Incorrect handling of primary/secondary IP address status.
Hi, Looks like bird (2.0.8 on Linux) incorrectly handles primary/secondary IP address status. For example, this is initial state (output from "show interfaces"): enp6s20 up (index=2 master=switch) MultiAccess Broadcast Multicast AdminUp LinkUp MTU=1500 192.168.111.1/24 (Preferred, scope site) 192.168.111.2/24 (Secondary, scope site) Then I remove 192.168.1.2/24, 192.168.111.2/24 promoted to primary (promote_secondaries is enabled on interface), but bird does not get it: enp6s20 up (index=2 master=switch) MultiAccess Broadcast Multicast AdminUp LinkUp MTU=1500 192.168.111.2/24 (Secondary, scope site) ... while it is actually primary now: 2: enp6s20: <BROADCAST,MULTICAST,SLAVE,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master switch state UP group default qlen 1000 link/ether xx:xx:xx:xx:xx:68 brd ff:ff:ff:ff:ff:ff permaddr xx:xx:xx:xx:xx:30 inet 192.168.111.2/24 scope global enp6s20 valid_lft forever preferred_lft forever From now on, no address within same network will ever get "primary" status until and unless all addresses within this network will be deleted. Looks like it remembers "secondary" status once seen and never updates it. "reload", "configure" and "enable"/"disable" on do not help either. I hit this issue after noticing that OSPF couldn't see neighbors after few changes in IP configuration (as it ignores all secondaries). Best regards, Alexander.
On Fri, Dec 17, 2021 at 05:41:40PM +0100, Alexander wrote:
Hi,
Looks like bird (2.0.8 on Linux) incorrectly handles primary/secondary IP address status.
For example, this is initial state (output from "show interfaces"):
enp6s20 up (index=2 master=switch) MultiAccess Broadcast Multicast AdminUp LinkUp MTU=1500 192.168.111.1/24 (Preferred, scope site) 192.168.111.2/24 (Secondary, scope site)
Then I remove 192.168.1.2/24, 192.168.111.2/24 promoted to primary (promote_secondaries is enabled on interface), but bird does not get it:
enp6s20 up (index=2 master=switch) MultiAccess Broadcast Multicast AdminUp LinkUp MTU=1500 192.168.111.2/24 (Secondary, scope site) ... while it is actually primary now:
2: enp6s20: <BROADCAST,MULTICAST,SLAVE,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master switch state UP group default qlen 1000 link/ether xx:xx:xx:xx:xx:68 brd ff:ff:ff:ff:ff:ff permaddr xx:xx:xx:xx:xx:30 inet 192.168.111.2/24 scope global enp6s20 valid_lft forever preferred_lft forever
Hi That is interesting. If i remember correctly, in the past Linux removed all secondary addresses (ones from the same net) when the primary address was removed (so only addresses from other networks were considered relevant). Note that BIRD only selects 'preferred' address (one IP per iface, BIRD-specific designation), but does not decide whether an address is secondary or primary/regular (that is reported by Linux kernel in notifications). So it is possible that Linux promotes an address to primary, but does not sent a notification about that. Will check that. -- Elen sila lumenn' omentielvo Ondrej 'Santiago' Zajicek (email: santiago@crfreenet.org) OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net) "To err is human -- to blame it on a computer is even more so."
On 2021-12-17 18:26, Ondrej Zajicek wrote:
That is interesting. If i remember correctly, in the past Linux removed all secondary addresses (ones from the same net) when the primary address was removed (so only addresses from other networks were considered relevant).
Perhaps it was long before promote_secondary in sysctl was introduced.
So it is possible that Linux promotes an address to primary, but does not sent a notification about that. Will check that.
Unlikely, then bird wouldn't see any addresses at all. This is what happens on empty interface after adding few addresses and then deleting primary: # ip -d mon ad 2: enp6s20 inet 192.168.111.1/24 scope global enp6s20 valid_lft forever preferred_lft forever 2: enp6s20 inet 192.168.111.2/24 scope global secondary enp6s20 valid_lft forever preferred_lft forever 2: enp6s20 inet 192.168.111.3/24 scope global secondary enp6s20 valid_lft forever preferred_lft forever 2: enp6s20 inet 192.168.111.4/24 scope global secondary enp6s20 valid_lft forever preferred_lft forever # Now deleting primary 192.168.111.1/24 Deleted 2: enp6s20 inet 192.168.111.1/24 scope global enp6s20 valid_lft forever preferred_lft forever 2: enp6s20 inet 192.168.111.2/24 scope global enp6s20 valid_lft forever preferred_lft forever As you could see, primary is deleted but now next existing is announced without "secondary" flag - I guess the problem is that flags are not checked on updates thus existing addresses are simply ignored. Perhaps another option would be to allow to use secondary addresses when explicitly requested by "preferred" in device configuration (and this makes sense), though this is more complicated to implement, of course. Best regards, Alexander.
On Fri, Dec 17, 2021 at 06:57:44PM +0100, Alexander wrote:
On 2021-12-17 18:26, Ondrej Zajicek wrote:
That is interesting. If i remember correctly, in the past Linux removed all secondary addresses (ones from the same net) when the primary address was removed (so only addresses from other networks were considered relevant).
Perhaps it was long before promote_secondary in sysctl was introduced.
Thanks, didn't know about that sysctl. It seems disabled by default. When enabled, the issue is here as you described.
So it is possible that Linux promotes an address to primary, but does not sent a notification about that. Will check that.
Unlikely, then bird wouldn't see any addresses at all. This is what happens on empty interface after adding few addresses and then deleting primary:
# ip -d mon ad 2: enp6s20 inet 192.168.111.1/24 scope global enp6s20 valid_lft forever preferred_lft forever 2: enp6s20 inet 192.168.111.2/24 scope global secondary enp6s20 valid_lft forever preferred_lft forever 2: enp6s20 inet 192.168.111.3/24 scope global secondary enp6s20 valid_lft forever preferred_lft forever 2: enp6s20 inet 192.168.111.4/24 scope global secondary enp6s20 valid_lft forever preferred_lft forever
# Now deleting primary 192.168.111.1/24 Deleted 2: enp6s20 inet 192.168.111.1/24 scope global enp6s20 valid_lft forever preferred_lft forever 2: enp6s20 inet 192.168.111.2/24 scope global enp6s20 valid_lft forever preferred_lft forever
As you could see, primary is deleted but now next existing is announced without "secondary" flag - I guess the problem is that flags are not checked on updates thus existing addresses are simply ignored.
You are right, BIRD ignored ip address updates that just changed secondary flags. Attached patch should fix that. -- Elen sila lumenn' omentielvo Ondrej 'Santiago' Zajicek (email: santiago@crfreenet.org) OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net) "To err is human -- to blame it on a computer is even more so."
participants (2)
-
Alexander -
Ondrej Zajicek