mwindower
commented
8 months ago After cold rebooting both leaf switches even with FRR 9.0.1 the default route is missed sometimes either in the customer VRF or the internet VRF of firewalls. So we have a difference btw. shutting ports (this works without problems) and cold reboot.
To further mitigate this behavior, these options come to my mind:
- shut all front panel ports down before a upgrade or reboot (preferred)
- check for the default route in the customer and internet VRF, if one of them is not installed in the Kernel initiate a FRR restart.
After a reboot of both leaf switches the newer firewalls lose all EVPN routes.
This affects firewalls after version
firewall-ubuntu-2.0.20221025.There was a change of FRR version there from 8.3.1 to 8.4.1: https://github.com/metal-stack/metal-images/compare/20221025...20230110
There's a bug in FRR 8.4.1 that seems to match the behaviour we observed: https://github.com/FRRouting/frr/issues/12391
We should check whether a downgrade to FRR 8.3 will fix the problem for us.