search

FRRouting / frr

The FRRouting Protocol Suite
https://frrouting.org/
Other
3.33k stars 1.25k forks source link

frr since 7.5.1 failing to import vxlan default route #7862

Closed robmbrooks closed 3 years ago

robmbrooks commented 3 years ago

frr since 7.5.1 failing to import vxlan default route

frr running on Centos 7, via rpms from rpm.frrouting.org. On frr-7.4.1 the route is valid and added to fdb. Once upgraded to frr-7.5.1 the route is not added, it can be seen, but is not marked valid.

[x] Did you check if this is a duplicate issue? [ ] Did you test it on the latest FRRouting/frr master branch?

To Reproduce

Upgrade frr from 7.4.1 to 7.5.1 with following config:

frr defaults datacenter
hostname lab02
!
log syslog
!
log facility local5
!
log timestamp precision 6
!
debug bgp updates
!
interface enp8s0f0
 ipv6 nd ra-interval 10
 no ipv6 nd suppress-ra
!
interface enp8s0f1
 ipv6 nd ra-interval 10
 no ipv6 nd suppress-ra
!
router-id 10.195.1.35
!
router bgp 4212779811
 bgp bestpath as-path multipath-relax
 bgp bestpath compare-routerid
 neighbor leafs peer-group
 neighbor leafs remote-as external
 neighbor leafs capability extended-nexthop
 neighbor enp8s0f0 interface peer-group leafs
 neighbor enp8s0f1 interface peer-group leafs
 !
 address-family ipv4 unicast
  network 10.195.1.35/32
  redistribute connected route-map LOCAL_ROUTES
  neighbor leafs filter-list HOST_ORIGINATED_ROUTES out
 exit-address-family
 !
 address-family ipv6 unicast
  neighbor leafs activate
  neighbor leafs prefix-list DEFAULT_FILTER in
 exit-address-family
 !
 address-family l2vpn evpn
  neighbor leafs activate
  advertise-all-vni
 exit-address-family
!
ip prefix-list DEFAULT_FILTER seq 10 permit 0.0.0.0/0
!
bgp as-path access-list HOST_ORIGINATED_ROUTES permit ^$
!
route-map LOCAL_ROUTES permit 10
 match interface dummy0
!
route-map SET_SOURCE permit 10
 set src 10.195.1.35
!
ip protocol bgp route-map SET_SOURCE
!
line vty
!

On a 7.4.1 host:

Route Distinguisher: 10.253.0.1:2
*> [2]:[0]:[48]:[00:00:5e:00:01:22]:[32]:[10.195.17.1]
                    10.253.0.1                             0 64710 64700 i
                    RT:64700:10022 ET:8 Default Gateway
*                   10.253.0.1                             0 64711 64700 i
                    RT:64700:10022 ET:8 Default Gateway
*> [2]:[0]:[48]:[00:00:5e:00:01:22]:[128]:[fe80::200:5eff:fe00:122]
                    10.253.0.1                             0 64710 64700 i
                    RT:64700:10022 ET:8 Default Gateway ND:Router Flag
*                   10.253.0.1                             0 64711 64700 i
                    RT:64700:10022 ET:8 Default Gateway ND:Router Flag

On a 7.5.1 host:

Route Distinguisher: 10.253.0.1:2
   [2]:[0]:[48]:[00:00:5e:00:01:22]:[32]:[10.195.17.1]
                    10.253.0.1(leaf-lab-01)
                                                           0 64710 64700 i
                    RT:64700:10022 ET:8 Default Gateway
                    10.253.0.1(leaf-lab-02)
                                                           0 64711 64700 i

Versions

taspelund commented 3 years ago

Can you grab some extra output? show evpn show evpn vni show bgp l2vpn evpn import-rt

I'm assuming 10022 is the L2VNI here? If so, then the syntax below should be good. If not, could you replace "10022" with the proper VNID? show bgp l2vpn evpn route vni 10022 mac 00:00:5e:00:01:22 ip 10.195.17.1 show bgp l2vpn evpn route vni 10022 mac 00:00:5e:00:01:22 show evpn mac vni 10022 mac 00:00:5e:00:01:22 show evpn arp-cache vni 10022 ip 10.195.17.1

robmbrooks commented 3 years ago 
lab02# show evpn
L2 VNIs: 1
L3 VNIs: 0
Advertise gateway mac-ip: No
Advertise svi mac-ip: No
Duplicate address detection: Enable
  Detection max-moves 5, time 180
lab02# show evpn vni
VNI        Type VxLAN IF              # MACs   # ARPs   # Remote VTEPs  Tenant VRF                           
10022      L2   dummy0.10022          7        6        3               default                              
lab02# show bgp l2vpn evpn import-rt
Route-target: 0:10022
List of VNIs importing routes with this route-target:
  10022

