Limit OSPF interface pattern matching to VRFs
Hello list, Is there a way to instruct BIRD to only match OSPF interfaces that are enslaved to a certain VRF (or only the main VRF / not enslaved to any VRF)? Trying to set 'vrf default;' or 'vrf "vrf-as207781";' in an OSPF protocol block does not generate any error message at all, but seems to be ignored completely. Looking at "show ospf int" show BIRD picking up all interfaces (in my case xfrm and veth interfaces, because I match for "xfrm*" and "veth*") not belonging to the VRF specified. The config block for running OSPF in the main VRF looks like this: protocol ospf v3 o_home_ipv6 { vrf default; ipv6 { import all; export where source ~ [ RTS_DEVICE, RTS_STATIC ]; }; area 0 { interface "xfrm0", "xfrm2" { #interface "xfrm*" { hello 1; type pointopoint; }; interface "br0" { #interface "br*" { stub; }; }; } The config block for running OSPF in one VRF looks like this: protocol ospf v3 o_as207781_ipv6 { vrf "vrf-as207781"; ipv6 { table t_as207781_ipv6; import all; export where source ~ [ RTS_DEVICE ]; }; area 0 { #interface "xfrm1", "xfrm3" { interface "xfrm*" { hello 1; type pointopoint; }; #interface "veth0", "veth2", "dummy0" { interface "veth*", "dummy*" { stub; }; }; } Yet BIRD picks up all interfaces in all VRFs, although xfrm0 & xfrm2 are not enslaved, and xfrm1 & xfrm3 are VRF enslaved: root@r1-fra ~ # birdc sh ospf int o_home_ipv6 | grep xfrm Interface xfrm0 (IID 0) Interface xfrm2 (IID 0) Interface xfrm1 (IID 0) Interface xfrm3 (IID 0) root@r1-fra ~ # birdc sh ospf int o_as207781_ipv6 | grep xfrm Interface xfrm1 (IID 0) Interface xfrm3 (IID 0) Interface xfrm0 (IID 0) Interface xfrm2 (IID 0) I am running BIRD 2.0.11 on Kernel 6.1.7. My current workaround is to specify each interface directly in the OSPF blocks without using any globbing/patterns at all, but this is getting uncomfortable for an increasing amount of interfaces (as I am planning to move to LXD routed mode and match it's veth interfaces automatically). Thanks & kind regards, Marcel Menzel
On Sun, Jan 22, 2023 at 03:32:52PM +0100, Marcel Menzel via Bird-users wrote:
Hello list,
Is there a way to instruct BIRD to only match OSPF interfaces that are enslaved to a certain VRF (or only the main VRF / not enslaved to any VRF)?
Hello It should work by default, seems that there is a bug. In fact, it works when BIRD is started or when new interface appears, but is broken during reconfiguration (where all interfaces are added regardless of VRF). Will fix that. -- Elen sila lumenn' omentielvo Ondrej 'Santiago' Zajicek (email: santiago@crfreenet.org) OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net) "To err is human -- to blame it on a computer is even more so."
On Sun, Jan 22, 2023 at 04:37:08PM +0100, Ondrej Zajicek wrote:
On Sun, Jan 22, 2023 at 03:32:52PM +0100, Marcel Menzel via Bird-users wrote:
Hello list,
Is there a way to instruct BIRD to only match OSPF interfaces that are enslaved to a certain VRF (or only the main VRF / not enslaved to any VRF)?
Hello
It should work by default, seems that there is a bug. In fact, it works when BIRD is started or when new interface appears, but is broken during reconfiguration (where all interfaces are added regardless of VRF). Will fix that.
Here is a fix: https://gitlab.nic.cz/labs/bird/-/commit/a82683694da23799f247b3392a00efdd342... -- Elen sila lumenn' omentielvo Ondrej 'Santiago' Zajicek (email: santiago@crfreenet.org) OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net) "To err is human -- to blame it on a computer is even more so."
Hello Ondrej,
Here is a fix:
https://gitlab.nic.cz/labs/bird/-/commit/a82683694da23799f247b3392a00efdd342...
Can confirm, that fix seems to work. Thaks for the quick response & fix on a sunday! - Marcel
participants (2)
-
Marcel Menzel -
Ondrej Zajicek