Re: BGP vpnv4 prefixes in RIB, not in FIB

brad hendrickse Tue, 11 Jul 2017 07:07:10 -0700

Hi misc@,

If there's any more information I could provide that would help, pleaselet me know. I'm a little out of my depth with the vpnv4 stuff, so anypointers as to where I should be looking would be very much appreciated.


Thank you


On Thu, 29 Jun 2017, brad hendrickse wrote:

Hi folks,
I have a problem with routes learnt from BGP vpnv4 not being inserted intothe FIB I'd expect. A tcpdump on the OpenBSD box shows we are receiving theprefixes (from a Cisco) with the labels intact. The MPE interface isconfigured in rdomain 1 with MPLS label 200. The loopback interface lo1 wasautomatically created as mentioned in the 6.1 changelog.
We have this working on OpenBSD 5.4. My colleagues have seen this samebehaviour since OpenBSD 5.9 explaining why we're still using 5.4. All configsand output below is from OpenBSD 6.1.
Any help with this would be much appreciated.

Thank you


/etc/bgpd.conf:
----/----
# global configuration
AS 65002
router-id 192.168.1.2
holdtime 180
listen on 192.168.1.2
log updates

group "peering AS65520" {
       remote-as 65520
       neighbor 192.168.1.1 {
               descr   "AS 65520"
               announce capabilities yes
               announce self
               announce IPv4 vpn
               announce refresh yes
               announce restart yes
       }
}

rdomain 1 {
       descr "200:1"
       rd 200:1
       import-target rt 200:1
       export-target rt 200:1
       depend on mpe1
       network 10.10.10.2/32
}


----/----
bash-4.4# bgpctl show summary
Neighbor AS MsgRcvd MsgSent OutQ Up/DownState/PrfRcvd
AS 65520                65520         30         27     0 00:23:23      4


----/----
bash-4.4# bgpctl show rib
flags: * = Valid, > = Selected, I = via IBGP, A = Announced, S = Stale
origin: i = IGP, e = EGP, ? = Incomplete

flags destination          gateway          lpref   med aspath origin
AI*>  rd 200:1 10.10.10.2/32 rd 0:0 0.0.0.0     100     0 i
*>    rd 200:1 100.10.0.0/24 192.168.1.1        100     0 65520 ?
*>    rd 200:1 155.10.0.0/24 192.168.1.1        100     0 65520 ?
*>    rd 200:1 200.10.0.0/24 192.168.1.1        100     0 65520 ?
*>    rd 200:1 210.10.0.0/24 192.168.1.1        100     0 65520 ?


The next-hop for 155.10.0.0/24 is pingable
----/----
bash-4.4# ping -c 3 192.168.1.1
PING 192.168.1.1 (192.168.1.1): 56 data bytes
64 bytes from 192.168.1.1: icmp_seq=0 ttl=255 time=0.536 ms
64 bytes from 192.168.1.1: icmp_seq=1 ttl=255 time=0.604 ms
64 bytes from 192.168.1.1: icmp_seq=2 ttl=255 time=0.587 ms

--- 192.168.1.1 ping statistics ---
3 packets transmitted, 3 packets received, 0.0% packet loss
round-trip min/avg/max/std-dev = 0.536/0.576/0.604/0.029 ms


----/----
bash-4.4# bgpctl show fib
flags: * = valid, B = BGP, C = Connected, S = Static, D = Dynamic
      N = BGP Nexthop reachable via this route R = redistributed
      r = reject route, b = blackhole route

flags prio destination          gateway
*S       8 0.0.0.0/0            10.0.2.1
*C       4 10.0.2.0/24          link#1
*C       0 127.0.0.0/8          link#0
*CN      4 192.168.1.0/30       link#2
*S       8 192.168.2.1/32       192.168.1.1
*        1 192.168.2.2/32       192.168.2.2
*S  r    8 224.0.0.0/4          127.0.0.1
*S  r    8 ::/96                ::1
*S  r    8 ::/104               ::1
*C       0 ::1/128              link#0
*        1 ::1/128              ::1
*S  r    8 ::127.0.0.0/104      ::1
*S  r    8 ::224.0.0.0/100      ::1
*S  r    8 ::255.0.0.0/104      ::1
*S  r    8 ::ffff:0.0.0.0/96    ::1
*S  r    8 2002::/24            ::1
*S  r    8 2002:7f00::/24       ::1
*S  r    8 2002:e000::/20       ::1
*S  r    8 2002:ff00::/24       ::1
*S  r    8 fe80::/10            ::1
*        1 fe80:4::1/128        fe80:4::1
*S  r    8 fec0::/10            ::1
*S  r    8 ff01::/16            ::1
*        4 ff01:4::/32          ::1
*S  r    8 ff02::/16            ::1
*        4 ff02:4::/32          ::1


The tables are coupled
----/----
bash-4.4# bgpctl show table
Table Description          State
   0 Loc-RIB              coupled
   1 200:1                coupled
I don't expect to be able to ping the destination, but not expecting "Noroute to host"
----/----
bash-4.4# ping -V 1 155.10.0.1
PING 155.10.0.1 (155.10.0.1): 56 data bytes
ping: sendmsg: No route to host
ping: wrote 155.10.0.1 64 chars, ret=-1
ping: sendmsg: No route to host
ping: wrote 155.10.0.1 64 chars, ret=-1
ping: sendmsg: No route to host


