 10.10.10.0 is directly connected, FastEthernet0/0
B 10.10.10.4 [20/0] via 10.10.10.2, 00:16:27but in R3 :
R3#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
185.170.0.0/30 is subnetted, 1 subnets
B **185.170.30.12 [20/0] via 20.20.20.1, 00:04:47**
185.5.0.0/24 is subnetted, 1 subnets
B **185.5.5.0 [20/0] via 20.20.20.1, 00:04:16**
B **55.0.0.0/8 [20/0] via 20.20.20.1, 00:04:16**
20.0.0.0/30 is subnetted, 1 subnets
C 20.20.20.0 is directly connected, FastEthernet0/0
8.0.0.0/32 is subnetted, 1 subnets
C 8.8.8.8 is directly connected, Loopback0
C 9.0.0.0/8 is directly connected, Loopback1
10.0.0.0/30 is subnetted, 3 subnets
B 10.10.10.8 [20/0] via 20.20.20.1, 00:40:46
B 10.10.10.0 [20/0] via 20.20.20.1, 00:04:18
B 10.10.10.4 [20/0] via 20.20.20.1, 00:04:50
Can we get the output of
show ip bgp neighbor 10.10.10.10 advertised-routes?sonic# show ip bgp vrf Vrf_A neighbors 10.10.10.6 advertised-routes BGP table version is 5, local router ID is 10.10.10.5, vrf id 90 Default local pref 100, local AS 500 Status codes: s suppressed, d damped, h history, * valid, > best, = multipath, i internal, r RIB-failure, S Stale, R Removed Nexthop codes: @NNN nexthop's vrf id, < announce-nh-self Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path > 10.10.10.0/30 0.0.0.0 0 100 0 100 i > 10.10.10.4/30 0.0.0.0 0 100 32768 i > 55.0.0.0/8 0.0.0.0 0 100 0 100 i > 185.5.5.0/24 0.0.0.0 0 100 0 100 i *> 185.170.30.12/30 0.0.0.0 0 100 32768 i
Total number of prefixes 5
sonic# show ip bgp vrf Vrf_C neighbors 10.10.10.1 advertised-routes BGP table version is 4, local router ID is 10.10.10.2, vrf id 91 Default local pref 100, local AS 500 Status codes: s suppressed, d damped, h history, * valid, > best, = multipath, i internal, r RIB-failure, S Stale, R Removed Nexthop codes: @NNN nexthop's vrf id, < announce-nh-self Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path > 10.10.10.0/30 0.0.0.0 0 32768 i > 10.10.10.4/30 0.0.0.0 0 100 0 i > 55.0.0.0/8 0.0.0.0 0 100 i > 185.5.5.0/24 0.0.0.0 0 100 i
Total number of prefixes 4 sonic#
and in another one SONiC 1.1-1 sonic# show ip bgp vrf Vrf_A neighbors 10.10.10.5 advertised-routes BGP table version is 7, local router ID is 10.10.10.6, vrf id 76 Default local pref 100, local AS 500 Status codes: s suppressed, d damped, h history, * valid, > best, = multipath, i internal, r RIB-failure, S Stale, R Removed Nexthop codes: @NNN nexthop's vrf id, < announce-nh-self Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path > 10.10.10.0/30 10.10.10.5 0 100 0 100 i > 10.10.10.4/30 0.0.0.0 0 100 32768 i > 55.0.0.0/8 10.10.10.5 0 100 0 100 i > 185.5.5.0/24 10.10.10.5 0 100 0 100 i *> 185.170.30.12/30 10.10.10.5 0 100 0 i
Total number of prefixes 5 sonic# show ip bgp vrf Vrf_B neighbors 10.10.10.10 advertised-routes BGP table version is 16, local router ID is 10.10.10.9, vrf id 77 Default local pref 100, local AS 500 Status codes: s suppressed, d damped, h history, * valid, > best, = multipath, i internal, r RIB-failure, S Stale, R Removed Nexthop codes: @NNN nexthop's vrf id, < announce-nh-self Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path > 10.10.10.0/30 0.0.0.0 0 100 0 100 i > 10.10.10.4/30 0.0.0.0 0 100 0 i > 10.10.10.8/30 0.0.0.0 0 100 32768 i > 55.0.0.0/8 0.0.0.0 0 100 0 100 i > 185.5.5.0/24 0.0.0.0 0 100 0 100 i > 185.170.30.12/30 0.0.0.0 0 100 0 i
Total number of prefixes 6
From the output you've provided, it looks to me like Rtr-2 Vrf_B is advertising 185.170.30.12/30 to 10.10.10.10:
sonic# show ip bgp vrf Vrf_B neighbors 10.10.10.10 advertised-routes
BGP table version is 16, local router ID is 10.10.10.9, vrf id 77
Default local pref 100, local AS 500
Status codes: s suppressed, d damped, h history, * valid, > best, = multipath,
i internal, r RIB-failure, S Stale, R Removed
Nexthop codes: @nnn nexthop's vrf id, < announce-nh-self
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 10.10.10.0/30 0.0.0.0 0 100 0 100 i
*> 10.10.10.4/30 0.0.0.0 0 100 0 i
*> 10.10.10.8/30 0.0.0.0 0 100 32768 i
*> 55.0.0.0/8 0.0.0.0 0 100 0 100 i
*> 185.5.5.0/24 0.0.0.0 0 100 0 100 i
*> 185.170.30.12/30 0.0.0.0 0 100 0 i <<<<<<<<<
Total number of prefixes 6Right now all we know is that Rtr-3 has chosen the eBGP path via 20.20.20.1, we don't know whether it has properly received and processed the iBGP path we've advertised to them.
Can you get the appropriate show ip bgp output from Rtr-3, along with the equivalent of show ip bgp neighbors 10.10.10.9 received-routes?
mipxman
commented
3 years ago Can you get the appropriate
show ip bgpoutput from Rtr-3, along with the equivalent ofshow ip bgp neighbors 10.10.10.9 received-routes?
R2#show ip bgp neighbors 10.10.10.9 received-routes
BGP table version is 20, local router ID is 20.20.20.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*>i10.10.10.0/30 10.10.10.9 0 100 0 100 i
*>i10.10.10.4/30 10.10.10.9 0 100 0 i
r>i10.10.10.8/30 10.10.10.9 0 100 0 i
*>i55.0.0.0 10.10.10.9 0 100 0 100 i
*>i185.5.5.0/24 10.10.10.9 0 100 0 100 i
Total number of prefixes 5
note that I add neighbor 10.10.10.9 soft-reconfiguration inbound , also in the other side :
sonic# do show ip bgp vrf Vrf_A neighbor 10.10.10.6 received-routes
BGP table version is 0, local router ID is 10.10.10.5, vrf id 16
Default local pref 100, local AS 500
Status codes: s suppressed, d damped, h history, * valid, > best, = multipath,
i internal, r RIB-failure, S Stale, R Removed
Nexthop codes: @NNN nexthop's vrf id, < announce-nh-self
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 8.8.8.8/32 10.10.10.6 0 100 0 1000 i
*> 10.10.10.0/30 10.10.10.5 0 100 0 100 i
*> 10.10.10.4/30 10.10.10.6 0 100 0 i
*> 20.20.20.0/30 10.10.10.6 0 100 0 i
*> 55.0.0.0/8 10.10.10.5 0 100 0 100 i
*> 185.5.5.0/24 10.10.10.5 0 100 0 100 i
*> 185.170.30.12/30 10.10.10.6 0 100 0 i <<<<<<<<<<<<<<
Total number of prefixes 7my main problem is when we import vrf <vrf_name1> the backbone networks was advertise in second vrf router bgp <AS> vrf <vrf_name2> .but the network we introduce on this specific vrf_name1 not advertised in vrf_name2 . maybe my scenario is wrong ! I don't know.
taspelund
commented
3 years ago From R2 can you get the output of show ip bgp and show ip route?
mipxman
commented
3 years ago From R2 can you get the output of
show ip bgpandshow ip route?
R2#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
185.5.0.0/24 is subnetted, 1 subnets
B 185.5.5.0 [200/0] via 10.10.10.9, 00:01:58
B 55.0.0.0/8 [200/0] via 10.10.10.9, 00:01:58
20.0.0.0/30 is subnetted, 1 subnets
C 20.20.20.0 is directly connected, FastEthernet0/1
8.0.0.0/32 is subnetted, 1 subnets
B 8.8.8.8 [20/0] via 20.20.20.2, 00:06:33
10.0.0.0/30 is subnetted, 3 subnets
C 10.10.10.8 is directly connected, FastEthernet0/0
B 10.10.10.0 [200/0] via 10.10.10.9, 00:01:58
B 10.10.10.4 [200/0] via 10.10.10.9, 00:02:58
R2#show ip bgp
BGP table version is 9, local router ID is 20.20.20.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 8.8.8.8/32 20.20.20.2 0 0 1000 i
*>i10.10.10.0/30 10.10.10.9 0 100 0 100 i
*>i10.10.10.4/30 10.10.10.9 0 100 0 i
r>i10.10.10.8/30 10.10.10.9 0 100 0 i
* 20.20.20.0/30 20.20.20.2 0 0 1000 i
*> 0.0.0.0 0 32768 i
*>i55.0.0.0 10.10.10.9 0 100 0 100 i
*>i185.5.5.0/24 10.10.10.9 0 100 0 100 i
R2#Sorry, I mis-typed. Can you get show ip route and show ip bgp from Rtr-3?
mipxman
commented
3 years ago Sorry, I mis-typed. Can you get
show ip routeandshow ip bgpfrom Rtr-3?
according this topology R2 is Rtr-3 . I add the network 185.170.30.12/30 on router bgp 500 vrf Vrf_A in SONiC1.1-1 . this network advertised in R1 but not in R2 and R3. Notice that I have all network advertised from R1 in R3 with this configuration and vice versa.
taspelund
commented
3 years ago Ok. It wasn't clear to me that R2/Rtr-3 were the same device. Well the output we have from Sonic1.1-1 states that we've leaked 185.170.30.12/30 from Vrf_A into Vrf_B:
Instance Vrf_A:
BGP table version is 7, local router ID is 10.10.10.6, vrf id 76 <<<<<< Vrf_A vrf id == 76
Instance Vrf_B:
BGP table version is 16, local router ID is 10.10.10.9, vrf id 77
Default local pref 100, local AS 500
Status codes: s suppressed, d damped, h history, * valid, > best, = multipath,
i internal, r RIB-failure, S Stale, R Removed
Nexthop codes: @NNN nexthop's vrf id, < announce-nh-self
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*>i8.8.8.8/32 10.10.10.10 0 100 0 1000 i
*> 10.10.10.0/30 10.10.10.5@76< 0 100 0 100 i
*> 10.10.10.4/30 10.10.10.5@76< 0 100 0 i
0.0.0.0@76< 0 32768 i
*> 10.10.10.8/30 0.0.0.0 0 32768 i
*>i20.20.20.0/30 10.10.10.10 0 100 0 i
*> 55.0.0.0/8 10.10.10.5@76< 0 100 0 100 i
*> 185.5.5.0/24 10.10.10.5@76< 0 100 0 100 i
*> 185.170.30.12/30 10.10.10.5@76< 0 100 0 i <<<<<<<< "@76" means the next-hop is via Vrf_A
Displayed 8 routes and 9 total pathsAnd the output also shows that we believe we've advertised 185.170.30.12/30 to R2:
sonic# show ip bgp vrf Vrf_B neighbors 10.10.10.10 advertised-routes
BGP table version is 16, local router ID is 10.10.10.9, vrf id 77
Default local pref 100, local AS 500
Status codes: s suppressed, d damped, h history, * valid, > best, = multipath,
i internal, r RIB-failure, S Stale, R Removed
Nexthop codes: @nnn nexthop's vrf id, < announce-nh-self
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 10.10.10.0/30 0.0.0.0 0 100 0 100 i
*> 10.10.10.4/30 0.0.0.0 0 100 0 i
*> 10.10.10.8/30 0.0.0.0 0 100 32768 i
*> 55.0.0.0/8 0.0.0.0 0 100 0 100 i
*> 185.5.5.0/24 0.0.0.0 0 100 0 100 i
*> 185.170.30.12/30 0.0.0.0 0 100 0 i <<<<<<<<<
Total number of prefixes 6What I'd want to do next is either get a packet capture of the BGP exchange (to prove definitively whether an Update is sent that carries 185.170.30.12/30), or to get debugs on R2 showing its Update processing of the routes it has received. The debugs will tell us if the cisco believes it received the route, and whether it intentionally denied the route due to policy or unacceptable attributes.
