change routing while exporting to kernel
hi, I want to export a route learned from BGP to the kernel. but I want to modify the route while exporting because I want to use a VTI instead of the next hop route. So instead of 192.168.0.0/24 via 10.0.0.1 I want to export 192.168.0.0/24 dev vti0 to the kernel. Is this possible with bird? If yes, how can I acchieve this? Mit freundlichen Grüßen, -- [*] sys4 AG https://sys4.de, +49 (89) 30 90 46 64 Schleißheimer Straße 26/MG,80333 München Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263 Vorstand: Patrick Ben Koetter, Marc Schiffbauer, Wolfgang Stief Aufsichtsratsvorsitzender: Florian Kirstein
Hi, As far as I know, it is not possible to transform BGP routes (with gateway) into device routes in the bird itself. But may be somebody else knows the trick. >From my point of view you can consider such options: - patch bird with custom protocol, which will do the thing - add some fictional remote address to the device and use it as a gateway, for L3 device arp should not be used, so it should not be actually configured on the remote side - export routes to some other kernel table and run some software that monitors this table (through netlink for example) and clones that routes to the dev-routes you need On Sat, Nov 3, 2018 at 9:51 PM, Michael Schwartzkopff <ms@sys4.de> wrote: > hi, > > > I want to export a route learned from BGP to the kernel. but I want to > modify the route while exporting because I want to use a VTI instead of > the next hop route. > > > So instead of 192.168.0.0/24 via 10.0.0.1 I want to export > > 192.168.0.0/24 dev vti0 to the kernel. > > > Is this possible with bird? If yes, how can I acchieve this? > > > Mit freundlichen Grüßen, > > -- > > [*] sys4 AG > > https://sys4.de, +49 (89) 30 90 46 64 > Schleißheimer Straße 26/MG,80333 München > > Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263 > Vorstand: Patrick Ben Koetter, Marc Schiffbauer, Wolfgang Stief > Aufsichtsratsvorsitzender: Florian Kirstein > > >
On Sun, Nov 04, 2018 at 07:16:55PM +0100, Alexander Zubkov wrote:
Hi,
As far as I know, it is not possible to transform BGP routes (with gateway) into device routes in the bird itself. But may be somebody else knows the trick.
Hi Yes, BIRD filters allow to set IP address of nexthop, or allow to set unreachable/blackhole/prohibit, but not just interface, that is an ommision we should fix. If you add an address range to VTI, then you can modify the nexthop to direct into VTI, but still there will be the nexthop. -- Elen sila lumenn' omentielvo Ondrej 'Santiago' Zajicek (email: santiago@crfreenet.org) OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net) "To err is human -- to blame it on a computer is even more so."
On Sat, Nov 03, 2018 at 09:51:33PM +0100, Michael Schwartzkopff wrote:
hi,
I want to export a route learned from BGP to the kernel. but I want to modify the route while exporting because I want to use a VTI instead of the next hop route.
So instead of 192.168.0.0/24 via 10.0.0.1 I want to export
192.168.0.0/24 dev vti0 to the kernel.
Is this possible with bird? If yes, how can I acchieve this?
Hi Attached patch (one for BIRD 1.6, one for BIRD 2.0) will allow that by making route attribute ifname read/write. So it could be done by ifname = "vti0"; in filters. Compared to setting gateway it may be slower if there are plenty of interfaces as the lookup is not cached. -- Elen sila lumenn' omentielvo Ondrej 'Santiago' Zajicek (email: santiago@crfreenet.org) OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net) "To err is human -- to blame it on a computer is even more so."
Am 05.11.18 um 16:24 schrieb Ondrej Zajicek:
On Sat, Nov 03, 2018 at 09:51:33PM +0100, Michael Schwartzkopff wrote:
hi,
I want to export a route learned from BGP to the kernel. but I want to modify the route while exporting because I want to use a VTI instead of the next hop route.
So instead of 192.168.0.0/24 via 10.0.0.1 I want to export
192.168.0.0/24 dev vti0 to the kernel.
