On Apr 6, 2019, at 1:38 PM, Alexander Zubkov <green@qrator.net> wrote:
Hi Brian,
Can you give specific examples of what is happening? Configuration samples, show running route information from cli, etc.
Hi Alexander, I can give it a shot here. Apologies for the previous direct reply. These are the configs after application of the patch that I referenced below. BIRD BGP:
router id UP.STREAM.143.113;
protocol bgp bgp_metal_gw01 { local as ASLOCAL; neighbor 10.10.0.41 as ASN; # See description below passive yes; ipv4 { next hop self; import filter { bgp_origin = ORIGIN_IGP; dest = RTD_BLACKHOLE; accept; }; export none; }; }
MetalLB:
apiVersion: v1 kind: ConfigMap data: config: | peers: - peer-address: UP.STREAM.143.113 router-id: 10.10.0.41 peer-asn: ASLOCAL my-asn: ASLOCAL
Without the patch, the BIRD neighbor address is *also* UP.STREAM.143.113. This is broken, but because MetalLB was using the primary interface that was returned by Go standard library, I realized via tcpdump that BIRD wasn’t allowing the connection without the neighbor address matching the socket source address being used by MetalLB. At that point, the session was established with no warnings or errors, but the behavior I described previously was the result. Relevant trace from that previous configuration:
UP.STREAM.143.125.bgp > UP.STREAM.143.113.40871: Flags [P.], cksum 0x5bf5 (correct), seq 87:150, ack 71, win 16384, options [nop,nop,TS val 1618696452 ecr 1215190272], length 63: BGP Keepalive Message (4), length: 19 Update Message (2), length: 44 Origin (1), length: 1, Flags [T]: IGP 0x0000: 00 AS Path (2), length: 6, Flags [T]: 30475 0x0000: 0201 0000 770b Next Hop (3), length: 4, Flags [T]: UP.STREAM.143.125 0x0000: adf8 8f7d Updated routes: 0.0.0.0/0 00:02:53.744295 IP (tos 0xc0, ttl 1, id 38102, offset 0, flags [DF], proto TCP (6), length 210) UP.STREAM.143.113.40871 > UP.STREAM.143.125.bgp: Flags [P.], cksum 0x7ba4 (incorrect -> 0x443f), seq 71:229, ack 150, win 502, options [nop,nop,TS val 1215190314 ecr 1618696452], length 158: BGP Update Message (2), length: 84 Origin (1), length: 1, Flags [T]: IGP 0x0000: 00 AS Path (2), length: 10, Flags [T]: ASLOCAL ASLOCAL 0x0000: 0202 0000 2963 0000 2963 Next Hop (3), length: 4, Flags [T]: UP.STREAM.143.113 0x0000: adf8 8f71 Community (8), length: 4, Flags [OTP]: NO_EXPORT 0x0000: ffff ff01 Updated routes: ANN.CIDR.96.10/32 ANN.CIDR.96.11/32 ANN.CIDR.96.8/32 ANN.CIDR.96.9/32 ANN.CIDR.96.0/32 ANN.CIDR.97.1/32 Update Message (2), length: 51 Origin (1), length: 1, Flags [T]: IGP 0x0000: 00 AS Path (2), length: 6, Flags [T]: ASLOCAL 0x0000: 0201 0000 2963 Next Hop (3), length: 4, Flags [T]: UP.STREAM.143.113 0x0000: adf8 8f71 Updated routes: ANN.CIDR.96.0/24 ANN.CIDR.97.0/24 Update Message (2), length: 23 End-of-Rib Marker (empty NLRI)
With the patch, I use the configuration as shown and it peers as before, but the RIB is properly formed:
[root@gw01 ~]# birdc show route BIRD 2.0.2 ready. Table master4: 0.0.0.0/0 unicast [bgp_handy_125 21:22:05.177] * (100) [ASUPSTREAMi] via UP.STREAM.143.125 on eno1 unicast [bgp_handy_126 21:22:04.771] (100) [ASUPSTREAMi] via UP.STREAM.143.126 on eno1 ANN.CIDR.96.10/32 blackhole [bgp_metal_gw01 16:01:32.784 from 10.10.0.41] * (100) [i] 10.9.255.0/24 unicast [backbone 21:22:00.909] * I (150/10) [UP.STREAM.143.113] dev vti19 ANN.CIDR.96.11/32 blackhole [bgp_metal_gw01 16:01:32.784 from 10.10.0.41] * (100) [i] ANN.CIDR.96.8/32 blackhole [bgp_metal_gw01 16:01:32.784 from 10.10.0.41] * (100) [i] ANN.CIDR.96.9/32 blackhole [bgp_metal_gw01 16:01:32.784 from 10.10.0.41] * (100) [i] ANN.CIDR.96.0/24 blackhole [public_nets_proto 21:22:00.809] * (500) ANN.CIDR.97.0/24 blackhole [public_nets_proto 21:22:00.809] * (500) ANN.CIDR.96.0/32 blackhole [bgp_metal_gw01 16:01:32.784 from 10.10.0.41] * (100) [i] ANN.CIDR.97.1/32 blackhole [bgp_metal_gw01 16:01:32.784 from 10.10.0.41] * (100) [i] 10.10.0.0/22 unicast [backbone 21:22:00.909] * I (150/10) [UP.STREAM.143.113] dev eno2
Does that help?