In either case, we'll want to trigger a re-advertisement of the routes using something like clear ip bgp 10.10.10.9 soft in or clear ip bgp 10.10.10.9 from R2.
Assuming the port labels in the diagram are correct, the tcpdump can be run on Sonic1.1-1 using sudo tcpdump -eni Ethernet8 host 10.10.10.10 and tcp port 179 -vvv.
For the debugs on the Cisco side, I believe the IOS syntax is debug ip bgp updates, and you may need logging console debug. You may also be able to narrow the debugs to a specific peer, which may be helpful for keeping the output short.
mipxman
commented
3 years ago in SONiC1.1-1
admin@sonic:~$ show vrf
VRF Interfaces
----- ------------
Vrf_B Ethernet8
Vrf_A Ethernet0my tcpdump result is :
root@sonic:~# sudo tcpdump -eni Ethernet8 host 10.10.10.10 and tcp port 179 -vvv
tcpdump: listening on Ethernet8, link-type EN10MB (Ethernet), capture size 262144 bytes
13:35:20.046883 52:54:00:12:34:56 > c2:02:fc:d0:00:00, ethertype IPv4 (0x0800), length 73: (tos 0xc0, ttl 255, id 29276, offset 0, flags [DF], proto TCP (6), length 59)
10.10.10.9.179 > 10.10.10.10.23135: Flags [P.], cksum 0x9b36 (correct), seq 58797627:58797646, ack 638664346, win 63183, length 19: BGP
Keepalive Message (4), length: 19
13:35:20.057296 c2:02:fc:d0:00:00 > 52:54:00:12:34:56, ethertype IPv4 (0x0800), length 73: (tos 0xc0, ttl 255, id 47121, offset 0, flags [none], proto TCP (6), length 59)
10.10.10.10.23135 > 10.10.10.9.179: Flags [P.], cksum 0x534d (correct), seq 1:20, ack 19, win 16038, length 19: BGP
Keepalive Message (4), length: 19
13:35:20.057344 52:54:00:12:34:56 > c2:02:fc:d0:00:00, ethertype IPv4 (0x0800), length 54: (tos 0xc0, ttl 255, id 29277, offset 0, flags [DF], proto TCP (6), length 40)
10.10.10.9.179 > 10.10.10.10.23135: Flags [.], cksum 0x9f51 (correct), seq 19, ack 20, win 63164, length 0
13:36:20.046878 52:54:00:12:34:56 > c2:02:fc:d0:00:00, ethertype IPv4 (0x0800), length 73: (tos 0xc0, ttl 255, id 29278, offset 0, flags [DF], proto TCP (6), length 59)
10.10.10.9.179 > 10.10.10.10.23135: Flags [P.], cksum 0x9b23 (correct), seq 19:38, ack 20, win 63164, length 19: BGP@taspelund thanks your help and time. I try to do this scenario with new algorithm.
taspelund
commented
3 years ago There are only BGP keepalive messages in the caoture. That tcpdump looks like it was cut short or wasn't already running while the "clear" command was run on R2.
Could you start the tcpdump first, then while the tcpdump is going run the clear command on R2?
mipxman
commented
3 years ago admin@sonic:~$ sudo tcpdump -eni Ethernet8 host 10.10.10.10 and tcp port 179 -vvv
tcpdump: listening on Ethernet8, link-type EN10MB (Ethernet), capture size 262144 bytes
07:08:49.958403 52:54:00:12:34:56 > c2:02:fc:d0:00:00, ethertype IPv4 (0x0800), length 73: (tos 0xc0, ttl 255, id 17521, offset 0, flags [DF], proto TCP (6), length 59)
10.10.10.9.179 > 10.10.10.10.29705: Flags [P.], cksum 0xf5fc (correct), seq 319683328:319683347, ack 2640017018, win 63202, length 19: BGP
Keepalive Message (4), length: 19
07:08:49.971868 c2:02:fc:d0:00:00 > 52:54:00:12:34:56, ethertype IPv4 (0x0800), length 73: (tos 0xc0, ttl 255, id 25183, offset 0, flags [none], proto TCP (6), length 59)
10.10.10.10.29705 > 10.10.10.9.179: Flags [P.], cksum 0xae13 (correct), seq 1:20, ack 19, win 16057, length 19: BGP
Keepalive Message (4), length: 19
07:08:50.015396 52:54:00:12:34:56 > c2:02:fc:d0:00:00, ethertype IPv4 (0x0800), length 54: (tos 0xc0, ttl 255, id 17522, offset 0, flags [DF], proto TCP (6), length 40)
10.10.10.9.179 > 10.10.10.10.29705: Flags [.], cksum 0xfa17 (correct), seq 19, ack 20, win 63183, length 0
07:08:59.086565 c2:02:fc:d0:00:00 > 52:54:00:12:34:56, ethertype IPv4 (0x0800), length 60: (tos 0xc0, ttl 255, id 25184, offset 0, flags [none], proto TCP (6), length 40)
10.10.10.10.29705 > 10.10.10.9.179: Flags [FP.], cksum 0xb225 (correct), seq 20, ack 19, win 16057, length 0
07:08:59.095660 c2:02:fc:d0:00:00 > 52:54:00:12:34:56, ethertype IPv4 (0x0800), length 60: (tos 0xc0, ttl 255, id 51480, offset 0, flags [none], proto TCP (6), length 44)
10.10.10.10.58402 > 10.10.10.9.179: Flags [S], cksum 0xa78b (correct), seq 1860252861, win 16384, options [mss 1460], length 0
07:08:59.095720 52:54:00:12:34:56 > c2:02:fc:d0:00:00, ethertype IPv4 (0x0800), length 58: (tos 0xc0, ttl 255, id 0, offset 0, flags [DF], proto TCP (6), length 44)
10.10.10.9.179 > 10.10.10.10.58402: Flags [S.], cksum 0x081b (correct), seq 2107395158, ack 1860252862, win 63420, options [mss 9060], length 0
07:08:59.101438 52:54:00:12:34:56 > c2:02:fc:d0:00:00, ethertype IPv4 (0x0800), length 54: (tos 0xc0, ttl 255, id 17523, offset 0, flags [DF], proto TCP (6), length 40)
10.10.10.9.179 > 10.10.10.10.29705: Flags [F.], cksum 0xfa16 (correct), seq 19, ack 21, win 63182, length 0
07:08:59.105590 c2:02:fc:d0:00:00 > 52:54:00:12:34:56, ethertype IPv4 (0x0800), length 60: (tos 0xc0, ttl 255, id 51481, offset 0, flags [none], proto TCP (6), length 40)
10.10.10.10.58402 > 10.10.10.9.179: Flags [.], cksum 0xf544 (correct), seq 1, ack 1, win 16384, length 0
07:08:59.105898 52:54:00:12:34:56 > c2:02:fc:d0:00:00, ethertype IPv4 (0x0800), length 132: (tos 0xc0, ttl 255, id 63003, offset 0, flags [DF], proto TCP (6), length 118)
10.10.10.9.179 > 10.10.10.10.58402: Flags [P.], cksum 0x4167 (correct), seq 1:79, ack 1, win 63420, length 78: BGP
Open Message (1), length: 78
Version 4, my AS 500, Holdtime 180s, ID 10.10.10.9
Optional parameters, length: 49
Option Capabilities Advertisement (2), length: 6
Multiprotocol Extensions (1), length: 4
AFI IPv4 (1), SAFI Unicast (1)
0x0000: 0001 0001
Option Capabilities Advertisement (2), length: 2
Route Refresh (Cisco) (128), length: 0
Option Capabilities Advertisement (2), length: 2
Route Refresh (2), length: 0
Option Capabilities Advertisement (2), length: 6
32-Bit AS Number (65), length: 4
4 Byte AS 500
0x0000: 0000 01f4
Option Capabilities Advertisement (2), length: 6
Multiple Paths (69), length: 4
AFI IPv4 (1), SAFI Unicast (1), Send/Receive: Receive
0x0000: 0001 0101
Option Capabilities Advertisement (2), length: 9
Unknown (73), length: 7
no decoder for Capability 73
0x0000: 0573 6f6e 6963 00
Option Capabilities Advertisement (2), length: 4
Graceful Restart (64), length: 2
Restart Flags: [none], Restart Time 120s
0x0000: 0078
07:08:59.115938 c2:02:fc:d0:00:00 > 52:54:00:12:34:56, ethertype IPv4 (0x0800), length 99: (tos 0xc0, ttl 255, id 51482, offset 0, flags [none], proto TCP (6), length 85)
10.10.10.10.58402 > 10.10.10.9.179: Flags [P.], cksum 0xa898 (correct), seq 1:46, ack 1, win 16384, length 45: BGP
Open Message (1), length: 45
Version 4, my AS 500, Holdtime 180s, ID 20.20.20.1
Optional parameters, length: 16
Option Capabilities Advertisement (2), length: 6
Multiprotocol Extensions (1), length: 4
AFI IPv4 (1), SAFI Unicast (1)
0x0000: 0001 0001
Option Capabilities Advertisement (2), length: 2
Route Refresh (Cisco) (128), length: 0
Option Capabilities Advertisement (2), length: 2
Route Refresh (2), length: 0
07:08:59.115983 52:54:00:12:34:56 > c2:02:fc:d0:00:00, ethertype IPv4 (0x0800), length 54: (tos 0xc0, ttl 255, id 63004, offset 0, flags [DF], proto TCP (6), length 40)
10.10.10.9.179 > 10.10.10.10.58402: Flags [.], cksum 0x3d3a (correct), seq 79, ack 46, win 63375, length 0
07:08:59.127740 c2:02:fc:d0:00:00 > 52:54:00:12:34:56, ethertype IPv4 (0x0800), length 60: (tos 0xc0, ttl 255, id 25185, offset 0, flags [none], proto TCP (6), length 40)
10.10.10.10.29705 > 10.10.10.9.179: Flags [.], cksum 0xb22c (correct), seq 21, ack 20, win 16057, length 0
07:08:59.136133 c2:02:fc:d0:00:00 > 52:54:00:12:34:56, ethertype IPv4 (0x0800), length 73: (tos 0xc0, ttl 255, id 51483, offset 0, flags [none], proto TCP (6), length 59)
10.10.10.10.58402 > 10.10.10.9.179: Flags [P.], cksum 0xf0e9 (correct), seq 46:65, ack 79, win 16306, length 19: BGP
Keepalive Message (4), length: 19
07:08:59.136162 52:54:00:12:34:56 > c2:02:fc:d0:00:00, ethertype IPv4 (0x0800), length 73: (tos 0xc0, ttl 255, id 63005, offset 0, flags [DF], proto TCP (6), length 59)
10.10.10.9.179 > 10.10.10.10.58402: Flags [P.], cksum 0x390c (correct), seq 79:98, ack 65, win 63356, length 19: BGP
Keepalive Message (4), length: 19
07:08:59.146963 c2:02:fc:d0:00:00 > 52:54:00:12:34:56, ethertype IPv4 (0x0800), length 110: (tos 0xc0, ttl 255, id 51484, offset 0, flags [none], proto TCP (6), length 96)
10.10.10.10.58402 > 10.10.10.9.179: Flags [.], cksum 0xa640 (correct), seq 65:121, ack 98, win 16287, length 56: BGP
