Tuesday, July 11, 2017

Re: BGP vpnv4 prefixes in RIB, not in FIB

Hi misc@,

If there's any more information I could provide that would help, please
let me know. I'm a little out of my depth with the vpnv4 stuff, so any
pointers as to where I should be looking would be very much appreciated.

Thank you


On Thu, 29 Jun 2017, brad hendrickse wrote:

> Hi folks,
>
> I have a problem with routes learnt from BGP vpnv4 not being inserted into
> the FIB I'd expect. A tcpdump on the OpenBSD box shows we are receiving the
> prefixes (from a Cisco) with the labels intact. The MPE interface is
> configured in rdomain 1 with MPLS label 200. The loopback interface lo1 was
> automatically created as mentioned in the 6.1 changelog.
>
> We have this working on OpenBSD 5.4. My colleagues have seen this same
> behaviour since OpenBSD 5.9 explaining why we're still using 5.4. All configs
> and output below is from OpenBSD 6.1.
>
> Any help with this would be much appreciated.
>
> Thank you
>
>
> /etc/bgpd.conf:
> ----/----
> # global configuration
> AS 65002
> router-id 192.168.1.2
> holdtime 180
> listen on 192.168.1.2
> log updates
>
> group "peering AS65520" {
> remote-as 65520
> neighbor 192.168.1.1 {
> descr "AS 65520"
> announce capabilities yes
> announce self
> announce IPv4 vpn
> announce refresh yes
> announce restart yes
> }
> }
>
> rdomain 1 {
> descr "200:1"
> rd 200:1
> import-target rt 200:1
> export-target rt 200:1
> depend on mpe1
> network 10.10.10.2/32
> }
>
>
> ----/----
> bash-4.4# bgpctl show summary
> Neighbor AS MsgRcvd MsgSent OutQ Up/Down
> State/PrfRcvd
> AS 65520 65520 30 27 0 00:23:23 4
>
>
> ----/----
> bash-4.4# bgpctl show rib
> flags: * = Valid, > = Selected, I = via IBGP, A = Announced, S = Stale
> origin: i = IGP, e = EGP, ? = Incomplete
>
> flags destination gateway lpref med aspath origin
> AI*> rd 200:1 10.10.10.2/32 rd 0:0 0.0.0.0 100 0 i
> *> rd 200:1 100.10.0.0/24 192.168.1.1 100 0 65520 ?
> *> rd 200:1 155.10.0.0/24 192.168.1.1 100 0 65520 ?
> *> rd 200:1 200.10.0.0/24 192.168.1.1 100 0 65520 ?
> *> rd 200:1 210.10.0.0/24 192.168.1.1 100 0 65520 ?
>
>
> The next-hop for 155.10.0.0/24 is pingable
> ----/----
> bash-4.4# ping -c 3 192.168.1.1
> PING 192.168.1.1 (192.168.1.1): 56 data bytes
> 64 bytes from 192.168.1.1: icmp_seq=0 ttl=255 time=0.536 ms
> 64 bytes from 192.168.1.1: icmp_seq=1 ttl=255 time=0.604 ms
> 64 bytes from 192.168.1.1: icmp_seq=2 ttl=255 time=0.587 ms
>
> --- 192.168.1.1 ping statistics ---
> 3 packets transmitted, 3 packets received, 0.0% packet loss
> round-trip min/avg/max/std-dev = 0.536/0.576/0.604/0.029 ms
>
>
> ----/----
> bash-4.4# bgpctl show fib
> flags: * = valid, B = BGP, C = Connected, S = Static, D = Dynamic
> N = BGP Nexthop reachable via this route R = redistributed
> r = reject route, b = blackhole route
>
> flags prio destination gateway
> *S 8 0.0.0.0/0 10.0.2.1
> *C 4 10.0.2.0/24 link#1
> *C 0 127.0.0.0/8 link#0
> *CN 4 192.168.1.0/30 link#2
> *S 8 192.168.2.1/32 192.168.1.1
> * 1 192.168.2.2/32 192.168.2.2
> *S r 8 224.0.0.0/4 127.0.0.1
> *S r 8 ::/96 ::1
> *S r 8 ::/104 ::1
> *C 0 ::1/128 link#0
> * 1 ::1/128 ::1
> *S r 8 ::127.0.0.0/104 ::1
> *S r 8 ::224.0.0.0/100 ::1
> *S r 8 ::255.0.0.0/104 ::1
> *S r 8 ::ffff:0.0.0.0/96 ::1
> *S r 8 2002::/24 ::1
> *S r 8 2002:7f00::/24 ::1
> *S r 8 2002:e000::/20 ::1
> *S r 8 2002:ff00::/24 ::1
> *S r 8 fe80::/10 ::1
> * 1 fe80:4::1/128 fe80:4::1
> *S r 8 fec0::/10 ::1
> *S r 8 ff01::/16 ::1
> * 4 ff01:4::/32 ::1
> *S r 8 ff02::/16 ::1
> * 4 ff02:4::/32 ::1
>
>
> The tables are coupled
> ----/----
> bash-4.4# bgpctl show table