here's the 7.5.1 host:

 lab02# show bgp l2vpn evpn route vni 10022 mac 00:00:5e:00:01:22 ip 10.195.17.1
% Network not in table
lab02# show bgp l2vpn evpn route vni 10022 mac 00:00:5e:00:01:22
% Network not in table
lab02# show evpn mac vni 10022 mac 00:00:5e:00:01:22
% Requested MAC does not exist in VNI 10022
lab02# show evpn arp-cache vni 10022 ip 10.195.17.1
% Requested neighbor does not exist in VNI 10022

here's a 7.4.1 host next to the 7.5.1 host...

lab01# show bgp l2vpn evpn route vni 10022 mac 00:00:5e:00:01:22 ip 10.195.17.1
BGP routing table entry for [2]:[0]:[48]:[00:00:5e:00:01:22]:[32]:[10.195.17.1]
Paths: (2 available, best #1)
  Not advertised to any peer
  Route [2]:[0]:[48]:[00:00:5e:00:01:22]:[32]:[10.195.17.1] VNI 10022
  Imported from 10.253.0.1:2:[2]:[0]:[48]:[00:00:5e:00:01:22]:[32]:[10.195.17.1], VNI 10022
  64710 64700
    10.253.0.1 from leaf-lab-01(enp8s0f0) (10.253.0.10)
      Origin IGP, valid, external, bestpath-from-AS 64710, best (Router ID)
      Extended Community: RT:64700:10022 ET:8 Default Gateway
      Last update: Wed Nov 11 10:50:01 2020
  Route [2]:[0]:[48]:[00:00:5e:00:01:22]:[32]:[10.195.17.1] VNI 10022
  Imported from 10.253.0.1:2:[2]:[0]:[48]:[00:00:5e:00:01:22]:[32]:[10.195.17.1], VNI 10022
  64711 64700
    10.253.0.1 from leaf-lab-02(enp8s0f1) (10.253.0.11)
      Origin IGP, valid, external, bestpath-from-AS 64711
      Extended Community: RT:64700:10022 ET:8 Default Gateway
      Last update: Wed Nov 11 10:49:59 2020

Displayed 2 paths for requested prefix
lab01# show bgp l2vpn evpn route vni 10022 mac 00:00:5e:00:01:22
% Network not in table
lab01# show evpn mac vni 10022 mac 00:00:5e:00:01:22
MAC: 00:00:5e:00:01:22
 Remote VTEP: 10.253.0.1 Remote-gateway Mac 
 Local Seq: 0 Remote Seq: 0
 Neighbors:
    10.195.17.1 Active
    fe80::200:5eff:fe00:122 Active

lab01# show evpn arp-cache vni 10022 ip 10.195.17.1
IP: 10.195.17.1
 Type: remote
 State: active
 MAC: 00:00:5e:00:01:22
 Remote VTEP: 10.253.0.1
 Local Seq: 0 Remote Seq: 0

Relevant logs:

2021-01-12T14:07:41.653799-08:00 lab02 bgpd[3115965]: enp8s0f1 rcvd UPDATE about 10.195.1.35/32 IPv4 unicast -- DENIED due to: as-path contains our own AS;
2021-01-12T14:07:43.530972-08:00 lab02 bgpd[3115965]: enp8s0f0 rcvd UPDATE about 10.195.1.35/32 IPv4 unicast -- DENIED due to: as-path contains our own AS;
2021-01-12T14:07:43.531032-08:00 lab02 bgpd[3115965]: enp8s0f0 rcvd UPDATE about RD 10.195.1.35:2 [2]:[02:00:0a:c3:11:20]/320 label 10022 l2vpn evpn -- DENIED due to: as-path contains our own AS;
2021-01-12T14:07:43.531072-08:00 lab02 bgpd[3115965]: enp8s0f0 rcvd UPDATE about RD 10.195.1.35:2 [3]:[10.195.1.35]/320 l2vpn evpn -- DENIED due to: as-path contains our own AS;
2021-01-12T14:22:04.128311-08:00 lab02 bgpd[3115965]: enp8s0f0 rcvd UPDATE about RD 10.195.1.35:2 [2]:[02:00:0a:c3:11:21]/320 label 10022 l2vpn evpn -- DENIED due to: as-path contains our own AS;
2021-01-12T14:22:04.128323-08:00 lab02 bgpd[3115965]: enp8s0f1 rcvd UPDATE about RD 10.195.1.35:2 [2]:[02:00:0a:c3:11:21]/320 label 10022 l2vpn evpn -- DENIED due to: as-path contains our own AS;
2021-01-12T14:22:09.448647-08:00 lab02 bgpd[3115965]: enp8s0f1 rcvd UPDATE about RD 10.195.1.35:2 [2]:[02:00:0a:c3:11:22]/320 label 10022 l2vpn evpn -- DENIED due to: as-path contains our own AS;
2021-01-12T14:22:09.449188-08:00 lab02 bgpd[3115965]: enp8s0f0 rcvd UPDATE about RD 10.195.1.35:2 [2]:[02:00:0a:c3:11:22]/320 label 10022 l2vpn evpn -- DENIED due to: as-path contains our own AS;
2021-01-12T14:22:31.629454-08:00 lab02 bgpd[3115965]: enp8s0f1 rcvd UPDATE about RD 10.195.1.35:2 [2]:[02:00:0a:c3:11:21]/320 label 10022 l2vpn evpn -- DENIED due to: as-path contains our own AS;
2021-01-12T14:22:31.629458-08:00 lab02 bgpd[3115965]: enp8s0f1 rcvd UPDATE about RD 10.195.1.35:2 [2]:[02:00:0a:c3:11:22]/320 label 10022 l2vpn evpn -- DENIED due to: as-path contains our own AS;
taspelund commented 3 years ago

None of the update debugs seem to mention the NLRI pointed out initially. Given the NLRI is in the BGP table already, I think we've made it past loop prevention.

From lab02: Can you grab all the details for the routes in question from show bgp l2vpn evpn route type macip? Can you also get show evpn mac vni 10022 and show evpn arp-cache vni 10022? (no specific mac/ip for either command)

robmbrooks commented 3 years ago 
lab02# show evpn mac vni 10022
Number of MACs (local and remote) known for this VNI: 7
Flags: N=sync-neighs, I=local-inactive, P=peer-active, X=peer-proxy
MAC               Type   Flags Intf/Remote ES/VTEP            VLAN  Seq #'s
02:00:0a:c3:11:1e remote       10.195.1.34                          0/1
02:00:0a:c3:11:1b remote       10.195.1.34                          0/0
02:00:0a:c3:11:1d remote       10.195.1.34                          0/1
02:00:0a:c3:11:20 local        one-30825-0                          0/0
f6:96:eb:d2:8c:b6 local        onbr0                          1     0/0
02:00:0a:c3:11:16 remote       10.195.1.34                          0/0
02:00:0a:c3:11:1c remote       10.195.1.34                          0/1
lab02# show evpn arp-cache vni 10022
Number of ARPs (local and remote) known for this VNI: 6
Flags: I=local-inactive, P=peer-active, X=peer-proxy
Neighbor                  Type   Flags State    MAC               Remote ES/VTEP                 Seq #'s
fe80::6428:d1ff:fee8:20bf local        active   f6:96:eb:d2:8c:b6                                0/0
fe80::aff:fec3:1121       local  I     inactive 02:00:0a:c3:11:21                                0/0
fe80::aff:fec3:1122       local  I     inactive 02:00:0a:c3:11:22                                0/0
fe80::aff:fec3:1120       local  I     active   02:00:0a:c3:11:20                                0/0
fe80::aff:fec3:111b       remote       active   02:00:0a:c3:11:1b 10.195.1.34                    0/0
fe80::aff:fec3:1116       remote       active   02:00:0a:c3:11:16 10.195.1.34                    0/0
robmbrooks commented 3 years ago

sorry, missed the first command...

lab02# show bgp l2vpn evpn route type macip
BGP table version is 16, local router ID is 10.195.1.35
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal
Origin codes: i - IGP, e - EGP, ? - incomplete
EVPN type-1 prefix: [1]:[ESI]:[EthTag]:[IPlen]:[VTEP-IP]
EVPN type-2 prefix: [2]:[EthTag]:[MAClen]:[MAC]:[IPlen]:[IP]
EVPN type-3 prefix: [3]:[EthTag]:[IPlen]:[OrigIP]
EVPN type-4 prefix: [4]:[ESI]:[IPlen]:[OrigIP]
EVPN type-5 prefix: [5]:[EthTag]:[IPlen]:[IP]