Update Message (2), length: 56
Origin (1), length: 1, Flags [T]: IGP
0x0000: 00
AS Path (2), length: 0, Flags [T]: empty
Next Hop (3), length: 4, Flags [T]: 10.10.10.10
0x0000: 0a0a 0a0a
Multi Exit Discriminator (4), length: 4, Flags [O]: 0
0x0000: 0000 0000
Local Preference (5), length: 4, Flags [T]: 100
0x0000: 0000 0064
Updated routes:
20.20.20.0/30
07:08:59.159428 c2:02:fc:d0:00:00 > 52:54:00:12:34:56, ethertype IPv4 (0x0800), length 114: (tos 0xc0, ttl 255, id 51485, offset 0, flags [none], proto TCP (6), length 100)
10.10.10.10.58402 > 10.10.10.9.179: Flags [P.], cksum 0xb40d (correct), seq 121:181, ack 98, win 16287, length 60: BGP
Update Message (2), length: 60
Origin (1), length: 1, Flags [T]: IGP
0x0000: 00
AS Path (2), length: 4, Flags [T]: 1000
0x0000: 0201 03e8
Next Hop (3), length: 4, Flags [T]: 10.10.10.10
0x0000: 0a0a 0a0a
Multi Exit Discriminator (4), length: 4, Flags [O]: 0
0x0000: 0000 0000
Local Preference (5), length: 4, Flags [T]: 100
0x0000: 0000 0064
Updated routes:
8.8.8.8/32
07:08:59.159999 52:54:00:12:34:56 > c2:02:fc:d0:00:00, ethertype IPv4 (0x0800), length 54: (tos 0xc0, ttl 255, id 63006, offset 0, flags [DF], proto TCP (6), length 40)
10.10.10.9.179 > 10.10.10.10.58402: Flags [.], cksum 0x3d27 (correct), seq 98, ack 181, win 63240, length 0
07:08:59.268015 c2:02:fc:d0:00:00 > 52:54:00:12:34:56, ethertype IPv4 (0x0800), length 73: (tos 0xc0, ttl 255, id 51486, offset 0, flags [none], proto TCP (6), length 59)
10.10.10.10.58402 > 10.10.10.9.179: Flags [P.], cksum 0xf062 (correct), seq 181:200, ack 98, win 16287, length 19: BGP
Keepalive Message (4), length: 19
07:08:59.278896 c2:02:fc:d0:00:00 > 52:54:00:12:34:56, ethertype IPv4 (0x0800), length 73: (tos 0xc0, ttl 255, id 51487, offset 0, flags [none], proto TCP (6), length 59)
10.10.10.10.58402 > 10.10.10.9.179: Flags [P.], cksum 0xf04f (correct), seq 200:219, ack 98, win 16287, length 19: BGP
Keepalive Message (4), length: 19
07:08:59.279616 52:54:00:12:34:56 > c2:02:fc:d0:00:00, ethertype IPv4 (0x0800), length 54: (tos 0xc0, ttl 255, id 63007, offset 0, flags [DF], proto TCP (6), length 40)
10.10.10.9.179 > 10.10.10.10.58402: Flags [.], cksum 0x3d27 (correct), seq 98, ack 219, win 63202, length 0
07:09:00.237136 52:54:00:12:34:56 > c2:02:fc:d0:00:00, ethertype IPv4 (0x0800), length 140: (tos 0xc0, ttl 255, id 63008, offset 0, flags [DF], proto TCP (6), length 126)
10.10.10.9.179 > 10.10.10.10.58402: Flags [P.], cksum 0xd497 (correct), seq 98:184, ack 219, win 63202, length 86: BGP
Update Message (2), length: 86
Origin (1), length: 1, Flags [T]: IGP
0x0000: 00
AS Path (2), length: 4, Flags [TE]: 100
0x0000: 0201 0064
Next Hop (3), length: 4, Flags [T]: 10.10.10.9
0x0000: 0a0a 0a09
Multi Exit Discriminator (4), length: 4, Flags [O]: 0
0x0000: 0000 0000
Local Preference (5), length: 4, Flags [T]: 100
0x0000: 0000 0064
Extended Community (16), length: 16, Flags [OT]:
target (0x0102), Flags [none]: 0.0.0.0:4
target (0x0102), Flags [none]: 10.10.10.6:2
0x0000: 0102 0000 0000 0004 0102 0a0a 0a06 0002
Updated routes:
10.10.10.0/30
185.5.5.0/24
55.0.0.0/8
07:09:00.441605 c2:02:fc:d0:00:00 > 52:54:00:12:34:56, ethertype IPv4 (0x0800), length 60: (tos 0xc0, ttl 255, id 51488, offset 0, flags [none], proto TCP (6), length 40)
10.10.10.10.58402 > 10.10.10.9.179: Flags [.], cksum 0xf46a (correct), seq 219, ack 184, win 16201, length 0
07:09:00.441690 52:54:00:12:34:56 > c2:02:fc:d0:00:00, ethertype IPv4 (0x0800), length 179: (tos 0xc0, ttl 255, id 63009, offset 0, flags [DF], proto TCP (6), length 165)
10.10.10.9.179 > 10.10.10.10.58402: Flags [P.], cksum 0x893f (correct), seq 184:309, ack 219, win 63202, length 125: BGP
Update Message (2), length: 68
Origin (1), length: 1, Flags [T]: IGP
0x0000: 00
AS Path (2), length: 0, Flags [TE]: empty
Next Hop (3), length: 4, Flags [T]: 10.10.10.9
0x0000: 0a0a 0a09
Multi Exit Discriminator (4), length: 4, Flags [O]: 0
0x0000: 0000 0000
Local Preference (5), length: 4, Flags [T]: 100
0x0000: 0000 0064
Extended Community (16), length: 8, Flags [OT]:
target (0x0102), Flags [none]: 10.10.10.6:2
0x0000: 0102 0a0a 0a06 0002
Updated routes:
10.10.10.4/30
Update Message (2), length: 57
Origin (1), length: 1, Flags [T]: IGP
0x0000: 00
AS Path (2), length: 0, Flags [TE]: empty
Next Hop (3), length: 4, Flags [T]: 10.10.10.9
0x0000: 0a0a 0a09
Multi Exit Discriminator (4), length: 4, Flags [O]: 0
0x0000: 0000 0000
Local Preference (5), length: 4, Flags [T]: 100
0x0000: 0000 0064
Updated routes:
10.10.10.8/30
07:09:00.663371 c2:02:fc:d0:00:00 > 52:54:00:12:34:56, ethertype IPv4 (0x0800), length 60: (tos 0xc0, ttl 255, id 51489, offset 0, flags [none], proto TCP (6), length 40)
10.10.10.10.58402 > 10.10.10.9.179: Flags [.], cksum 0xf46a (correct), seq 219, ack 309, win 16076, length 0the result for another Rtr SONiC1.2-1 and clear ip bgp 10.10.10.2 all in R1 :
admin@sonic:~$ sudo tcpdump -eni Ethernet0 host 10.10.10.1 and tcp port 179 -vvv
tcpdump: listening on Ethernet0, link-type EN10MB (Ethernet), capture size 262144 bytes
07:18:31.776914 52:54:00:12:34:56 > c2:01:fc:be:00:00, ethertype IPv4 (0x0800), length 73: (tos 0xc0, ttl 255, id 12303, offset 0, flags [DF], proto TCP (6), length 59)
10.10.10.2.38112 > 10.10.10.1.179: Flags [P.], cksum 0xec39 (correct), seq 874962546:874962565, ack 2696370329, win 62936, length 19: BGP
Keepalive Message (4), length: 19
07:18:31.787913 c2:01:fc:be:00:00 > 52:54:00:12:34:56, ethertype IPv4 (0x0800), length 73: (tos 0xc0, ttl 1, id 40338, offset 0, flags [none], proto TCP (6), length 59)
10.10.10.1.179 > 10.10.10.2.38112: Flags [P.], cksum 0xa707 (correct), seq 1:20, ack 19, win 15096, length 19: BGP
Keepalive Message (4), length: 19
07:18:31.787970 52:54:00:12:34:56 > c2:01:fc:be:00:00, ethertype IPv4 (0x0800), length 54: (tos 0xc0, ttl 255, id 12304, offset 0, flags [DF], proto TCP (6), length 40)
10.10.10.2.38112 > 10.10.10.1.179: Flags [.], cksum 0xf054 (correct), seq 19, ack 20, win 62917, length 0
07:18:41.898011 c2:01:fc:be:00:00 > 52:54:00:12:34:56, ethertype IPv4 (0x0800), length 60: (tos 0xc0, ttl 1, id 40339, offset 0, flags [none], proto TCP (6), length 40)
10.10.10.1.179 > 10.10.10.2.38112: Flags [FP.], cksum 0xab19 (correct), seq 20, ack 19, win 15096, length 0
07:18:41.907625 c2:01:fc:be:00:00 > 52:54:00:12:34:56, ethertype IPv4 (0x0800), length 60: (tos 0xc0, ttl 1, id 63177, offset 0, flags [none], proto TCP (6), length 44)
10.10.10.1.19154 > 10.10.10.2.179: Flags [S], cksum 0x5dfc (correct), seq 2180187291, win 16384, options [mss 1460], length 0
07:18:41.907683 52:54:00:12:34:56 > c2:01:fc:be:00:00, ethertype IPv4 (0x0800), length 58: (tos 0xc0, ttl 255, id 0, offset 0, flags [DF], proto TCP (6), length 44)
10.10.10.2.179 > 10.10.10.1.19154: Flags [S.], cksum 0x1242 (correct), seq 717441913, ack 2180187292, win 63420, options [mss 9060], length 0
07:18:41.911885 52:54:00:12:34:56 > c2:01:fc:be:00:00, ethertype IPv4 (0x0800), length 54: (tos 0xc0, ttl 255, id 12305, offset 0, flags [DF], proto TCP (6), length 40)
10.10.10.2.38112 > 10.10.10.1.179: Flags [F.], cksum 0xf053 (correct), seq 19, ack 21, win 62916, length 0
07:18:41.917645 c2:01:fc:be:00:00 > 52:54:00:12:34:56, ethertype IPv4 (0x0800), length 60: (tos 0xc0, ttl 1, id 63178, offset 0, flags [none], proto TCP (6), length 40)
10.10.10.1.19154 > 10.10.10.2.179: Flags [.], cksum 0xff6b (correct), seq 1, ack 1, win 16384, length 0
07:18:41.917898 52:54:00:12:34:56 > c2:01:fc:be:00:00, ethertype IPv4 (0x0800), length 132: (tos 0xc0, ttl 255, id 44628, offset 0, flags [DF], proto TCP (6), length 118)
10.10.10.2.179 > 10.10.10.1.19154: Flags [P.], cksum 0x4b95 (correct), seq 1:79, ack 1, win 63420, length 78: BGP
Open Message (1), length: 78
Version 4, my AS 500, Holdtime 180s, ID 10.10.10.2
Optional parameters, length: 49
Option Capabilities Advertisement (2), length: 6
Multiprotocol Extensions (1), length: 4
AFI IPv4 (1), SAFI Unicast (1)
0x0000: 0001 0001
Option Capabilities Advertisement (2), length: 2
Route Refresh (Cisco) (128), length: 0
Option Capabilities Advertisement (2), length: 2
Route Refresh (2), length: 0
Option Capabilities Advertisement (2), length: 6
32-Bit AS Number (65), length: 4
4 Byte AS 500
0x0000: 0000 01f4
Option Capabilities Advertisement (2), length: 6
Multiple Paths (69), length: 4
AFI IPv4 (1), SAFI Unicast (1), Send/Receive: Receive
0x0000: 0001 0101
Option Capabilities Advertisement (2), length: 9
