LDP fail after clearing the PF rule

Dmitry Vovkula Fri, 22 Nov 2019 01:27:28 -0800

Hello!

We found the following problem: after clearing the PF rules, the LDPD daemon 
crashes.We use routers on which OpenBSD 6.6 is installed.
We run next commands:


pfctl -Fr
pfctl -Fa
pfctl -f /etc/pf.conf

And then check LDP neighbors and receive:
#ldpctl s n
ldpctl: connect: /var/run/ldpd.sock: Connection refused

After I start the ldpd daemon the neighborhood rises: rcctl start ldpd.

In the logs, we observe the following messages:


Nov 21 03:17:43 router10 ldpd[63978]: label decision engine exiting
Nov 21 03:17:43 router10 ldpd[75262]: route 192.168.1.6/32 vanished before 
delete
Nov 21 03:17:43 router10 ldpd[75262]: route 192.168.1.10/32 vanished before 
delete
Nov 21 03:17:43 router10 ldpd[75262]: route 192.168.1.16/30 vanished before 
delete
Nov 21 03:17:43 router10 ldpd[75262]: route 192.168.1.24/30 vanished before 
delete
Nov 21 03:17:43 router10 ldpd[75262]: route 192.168.1.28/30 vanished before 
delete
Nov 21 03:17:43 router10 ldpd[75262]: route 2002::/24 vanished before delete
Nov 21 03:17:43 router10 ldpd[75262]: route 2002:7f00::/24 vanished before 
delete
Nov 21 03:17:43 router10 ldpd[75262]: route 2002:e000::/20 vanished before 
delete
Nov 21 03:17:43 router10 ldpd[75262]: route 2002:ff00::/24 vanished before 
delete
Nov 21 03:17:43 router10 ldpd[75262]: kernel routing table decoupled
Nov 21 03:17:43 router10 ldpd[75262]: ldp engine terminated; signal 10
Nov 21 03:17:43 router10 ldpd[75262]: terminating


PF rules for LDP /etc/pf.conf:

# interfaces
gre_if="{gre1 gre2}"
p2p_if="{192.168.0.0/23}"
mpls_if = "{gre1 gre2 lo1 vlan192}"

# QoS
queue root-q on $gre_if bandwidth 107M
queue nc-q parent root-q bandwidth 1024K min 512K
queue be-q parent root-q bandwidth 106M qlimit 1024 default

# ldp
pass in quick on $mpls_if inet proto tcp from $p2p_if to $p2p_if port ldp
pass in quick on $mpls_if inet proto tcp from $p2p_if port ldp to $p2p_if
pass in quick on $mpls_if inet proto udp from $p2p_if port ldp to any port ldp
pass out quick on $mpls_if inet proto udp from $p2p_if port ldp to any port ldp 
set queue nc-q set prio 7
pass out quick on $mpls_if inet proto tcp from $p2p_if to $p2p_if port ldp set 
queue nc-q set prio 7
pass out quick on $mpls_if inet proto tcp from $p2p_if port ldp to $p2p_if set 
queue nc-q set prio 7


LDP config /etc/ldpd.conf :

router-id 192.168.0.1
fib-update yes
transport-preference ipv4

address-family ipv4 {
        explicit-null no
        keepalive 60

        interface vlan192 {
                link-hello-holdtime 15
                link-hello-interval 5
        }
        interface gre1 {
                link-hello-holdtime 15
                link-hello-interval 5
        }
        interface gre2 {
                link-hello-holdtime 15
                link-hello-interval 5
        }
}


On the previous version of OpenBSD 6.5, there was no such problem.
Can you tell me how to fix the problem?

Email me if you need more information.

LDP fail after clearing the PF rule

Reply via email to