   Network          Next Hop            Metric LocPrf Weight Path
                    Extended Community
Route Distinguisher: 10.195.1.34:2
*> [2]:[0]:[48]:[02:00:0a:c3:11:16]
                    10.195.1.34(leaf-lab-01)
                                                           0 64710 4212779810 i
                    RT:60194:10022 ET:8
*  [2]:[0]:[48]:[02:00:0a:c3:11:16]
                    10.195.1.34(leaf-lab-02)
                                                           0 64711 4212779810 i
                    RT:60194:10022 ET:8
*> [2]:[0]:[48]:[02:00:0a:c3:11:16]:[128]:[fe80::aff:fec3:1116]
                    10.195.1.34(leaf-lab-01)
                                                           0 64710 4212779810 i
                    RT:60194:10022 ET:8
*  [2]:[0]:[48]:[02:00:0a:c3:11:16]:[128]:[fe80::aff:fec3:1116]
                    10.195.1.34(leaf-lab-02)
                                                           0 64711 4212779810 i
                    RT:60194:10022 ET:8
*> [2]:[0]:[48]:[02:00:0a:c3:11:1b]
                    10.195.1.34(leaf-lab-01)
                                                           0 64710 4212779810 i
                    RT:60194:10022 ET:8
*  [2]:[0]:[48]:[02:00:0a:c3:11:1b]
                    10.195.1.34(leaf-lab-02)
                                                           0 64711 4212779810 i
                    RT:60194:10022 ET:8
*> [2]:[0]:[48]:[02:00:0a:c3:11:1b]:[128]:[fe80::aff:fec3:111b]
                    10.195.1.34(leaf-lab-01)
                                                           0 64710 4212779810 i
                    RT:60194:10022 ET:8
*  [2]:[0]:[48]:[02:00:0a:c3:11:1b]:[128]:[fe80::aff:fec3:111b]
                    10.195.1.34(leaf-lab-02)
                                                           0 64711 4212779810 i
                    RT:60194:10022 ET:8
*> [2]:[0]:[48]:[02:00:0a:c3:11:1c]
                    10.195.1.34(leaf-lab-01)
                                                           0 64710 4212779810 i
                    RT:60194:10022 ET:8 MM:1
*  [2]:[0]:[48]:[02:00:0a:c3:11:1c]
                    10.195.1.34(leaf-lab-02)
                                                           0 64711 4212779810 i
                    RT:60194:10022 ET:8 MM:1
*> [2]:[0]:[48]:[02:00:0a:c3:11:1d]
                    10.195.1.34(leaf-lab-01)
                                                           0 64710 4212779810 i
                    RT:60194:10022 ET:8 MM:1
*  [2]:[0]:[48]:[02:00:0a:c3:11:1d]
                    10.195.1.34(leaf-lab-02)
                                                           0 64711 4212779810 i
                    RT:60194:10022 ET:8 MM:1
*> [2]:[0]:[48]:[02:00:0a:c3:11:1e]
                    10.195.1.34(leaf-lab-01)
                                                           0 64710 4212779810 i
                    RT:60194:10022 ET:8 MM:1
*  [2]:[0]:[48]:[02:00:0a:c3:11:1e]
                    10.195.1.34(leaf-lab-02)
                                                           0 64711 4212779810 i
                    RT:60194:10022 ET:8 MM:1
Route Distinguisher: 10.195.1.35:2
*> [2]:[0]:[48]:[02:00:0a:c3:11:20]
                    10.195.1.35(lab02.riskiq)
                                                       32768 i
                    ET:8 RT:60195:10022
Route Distinguisher: 10.253.0.1:2
   [2]:[0]:[48]:[00:00:5e:00:01:22]:[32]:[10.195.17.1]
                    10.253.0.1(leaf-lab-01)
                                                           0 64710 64700 i
                    RT:64700:10022 ET:8 Default Gateway
   [2]:[0]:[48]:[00:00:5e:00:01:22]:[32]:[10.195.17.1]