Unknown (73), length: 7
no decoder for Capability 73
0x0000: 0573 6f6e 6963 00
Option Capabilities Advertisement (2), length: 4
Graceful Restart (64), length: 2
Restart Flags: [none], Restart Time 120s
0x0000: 0078
07:18:41.927891 c2:01:fc:be:00:00 > 52:54:00:12:34:56, ethertype IPv4 (0x0800), length 99: (tos 0xc0, ttl 1, id 63179, offset 0, flags [none], proto TCP (6), length 85)
10.10.10.1.19154 > 10.10.10.2.179: Flags [P.], cksum 0x1e5a (correct), seq 1:46, ack 1, win 16384, length 45: BGP
Open Message (1), length: 45
Version 4, my AS 100, Holdtime 180s, ID 185.5.5.5
Optional parameters, length: 16
Option Capabilities Advertisement (2), length: 6
Multiprotocol Extensions (1), length: 4
AFI IPv4 (1), SAFI Unicast (1)
0x0000: 0001 0001
Option Capabilities Advertisement (2), length: 2
Route Refresh (Cisco) (128), length: 0
Option Capabilities Advertisement (2), length: 2
Route Refresh (2), length: 0
07:18:41.927929 52:54:00:12:34:56 > c2:01:fc:be:00:00, ethertype IPv4 (0x0800), length 54: (tos 0xc0, ttl 255, id 44629, offset 0, flags [DF], proto TCP (6), length 40)
10.10.10.2.179 > 10.10.10.1.19154: Flags [.], cksum 0x4761 (correct), seq 79, ack 46, win 63375, length 0
07:18:41.937842 c2:01:fc:be:00:00 > 52:54:00:12:34:56, ethertype IPv4 (0x0800), length 60: (tos 0xc0, ttl 1, id 40340, offset 0, flags [none], proto TCP (6), length 40)
10.10.10.1.179 > 10.10.10.2.38112: Flags [.], cksum 0xab20 (correct), seq 21, ack 20, win 15096, length 0
07:18:41.947896 c2:01:fc:be:00:00 > 52:54:00:12:34:56, ethertype IPv4 (0x0800), length 73: (tos 0xc0, ttl 1, id 63180, offset 0, flags [none], proto TCP (6), length 59)
10.10.10.1.19154 > 10.10.10.2.179: Flags [P.], cksum 0xfb10 (correct), seq 46:65, ack 79, win 16306, length 19: BGP
Keepalive Message (4), length: 19
07:18:41.947925 52:54:00:12:34:56 > c2:01:fc:be:00:00, ethertype IPv4 (0x0800), length 73: (tos 0xc0, ttl 255, id 44630, offset 0, flags [DF], proto TCP (6), length 59)
10.10.10.2.179 > 10.10.10.1.19154: Flags [P.], cksum 0x4333 (correct), seq 79:98, ack 65, win 63356, length 19: BGP
Keepalive Message (4), length: 19
07:18:41.957961 c2:01:fc:be:00:00 > 52:54:00:12:34:56, ethertype IPv4 (0x0800), length 113: (tos 0xc0, ttl 1, id 63181, offset 0, flags [none], proto TCP (6), length 99)
10.10.10.1.19154 > 10.10.10.2.179: Flags [.], cksum 0x3c27 (correct), seq 65:124, ack 98, win 16287, length 59: BGP
Update Message (2), length: 59
Origin (1), length: 1, Flags [T]: IGP
0x0000: 00
AS Path (2), length: 4, Flags [T]: 100
0x0000: 0201 0064
Next Hop (3), length: 4, Flags [T]: 10.10.10.1
0x0000: 0a0a 0a01
Multi Exit Discriminator (4), length: 4, Flags [O]: 0
0x0000: 0000 0000
Updated routes:
185.5.5.0/24
55.0.0.0/8
10.10.10.0/30
07:18:42.001772 52:54:00:12:34:56 > c2:01:fc:be:00:00, ethertype IPv4 (0x0800), length 54: (tos 0xc0, ttl 255, id 44631, offset 0, flags [DF], proto TCP (6), length 40)
10.10.10.2.179 > 10.10.10.1.19154: Flags [.], cksum 0x474e (correct), seq 98, ack 124, win 63297, length 0
07:18:42.079476 c2:01:fc:be:00:00 > 52:54:00:12:34:56, ethertype IPv4 (0x0800), length 73: (tos 0xc0, ttl 1, id 63182, offset 0, flags [none], proto TCP (6), length 59)
10.10.10.1.19154 > 10.10.10.2.179: Flags [P.], cksum 0xfac2 (correct), seq 124:143, ack 98, win 16287, length 19: BGP
Keepalive Message (4), length: 19
07:18:42.079557 52:54:00:12:34:56 > c2:01:fc:be:00:00, ethertype IPv4 (0x0800), length 54: (tos 0xc0, ttl 255, id 44632, offset 0, flags [DF], proto TCP (6), length 40)
10.10.10.2.179 > 10.10.10.1.19154: Flags [.], cksum 0x474e (correct), seq 98, ack 143, win 63278, length 0
07:18:42.089161 c2:01:fc:be:00:00 > 52:54:00:12:34:56, ethertype IPv4 (0x0800), length 73: (tos 0xc0, ttl 1, id 63183, offset 0, flags [none], proto TCP (6), length 59)
10.10.10.1.19154 > 10.10.10.2.179: Flags [P.], cksum 0xfaaf (correct), seq 143:162, ack 98, win 16287, length 19: BGP
Keepalive Message (4), length: 19
07:18:42.089199 52:54:00:12:34:56 > c2:01:fc:be:00:00, ethertype IPv4 (0x0800), length 54: (tos 0xc0, ttl 255, id 44633, offset 0, flags [DF], proto TCP (6), length 40)
10.10.10.2.179 > 10.10.10.1.19154: Flags [.], cksum 0x474e (correct), seq 98, ack 162, win 63259, length 0
07:18:43.049057 52:54:00:12:34:56 > c2:01:fc:be:00:00, ethertype IPv4 (0x0800), length 129: (tos 0xc0, ttl 255, id 44634, offset 0, flags [DF], proto TCP (6), length 115)
10.10.10.2.179 > 10.10.10.1.19154: Flags [P.], cksum 0x3bc9 (correct), seq 98:173, ack 162, win 63259, length 75: BGP
Update Message (2), length: 75
Origin (1), length: 1, Flags [T]: IGP
0x0000: 00
AS Path (2), length: 6, Flags [TE]: 500 1000
0x0000: 0202 01f4 03e8
Next Hop (3), length: 4, Flags [T]: 10.10.10.2
0x0000: 0a0a 0a02
Multi Exit Discriminator (4), length: 4, Flags [O]: 0
0x0000: 0000 0000
Extended Community (16), length: 16, Flags [OT]:
target (0x0102), Flags [none]: 0.0.0.0:4
target (0x0102), Flags [none]: 10.10.10.5:2
0x0000: 0102 0000 0000 0004 0102 0a0a 0a05 0002
Updated routes:
8.8.8.8/32
07:18:43.259826 c2:01:fc:be:00:00 > 52:54:00:12:34:56, ethertype IPv4 (0x0800), length 60: (tos 0xc0, ttl 1, id 63184, offset 0, flags [none], proto TCP (6), length 40)
10.10.10.1.19154 > 10.10.10.2.179: Flags [.], cksum 0xfeca (correct), seq 162, ack 173, win 16212, length 0
07:18:43.259910 52:54:00:12:34:56 > c2:01:fc:be:00:00, ethertype IPv4 (0x0800), length 301: (tos 0xc0, ttl 255, id 44635, offset 0, flags [DF], proto TCP (6), length 287)
10.10.10.2.179 > 10.10.10.1.19154: Flags [P.], cksum 0x67cc (correct), seq 173:420, ack 162, win 63259, length 247: BGP
Update Message (2), length: 54
Origin (1), length: 1, Flags [T]: IGP
0x0000: 00
AS Path (2), length: 4, Flags [TE]: 500
0x0000: 0201 01f4
Next Hop (3), length: 4, Flags [T]: 10.10.10.2
0x0000: 0a0a 0a02
Multi Exit Discriminator (4), length: 4, Flags [O]: 0
0x0000: 0000 0000
Updated routes:
10.10.10.0/30
Update Message (2), length: 70
Origin (1), length: 1, Flags [T]: IGP
0x0000: 00
AS Path (2), length: 4, Flags [TE]: 500
0x0000: 0201 01f4
Next Hop (3), length: 4, Flags [T]: 10.10.10.2
0x0000: 0a0a 0a02
Multi Exit Discriminator (4), length: 4, Flags [O]: 0
0x0000: 0000 0000
Extended Community (16), length: 8, Flags [OT]:
target (0x0102), Flags [none]: 10.10.10.5:2
0x0000: 0102 0a0a 0a05 0002
Updated routes:
10.10.10.4/30
185.170.30.12/30 <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
Update Message (2), length: 73
Origin (1), length: 1, Flags [T]: IGP
0x0000: 00
AS Path (2), length: 4, Flags [TE]: 500
0x0000: 0201 01f4
Next Hop (3), length: 4, Flags [T]: 10.10.10.2
0x0000: 0a0a 0a02
Multi Exit Discriminator (4), length: 4, Flags [O]: 0
0x0000: 0000 0000
Extended Community (16), length: 16, Flags [OT]:
target (0x0102), Flags [none]: 0.0.0.0:4
target (0x0102), Flags [none]: 10.10.10.5:2
0x0000: 0102 0000 0000 0004 0102 0a0a 0a05 0002
Updated routes:
20.20.20.0/30
Update Message (2), length: 50
Origin (1), length: 1, Flags [T]: IGP
0x0000: 00
AS Path (2), length: 6, Flags [TE]: 500 100
0x0000: 0202 01f4 0064
Next Hop (3), length: 4, Flags [T]: 10.10.10.2
0x0000: 0a0a 0a02
Updated routes:
55.0.0.0/8
185.5.5.0/24
07:18:43.491804 c2:01:fc:be:00:00 > 52:54:00:12:34:56, ethertype IPv4 (0x0800), length 60: (tos 0xc0, ttl 1, id 63185, offset 0, flags [none], proto TCP (6), length 40)
10.10.10.1.19154 > 10.10.10.2.179: Flags [.], cksum 0xfeca (correct), seq 162, ack 420, win 15965, length 0
07:19:41.948659 52:54:00:12:34:56 > c2:01:fc:be:00:00, ethertype IPv4 (0x0800), length 73: (tos 0xc0, ttl 255, id 44636, offset 0, flags [DF], proto TCP (6), length 59)
10.10.10.2.179 > 10.10.10.1.19154: Flags [P.], cksum 0x41de (correct), seq 420:439, ack 162, win 63259, length 19: BGP
Keepalive Message (4), length: 19
07:19:41.956788 c2:01:fc:be:00:00 > 52:54:00:12:34:56, ethertype IPv4 (0x0800), length 73: (tos 0xc0, ttl 1, id 63186, offset 0, flags [none], proto TCP (6), length 59)
10.10.10.1.19154 > 10.10.10.2.179: Flags [P.], cksum 0xfa9c (correct), seq 162:181, ack 439, win 15946, length 19: BGP
Keepalive Message (4), length: 19
07:19:41.956832 52:54:00:12:34:56 > c2:01:fc:be:00:00, ethertype IPv4 (0x0800), length 54: (tos 0xc0, ttl 255, id 44637, offset 0, flags [DF], proto TCP (6), length 40)
10.10.10.2.179 > 10.10.10.1.19154: Flags [.], cksum 0x45f9 (correct), seq 439, ack 181, win 63240, length 0
also you can see the json file. you can see this specific network 185.170.30.12/30 was advertise in Vrf_B : but R2 can't get any data include this network.