Is this possible with bird? If yes, how can I acchieve this?
Hi
Attached patch (one for BIRD 1.6, one for BIRD 2.0) will allow that by making route attribute ifname read/write. So it could be done by
ifname = "vti0";
in filters.
Compared to setting gateway it may be slower if there are plenty of interfaces as the lookup is not cached.
Cool! thanks. I will try to patch and to test. Mit freundlichen Grüßen, -- [*] sys4 AG https://sys4.de, +49 (89) 30 90 46 64 Schleißheimer Straße 26/MG,80333 München Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263 Vorstand: Patrick Ben Koetter, Marc Schiffbauer, Wolfgang Stief Aufsichtsratsvorsitzender: Florian Kirstein
Wow. This settings makes route via interface only? I.e. also undefines gateway? On Mon, Nov 5, 2018 at 4:25 PM, Michael Schwartzkopff <ms@sys4.de> wrote:
Am 05.11.18 um 16:24 schrieb Ondrej Zajicek:
On Sat, Nov 03, 2018 at 09:51:33PM +0100, Michael Schwartzkopff wrote:
hi,
I want to export a route learned from BGP to the kernel. but I want to modify the route while exporting because I want to use a VTI instead of the next hop route.
So instead of 192.168.0.0/24 via 10.0.0.1 I want to export
192.168.0.0/24 dev vti0 to the kernel.
Is this possible with bird? If yes, how can I acchieve this?
Hi
Attached patch (one for BIRD 1.6, one for BIRD 2.0) will allow that by making route attribute ifname read/write. So it could be done by
ifname = "vti0";
in filters.
Compared to setting gateway it may be slower if there are plenty of interfaces as the lookup is not cached.
Cool! thanks.
I will try to patch and to test.
Mit freundlichen Grüßen,
--
[*] sys4 AG
https://sys4.de, +49 (89) 30 90 46 64 Schleißheimer Straße 26/MG,80333 München
Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263 Vorstand: Patrick Ben Koetter, Marc Schiffbauer, Wolfgang Stief Aufsichtsratsvorsitzender: Florian Kirstein
On Mon, Nov 05, 2018 at 04:48:10PM +0100, Alexander Zubkov wrote:
Wow. This settings makes route via interface only? I.e. also undefines gateway?
Yes. Gateway and iface are interconnected, which has some minor weird effects in filter language, like setting gw resets iface (to one associated with that IP) and conversely setting ifname unsets gateway. Even if one sets the property to the value it already had before ;-). Not sure if that is best behavior, but the alternative (having them independent) would probably be more unexpected. -- Elen sila lumenn' omentielvo Ondrej 'Santiago' Zajicek (email: santiago@crfreenet.org) OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net) "To err is human -- to blame it on a computer is even more so."
Just a side note, it would be better to consider next hop as an object which would be always set as a whole. It would also allow to change ecmp route gws. Anyway, it is still in plan with no concrete date when we will implement it. Maria On November 5, 2018 5:05:28 PM GMT+01:00, Ondrej Zajicek <santiago@crfreenet.org> wrote:
On Mon, Nov 05, 2018 at 04:48:10PM +0100, Alexander Zubkov wrote:
Wow. This settings makes route via interface only? I.e. also undefines gateway?
Yes. Gateway and iface are interconnected, which has some minor weird effects in filter language, like setting gw resets iface (to one associated with that IP) and conversely setting ifname unsets gateway. Even if one sets the property to the value it already had before ;-).
Not sure if that is best behavior, but the alternative (having them independent) would probably be more unexpected.
-- Elen sila lumenn' omentielvo
Ondrej 'Santiago' Zajicek (email: santiago@crfreenet.org) OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net) "To err is human -- to blame it on a computer is even more so."
-- Sent from my Android device with K-9 Mail. Please excuse my brevity.