                    10.253.0.1(leaf-lab-02)
                                                           0 64711 64700 i
                    RT:64700:10022 ET:8 Default Gateway
   [2]:[0]:[48]:[00:00:5e:00:01:22]:[128]:[fe80::200:5eff:fe00:122]
                    10.253.0.1(leaf-lab-01)
                                                           0 64710 64700 i
                    RT:64700:10022 ET:8 Default Gateway ND:Router Flag
   [2]:[0]:[48]:[00:00:5e:00:01:22]:[128]:[fe80::200:5eff:fe00:122]
                    10.253.0.1(leaf-lab-02)
                                                           0 64711 64700 i
                    RT:64700:10022 ET:8 Default Gateway ND:Router Flag
   [2]:[0]:[48]:[22:c3:a4:07:3e:15]:[32]:[10.195.17.5]
                    10.253.0.1(leaf-lab-01)
                                                           0 64710 64700 i
                    RT:64700:10022 ET:8 Default Gateway
   [2]:[0]:[48]:[22:c3:a4:07:3e:15]:[32]:[10.195.17.5]
                    10.253.0.1(leaf-lab-02)
                                                           0 64711 64700 i
                    RT:64700:10022 ET:8 Default Gateway
   [2]:[0]:[48]:[22:c3:a4:07:3e:15]:[128]:[fe80::20c3:a4ff:fe07:3e15]
                    10.253.0.1(leaf-lab-01)
                                                           0 64710 64700 i
                    RT:64700:10022 ET:8 Default Gateway ND:Router Flag
   [2]:[0]:[48]:[22:c3:a4:07:3e:15]:[128]:[fe80::20c3:a4ff:fe07:3e15]
                    10.253.0.1(leaf-lab-02)
                                                           0 64711 64700 i
                    RT:64700:10022 ET:8 Default Gateway ND:Router Flag
Route Distinguisher: 10.253.0.1:3
   [2]:[0]:[48]:[00:00:5e:00:01:23]:[32]:[10.195.18.1]
                    10.253.0.1(leaf-lab-01)
                                                           0 64710 64700 i
                    RT:64700:10023 ET:8 Default Gateway
   [2]:[0]:[48]:[00:00:5e:00:01:23]:[32]:[10.195.18.1]
                    10.253.0.1(leaf-lab-02)
                                                           0 64711 64700 i
                    RT:64700:10023 ET:8 Default Gateway
   [2]:[0]:[48]:[00:00:5e:00:01:23]:[128]:[fe80::200:5eff:fe00:123]
                    10.253.0.1(leaf-lab-01)
                                                           0 64710 64700 i
                    RT:64700:10023 ET:8 Default Gateway ND:Router Flag
   [2]:[0]:[48]:[00:00:5e:00:01:23]:[128]:[fe80::200:5eff:fe00:123]
                    10.253.0.1(leaf-lab-02)
                                                           0 64711 64700 i
                    RT:64700:10023 ET:8 Default Gateway ND:Router Flag
   [2]:[0]:[48]:[22:c3:a4:07:3e:15]:[32]:[10.195.18.5]
                    10.253.0.1(leaf-lab-01)
                                                           0 64710 64700 i
                    RT:64700:10023 ET:8 Default Gateway
   [2]:[0]:[48]:[22:c3:a4:07:3e:15]:[32]:[10.195.18.5]
                    10.253.0.1(leaf-lab-02)
                                                           0 64711 64700 i
                    RT:64700:10023 ET:8 Default Gateway
   [2]:[0]:[48]:[22:c3:a4:07:3e:15]:[128]:[fe80::20c3:a4ff:fe07:3e15]
                    10.253.0.1(leaf-lab-01)
                                                           0 64710 64700 i
                    RT:64700:10023 ET:8 Default Gateway ND:Router Flag
   [2]:[0]:[48]:[22:c3:a4:07:3e:15]:[128]:[fe80::20c3:a4ff:fe07:3e15]
                    10.253.0.1(leaf-lab-02)
                                                           0 64711 64700 i
                    RT:64700:10023 ET:8 Default Gateway ND:Router Flag

