search

ffnord / ffnord-puppet-gateway

Deploy and manage your Freifunk community gateway, mostly compatible with Gluon.
15 stars 13 forks source link

bird is not exporting our IPv4 prefix #76

Closed wusel42 closed 9 years ago

wusel42 commented 9 years ago

root@gw05:~# ifconfig br-mueritz | head -2 br-mueritz Link encap:Ethernet HWaddr de:ad:be:ef:00:00
inet addr:10.169.1.1 Bcast:10.169.7.255 Mask:255.255.248.0 root@gw05:~# birdc show route export ehingen1 | grep 169 root@gw05:~# birdc show route export guetersloh1 | wc -l 82 root@gw05:~# birdc show route export guetersloh1 | grep 169 | wc -l 0

So, while in principle everything seems to work (thanks!), on IC-VPN either me did a mistake of the code currently does not BGP-export the local prefix?

ohrensessel commented 9 years ago

Try to chance RTS_STATIC to RTS_STATIC_DEVICE (or something like that, not on a computer right now). This should fix the problem. Will add a pr soon Am 18.01.2015 03:34 schrieb "wusel42" notifications@github.com:

root@gw05:~# ifconfig br-mueritz | head -2 br-mueritz Link encap:Ethernet HWaddr de:ad:be:ef:00:00

inet addr:10.169.1.1 Bcast:10.169.7.255 Mask:255.255.248.0 root@gw05:~# birdc show route export ehingen1 | grep 169 root@gw05:~# birdc show route export guetersloh1 | wc -l 82 root@gw05:~# birdc show route export guetersloh1 | grep 169 | wc -l 0

So, while in principle everything seems to work (thanks!), on IC-VPN either me did a mistake of the code currently does not BGP-export the local prefix?

— Reply to this email directly or view it on GitHub https://github.com/ffnord/ffnord-puppet-gateway/issues/76.

wusel42 commented 9 years ago

I don't think that's directly the root cause; somehow the local mesh's IPs aren't included in the bird routing tables, imho:

root@gw05:~# ifconfig br-mueritz br-mueritz Link encap:Ethernet HWaddr de:ad:be:ef:00:00
inet addr:10.169.1.1 Bcast:10.169.7.255 Mask:255.255.248.0 inet6 addr: fe80::ecb0:b2ff:feea:e88f/64 Scope:Link inet6 addr: fd39:e4e3:eee1:aa9::/64 Scope:Global UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:2226 errors:0 dropped:0 overruns:0 frame:0 TX packets:78380 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:62328 (62.3 KB) TX bytes:6900320 (6.9 MB)

root@gw05:~# birdc show route where source=RTS_STATIC BIRD 1.4.5 ready. root@gw05:~# birdc show route where source=RTS_STATIC_DEVICE BIRD 1.4.5 ready. root@gw05:~# birdc show route where 'is_self_mueritz()' BIRD 1.4.5 ready. root@gw05:~# birdc show route table mesh_mueritz where 'is_self_mueritz()' BIRD 1.4.5 ready. 10.169.0.0/16 unreachable [static_mueritz 10:30:32] * (200)

wusel42 commented 9 years ago 
root@gw05:~# for i in /etc/bird/bird.conf /etc/bird/bird.conf.d/*.conf ; do diff -u $i ${i}_fixed ; done
--- /etc/bird/bird.conf.d/mueritz.conf  2015-01-18 23:28:24.356527000 +0100
+++ /etc/bird/bird.conf.d/mueritz.conf_fixed    2015-01-18 23:19:59.668527000 +0100
@@ -19,7 +19,7 @@
 protocol pipe 'pipe_mesh_mueritz' {
   table mesh;
   peer table 'mesh_mueritz';
-  import where ! 'is_self_mueritz'();
+#  import where ! 'is_self_mueritz'();
   export where source = RTS_BGP || source = RTS_STATIC;
 };

That fixed the export:

root@gw04:~# birdc show route | grep 10.169 10.169.0.0/16 via 10.207.0.138 on icvpn [pipe_icvpn 23:20:29 from 10.207.0.79] * (70)

But I'm not sure if/where this has other pitfalls?

ohrensessel commented 9 years ago

what exactly did you change? I'm a little bit confused by the formatting :)

wusel42 commented 9 years ago

Fixed that ;)

I just dropped "import where ! 'is_self_mueritz'();" in "/etc/bird/bird.conf.d/mueritz.conf".

ohrensessel commented 9 years ago

please see #77 and test it

wusel42 commented 9 years ago

Blöde Frage, aber: wie?

root@gw05:~# cd /etc/puppet/modules/ffnord/
root@gw05:/etc/puppet/modules/ffnord# git pull
Already up-to-date.

Da Du es es noch nicht gemerged hast, bleibt nur händisches patch, oder?

ohrensessel commented 9 years ago

we try not to merge our own pull requests, so that somebody else can review them.

in this case: might be enough to set import all; instead having no import statement at all. the other commits from #77 should not affect your problem.

wusel42 commented 9 years ago

Is there a way to get a raw patchset out of github? (Will need the IPv6-related stuff as well.)

Manually changed templates/etc/bird/bird.interface.conf.erb as per #77, looks good:

root@gw05:~# birdc show route export ehingen1 | grep 169 10.169.0.0/16 unreachable [static_mueritz 00:20:35] * (200)

I can't quickly find it, but I think "import all;" is kind of a default, that's why my patch and your patch are functionally identical.

ohrensessel commented 9 years ago

you are probably right. was a good opportunity to push some patches that I had lying around

ohrensessel commented 9 years ago

should be fixed by #77 which is merged now