> Table Description State
> 0 Loc-RIB coupled
> 1 200:1 coupled
>
>
> I don't expect to be able to ping the destination, but not expecting "No
> route to host"
> ----/----
> bash-4.4# ping -V 1 155.10.0.1
> PING 155.10.0.1 (155.10.0.1): 56 data bytes
> ping: sendmsg: No route to host
> ping: wrote 155.10.0.1 64 chars, ret=-1
> ping: sendmsg: No route to host
> ping: wrote 155.10.0.1 64 chars, ret=-1
> ping: sendmsg: No route to host
>
>
> ----/----
> bash-4.4# ifconfig -a
> lo0: flags=88049<UP,LOOPBACK,RUNNING,MULTICAST,MPLS> mtu 32768
> index 4 priority 0 llprio 3
> groups: lo
> inet6 ::1 prefixlen 128
> inet6 fe80::1%lo0 prefixlen 64 scopeid 0x4
> inet 192.168.2.2 netmask 0xffffffff
> xnf0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
> lladdr 4a:2f:aa:55:45:89
> index 1 priority 0 llprio 3
> groups: egress
> media: Ethernet manual
> status: active
> inet 10.0.2.38 netmask 0xffffff00 broadcast 10.0.2.255
> xnf1: flags=88843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST,MPLS> mtu 1500
> lladdr 3a:fe:55:6f:ed:10
> index 2 priority 0 llprio 3
> media: Ethernet manual
> status: active
> inet 192.168.1.2 netmask 0xfffffffc broadcast 192.168.1.3
> enc0: flags=0<>
> index 3 priority 0 llprio 3
> groups: enc
> status: active
> pflog0: flags=141<UP,RUNNING,PROMISC> mtu 33144
> index 5 priority 0 llprio 3
> groups: pflog
> mpe1: flags=11<UP,POINTOPOINT> rdomain 1 mtu 1500
> index 6 priority 0 llprio 3
> mpls label: 200
> groups: mpe
> inet 10.10.10.2 --> 255.255.255.255 netmask 0xffffffff
> lo1: flags=88008<LOOPBACK,MULTICAST,MPLS> rdomain 1 mtu 32768
> index 7 priority 0 llprio 3
> groups: lo
>
>
> ----/----
> bash-4.4# netstat -rn
> Routing tables
>
> Internet:
> Destination Gateway Flags Refs Use Mtu Prio Iface
> default 10.0.2.1 UGS 4 14416 - 8 xnf0
> 224/4 127.0.0.1 URS 0 2987 - 8 xnf0
> 10.0.2/24 10.0.2.38 UCn 1 19216 - 4 xnf0
> 10.0.2.1 00:09:0f:b5:58:8f UHLch 1 275 - 3 xnf0
> 10.0.2.38 4a:2f:aa:55:45:89 UHLl 0 2843 - 1 xnf0
> 10.0.2.255 10.0.2.38 UHb 0 3424 - 1 xnf0
> 192.168.1.0/30 192.168.1.2 UCn 1 0 - 4 xnf1
> 192.168.1.1 e8:ed:f3:79:7a:d8 UHLch 3 137 - 3 xnf1
> 192.168.1.2 3a:fe:55:6f:ed:10 UHLl 0 206 - 1 xnf1
> 192.168.1.3 192.168.1.2 UHb 0 0 - 1 xnf1
> 192.168.2.1 192.168.1.1 UGHS 0 0 - 8 xnf1
> 192.168.2.2 192.168.2.2 UHl 0 0 32768 1 lo0
>
> Internet6:
> Destination Gateway Flags Refs
> Use Mtu Prio Iface
> ::/96 ::1 UGRS 0
> 0 32768 8 lo0
> ::/104 ::1 UGRS 0
> 0 32768 8 lo0
> ::1 ::1 UHhl 14
> 28 32768 1 lo0
> ::127.0.0.0/104 ::1 UGRS 0
> 0 32768 8 lo0
> ::224.0.0.0/100 ::1 UGRS 0
> 0 32768 8 lo0
> ::255.0.0.0/104 ::1 UGRS 0
> 0 32768 8 lo0
> ::ffff:0.0.0.0/96 ::1 UGRS 0
> 0 32768 8 lo0
> 2002::/24 ::1 UGRS 0
> 0 32768 8 lo0
> 2002:7f00::/24 ::1 UGRS 0
> 0 32768 8 lo0
> 2002:e000::/20 ::1 UGRS 0
> 0 32768 8 lo0
> 2002:ff00::/24 ::1 UGRS 0
> 0 32768 8 lo0
> fe80::/10 ::1 UGRS 0
> 0 32768 8 lo0
> fec0::/10 ::1 UGRS 0
> 0 32768 8 lo0
> fe80::1%lo0 fe80::1%lo0 UHl 0
> 0 32768 1 lo0
> ff01::/16 ::1 UGRS 1
> 1 32768 8 lo0
> ff01::%lo0/32 ::1 Um 0
> 1 32768 4 lo0
> ff02::/16 ::1 UGRS 1
> 1 32768 8 lo0
> ff02::%lo0/32 ::1 Um 0
> 1 32768 4 lo0
>
> MPLS:
> In label Out label Op Gateway Flags Refs Use Mtu
> Prio Interface
> 20 - LOCAL 192.168.1.1 UGT 0 0 - 8
> xnf1
>
>
> ----/----
> bash-4.4# netstat -rn -T1
> Routing tables
>
> Internet:
> Destination Gateway Flags Refs Use Mtu Prio Iface
> 10.10.10.2 10.10.10.2 UHl 0 28 - 1 mpe1
> 255.255.255.255 10.10.10.2 UH 0 0 - 8 mpe1
>
> MPLS:
> In label Out label Op Gateway Flags Refs Use Mtu
> Prio Interface
> 200 - POP mpe1 UT 0 0 - 8
> mpe1
>
>
>
>

No comments:

Post a Comment