Displayed 16 prefixes (31 paths) (of requested type)

from 7.4.1:

lab01# show bgp l2vpn evpn route type macip
BGP table version is 16, local router ID is 10.195.1.34
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal
Origin codes: i - IGP, e - EGP, ? - incomplete
EVPN type-2 prefix: [2]:[EthTag]:[MAClen]:[MAC]:[IPlen]:[IP]
EVPN type-3 prefix: [3]:[EthTag]:[IPlen]:[OrigIP]
EVPN type-4 prefix: [4]:[ESI]:[IPlen]:[OrigIP]
EVPN type-5 prefix: [5]:[EthTag]:[IPlen]:[IP]

   Network          Next Hop            Metric LocPrf Weight Path
                    Extended Community
Route Distinguisher: 10.195.1.34:2
*> [2]:[0]:[48]:[02:00:0a:c3:11:16]
                    10.195.1.34                        32768 i
                    ET:8 RT:60194:10022
*> [2]:[0]:[48]:[02:00:0a:c3:11:16]:[128]:[fe80::aff:fec3:1116]
                    10.195.1.34                        32768 i
                    ET:8 RT:60194:10022
*> [2]:[0]:[48]:[02:00:0a:c3:11:1b]
                    10.195.1.34                        32768 i
                    ET:8 RT:60194:10022
*> [2]:[0]:[48]:[02:00:0a:c3:11:1b]:[128]:[fe80::aff:fec3:111b]
                    10.195.1.34                        32768 i
                    ET:8 RT:60194:10022
*> [2]:[0]:[48]:[02:00:0a:c3:11:1c]
                    10.195.1.34                        32768 i
                    ET:8 RT:60194:10022 MM:1
*> [2]:[0]:[48]:[02:00:0a:c3:11:1d]
                    10.195.1.34                        32768 i
                    ET:8 RT:60194:10022 MM:1
*> [2]:[0]:[48]:[02:00:0a:c3:11:1e]
                    10.195.1.34                        32768 i
                    ET:8 RT:60194:10022 MM:1
Route Distinguisher: 10.195.1.35:2
*> [2]:[0]:[48]:[02:00:0a:c3:11:20]
                    10.195.1.35                            0 64710 4212779811 i
                    RT:60195:10022 ET:8
*  [2]:[0]:[48]:[02:00:0a:c3:11:20]
                    10.195.1.35                            0 64711 4212779811 i
                    RT:60195:10022 ET:8
Route Distinguisher: 10.253.0.1:2
*> [2]:[0]:[48]:[00:00:5e:00:01:22]:[32]:[10.195.17.1]
                    10.253.0.1                             0 64710 64700 i
                    RT:64700:10022 ET:8 Default Gateway
*  [2]:[0]:[48]:[00:00:5e:00:01:22]:[32]:[10.195.17.1]
                    10.253.0.1                             0 64711 64700 i
                    RT:64700:10022 ET:8 Default Gateway
*> [2]:[0]:[48]:[00:00:5e:00:01:22]:[128]:[fe80::200:5eff:fe00:122]
                    10.253.0.1                             0 64710 64700 i
                    RT:64700:10022 ET:8 Default Gateway ND:Router Flag
*  [2]:[0]:[48]:[00:00:5e:00:01:22]:[128]:[fe80::200:5eff:fe00:122]
                    10.253.0.1                             0 64711 64700 i
                    RT:64700:10022 ET:8 Default Gateway ND:Router Flag
*> [2]:[0]:[48]:[22:c3:a4:07:3e:15]:[32]:[10.195.17.5]
                    10.253.0.1                             0 64710 64700 i
                    RT:64700:10022 ET:8 Default Gateway
*  [2]:[0]:[48]:[22:c3:a4:07:3e:15]:[32]:[10.195.17.5]
                    10.253.0.1                             0 64711 64700 i
                    RT:64700:10022 ET:8 Default Gateway
*> [2]:[0]:[48]:[22:c3:a4:07:3e:15]:[128]:[fe80::20c3:a4ff:fe07:3e15]
                    10.253.0.1                             0 64710 64700 i
                    RT:64700:10022 ET:8 Default Gateway ND:Router Flag
*  [2]:[0]:[48]:[22:c3:a4:07:3e:15]:[128]:[fe80::20c3:a4ff:fe07:3e15]
                    10.253.0.1                             0 64711 64700 i
                    RT:64700:10022 ET:8 Default Gateway ND:Router Flag
Route Distinguisher: 10.253.0.1:3
*> [2]:[0]:[48]:[00:00:5e:00:01:23]:[32]:[10.195.18.1]
                    10.253.0.1                             0 64710 64700 i
                    RT:64700:10023 ET:8 Default Gateway
*  [2]:[0]:[48]:[00:00:5e:00:01:23]:[32]:[10.195.18.1]
                    10.253.0.1                             0 64711 64700 i
                    RT:64700:10023 ET:8 Default Gateway
*> [2]:[0]:[48]:[00:00:5e:00:01:23]:[128]:[fe80::200:5eff:fe00:123]
                    10.253.0.1                             0 64710 64700 i
                    RT:64700:10023 ET:8 Default Gateway ND:Router Flag
*  [2]:[0]:[48]:[00:00:5e:00:01:23]:[128]:[fe80::200:5eff:fe00:123]
                    10.253.0.1                             0 64711 64700 i
                    RT:64700:10023 ET:8 Default Gateway ND:Router Flag
*> [2]:[0]:[48]:[22:c3:a4:07:3e:15]:[32]:[10.195.18.5]
                    10.253.0.1                             0 64710 64700 i
                    RT:64700:10023 ET:8 Default Gateway
*  [2]:[0]:[48]:[22:c3:a4:07:3e:15]:[32]:[10.195.18.5]
                    10.253.0.1                             0 64711 64700 i
                    RT:64700:10023 ET:8 Default Gateway
*> [2]:[0]:[48]:[22:c3:a4:07:3e:15]:[128]:[fe80::20c3:a4ff:fe07:3e15]
                    10.253.0.1                             0 64710 64700 i
                    RT:64700:10023 ET:8 Default Gateway ND:Router Flag
*  [2]:[0]:[48]:[22:c3:a4:07:3e:15]:[128]:[fe80::20c3:a4ff:fe07:3e15]
                    10.253.0.1                             0 64711 64700 i
                    RT:64700:10023 ET:8 Default Gateway ND:Router Flag