sonic(config-router-af)# do show ip bgp vrf all json
{
"Vrf_A":{
"vrfId": 53,
"vrfName": "Vrf_A",
"tableVersion": 21,
"routerId": "10.10.10.6",
"defaultLocPrf": 100,
"localAS": 500,
"routes": { "8.8.8.8/32": [ { "valid": true, "bestpath": true, "pathFrom": "external", "prefix": "8.8.8.8", "prefixLen": 32, "network": "8.8.8.8\/32", "med": 0, "metric": 0, "localpref": 100, "locPrf": 100, "weight": 0, "peerId": "(unspec)", "aspath": "1000", "path": "1000", "origin": "IGP", "announceNexthopSelf": true, "nhVrfName": "Vrf_B", "nhVrfId": 56, "nexthops": [ { "ip": "10.10.10.10", "afi": "ipv4", "used": true } ] } ],"10.10.10.0/30": [ { "valid": true, "bestpath": true, "pathFrom": "internal", "prefix": "10.10.10.0", "prefixLen": 30, "network": "10.10.10.0\/30", "med": 0, "metric": 0, "localpref": 100, "locPrf": 100, "weight": 0, "peerId": "10.10.10.5", "aspath": "100", "path": "100", "origin": "IGP", "nexthops": [ { "ip": "10.10.10.5", "afi": "ipv4", "used": true } ] } ],"10.10.10.4/30": [ { "valid": true, "pathFrom": "internal", "prefix": "10.10.10.4", "prefixLen": 30, "network": "10.10.10.4\/30", "med": 0, "metric": 0, "localpref": 100, "locPrf": 100, "weight": 0, "peerId": "10.10.10.5", "aspath": "", "path": "", "origin": "IGP", "nexthops": [ { "ip": "10.10.10.5", "afi": "ipv4", "used": true } ] }, { "valid": true, "bestpath": true, "pathFrom": "external", "prefix": "10.10.10.4", "prefixLen": 30, "network": "10.10.10.4\/30", "med": 0, "metric": 0, "weight": 32768, "peerId": "(unspec)", "aspath": "", "path": "", "origin": "IGP", "nexthops": [ { "ip": "0.0.0.0", "afi": "ipv4", "used": true } ] } ],"10.10.10.8/30": [ { "pathFrom": "external", "prefix": "10.10.10.8", "prefixLen": 30, "network": "10.10.10.8\/30", "med": 0, "metric": 0, "weight": 32768, "peerId": "(unspec)", "aspath": "", "path": "", "origin": "IGP", "announceNexthopSelf": true, "nhVrfName": "Vrf_B", "nhVrfId": 56, "nexthops": [ { "ip": "0.0.0.0", "afi": "ipv4", "used": true } ] } ],"20.20.20.0/30": [ { "valid": true, "bestpath": true, "pathFrom": "external", "prefix": "20.20.20.0", "prefixLen": 30, "network": "20.20.20.0\/30", "med": 0, "metric": 0, "localpref": 100, "locPrf": 100, "weight": 0, "peerId": "(unspec)", "aspath": "", "path": "", "origin": "IGP", "announceNexthopSelf": true, "nhVrfName": "Vrf_B", "nhVrfId": 56, "nexthops": [ { "ip": "10.10.10.10", "afi": "ipv4", "used": true } ] } ],"55.0.0.0/8": [ { "valid": true, "bestpath": true, "pathFrom": "internal", "prefix": "55.0.0.0", "prefixLen": 8, "network": "55.0.0.0\/8", "med": 0, "metric": 0, "localpref": 100, "locPrf": 100, "weight": 0, "peerId": "10.10.10.5", "aspath": "100", "path": "100", "origin": "IGP", "nexthops": [ { "ip": "10.10.10.5", "afi": "ipv4", "used": true } ] } ],"185.5.5.0/24": [ { "valid": true, "bestpath": true, "pathFrom": "internal", "prefix": "185.5.5.0", "prefixLen": 24, "network": "185.5.5.0\/24", "med": 0, "metric": 0, "localpref": 100, "locPrf": 100, "weight": 0, "peerId": "10.10.10.5", "aspath": "100", "path": "100", "origin": "IGP", "nexthops": [ { "ip": "10.10.10.5", "afi": "ipv4", "used": true } ] } ],"185.170.30.12/30": [ { "valid": true, "bestpath": true, "pathFrom": "external", "prefix": "185.170.30.12", "prefixLen": 30, "network": "185.170.30.12\/30", "med": 0, "metric": 0, "weight": 32768, "peerId": "(unspec)", "aspath": "", "path": "", "origin": "IGP", "nexthops": [ { "ip": "0.0.0.0", "afi": "ipv4", "used": true } ] } ] } }
,
"default":{
"vrfId": 0,
"vrfName": "default",
"tableVersion": 0,
"routerId": "10.1.0.10",
"defaultLocPrf": 100,
"localAS": 500,
"routes": { } }
,
"Vrf_B":{
"vrfId": 56,
"vrfName": "Vrf_B",
"tableVersion": 23,
"routerId": "10.10.10.9",
"defaultLocPrf": 100,
"localAS": 500,
"routes": { "8.8.8.8/32": [ { "valid": true, "bestpath": true, "pathFrom": "internal", "prefix": "8.8.8.8", "prefixLen": 32, "network": "8.8.8.8\/32", "med": 0, "metric": 0, "localpref": 100, "locPrf": 100, "weight": 0, "peerId": "10.10.10.10", "aspath": "1000", "path": "1000", "origin": "IGP", "nexthops": [ { "ip": "10.10.10.10", "afi": "ipv4", "used": true } ] } ],"10.10.10.0/30": [ { "valid": true, "bestpath": true, "pathFrom": "external", "prefix": "10.10.10.0", "prefixLen": 30, "network": "10.10.10.0\/30", "med": 0, "metric": 0, "localpref": 100, "locPrf": 100, "weight": 0, "peerId": "(unspec)", "aspath": "100", "path": "100", "origin": "IGP", "announceNexthopSelf": true, "nhVrfName": "Vrf_A", "nhVrfId": 53, "nexthops": [ { "ip": "10.10.10.5", "afi": "ipv4", "used": true } ] } ],"10.10.10.4/30": [ { "valid": true, "bestpath": true, "pathFrom": "external", "prefix": "10.10.10.4", "prefixLen": 30, "network": "10.10.10.4\/30", "med": 0, "metric": 0, "localpref": 100, "locPrf": 100, "weight": 0, "peerId": "(unspec)", "aspath": "", "path": "", "origin": "IGP", "announceNexthopSelf": true, "nhVrfName": "Vrf_A", "nhVrfId": 53, "nexthops": [ { "ip": "10.10.10.5", "afi": "ipv4", "used": true } ] }, { "pathFrom": "external", "prefix": "10.10.10.4", "prefixLen": 30, "network": "10.10.10.4\/30", "med": 0, "metric": 0, "weight": 32768, "peerId": "(unspec)", "aspath": "", "path": "", "origin": "IGP", "announceNexthopSelf": true, "nhVrfName": "Vrf_A", "nhVrfId": 53, "nexthops": [ { "ip": "0.0.0.0", "afi": "ipv4", "used": true } ] } ],"10.10.10.8/30": [ { "valid": true, "bestpath": true, "pathFrom": "external", "prefix": "10.10.10.8", "prefixLen": 30, "network": "10.10.10.8\/30", "med": 0, "metric": 0, "weight": 32768, "peerId": "(unspec)", "aspath": "", "path": "", "origin": "IGP", "nexthops": [ { "ip": "0.0.0.0", "afi": "ipv4", "used": true } ] } ],"20.20.20.0/30": [ { "valid": true, "bestpath": true, "pathFrom": "internal", "prefix": "20.20.20.0", "prefixLen": 30, "network": "20.20.20.0\/30", "med": 0, "metric": 0, "localpref": 100, "locPrf": 100, "weight": 0, "peerId": "10.10.10.10", "aspath": "", "path": "", "origin": "IGP", "nexthops": [ { "ip": "10.10.10.10", "afi": "ipv4", "used": true } ] } ],"55.0.0.0/8": [ { "valid": true, "bestpath": true, "pathFrom": "external", "prefix": "55.0.0.0", "prefixLen": 8, "network": "55.0.0.0\/8", "med": 0, "metric": 0, "localpref": 100, "locPrf": 100, "weight": 0, "peerId": "(unspec)", "aspath": "100", "path": "100", "origin": "IGP", "announceNexthopSelf": true, "nhVrfName": "Vrf_A", "nhVrfId": 53, "nexthops": [ { "ip": "10.10.10.5", "afi": "ipv4", "used": true } ] } ],"185.5.5.0/24": [ { "valid": true, "bestpath": true, "pathFrom": "external", "prefix": "185.5.5.0", "prefixLen": 24, "network": "185.5.5.0\/24", "med": 0, "metric": 0, "localpref": 100, "locPrf": 100, "weight": 0, "peerId": "(unspec)", "aspath": "100", "path": "100", "origin": "IGP", "announceNexthopSelf": true, "nhVrfName": "Vrf_A", "nhVrfId": 53, "nexthops": [ { "ip": "10.10.10.5", "afi": "ipv4", "used": true } ] } ],"185.170.30.12/30": [ { "pathFrom": "external", "prefix": "185.170.30.12", "prefixLen": 30, "network": "185.170.30.12\/30", "med": 0, "metric": 0, "weight": 32768, "peerId": "(unspec)", "aspath": "", "path": "", "origin": "IGP", "announceNexthopSelf": true, "nhVrfName": "Vrf_A", "nhVrfId": 53, "nexthops": [ { "ip": "0.0.0.0", "afi": "ipv4", "used": true } ] } ] } }
}I feel like we're overlooking something...
Can we get some additional output?
show run output from Sonic1.1-1, and show run | section route from R2I'd also like to see R2's perspective of the update processing, i.e. does R2 believe it's received that route, and is there any policy dropping it. For that, let's get some debugs from the Cisco side:
logging console debug
debug ip bgp updates
clear ip bgp 10.10.10.9
# wait 20 seconds
show logging* I'd like the full `show run` output from Sonic1.1-1
sonic# show running-config
Building configuration...
Current configuration:
!
frr version 7.2.1-sonic
frr defaults traditional
hostname sonic
log syslog informational
log facility local4
agentx
no service integrated-vtysh-config
!
enable password zebra
password zebra
!
router bgp 500
!
router bgp 500 vrf Vrf_A
bgp route-reflector allow-outbound-policy
neighbor 10.10.10.5 remote-as 500
!
address-family ipv4 unicast
network 10.10.10.4/30
network 185.170.30.12/30
neighbor 10.10.10.5 route-reflector-client
neighbor 10.10.10.5 next-hop-self
import vrf Vrf_B
exit-address-family
!
router bgp 500 vrf Vrf_B
neighbor 10.10.10.10 remote-as 500
!
address-family ipv4 unicast
network 10.10.10.8/30
neighbor 10.10.10.10 next-hop-self
import vrf Vrf_A
exit-address-family
!
ip prefix-list PL_LoopbackV4 seq 5 permit 10.1.0.10/32
!
route-map RM_SET_SRC permit 10
set src 10.1.0.10
!
ip protocol bgp route-map RM_SET_SRC
!
line vty
!
end
sonic# show run | section route from R2
R2#show running-config | s bgp
router bgp 500
bgp log-neighbor-changes
neighbor 10.10.10.9 remote-as 500
neighbor 20.20.20.2 remote-as 1000
neighbor 20.20.20.2 ebgp-multihop 255
!