Maria Jan Matějka <jan.matejka@nic.cz> writes:
Just a side note, it would be better to consider next hop as an object which would be always set as a whole. It would also allow to change ecmp route gws. Anyway, it is still in plan with no concrete date when we will implement it.
There is also work underway to make nexthop a separate abstraction in the Linux kernel, so doing the same in Bird would be a natural way to support that... :) See https://marc.info/?l=linux-netdev&m=153576423232067&w=2 for details -Toke
Hey, thank you a lot for pointing this out. This is really something I would like to see and maybe also comment on before it gets to kernel. Maria On November 5, 2018 5:41:16 PM GMT+01:00, "Toke Høiland-Jørgensen" <toke@toke.dk> wrote:
Maria Jan Matějka <jan.matejka@nic.cz> writes:
Just a side note, it would be better to consider next hop as an object which would be always set as a whole. It would also allow to change ecmp route gws. Anyway, it is still in plan with no concrete date when we will implement it.
There is also work underway to make nexthop a separate abstraction in the Linux kernel, so doing the same in Bird would be a natural way to support that... :)
See https://marc.info/?l=linux-netdev&m=153576423232067&w=2 for details
-Toke
-- Sent from my Android device with K-9 Mail. Please excuse my brevity.
On 5 November 2018 18:23:01 CET, "Maria Jan Matějka" <jan.matejka@nic.cz> wrote:
Hey, thank you a lot for pointing this out. This is really something I would like to see and maybe also comment on before it gets to kernel.
You're welcome! And please to weigh in on netdev. Don't think the patches have been merged yet, but there may be a newer version than the one I linked... :) -Toke
Am 05.11.18 um 16:24 schrieb Ondrej Zajicek:
On Sat, Nov 03, 2018 at 09:51:33PM +0100, Michael Schwartzkopff wrote:
hi,
I want to export a route learned from BGP to the kernel. but I want to modify the route while exporting because I want to use a VTI instead of the next hop route.
So instead of 192.168.0.0/24 via 10.0.0.1 I want to export
192.168.0.0/24 dev vti0 to the kernel.
Is this possible with bird? If yes, how can I acchieve this? Hi
Attached patch (one for BIRD 1.6, one for BIRD 2.0) will allow that by making route attribute ifname read/write. So it could be done by
ifname = "vti0";
in filters.
Compared to setting gateway it may be slower if there are plenty of interfaces as the lookup is not cached.
hi, my config: filter export2kernel { if net ~ 192.168.12.0/24 then { ifname = "vti0"; accept; } } should bird recoqnize if the link goes down and comes up again? At least in my setup the down detection works: ip l s down vti0 results that the route disappears from the kernel routing table. But a ip l s up vti0 does not inject the route into the kernel table again. Ideas? Mit freundlichen Grüßen, -- [*] sys4 AG https://sys4.de, +49 (89) 30 90 46 64 Schleißheimer Straße 26/MG,80333 München Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263 Vorstand: Patrick Ben Koetter, Marc Schiffbauer, Wolfgang Stief Aufsichtsratsvorsitzender: Florian Kirstein
On Tue, Nov 06, 2018 at 12:57:04PM +0100, Michael Schwartzkopff wrote:
hi,
my config:
filter export2kernel {
if net ~ 192.168.12.0/24 then { ifname = "vti0"; accept; }
}
should bird recoqnize if the link goes down and comes up again?
In this case BIRD does not take into account that.
At least in my setup the down detection works:
ip l s down vti0
results that the route disappears from the kernel routing table.
That was done by Linux kernel itself.
But a ip l s up vti0 does not inject the route into the kernel table again.
Ideas?
Well, they will be inserted again during periodic routing table scan (see 'scan time' kernel protocol option). -- Elen sila lumenn' omentielvo Ondrej 'Santiago' Zajicek (email: santiago@crfreenet.org) OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net) "To err is human -- to blame it on a computer is even more so."
participants (5)
-
Alexander Zubkov -
Maria Jan Matějka -
Michael Schwartzkopff -
Ondrej Zajicek -
Toke Høiland-Jørgensen