Hi,
I am testing OpenBGPD as a route-reflector, with a view to replacing
our existing route reflectors. I have a test environment where I have
multiple vendors equipment peered with OpenBGPD to ensure it can
handle our use-cases.
I noticed that our Cisco IOS-XE devices have unstable BGP sessions and
are dropping with the OpenBGPD log message:
"sending notification: error in UPDATE message, optional attribute error"
Upon further inspection, when the Cisco router issues an NLRI update
and withdraw's a VPNv4 prefix OpenBGPD drops the session.
I found a report of a similar issue, but with a Juniper MX router from
Hendrik Meyburgh back in 2012, where the problem was with the
vrf-table-label command on JunOS. I checked our configuration and
IOS-XE is configured with:
"mpls label mode all-vrfs protocol bgp-vpnv4 per-vrf" which assigns a
single label per VRF table, rather than a label per prefix. I
suspect that this is causing the NLRI updates to be formatted in a way
that OpenBGPD does not like.
I took a packet capture of the UPDATE causing the session to be
terminated, there are two instances of it being dropped in the pcap
available at https://mergesync.btg.co.nz/index.php/s/rvc8mc9RCpTR1Lg
Is there anything we can do to stop OpenBGPD from dropping the
session? Running per-VRF label's is default on all Juniper
platforms, and is common on Cisco as well.
Regards,
Andrew
No comments:
Post a Comment