[bird-ospf] LSA forward-address is incorrect
Hello. I have a small network with several bird routers as bgp and ospf routers. EBGP-session has been established between one of our bgp-routers and customer router with multihop feature through OSPF-domain and iBGP-domain. Then bgp-router advertises the customer announce to other bgp-router, that also works as OSPF ASBR (ospf-domain on the one side and ibgp-domain on the other side). On this ASBR-router I see the valid next-hop value (customer router IP-address in OSPF-domain) in the corresponded routes of customer. This routes are installed to OSPF-domain, but in the outgoing LSA-updates I see only 0.0.0.0 forward-address values instead the customer router IP-address (I have checked it with wireshark). Brief flowchart: (CUSTOMER-ROUTER)--(PE)--<ospf-domain>--(ASBR)--<ibgp-domain>--(BGP-ROUTER) \ / \-------------------EBGP session---------------------/ Some info from ASBR:
From bird command line.
bird> show route all XX.XX.102.0/23 export ospf_tst XX.XX.102.0/23 via YY.YY.0.210 on eth1 [bgp_tst_r1 12:41:09] * (100) [AS____i] Type: BGP unicast univ BGP.origin: IGP BGP.as_path: 48938 BGP.next_hop: ZZ.ZZ.21.94 <-- this address of the customer router in the ospf network (correct) BGP.med: 0 BGP.local_pref: 800 OSPF.metric1: 16777215 OSPF.metric2: 10000 OSPF.tag: 0x00000000 OSPF.router_id: 0.0.0.0 bird> show route all for ZZ.ZZ.21.94 protocol ospf_tst ZZ.ZZ.21.92/30 via WW.WW.6.32 on eth0.4 [ospf_tst 13:47:14] * I (150/16) [WW.WW.6.32] Type: OSPF unicast univ OSPF.metric1: 16 OSPF.metric2: 16777215 OSPF.tag: 0x00000000 OSPF.router_id: WW.WW.6.32 <-- pe-router ------------------------- Dump of LSA-packet: Open Shortest Path First OSPF Header Version: 2 Message Type: LS Update (4) Packet Length: 64 Source OSPF Router: YY.YY.0.10 (YY.YY.0.10) Area ID: 0.0.0.0 (0.0.0.0) (Backbone) Checksum: 0x0000 (None) Auth Type: Cryptographic (2) Auth Crypt Key id: 1 Auth Crypt Data Length: 16 Auth Crypt Sequence Number: 6541704 Auth Crypt Data: 973debe532daa553f846053cd44d481f LS Update Packet Number of LSAs: 1 AS-External-LSA (ASBR) .000 0000 0000 0001 = LS Age (seconds): 1 0... .... .... .... = Do Not Age Flag: 0 Options: 0x02 (E) 0... .... = DN: Not set .0.. .... = O: Not set ..0. .... = DC: Demand Circuits are NOT supported ...0 .... = L: The packet does NOT contain LLS data block .... 0... = NP: NSSA is NOT supported .... .0.. = MC: NOT Multicast Capable .... ..1. = E: External Routing Capability .... ...0 = MT: NO Multi-Topology Routing LS Type: AS-External-LSA (ASBR) (5) Link State ID: XX.XX.102.0 (XX.XX.102.0) Advertising Router: YY.YY.0.10 (YY.YY.0.10) Sequence Number: 0x80000001 Checksum: 0xb1b5 Length: 36 Netmask: 255.255.254.0 (255.255.254.0) External Type: Type 1 (metric is specified in the same units as interface cost) Metric: 20 Forwarding Address: 0.0.0.0 (0.0.0.0) <-- should be ZZ.ZZ.21.94 External Route Tag: 0 --------------------- Currently the workaround are used -static route on the PE, but this way has corresponded issues. With best regards, Anton Danilov littlesmilingcloud@gmail.com
On Wed, Dec 23, 2015 at 03:17:10PM +0300, danilov wrote:
Hello.
I have a small network with several bird routers as bgp and ospf routers.
EBGP-session has been established between one of our bgp-routers and customer router with multihop feature through OSPF-domain and iBGP-domain.
Then bgp-router advertises the customer announce to other bgp-router, that also works as OSPF ASBR (ospf-domain on the one side and ibgp-domain on the other side). On this ASBR-router I see the valid next-hop value (customer router IP-address in OSPF-domain) in the corresponded routes of customer.
This routes are installed to OSPF-domain, but in the outgoing LSA-updates I see only 0.0.0.0 forward-address values instead the customer router IP-address (I have checked it with wireshark).
Brief flowchart:
(CUSTOMER-ROUTER)--(PE)--<ospf-domain>--(ASBR)--<ibgp-domain>--(BGP-ROUTER) \ / \-------------------EBGP session---------------------/
Hi If i undestand it correctly, the route flow is: CUSTOMER-ROUTER -> BGP-ROUTER via EBGP BGP-ROUTER -> ASBR via IBGP ASBR -> PE via OSPP ?
Some info from ASBR:
From bird command line.
bird> show route all XX.XX.102.0/23 export ospf_tst XX.XX.102.0/23 via YY.YY.0.210 on eth1 [bgp_tst_r1 12:41:09] * (100) [AS____i]
bgp_tst_r1 is an IBGP? What is its configuration? How that route looks on BGP-ROUTER? I am not really sure why there is 'via YY.YY.0.210', if it is from IBGP then there should be the next hop from recursive lookup of bgp_next_hop (WW.WW.6.32 from ZZ.ZZ.21.92/30). The current code in BIRD for exporting routes to OSPF will set up the OSPF forwarding address based on gw (YY.YY.0.210), not based on bgp_next_path (ZZ.ZZ.21.94). And only allow immediate next hop addresses (i.e., ones that are directly reachable without intermediate next hops). If your bgp_next_hop is an immediate next hop but for some reason different from 'via' address, you could fix that in OSPF export filters on ASBR by 'gw = bgp_next_hop', but that would not work if bgp_next_hop is not an immediate next hop. Generally, I am not sure if BIRD does the right thing in setting forwarding addressess for OSPF external routes. I cannot find a justification for restriction to immediately-reachable next hops, so perhaps that is an unnecessary restriction in BIRD and ASBR could just put bgp_next_hop here. Question is what is a reasonable default here. One possibility would be to ignore immediate next hops ('via'), have an explicit route attribute settable in export filter (e.g. 'ospf_fwd_addr') and originate external routes with zero forwarding addresses unless explicitly configured in filters. -- Elen sila lumenn' omentielvo Ondrej 'Santiago' Zajicek (email: santiago@crfreenet.org) OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net) "To err is human -- to blame it on a computer is even more so."
participants (2)
-
danilov -
Ondrej Zajicek