Hi Robert,
On 15/11/2023 22:58, Robert Finze wrote:
The Bird config on both systems is nearly identical (only IPs differ)
and also the systems are setup in a similar manner.
It would be good to have a dump of the configuration of the non-working
system (redact sensitive information such as passwords etc, but leave
other information intact).
The routes are correctly learned from upstream and exported to the
kernel, but the kernel is not "learning" them.
Interesting. The following dumps you sent might further help debugging
the problem.
Netlink route
0000 00 04 03 38 00 00 00 00 00 00 00 00 00 00 00 00 ...8............
0010 68 00 00 00 18 00 05 05 13 0d 66 02 00 00 00 00 h.........f.....
0020 0a 28 00 00 fe 0c 00 01 00 00 00 00 14 00 01 00 .(..............
0030 26 07 ff 00 0b 00 00 00 00 00 00 00 00 00 00 00 &...............
0040 08 00 06 00 20 00 00 00 14 00 07 00 2a 0e 39 40 .... .......*.9@
0050 10 00 00 00 00 00 00 00 00 00 00 02 08 00 04 00 ................
0060 02 00 00 00 14 00 05 00 2a 0e 39 40 de ad 00 00 ........*.9@....
0070 00 00 00 00 00 00 00 01 ........
This decodes to (Wireshark supports "Import from hexdump", as I found out):
Linux rtnetlink (route netlink) protocol
Netlink message header (type: Add network route)
Length: 104
Message type: Add network route (24)
Flags: 0x0505
Flags: 0x0505
Sequence: 40242451
Port ID: 0
Address family: AF_INET6 (10)
Length of destination: 40
Length of source: 0
TOS filter: 0x00
Routing table ID: 254
Routing protocol: BIRD (0x0c)
Route origin: global route (0x00)
Route type: Gateway or direct route (0x01)
Route flags: 0x00000000
Attribute: Route destination address
Len: 20
Type: 0x0001, Route destination address (1)
Data: 2607ff000b0000000000000000000000
Attribute: RTA_PRIORITY
Len: 8
Type: 0x0006, RTA_PRIORITY (6)
Data: 20000000
Attribute: RTA_PREFSRC
Len: 20
Type: 0x0007, RTA_PREFSRC (7)
Data: 2a0e3940100000000000000000000002
Attribute: Output interface index: 2
Len: 8
Type: 0x0004, Output interface index (4)
Output interface index: 2
Attribute: Gateway of the route
Len: 20
Type: 0x0005, Gateway of the route (5)
Data: 2a0e3940dead00000000000000000001
0000 00 04 03 38 00 00 00 00 00 00 00 00 00 00 00 00 ...8............
0010 7c 00 00 00 02 00 00 00 13 0d 66 02 7a 31 09 81 |.........f.z1..
0020 ea ff ff ff 68 00 00 00 18 00 05 05 13 0d 66 02 ....h.........f.
0030 00 00 00 00 0a 28 00 00 fe 0c 00 01 00 00 00 00 .....(..........
0040 14 00 01 00 26 07 ff 00 0b 00 00 00 00 00 00 00 ....&...........
0050 00 00 00 00 08 00 06 00 20 00 00 00 14 00 07 00 ........ .......
0060 2a 0e 39 40 10 00 00 00 00 00 00 00 00 00 00 02 *.9@............
0070 08 00 04 00 02 00 00 00 14 00 05 00 2a 0e 39 40 ............*.9@
0080 de ad 00 00 00 00 00 00 00 00 00 01 ............
decodes as:
Netlink message
Netlink message header (type: Error)
Length: 124
Message type: Error (0x0002)
Flags: 0x0000
Sequence: 40242451
Port ID: 2164863354
Error code: Invalid argument (-EINVAL) (-22)
Netlink message header (type: 0x0018)
Length: 104
Message type: Protocol-specific (0x0018)
Flags: 0x0505
Flags: 0x0505
Sequence: 40242451
Port ID: 0
The first message could probably be replicated by running:
ip -6 route add 2607:ff00:b::/40 via 2a0e:3940:dead::1 table 254
protocol bird scope global src 2a0e:3940:1000::2 dev 2
- where dev 2 indicates the network interface with index 2, this is
probably ens20 in your setup?
- table 254 is most likely the main table (see /etc/iproute2/rt_tables)
I'm unsure how to decode RTA_PRIORITY correctly here. Regardless, you
could run this command on the non-working host. Perhaps `ip route` can
tell you a bit more information. In a slightly modified case (I've
replaced the `via ...` with a known gateway), I get: "Error: Invalid
source address." (with: iproute2-6.5.0)
My current hunch is that `src 2a0e:3940:1000::2` is not a valid address
on your system. A closer read on your earlier comment:
The Bird config on both systems is nearly identical (only IPs differ)
suggests to look in this direction.
Best regards,
Gerdriaan Mulder