address-family ipv4
neighbor 10.10.10.9 activate
neighbor 10.10.10.9 next-hop-self
neighbor 20.20.20.2 activate
neighbor 20.20.20.2 next-hop-self
no auto-summary
no synchronization
network 10.10.10.8 mask 255.255.255.252
network 20.20.20.0 mask 255.255.255.252
exit-address-family
R2#let's get some debugs from the Cisco side:
R2#clear ip bgp 10.10.10.9
R2#
*Mar 1 00:38:35.195: BGP(0): no valid path for 10.10.10.0/30
*Mar 1 00:38:35.195: BGP(0): no valid path for 10.10.10.4/30
*Mar 1 00:38:35.199: BGP(0): no valid path for 55.0.0.0/8
*Mar 1 00:38:35.199: BGP(0): no valid path for 185.5.5.0/24
*Mar 1 00:38:35.199: %BGP-5-ADJCHANGE: neighbor 10.10.10.9 Down User reset
*Mar 1 00:38:35.219: BGP(0): nettable_walker 10.10.10.0/30 no best path
*Mar 1 00:38:35.223: BGP(0): nettable_walker 10.10.10.4/30 no best path
*Mar 1 00:38:35.223: BGP(0): nettable_walker 55.0.0.0/8 no best path
*Mar 1 00:38:35.223: BGP(0): nettable_walker 185.5.5.0/24 no best path
*Mar 1 00:38:35.279: %BGP-5-ADJCHANGE: neighbor 10.10.10.9 Up
R2#
*Mar 1 00:38:35.279: BGP(0): 10.10.10.9 NEXT_HOP is set to self for net 10.10.10.8/30,
*Mar 1 00:38:35.279: BGP(0): 10.10.10.9 send UPDATE (format) 10.10.10.8/30, next 10.10.10.10, metric 0, path Local
*Mar 1 00:38:35.279: BGP(0): 10.10.10.9 NEXT_HOP is set to self for net 20.20.20.0/30,
*Mar 1 00:38:35.279: BGP(0): 10.10.10.9 send UPDATE (prepend, chgflags: 0x0) 20.20.20.0/30, next 10.10.10.10, metric 0, path Local
*Mar 1 00:38:35.279: BGP(0): 10.10.10.9 NEXT_HOP is set to self for net 8.8.8.8/32,
*Mar 1 00:38:35.279: BGP(0): 10.10.10.9 send UPDATE (format) 8.8.8.8/32, next 10.10.10.10, metric 0, path 1000
*Mar 1 00:38:36.379: BGP(0): 10.10.10.9 rcvd UPDATE w/ attr: nexthop 10.10.10.9, origin i, localpref 100, metric 0, path 100, extended community RT:0.0.0.0:4 RT:10.10.10.6:2
*Mar 1 00:38:36.383: BGP(0): 10.10.10.9 rcvd 10.10.10.0/30
*Mar 1 00:38:36.383: BGP(0): 10.10.10.9 rcvd 185.5.5.0/24
*Mar 1 00:38:36.383: BGP(0): 10.10.10.9 rcvd 55.0.0.0/8
*Mar 1 00:38:36.383: BGP(0): Revise route installing 1 of 1 routes for 10.10.10.0/30 -> 10.10.10.9(main) to main IP table
*Mar 1 00:38:36.383: BGP(0): Revise route installing 1 of 1 routes for 55.0.0.0/8 -> 10.10.10.9(main) to main IP table
*Mar 1 00:38:36.383: BGP(0): Revise route installing 1 of 1 routes for 185.5.5.0/24 -> 10.10.10.9(main) to main IP table
*Mar 1 00:38:36.383: BGP(0): 20.20.20.2 send unreachable 10.10.10.4/30
*Mar 1 00:38:36.383: BGP(0): 20.20.20.2 send UPDATE 10.10.10.4/30 -- unreachable
*Mar 1 00:38:36.383: BGP(0): 20.20.20.2 NEXT_HOP is set to self for net 55.0.0.0/8,
*Mar 1 00:38:36.383: BGP(0): 20.20.20.2 send UPDATE (format) 55.0.0.0/8, next 20.20.20.1, metric 0, path 100, extended community RT:0.0.0.0:4 RT:10.10.10.6:2
*Mar 1 00:38:36.383: BGP(0): 20.20.20.2 NEXT_HOP is set to self for net 185.5.5.0/24,
*Mar 1 00:38:36.387: BGP(0): 20.20.20.2 send UPDATE (prepend, chgflags: 0x820) 185.5.5.0/24, next 20.20.20.1, metric 0, path 100, extended community RT:0.0.0.0:4 RT:10.10.10.6:2
*Mar 1 00:38:36.387: BGP(0): 20.20.20.2 NEXT_HOP is set to self for net 10.10.10.0/30,
*Mar 1 00:38:36.387: BGP(0): 20.20.20.2 send UPDATE (prepend, chgflags: 0x820) 10.10.10.0/30, next 20.20.20.1, metric 0, path 100, extended community RT:0.0.0.0:4 RT:10.10.10.6:2
*Mar 1 00:38:36.583: BGP(0): 10.10.10.9 rcvd UPDATE w/ attr: nexthop 10.10.10.9, origin i, localpref 100, metric 0, extended community RT:10.10.10.6:2
*Mar 1 00:38:36.587: BGP(0): 10.10.10.9 rcvd 10.10.10.4/30
*Mar 1 00:38:36.587: BGP(0): 10.10.10.9 rcvd UPDATE w/ attr: nexthop 10.10.10.9, origin i, localpref 100, metric 0
*Mar 1 00:38:36.587: BGP(0): 10.10.10.9 rcvd 10.10.10.8/30
*Mar 1 00:38:36.587: BGP(0): Revise route installing 1 of 1 routes for 10.10.10.4/30 -> 10.10.10.9(main) to main IP table
R2#This is really strange. The config seems okay to me, so overall I'm not sure why the route isn't seen by R2 at all...
Could you get the output of show ip bgp vrf Vrf_B update-groups and show ip bgp vrf Vrf_B update-groups advertised-routes?
Can we maybe also get some extra debugs on the Sonic1.1-1 side?
From vtysh:
# setup debugs
conf t
log syslog debug
debug bgp updates out 10.10.10.10
debug zebra nht
debug bgp bestpath 185.170.30.12/30
# trigger events to be logged
conf t
router bgp 500 vrf Vrf_B
address-family ipv4 unicast
no import vrf Vrf_A
import vrf Vrf_AOne other thing I think might be worth trying... Could we try originating 185.170.30.12/30 in Vrf_A using redistribute instead of network? I don't recall all the details offhand but I thought I recalled there being some limitations around this in the past, so it may be something worth trying just in case it's still an issue.
taspelund
commented
3 years ago FYI on the logging, I believe SONiC dumps FRR logs into /var/log/quagga/
mipxman
commented
3 years ago @taspelund thank you . the network 185.170.30.12/30 is connected to Ethernet4 on SONiC1.1-1 and R4 here , when in the router bgp 500 vrf Vrf_A and router bgp 500 vrf Vrf_B I redistributed connected separately I can access to this network:
R1 --- SONiC1.2-1 ---- SONiC1.1-1 : Vrf_A ---- R4
R4-------------- Vrf_B: SONiC1.1.-1------R2--------------R3 but I think when I use import vrf .... I can access this network with one path. but this network never advertise to other vrf:
R1 --------- SONiC1.2-1 ------ SONiC1.1-1 : Vrf_A ----------------- R4
\
\--- Vrf_B: SONiC1.1.-1------R2--------------R3 also you can see logs :
taspelund
commented
3 years ago when in the
router bgp 500 vrf Vrf_Aandrouter bgp 500 vrf Vrf_BIredistributed connectedseparately I can access to this network:
Can you rephrase this a little bit?
redistribute instead of network?And just to clarify: Were these debugs triggered with redistribute or network config?
mipxman
commented
3 years ago What do you mean by separately? (config examples would probably help)
router bgp 500 vrf Vrf_A
bgp route-reflector allow-outbound-policy
neighbor 10.10.10.5 remote-as 500
!
address-family ipv4 unicast
network 10.10.10.4/30
network 185.170.30.12/30 <<<<<<<<<<<<<<<<<<
neighbor 10.10.10.5 route-reflector-client
neighbor 10.10.10.5 next-hop-self
redistribute connected <<<<<<<<<<<<<<<<<<<
import vrf Vrf_B <<<<<<<<<<<<<<<<<<<
exit-address-family
!
router bgp 500 vrf Vrf_B
neighbor 10.10.10.10 remote-as 500
!
address-family ipv4 unicast
network 10.10.10.8/30
network 185.170.30.12/30 <<<<<<<<<<<<<<<<<<
neighbor 10.10.10.10 next-hop-self
redistributed connected <<<<<<<<<<<<<<<<
import vrf Vrf_A <<<<<<<<<<<<<<<<<<<<<<<<<<<
exit-address-family
!What do you mean when you say you can access the network? Does this mean the route is received by R2 and installed via 10.10.10.9 when using redistribute instead of network?
when I config like as above in the SONiC1.1-1 the backbone switches SONiC1.2-1 and R2 can see this network .
taspelund
commented
3 years ago Ok, thanks for the clarification. Sonic1.2-1 has always been able to see 185.170.30.12/30, correct? So there's no real difference in behavior from the perspective of this peer?
It sounds to me like this is specific to leaking routes that were originated by a network statement.
@mipxman can you get the output of show version (from bash) and show version (from vtysh)? That'll give us the FRR + SONiC builds you're using. It would also be good to get the output of show ip route vrf Vrf_B with the network config in place.
mipxman
commented
3 years ago Ok, thanks for the clarification. Sonic1.2-1 has always been able to see 185.170.30.12/30, correct? Yes.
@taspelund I'm so sorry for delay.
sonic# show version
FRRouting 7.2.1-sonic (sonic).
Copyright 1996-2005 Kunihiro Ishiguro, et al.
configured with:
'--build=x86_64-linux-gnu' '--prefix=/usr' '--includedir=${prefix}/include' '--mandir=${prefix}/share/man' '--infodir=${prefix}/share/info' '--sysconfdir=/etc' '--localstatedir=/var' '--disable-silent-rules' '--libdir=${prefix}/lib/x86_64-linux-gnu' '--libexecdir=${prefix}/lib/x86_64-linux-gnu' '--disable-maintainer-mode' '--enable-exampledir=/usr/share/doc/frr/examples/' '--localstatedir=/var/run/frr' '--sbindir=/usr/lib/frr' '--sysconfdir=/etc/frr' '--with-vtysh-pager=/usr/bin/pager' '--libdir=/usr/lib/x86_64-linux-gnu/frr' '--with-moduledir=/usr/lib/x86_64-linux-gnu/frr/modules' '--disable-dependency-tracking' '--enable-systemd=yes' '--disable-rpki' '--with-libpam' '--enable-doc' '--enable-doc-html' '--enable-snmp' '--enable-fpm' '--disable-protobuf' '--disable-zeromq' '--enable-ospfapi' '--enable-bgp-vnc' '--enable-multipath=256' '--enable-user=frr' '--enable-group=frr' '--enable-vty-group=frrvty' '--enable-configfile-mask=0640' '--enable-logfile-mask=0640' 'build_alias=x86_64-linux-gnu' 'PYTHON=python3'
sonic# and SONiC version:
admin@sonic:~$ show version
SONiC Software Version: SONiC.master.444-6b72dee3
Distribution: Debian 10.5
Kernel: 4.19.0-9-2-amd64
Build commit: 6b72dee3
Build date: Sat Aug 8 08:03:30 UTC 2020
Built by: johnar@jenkins-worker-9
Platform: x86_64-kvm_x86_64-r0
HwSKU: Force10-S6000
ASIC: vs
Serial Number: 000000
Uptime: 05:13:08 up 5 min, 1 user, load average: 0.30, 1.33, 0.75@mipxman can you get the output of show ip route vrf Vrf_B with the network config in place?
mipxman
commented
3 years ago SONiC 1.1-1
sonic(config)# do show ip route vrf Vrf_B
Codes: K - kernel route, C - connected, S - static, R - RIP,
O - OSPF, I - IS-IS, B - BGP, E - EIGRP, N - NHRP,
T - Table, v - VNC, V - VNC-Direct, A - Babel, D - SHARP,
F - PBR, f - OpenFabric,
> - selected route, * - FIB route, q - queued route, r - rejected route
VRF Vrf_B:
B>* 8.8.8.8/32 [200/0] via 10.10.10.10, Ethernet8, 00:01:33
B>* 10.10.10.0/30 [200/0] via 10.10.10.5, Ethernet0(vrf Vrf_A), 00:01:32
B>* 10.10.10.4/30 [200/0] via 10.10.10.5, Ethernet0(vrf Vrf_A), 00:01:32
C>* 10.10.10.8/30 is directly connected, Ethernet8, 00:04:37
B>* 20.20.20.0/30 [200/0] via 10.10.10.10, Ethernet8, 00:01:33
B>* 55.0.0.0/8 [200/0] via 10.10.10.5, Ethernet0(vrf Vrf_A), 00:01:32
B>* 185.5.5.0/24 [200/0] via 10.10.10.5, Ethernet0(vrf Vrf_A), 00:01:32
sonic(config)# do show ip route vrf Vrf_A
Codes: K - kernel route, C - connected, S - static, R - RIP,
O - OSPF, I - IS-IS, B - BGP, E - EIGRP, N - NHRP,
T - Table, v - VNC, V - VNC-Direct, A - Babel, D - SHARP,
F - PBR, f - OpenFabric,
> - selected route, * - FIB route, q - queued route, r - rejected route
VRF Vrf_A:
B>* 8.8.8.8/32 [200/0] via 10.10.10.10, Ethernet8(vrf Vrf_B), 00:01:47
B>* 10.10.10.0/30 [200/0] via 10.10.10.5, Ethernet0, 00:02:13
C>* 10.10.10.4/30 is directly connected, Ethernet0, 00:05:19
B>* 10.10.10.8/30 [200/0] via 10.10.10.10, Ethernet8(vrf Vrf_B), 00:01:47
B>* 20.20.20.0/30 [200/0] via 10.10.10.10, Ethernet8(vrf Vrf_B), 00:01:47
B>* 55.0.0.0/8 [200/0] via 10.10.10.5, Ethernet0, 00:02:13
B>* 185.5.5.0/24 [200/0] via 10.10.10.5, Ethernet0, 00:02:13
my config is :
router bgp 500
!
router bgp 500 vrf Vrf_A
bgp route-reflector allow-outbound-policy
neighbor 10.10.10.5 remote-as 500
!
address-family ipv4 unicast
network 10.10.10.4/30
network 185.170.30.12/30
redistribute connected
neighbor 10.10.10.5 route-reflector-client
neighbor 10.10.10.5 next-hop-self
import vrf Vrf_B
exit-address-family
!
router bgp 500 vrf Vrf_B
neighbor 10.10.10.10 remote-as 500
!
address-family ipv4 unicast
network 10.10.10.8/30
network 185.170.30.12/30
redistribute connected
neighbor 10.10.10.10 next-hop-self
import vrf Vrf_A
exit-address-family
!
