Hello. I have a problem with route propagation across different fib
tables which I'm not sure how to solve. It is better described with an
example.
Let's say I have two fib tables, 0 and 1. Table 0 is assigned as VRF
for all interfaces, but in table 1 I have a direct-connected network
for one interface (and my other code could select table 1 as routing
table for received packets based on some other logic):
ipv4-VRF:1, fib_index:4, flow hash:[src ] epoch:0 flags:none locks:[lcp-rt:1, ]
0.0.0.0/0
unicast-ip4-chain
[@0]: dpo-load-balance: [proto:ip4 index:59 buckets:1 uRPF:68 to:[0:0]]
[0] [@15]: ip4-null action:send-unreachable
0.0.0.0/32
unicast-ip4-chain
[@0]: dpo-load-balance: [proto:ip4 index:60 buckets:1 uRPF:81 to:[0:0]]
[0] [@0]: dpo-drop ip4
192.168.50.0/24
unicast-ip4-chain
[@0]: dpo-load-balance: [proto:ip4 index:64 buckets:1 uRPF:87 to:[0:0]]
[0] [@4]: ipv4-glean: [src:0.0.0.0/0] eth2_c5: mtu:1500 next:4
flags:[] ffffffffffff5254008850c50806
192.168.50.2/32
unicast-ip4-chain
[@0]: dpo-load-balance: [proto:ip4 index:66 buckets:1 uRPF:88 to:[0:0]]
[0] [@11]: dpo-receive: 0.0.0.0 on local0
224.0.0.0/4
unicast-ip4-chain
[@0]: dpo-load-balance: [proto:ip4 index:62 buckets:1 uRPF:83 to:[0:0]]
[0] [@0]: dpo-drop ip4
240.0.0.0/4
unicast-ip4-chain
[@0]: dpo-load-balance: [proto:ip4 index:61 buckets:1 uRPF:82 to:[0:0]]
[0] [@0]: dpo-drop ip4
255.255.255.255/32
unicast-ip4-chain
[@0]: dpo-load-balance: [proto:ip4 index:63 buckets:1 uRPF:85 to:[0:0]]
[0] [@11]: dpo-receive: 0.0.0.0 on local0
If I add a default route via some gateway to that table, an
interesting thing occurs - vpp sends ARP request, gets reply, inserts
e.g. 192.168.50.1/32 arp-ipv4 to table 0, propagates it to table 1
(via attached-export feature), then updates neighbor and eventually
replaces arp-ipv4 entry with ipv4. But attached-export entry in table
1 never gets updated, as it is not a sibling of neighbor adj, so it
remains arp-ipv4 and I can't route towards this host via table 1 (but
can route through this gateway to other networks, as 0.0.0.0/0 entry
in table 1 gets update via fib_walk_sync).
However, if I don't have a route through this gateway and just get ARP
announce, it gets inserted as ipv4 (without arp-ipv4 -> ipv4 update).
Or if the neighbor was already resolved at the moment I've added my
192.168.50.0/24 and default route to table 1.
Removing neighbor via vppctl correctly removes attached-export entry as well.
After digging in the code for a while I'm not sure how this is
supposed to work, it doesn't look like updates are propagated to
attached-exports. The only hacky workaround I could come with is
modifying fib_entry_back_walk_notify to forcefully kick
fib_entry_src_action_cover_change/fib_entry_src_action_installed after
getting adj-update, which recreates attached export and seems fine-ish
otherwise.
Should extra adj fib path entry be added as sibling of neighbor to get
updates? Or neighbor updates should trigger cover update to propagate
to attached exports? I don't know this code too well to reason about
it, any suggestions are appreciated.
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#26535): https://lists.fd.io/g/vpp-dev/message/26535
Mute This Topic: https://lists.fd.io/mt/116387408/21656
Group Owner: [email protected]
Unsubscribe: https://lists.fd.io/g/vpp-dev/leave/14379924/21656/631435203/xyzzy
[[email protected]]
-=-=-=-=-=-=-=-=-=-=-=-
