Hello,

I am seeing strange behaviour of bgpd in 6.5.

Not sure what causes the networks in bgpd to disappear but they do
disappear and performing a netstart pick the network back up again in
bgpd. I cannot see this in either 6.4 or 6.3. One triggering factor
seems to be restarting the bgpd process.

Excerpt form the daemon logs (bgpd restart or reload):
May  3 07:44:25 host bgpd[94972]: Rib Loc-RIB: neighbor 172.30.198.4
(LOCAL) AS64712: announce 10.1.150.0/24
May  3 07:44:25 host bgpd[94972]: Rib Loc-RIB: neighbor 172.30.198.4
(LOCAL) AS64712: withdraw announce 10.1.150.0/24

If one performs a netstart, of relevant vlan interfaces, the
announcements seem to survive a bgpd reload. Static routes never
survive a restart or reload.

Some additional commands to show behaviour:
# uname -a
OpenBSD host 6.5 GENERIC.MP#3 amd64
# ifconfig vlan190
vlan190: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500
    lladdr <redacted>
    index 33 priority 0 llprio 3
    encap: vnetid 190 parent em0 txprio packet
    groups: vlan
    media: Ethernet autoselect (1000baseT full-duplex,master)
    status: active
    inet 10.1.150.2 netmask 0xffffff00 broadcast 10.1.150.255
# grep connected /etc/bgpd.conf
network inet connected set community 65000:64712
# bgpctl sh ip bgp 10.1.150.0/24
flags: * = Valid, > = Selected, I = via IBGP, A = Announced,
       S = Stale, E = Error
origin validation state: N = not-found, V = valid, ! = invalid
origin: i = IGP, e = EGP, ? = Incomplete

flags ovs destination          gateway          lpref   med aspath origin
# sh /etc/netstart vlan150
# bgpctl sh ip bgp 10.1.150.0/24
flags: * = Valid, > = Selected, I = via IBGP, A = Announced,
       S = Stale, E = Error
origin validation state: N = not-found, V = valid, ! = invalid
origin: i = IGP, e = EGP, ? = Incomplete

flags ovs destination          gateway          lpref   med aspath origin
AI*>    N 10.1.150.0/24        0.0.0.0            100     0 i


My bgpd.conf:
# GLOBALS
AS 64712
router-id 172.30.198.4
holdtime 9
log updates

prefix-set internal { 10.0.0.0/8 prefixlen >= 16, 10.60.0.0/15,
172.20.0.0/16 prefixlen <= 32, 172.29.0.0/16 prefixlen >= 24,
172.29.248.10/31 prefixlen = 32, 172.30.0.0/16 prefixlen >= 24 }

# DEFAULT FILTERING
deny from any
deny to any

# NETWORK STATEMENTS
network 172.30.198.4/32 set community 65000:64712
network inet connected set community 65000:64712
network inet static set community 65000:64712

# NEIGHBORS
group "vpn" {
    announce IPv6 none
    route-reflector
    remote-as 64712

    neighbor 10.1.230.9 {
        descr "vpn1"
    }
    neighbor 10.1.230.10 {
        descr "vpn2"
    }
}

# SOURCE FILTERING
allow to group "vpn" prefix-set internal community 65000:64712
# DEST FILTERING
allow from group "vpn" prefix-set internal
# TRAFFIC ENGINEERING
match to group "vpn" set nexthop 10.1.230.12
match to any prefix 172.30.198.4/32 set nexthop self

Reply via email to