Where is 185.170.30.12/30 in the routing table (for either vrf)? Shouldn't this be a Connected route via Ethernet4 in Vrf_A?
mipxman
commented
3 years ago Where is 185.170.30.12/30 in the routing table (for either vrf)? Shouldn't this be a Connected route via Ethernet4 in Vrf_A? in SONiC 1.1-1
sonic(config)# do show ip route Codes: K - kernel route, C - connected, S - static, R - RIP, O - OSPF, I - IS-IS, B - BGP, E - EIGRP, N - NHRP, T - Table, v - VNC, V - VNC-Direct, A - Babel, D - SHARP, F - PBR, f - OpenFabric, - selected route, * - FIB route, q - queued route, r - rejected route
C> 10.1.0.10/32 is directly connected, Loopback0, 00:25:51 C> 185.170.30.12/30 is directly connected, Ethernet4, 00:25:48 sonic(config)#
I ` redistribute connected` routing table in `Vrf_A` and `Vrf_B`I think I'm confusing myself here... Is this output all coming from Sonic1-1.1?
It would be helpful to have a label stating which device the output is from, since the vtysh prompt displays "sonic" for all of the devices running SONiC :)
mipxman
commented
3 years ago I think I'm confusing myself here... Is this output all coming from Sonic1-1.1?
It would be helpful to have a label stating which device the output is from, since the vtysh prompt displays "sonic" for all of the devices running SONiC :)
yes its from SONiC1.1-1 :) from R2:
R2#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
185.170.0.0/30 is subnetted, 1 subnets
B 185.170.30.12 [200/0] via 10.10.10.9, 02:31:51 <<<<
185.5.0.0/24 is subnetted, 1 subnets
B 185.5.5.0 [200/0] via 10.10.10.9, 02:32:26
B 55.0.0.0/8 [200/0] via 10.10.10.9, 02:32:26
20.0.0.0/30 is subnetted, 1 subnets
C 20.20.20.0 is directly connected, FastEthernet0/1
8.0.0.0/32 is subnetted, 1 subnets
B 8.8.8.8 [20/0] via 20.20.20.2, 02:37:35
10.0.0.0/30 is subnetted, 3 subnets
C 10.10.10.8 is directly connected, FastEthernet0/0
B 10.10.10.0 [200/0] via 10.10.10.9, 02:32:27
B 10.10.10.4 [200/0] via 10.10.10.9, 02:11:16
R2#and from SONiC 1.2-1 :
sonic# show ip route vrf Vrf_A
Codes: K - kernel route, C - connected, S - static, R - RIP,
O - OSPF, I - IS-IS, B - BGP, E - EIGRP, N - NHRP,
T - Table, v - VNC, V - VNC-Direct, A - Babel, D - SHARP,
F - PBR, f - OpenFabric,
> - selected route, * - FIB route, q - queued route, r - rejected route
VRF Vrf_A:
B>* 8.8.8.8/32 [200/0] via 10.10.10.6, Ethernet4, 02:32:53
B>* 10.10.10.0/30 [200/0] via 10.10.10.1, Ethernet0(vrf Vrf_C), 02:35:34
C>* 10.10.10.4/30 is directly connected, Ethernet4, 02:37:03
B>* 10.10.10.8/30 [200/0] via 10.10.10.6, Ethernet4, 02:11:51
B>* 20.20.20.0/30 [200/0] via 10.10.10.6, Ethernet4, 02:32:53
B>* 55.0.0.0/8 [200/0] via 10.10.10.1, Ethernet0(vrf Vrf_C), 02:35:34
B>* 185.5.5.0/24 [200/0] via 10.10.10.1, Ethernet0(vrf Vrf_C), 02:35:34
B>* 185.170.30.12/30 [200/0] via 10.10.10.6, Ethernet4, 02:32:27 <<<<<<<
sonic# Ok, there's a chance I have my head on straight again :-)
Let me repeat back to make sure I have the topology correct:
Sonic1.2-1 has 185.170.30.12/30 installed in Vrf_A and is advertising it to Sonic1.1-1, who is receiving it in Vrf_A. Sonic1.1-1 leaks 185.170.30.12/30 from Vrf_A -> Vrf_B, but isn't advertising it to R2 (10.10.10.10).
Assuming that's correct, can we get the following from Sonic1.1-1:
show ip bgp vrf all
show ip route vrf allI'm really looking to see if 185.170.30.12/30 is present and selected in Vrf_B's bgp table, and whether it's been installed properly into Vrf_B's RIB (and has not been marked inactive).
mipxman
commented
3 years ago @taspelund don't forgot my issue. if I separately advertise the network in two or more vrf, the next-hop neighbours of each vrf can see this advertised routes. in this scenario I installed two vrf in one switch and advertise a network to one vrf and in the next vrf I said import vrf Vrf_A. when I do this, the networks of each vrf are advertised and communicate together, without the direct network I introduce in the Vrf's in same switch.
R1:
router bgp 100
bgp log-neighbor-changes
neighbor 10.10.10.2 remote-as 500
!
address-family ipv4
neighbor 10.10.10.2 activate
no auto-summary
no synchronization
network 10.10.10.0 mask 255.255.255.252
network 55.0.0.0
network 185.5.5.0 mask 255.255.255.0
exit-address-familySONiC1.2-1 :
router bgp 500 vrf Vrf_A
neighbor 10.10.10.6 remote-as 500
!
address-family ipv4 unicast
network 10.10.10.4/30
neighbor 10.10.10.6 route-server-client
neighbor 10.10.10.6 next-hop-self
import vrf Vrf_C
exit-address-family
!
router bgp 500 vrf Vrf_C
neighbor 10.10.10.1 remote-as 100
neighbor 10.10.10.1 ebgp-multihop 255
!
address-family ipv4 unicast
network 10.10.10.0/30
neighbor 10.10.10.1 next-hop-self
neighbor 10.10.10.1 remove-private-AS replace-AS
import vrf Vrf_A
exit-address-family
SONiC1.1-1 :
router bgp 500 vrf Vrf_A
bgp route-reflector allow-outbound-policy
neighbor 10.10.10.5 remote-as 500
!
address-family ipv4 unicast
network 10.10.10.4/30
neighbor 10.10.10.5 route-reflector-client
neighbor 10.10.10.5 next-hop-self
import vrf Vrf_B
exit-address-family
!
router bgp 500 vrf Vrf_B
neighbor 10.10.10.10 remote-as 500
!
address-family ipv4 unicast
neighbor 10.10.10.10 next-hop-self
network 10.10.10.8/30
import vrf Vrf_A
exit-address-familyR2:
router bgp 500
bgp log-neighbor-changes
neighbor 10.10.10.9 remote-as 500
neighbor 20.20.20.2 remote-as 1000
neighbor 20.20.20.2 ebgp-multihop 255
!
address-family ipv4
neighbor 10.10.10.9 next-hop-self
neighbor 20.20.20.2 next-hop-self
no auto-summary
no synchronization
network 20.20.20.0 mask 255.255.255.252
exit-address-family
R3:
router bgp 1000
no synchronization
bgp log-neighbor-changes
network 8.8.8.8 mask 255.255.255.255
network 20.20.20.0 mask 255.255.255.252
neighbor 20.20.20.1 remote-as 500
no auto-summary
!now I can ping the 8.8.8.8 from R1 and 185.5.5.0 fromR3 . It's very good for me. but I try to introduce network 185.170.30.12/30 or any other networks in the middle switch SONiC1.1-1 in the Vrf_A so SONiC1.2-1 and R2 can reach this network. in Vrf_B i said import vrf Vrf_A so I expect the R2 and R3 see this networks,too.
but about your reply,after I redistributed the connected network
Assuming that's correct, can we get the following from Sonic1.1-1:
show ip bgp vrf allsonic# show ip bgp vrf all
Instance default: BGP table version is 1, local router ID is 10.1.0.10, vrf id 0 Default local pref 100, local AS 65100 Status codes: s suppressed, d damped, h history, * valid, > best, = multipath, i internal, r RIB-failure, S Stale, R Removed Nexthop codes: @NNN nexthop's vrf id, < announce-nh-self Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path *> 10.1.0.10/32 0.0.0.0 0 32768 i
Displayed 1 routes and 1 total paths
Instance Vrf_A: BGP table version is 9, local router ID is 10.10.10.6, vrf id 71 Default local pref 100, local AS 500 Status codes: s suppressed, d damped, h history, * valid, > best, = multipath, i internal, r RIB-failure, S Stale, R Removed Nexthop codes: @NNN nexthop's vrf id, < announce-nh-self Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path > 8.8.8.8/32 10.10.10.10@72< 0 100 0 1000 i >i10.10.10.0/30 10.10.10.5 0 100 0 100 i
Displayed 8 routes and 13 total paths
Instance Vrf_B: BGP table version is 9, local router ID is 10.10.10.9, vrf id 72 Default local pref 100, local AS 500 Status codes: s suppressed, d damped, h history, * valid, > best, = multipath, i internal, r RIB-failure, S Stale, R Removed Nexthop codes: @NNN nexthop's vrf id, < announce-nh-self Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path >i8.8.8.8/32 10.10.10.10 0 100 0 1000 i > 10.10.10.0/30 10.10.10.5@71< 0 100 0 100 i *> 10.10.10.4/30 0.0.0.0@71< 0 32768 ?
Displayed 8 routes and 13 total paths
>``` show ip route vrf all```
sonic# show ip route vrf all Codes: K - kernel route, C - connected, S - static, R - RIP, O - OSPF, I - IS-IS, B - BGP, E - EIGRP, N - NHRP, T - Table, v - VNC, V - VNC-Direct, A - Babel, D - SHARP, F - PBR, f - OpenFabric,
- selected route, * - FIB route, q - queued route, r - rejected route
VRF Vrf_A: B> 8.8.8.8/32 [200/0] via 10.10.10.10, Ethernet8(vrf Vrf_B), 00:06:55 B> 10.10.10.0/30 [200/0] via 10.10.10.5, Ethernet0, 00:06:54 C> 10.10.10.4/30 is directly connected, Ethernet0, 00:19:58 B> 10.10.10.8/30 [200/0] is directly connected, Ethernet8(vrf Vrf_B), 00:05:36 B> 20.20.20.0/30 [200/0] via 10.10.10.10, Ethernet8(vrf Vrf_B), 00:06:55 B> 55.0.0.0/8 [200/0] via 10.10.10.5, Ethernet0, 00:06:54 B>* 185.5.5.0/24 [200/0] via 10.10.10.5, Ethernet0, 00:06:54 Codes: K - kernel route, C - connected, S - static, R - RIP, O - OSPF, I - IS-IS, B - BGP, E - EIGRP, N - NHRP, T - Table, v - VNC, V - VNC-Direct, A - Babel, D - SHARP, F - PBR, f - OpenFabric,
- selected route, * - FIB route, q - queued route, r - rejected route
VRF Vrf_B: B> 8.8.8.8/32 [200/0] via 10.10.10.10, Ethernet8, 00:06:55 B> 10.10.10.0/30 [200/0] via 10.10.10.5, Ethernet0(vrf Vrf_A), 00:06:54 B> 10.10.10.4/30 [200/0] is directly connected, Ethernet0(vrf Vrf_A), 00:05:59 C> 10.10.10.8/30 is directly connected, Ethernet8, 00:19:55 B> 20.20.20.0/30 [200/0] via 10.10.10.10, Ethernet8, 00:06:55 B> 55.0.0.0/8 [200/0] via 10.10.10.5, Ethernet0(vrf Vrf_A), 00:06:54 B>* 185.5.5.0/24 [200/0] via 10.10.10.5, Ethernet0(vrf Vrf_A), 00:06:54 Codes: K - kernel route, C - connected, S - static, R - RIP, O - OSPF, I - IS-IS, B - BGP, E - EIGRP, N - NHRP, T - Table, v - VNC, V - VNC-Direct, A - Babel, D - SHARP, F - PBR, f - OpenFabric,
- selected route, * - FIB route, q - queued route, r - rejected route
C> 10.1.0.10/32 is directly connected, Loopback0, 00:20:00 C> 185.170.30.12/30 is directly connected, Ethernet4, 00:19:57
but the result of my scenario, when you advertise a connected network in a vrf, and redistributed it, or advertised any other networks in ibgp and vrf, the `import vrf` command introduce to next vrf only the backbone network that reached from other routers ! no their advertised networks. but I try to introduce network 185.170.30.12/30 or any other networks in the middle switch SONiC1.1-1 in the Vrf_A so SONiC1.2-1 and R2 can reach this network. in Vrf_B i said import vrf Vrf_A so I expect the R2 and R3 see this networks,too.