Displayed 16 prefixes (25 paths) (of requested type)
taspelund commented 3 years ago

Can you grab show bgp l2vpn evpn route rd 10.253.0.1:2 mac 00:00:5e:00:01:22 ip 10.195.17.1 + show bgp l2vpn evpn route rd 10.253.0.1:2 mac 00:00:5e:00:01:22 ip fe80::200:5eff:fe00:122 from these two devices?

robmbrooks commented 3 years ago

on 7.5.1:

lab02# show bgp l2vpn evpn route rd 10.253.0.1:2 mac 00:00:5e:00:01:22 ip 10.195.17.1
BGP routing table entry for 10.253.0.1:2:[2]:[0]:[48]:[00:00:5e:00:01:22]:[32]:[10.195.17.1]
Paths: (2 available, no best path)
  Not advertised to any peer
  Route [2]:[0]:[48]:[00:00:5e:00:01:22]:[32]:[10.195.17.1] VNI 10022
  64710 64700
    10.253.0.1(leaf-lab-01) (inaccessible) from leaf-lab-01(enp8s0f0) (10.253.0.10)
      Origin IGP, invalid, external
      Extended Community: RT:64700:10022 ET:8 Default Gateway
      Last update: Tue Jan 12 14:07:43 2021
  Route [2]:[0]:[48]:[00:00:5e:00:01:22]:[32]:[10.195.17.1] VNI 10022
  64711 64700
    10.253.0.1(leaf-lab-02) (inaccessible) from leaf-lab-02(enp8s0f1) (10.253.0.11)
      Origin IGP, invalid, external
      Extended Community: RT:64700:10022 ET:8 Default Gateway
      Last update: Tue Jan 12 14:07:41 2021

Displayed 2 paths for requested prefix
lab02# show bgp l2vpn evpn route rd 10.253.0.1:2 mac 00:00:5e:00:01:22 ip fe80::200:5eff:fe00:122
BGP routing table entry for 10.253.0.1:2:[2]:[0]:[48]:[00:00:5e:00:01:22]:[128]:[fe80::200:5eff:fe00:122]
Paths: (2 available, no best path)
  Not advertised to any peer
  Route [2]:[0]:[48]:[00:00:5e:00:01:22]:[128]:[fe80::200:5eff:fe00:122] VNI 10022
  64710 64700
    10.253.0.1(leaf-lab-01) (inaccessible) from leaf-lab-01(enp8s0f0) (10.253.0.10)
      Origin IGP, invalid, external
      Extended Community: RT:64700:10022 ET:8 Default Gateway ND:Router Flag
      Last update: Tue Jan 12 14:07:43 2021
  Route [2]:[0]:[48]:[00:00:5e:00:01:22]:[128]:[fe80::200:5eff:fe00:122] VNI 10022
  64711 64700
    10.253.0.1(leaf-lab-02) (inaccessible) from leaf-lab-02(enp8s0f1) (10.253.0.11)
      Origin IGP, invalid, external
      Extended Community: RT:64700:10022 ET:8 Default Gateway ND:Router Flag
      Last update: Tue Jan 12 14:07:41 2021