----/----
bash-4.4# ifconfig -a
lo0: flags=88049<UP,LOOPBACK,RUNNING,MULTICAST,MPLS> mtu 32768
       index 4 priority 0 llprio 3
       groups: lo
       inet6 ::1 prefixlen 128
       inet6 fe80::1%lo0 prefixlen 64 scopeid 0x4
       inet 192.168.2.2 netmask 0xffffffff
xnf0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
       lladdr 4a:2f:aa:55:45:89
       index 1 priority 0 llprio 3
       groups: egress
       media: Ethernet manual
       status: active
       inet 10.0.2.38 netmask 0xffffff00 broadcast 10.0.2.255
xnf1: flags=88843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST,MPLS> mtu 1500
       lladdr 3a:fe:55:6f:ed:10
       index 2 priority 0 llprio 3
       media: Ethernet manual
       status: active
       inet 192.168.1.2 netmask 0xfffffffc broadcast 192.168.1.3
enc0: flags=0<>
       index 3 priority 0 llprio 3
       groups: enc
       status: active
pflog0: flags=141<UP,RUNNING,PROMISC> mtu 33144
       index 5 priority 0 llprio 3
       groups: pflog
mpe1: flags=11<UP,POINTOPOINT> rdomain 1 mtu 1500
       index 6 priority 0 llprio 3
       mpls label: 200
       groups: mpe
       inet 10.10.10.2 --> 255.255.255.255 netmask 0xffffffff
lo1: flags=88008<LOOPBACK,MULTICAST,MPLS> rdomain 1 mtu 32768
       index 7 priority 0 llprio 3
       groups: lo


----/----
bash-4.4# netstat -rn
Routing tables

Internet:
Destination        Gateway            Flags   Refs      Use   Mtu  Prio Iface
default            10.0.2.1           UGS        4    14416     -     8 xnf0
224/4              127.0.0.1          URS        0     2987     -     8 xnf0
10.0.2/24          10.0.2.38          UCn        1    19216     -     4 xnf0
10.0.2.1           00:09:0f:b5:58:8f  UHLch      1      275     -     3 xnf0
10.0.2.38          4a:2f:aa:55:45:89  UHLl       0     2843     -     1 xnf0
10.0.2.255         10.0.2.38          UHb        0     3424     -     1 xnf0
192.168.1.0/30     192.168.1.2        UCn        1        0     -     4 xnf1
192.168.1.1        e8:ed:f3:79:7a:d8  UHLch      3      137     -     3 xnf1
192.168.1.2        3a:fe:55:6f:ed:10  UHLl       0      206     -     1 xnf1
192.168.1.3        192.168.1.2        UHb        0        0     -     1 xnf1
192.168.2.1        192.168.1.1        UGHS       0        0     -     8 xnf1
192.168.2.2        192.168.2.2        UHl        0        0 32768     1 lo0

Internet6:
Destination Gateway Flags RefsUse Mtu Prio Iface::/96 ::1 UGRS 00 32768 8 lo0::/104 ::1 UGRS 00 32768 8 lo0::1 ::1 UHhl 1428 32768 1 lo0::127.0.0.0/104 ::1 UGRS 00 32768 8 lo0::224.0.0.0/100 ::1 UGRS 00 32768 8 lo0::255.0.0.0/104 ::1 UGRS 00 32768 8 lo0::ffff:0.0.0.0/96 ::1 UGRS 00 32768 8 lo02002::/24 ::1 UGRS 00 32768 8 lo02002:7f00::/24 ::1 UGRS 00 32768 8 lo02002:e000::/20 ::1 UGRS 00 32768 8 lo02002:ff00::/24 ::1 UGRS 00 32768 8 lo0fe80::/10 ::1 UGRS 00 32768 8 lo0fec0::/10 ::1 UGRS 00 32768 8 lo0fe80::1%lo0 fe80::1%lo0 UHl 00 32768 1 lo0ff01::/16 ::1 UGRS 11 32768 8 lo0ff01::%lo0/32 ::1 Um 01 32768 4 lo0ff02::/16 ::1 UGRS 11 32768 8 lo0ff02::%lo0/32 ::1 Um 01 32768 4 lo0
MPLS:
In label Out label Op Gateway Flags Refs Use MtuPrio Interface20 - LOCAL 192.168.1.1 UGT 0 0 - 8xnf1
----/----
bash-4.4# netstat -rn -T1
Routing tables

Internet:
Destination        Gateway            Flags   Refs      Use   Mtu  Prio Iface
10.10.10.2         10.10.10.2         UHl        0       28     -     1 mpe1
255.255.255.255    10.10.10.2         UH         0        0     -     8 mpe1

MPLS:
In label Out label Op Gateway Flags Refs Use MtuPrio Interface200 - POP mpe1 UT 0 0 - 8mpe1

Re: BGP vpnv4 prefixes in RIB, not in FIB

Reply via email to