I see from the above show ip route vrf all output that this is the connected route associated with Ethernet4 in the default VRF of Sonic1.1-1, but I don't see any configuration (across all 5 devices you've included config for) showing where 185.170.30.12/30 would be injected into BGP on any of the devices.
How/where is 185.170.30.12/30 getting introduced into the BGP environment? Can you show the non-working/working configs where the route is getting injected into BGP?
mipxman
commented
3 years ago it is not important where is this network. I can introduce any dummy networks, like 55.0.0.0 in R1 and AS=100 and you can see this networks advertised in R3 in AS=1000 and vice versa. however, here in SONiC1.1-1 in AS=500
#router bgp 500 vrf Vrf_A
#network 185.170.30.12/30is defined. the connected networks of each vrf 10.10.10.4/30 from Vrf_A and 10.10.10.8/30 from Vrf_B was advertised. in this design. but SONiC1.2-1 and R1can only received the 185.170.30.12/30 . but like as 10.10.10.8/30 and 10.10.10.4/30 I expect this networks received by R2 and R3 when I use import vrf XXX command.
my exception value is when I take show ip route vrf all in SONiC1.1-1 see below :
sonic# show ip route vrf all
Codes: K - kernel route, C - connected, S - static, R - RIP,
O - OSPF, I - IS-IS, B - BGP, E - EIGRP, N - NHRP,
T - Table, v - VNC, V - VNC-Direct, A - Babel, D - SHARP,
F - PBR, f - OpenFabric,
> - selected route, * - FIB route, q - queued route, r - rejected route
VRF Vrf_A:
B>* 8.8.8.8/32 [200/0] via 10.10.10.10, Ethernet8(vrf Vrf_B), 00:06:55
B>* 10.10.10.0/30 [200/0] via 10.10.10.5, Ethernet0, 00:06:54
C>* 10.10.10.4/30 is directly connected, Ethernet0, 00:19:58 <<<<<<<<<<<<<<
B>* 10.10.10.8/30 [200/0] is directly connected, Ethernet8(vrf Vrf_B), 00:05:36
B>* 20.20.20.0/30 [200/0] via 10.10.10.10, Ethernet8(vrf Vrf_B), 00:06:55
B>* 55.0.0.0/8 [200/0] via 10.10.10.5, Ethernet0, 00:06:54
B>* 185.5.5.0/24 [200/0] via 10.10.10.5, Ethernet0, 00:06:54
C>* 185.170.30.12/30 is directly connected, Ethernet4, 00:01:05 <<<<<
Codes: K - kernel route, C - connected, S - static, R - RIP,
O - OSPF, I - IS-IS, B - BGP, E - EIGRP, N - NHRP,
T - Table, v - VNC, V - VNC-Direct, A - Babel, D - SHARP,
F - PBR, f - OpenFabric,
> - selected route, * - FIB route, q - queued route, r - rejected route
VRF Vrf_B:
B>* 8.8.8.8/32 [200/0] via 10.10.10.10, Ethernet8, 00:06:55
B>* 10.10.10.0/30 [200/0] via 10.10.10.5, Ethernet0(vrf Vrf_A), 00:06:54
B>* 10.10.10.4/30 [200/0] is directly connected, Ethernet0(vrf Vrf_A), 00:05:59 <<<<<< [it's OK]
B>* 185.170.30.12/30 [200/0] is directly connected, Ethernet4(vrf Vrf_A), 00:01:05 <<<<<<< [but i can't see]
C>* 10.10.10.8/30 is directly connected, Ethernet8, 00:19:55
B>* 20.20.20.0/30 [200/0] via 10.10.10.10, Ethernet8, 00:06:55
B>* 55.0.0.0/8 [200/0] via 10.10.10.5, Ethernet0(vrf Vrf_A), 00:06:54
B>* 185.5.5.0/24 [200/0] via 10.10.10.5, Ethernet0(vrf Vrf_A), 00:06:54
Codes: K - kernel route, C - connected, S - static, R - RIP,
O - OSPF, I - IS-IS, B - BGP, E - EIGRP, N - NHRP,
T - Table, v - VNC, V - VNC-Direct, A - Babel, D - SHARP,
F - PBR, f - OpenFabric,
> - selected route, * - FIB route, q - queued route, r - rejected route
C>* 10.1.0.10/32 is directly connected, Loopback0, 00:20:00
C>* 185.170.30.12/30 is directly connected, Ethernet4, 00:19:57Now, if I add
#router bgp 500 vrf Vrf_B
#network 185.170.30.12/30the R2 and R3 can see the network 185.170.30.12, too. but this network are closely seperate from network 185.170.30.12/30 we advertised in Vrf_A in SONiC1.1-1
taspelund
commented
3 years ago I understand that the point of origination for the BGP route shouldn't be coming into play for whether we re-advertise the route, given we're expecting the leaked route to be advertised to an iBGP route-reflector-client, but I can't help but wonder whether this issue we're chasing has any relation to the source of the route.
Like I mentioned before, I'd seen issues in the past with leaking locally-originated routes depending on which command triggered the origination, so I want to be sure there isn't anything similar coming into play here.
It looks really weird to me to find we have the same interface (Ethernet4) in two different VRFs...
VRF Vrf_A:
B>* 8.8.8.8/32 [200/0] via 10.10.10.10, Ethernet8(vrf Vrf_B), 00:06:55
B>* 10.10.10.0/30 [200/0] via 10.10.10.5, Ethernet0, 00:06:54
C>* 10.10.10.4/30 is directly connected, Ethernet0, 00:19:58
B>* 10.10.10.8/30 [200/0] is directly connected, Ethernet8(vrf Vrf_B), 00:05:36
B>* 20.20.20.0/30 [200/0] via 10.10.10.10, Ethernet8(vrf Vrf_B), 00:06:55
B>* 55.0.0.0/8 [200/0] via 10.10.10.5, Ethernet0, 00:06:54
B>* 185.5.5.0/24 [200/0] via 10.10.10.5, Ethernet0, 00:06:54
C>* 185.170.30.12/30 is directly connected, Ethernet4, 00:01:05 <<<<<<<<+
Codes: K - kernel route, C - connected, S - static, R - RIP,
O - OSPF, I - IS-IS, B - BGP, E - EIGRP, N - NHRP,
T - Table, v - VNC, V - VNC-Direct, A - Babel, D - SHARP,
F - PBR, f - OpenFabric,
> - selected route, * - FIB route, q - queued route, r - rejected route
C>* 10.1.0.10/32 is directly connected, Loopback0, 00:20:00
C>* 185.170.30.12/30 is directly connected, Ethernet4, 00:19:57 <<<<<<<<<Nothing I've ever used before (including standard linux) has allowed for one L3 interface to coexist in two different VRFs -- even with route leaking it's only the route that exists in both VRFs, the egress interface still belongs to a single VRF.
Granted, I'm not 100% convinced this is the root cause of the issue but I think it would probably be worthwhile to rule it out by testing with a subnet connected to a different interface.
As a test, can you try the following on Sonic1.1-1?
# from bash
sudo ip addr add 100.64.0.1/32 dev Vrf_A
sudo vtysh
conf t
router bgp 500 vrf Vrf_A
network 100.64.0.1/32If this has the same issue and R2 still doesn't receive this one particular route, it would be good to see show run bgp, show ip bgp vrf all, and show ip route vrf all with this config still in place.
mipxman
commented
3 years ago It looks really weird to me to find we have the same interface (Ethernet4) in two different VRFs...
here is my wrong. I add it by hand. the vrf default must be removed. (Etherntet4 in Vrf_A)
As a test, can you try the following on Sonic1.1-1?
sonic# show ip route vrf all Codes: K - kernel route, C - connected, S - static, R - RIP, O - OSPF, I - IS-IS, B - BGP, E - EIGRP, N - NHRP, T - Table, v - VNC, V - VNC-Direct, A - Babel, D - SHARP, F - PBR, f - OpenFabric, - selected route, * - FIB route, q - queued route, r - rejected route
VRF Vrf_A: B> 8.8.8.8/32 [200/0] via 10.10.10.10, Ethernet8(vrf Vrf_B), 01:50:20 B> 10.10.10.0/30 [200/0] via 10.10.10.5, Ethernet0, 01:50:19 C> 10.10.10.4/30 is directly connected, Ethernet0, 02:03:23 B> 10.10.10.8/30 [200/0] is directly connected, Ethernet8(vrf Vrf_B), 01:49:01 B> 20.20.20.0/30 [200/0] via 10.10.10.10, Ethernet8(vrf Vrf_B), 01:50:20 B> 55.0.0.0/8 [200/0] via 10.10.10.5, Ethernet0, 01:50:19 C> 100.64.0.1/32 is directly connected, Vrf_A, 00:00:45 <<<<<<<<<<<<< B> 185.5.5.0/24 [200/0] via 10.10.10.5, Ethernet0, 01:50:19 C>* 185.170.30.12/30 is directly connected, Ethernet4, 00:36:29 Codes: K - kernel route, C - connected, S - static, R - RIP, O - OSPF, I - IS-IS, B - BGP, E - EIGRP, N - NHRP, T - Table, v - VNC, V - VNC-Direct, A - Babel, D - SHARP, F - PBR, f - OpenFabric,
- selected route, * - FIB route, q - queued route, r - rejected route
VRF Vrf_B: B> 8.8.8.8/32 [200/0] via 10.10.10.10, Ethernet8, 01:50:20 B> 10.10.10.0/30 [200/0] via 10.10.10.5, Ethernet0(vrf Vrf_A), 01:50:19 B> 10.10.10.4/30 [200/0] is directly connected, Ethernet0(vrf Vrf_A), 01:49:24 C> 10.10.10.8/30 is directly connected, Ethernet8, 02:03:20 B> 20.20.20.0/30 [200/0] via 10.10.10.10, Ethernet8, 01:50:20 B> 55.0.0.0/8 [200/0] via 10.10.10.5, Ethernet0(vrf Vrf_A), 01:50:19 B> 100.64.0.1/32 [200/0] is directly connected, Vrf_A(vrf Vrf_A), 00:00:45 <<<<<<<<<<<<<<< B> 185.5.5.0/24 [200/0] via 10.10.10.5, Ethernet0(vrf Vrf_A), 01:50:19 Codes: K - kernel route, C - connected, S - static, R - RIP, O - OSPF, I - IS-IS, B - BGP, E - EIGRP, N - NHRP, T - Table, v - VNC, V - VNC-Direct, A - Babel, D - SHARP, F - PBR, f - OpenFabric,
- selected route, * - FIB route, q - queued route, r - rejected route
C>* 10.1.0.10/32 is directly connected, Loopback0, 02:03:25
thanks @taspelund . It's okay, but it is a only for one network. is it work for a bigger subnet ? sudo ip addr add 100.64.0.1/32 dev Vrf_A just added the address to the Vrf_A vrf-interface with a /32 mask. If you want to try it with a different iface/subnet you can use the same ip addr add command with a different L3 interface or netmask.
e.g.
sudo ip addr add 200.200.200.1/24 dev Ethernet0
Hi Guys ! In one project i have some vrf and I need redistribute networks from one vrf to another vrf. but when advertise my own network to Vrf A , it can't import to vrf B, however i add the
import vrf Vrf_Ainaddress-family ipv4 unicastofrouter bgp 500 vrf Vrf_Bsub commands and vice-versa. you can see my config here :topology : exact design is here
Rtr-1 :
when I show in the next-hop (next router Rtr2 ) :
but in router 3 i can't see this route ! how i can do this without removing vrf s ?