Open amanshaikh75 opened 6 years ago
I looked at the code in server/zclient.go. I believe the for loop at https://github.com/osrg/gobgp/blob/master/server/zclient.go#L503 is the root-cause of the bug.
If a received VPNv4 route is not imported into any VRFs, the code is adding a route to the default VRF even when the NLRI is VPNv4 (or VPNv6). While this makes sense for IPv4 and IPv6 NLRIs, I don't think it makes sense for VPNv(4|6) NLRIs.
I believe I have fixed the bug in https://github.com/amanshaikh75/gobgp/tree/disallow_vpn_routes_in_default_fwd_table. This required addition of four lines of code at https://github.com/amanshaikh75/gobgp/blob/disallow_vpn_routes_in_default_fwd_table/server/zclient.go#L508.
If this fix makes sense, I can create a pull request.
It looks like GoBGP installs VPNv4 routes learned from a route-reflector into Linux kernel’s default forwarding table via FRR/Zebra.
[ashaikh@vsp-vpe-west ~]$ gobgp global rib -a vpnv4 Network Labels Next Hop AS_PATH Age Attrs > 100:2:172.16.0.1/32 [145] 192.168.10.3 65003 00:04:48 [{Origin: i} {Med: 0} {LocalPref: 100} {Originator: 192.168.0.3} {ClusterList: [192.168.0.2]} {Extcomms: [100:2]}] > 100:2:192.168.101.0/24 [145] 192.168.10.3 65003 00:04:48 [{Origin: i} {Med: 0} {LocalPref: 100} {Originator: 192.168.0.3} {ClusterList: [192.168.0.2]} {Extcomms: [100:2]}]
No VRF is configured with RT 100:2 on gobgp.
[ashaikh@vsp-vpe-west ~]$ gobgp vrf Name RD Import RT Export RT ID blue 100:1 100:1 100:1 6
Note blue VRF’s RT are different from the RT of the routes above. Thus, gobgp daemon does not have a VRF to import these routes into, so it seems to be installing these routes as IPv4 routes through Zebra. Here’s what vtysh shows for routes in Zebra’s RIB:
vsp-vpe-west# show ip route Codes: K - kernel route, C - connected, S - static, R - RIP, O - OSPF, I - IS-IS, B - BGP, P - PIM, E - EIGRP, N - NHRP, T - Table, v - VNC, V - VNC-Direct, A - Babel, D - SHARP,
B> 172.16.0.1/32 [200/0] via 192.168.10.3 (recursive), 00:07:14 via 10.202.0.8, ens8, label 17, 00:07:14 ……
O> 192.168.10.3/32 [110/2] via 10.202.0.8, ens8, label 17, 1d02h12m
B>* 192.168.101.0/24 [200/0] via 192.168.10.3 (recursive), 00:07:14
via 10.202.0.8, ens8, label 17, 00:07:14
Zebra then installs these routes into the Linux kernel’s default forwarding table.
[ashaikh@vsp-vpe-west ~]$ ip route show ……
172.16.0.1 encap mpls 17 via 10.202.0.8 dev ens8 proto 186 metric 20
……
192.168.101.0/24 encap mpls 17 via 10.202.0.8 dev ens8 proto 186 metric 20
In my opinion this is a bug. Received VPNv4 routes should not be passed to FRR/Zebra irrespective of whether there is a VRF for importing routes into or not.