Displayed 2 paths for requested prefix

On 7.4.1:

lab01# show bgp l2vpn evpn route rd 10.253.0.1:2 mac 00:00:5e:00:01:22 ip 10.195.17.1
BGP routing table entry for 10.253.0.1:2:[2]:[0]:[48]:[00:00:5e:00:01:22]:[32]:[10.195.17.1]
Paths: (2 available, best #1)
  Advertised to non peer-group peers:
  leaf-lab-01(enp8s0f0) leaf-lab-02(enp8s0f1)
  Route [2]:[0]:[48]:[00:00:5e:00:01:22]:[32]:[10.195.17.1] VNI 10022
  64710 64700
    10.253.0.1 from leaf-lab-01(enp8s0f0) (10.253.0.10)
      Origin IGP, valid, external, bestpath-from-AS 64710, best (Router ID)
      Extended Community: RT:64700:10022 ET:8 Default Gateway
      Last update: Wed Nov 11 10:50:01 2020
  Route [2]:[0]:[48]:[00:00:5e:00:01:22]:[32]:[10.195.17.1] VNI 10022
  64711 64700
    10.253.0.1 from leaf-lab-02(enp8s0f1) (10.253.0.11)
      Origin IGP, valid, external, bestpath-from-AS 64711
      Extended Community: RT:64700:10022 ET:8 Default Gateway
      Last update: Wed Nov 11 10:49:59 2020

Displayed 2 paths for requested prefix
lab01# show bgp l2vpn evpn route rd 10.253.0.1:2 mac 00:00:5e:00:01:22 ip fe80::200:5eff:fe00:122
BGP routing table entry for 10.253.0.1:2:[2]:[0]:[48]:[00:00:5e:00:01:22]:[128]:[fe80::200:5eff:fe00:122]
Paths: (2 available, best #1)
  Advertised to non peer-group peers:
  leaf-lab-01(enp8s0f0) leaf-lab-02(enp8s0f1)
  Route [2]:[0]:[48]:[00:00:5e:00:01:22]:[128]:[fe80::200:5eff:fe00:122] VNI 10022
  64710 64700
    10.253.0.1 from leaf-lab-01(enp8s0f0) (10.253.0.10)
      Origin IGP, valid, external, bestpath-from-AS 64710, best (Router ID)
      Extended Community: RT:64700:10022 ET:8 Default Gateway ND:Router Flag
      Last update: Wed Nov 11 10:50:01 2020
  Route [2]:[0]:[48]:[00:00:5e:00:01:22]:[128]:[fe80::200:5eff:fe00:122] VNI 10022
  64711 64700
    10.253.0.1 from leaf-lab-02(enp8s0f1) (10.253.0.11)
      Origin IGP, valid, external, bestpath-from-AS 64711
      Extended Community: RT:64700:10022 ET:8 Default Gateway ND:Router Flag
      Last update: Wed Nov 11 10:49:59 2020

Displayed 2 paths for requested prefix
taspelund commented 3 years ago

Here's our issue:

10.253.0.1(leaf-lab-01) (inaccessible)

show ip route 10.253.0.1 please :-)

robmbrooks commented 3 years ago 
lab02# show ip route 10.253.0.1
Routing entry for 0.0.0.0/0
  Known via "bgp", distance 20, metric 0, best
  Last update 1d06h40m ago
  * fe80::3617:ebff:fefc:dc6, via enp8s0f1, weight 1
  * fe80::f68e:38ff:fe29:e89, via enp8s0f0, weight 1
lab01# show ip route 10.253.0.1
Routing entry for 0.0.0.0/0
  Known via "bgp", distance 20, metric 0, best
  Last update 09w0d09h ago
  * fe80::3617:ebff:fefc:dc5, via enp8s0f1, weight 1
  * fe80::f68e:38ff:fe29:e88, via enp8s0f0, weight 1
taspelund commented 3 years ago

On the 7.5.1 box, does ip nht resolve-via-default fix the issue?

robmbrooks commented 3 years ago

Yes it does!

taspelund commented 3 years ago

Excellent! That's good to hear.

I don't recall offhand whether the difference in behavior (needed in 7.5.1, not needed in 7.4.1) was due to any bug fixes or explicit changes to default behavior.

@donaldsharp do you know what changes there might have been around ip nht resolve-via-default (or nht resolution of BGP/EVPN next-hops) between 7.4.1 and 7.5.1?

donaldsharp commented 3 years ago

@polychaeta autoclose in 2 days

robmbrooks commented 3 years ago

@donaldsharp should we add ip nht resolve-via-default into our production configs and upgrade to 7.5.1 or will the behaviour revert in a future version?

polychaeta commented 3 years ago

This issue will no longer be automatically closed.

Jafaral commented 3 years ago

@robmbrooks we haven't made a decision if/when such a behavior may change. If we do such a change it will be highlighted in the release notes. So I highly recommend checking the release notes before upgrading in a production environment.

Jafaral commented 3 years ago

@polychaeta autoclose in 2 days