Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

My environment is nhrp and bgp. FRONTING cannot update the Linux kernel route() #11975

Open
gh0813 opened this issue Sep 20, 2022 · 2 comments
Open

My environment is nhrp and bgp. FRONTING cannot update the Linux kernel route() #11975

gh0813 opened this issue Sep 20, 2022 · 2 comments
Labels
triage Needs further investigation

Comments

@gh0813
Copy link

gh0813 commented Sep 20, 2022
edited by qlyoung

My environment is nhrp and bgp. FRONTING cannot update the Linux kernel route.
System: ubuntu22.04

frrouting:8.3

System kernel: Linux test 5.4.0-125 generic

Specific configuration of frr:
R1:

root@test:~# cat /etc/frr/frr.conf
frr version 8.3.1
frr defaults traditional
hostname test
log syslog informational
nhrp nflog-group 1
service integrated-vtysh-config
!
ip route 0.0.0.0/0 10.3.3.1
!
interface dm_gre
 ip address 10.0.0.254/32
 ip nhrp network-id 1
 ip nhrp redirect
 ip nhrp registration no-unique
 ip nhrp shortcut
 tunnel source enp0s8
exit
!
interface enp0s8
 ip address 10.3.3.2/24
exit
!
router bgp 65000
 bgp router-id 10.0.0.254
 no bgp ebgp-requires-policy
 neighbor 10.0.0.1 remote-as 65001
 !
 address-family ipv4 unicast
  redistribute nhrp
 exit-address-family
exit
!

R2:

frr version 8.3.1
frr defaults traditional
hostname test
log syslog informational
service integrated-vtysh-config
!
ip route 0.0.0.0/0 10.1.1.1
!
interface dm_gre
 ip address 10.0.0.1/32
 ip nhrp network-id 1
 ip nhrp nhs dynamic nbma 10.3.3.2
 ip nhrp redirect
 ip nhrp registration no-unique
 no link-detect
 tunnel source enp0s8
exit
!
interface enp0s8
 ip address 10.1.1.2/24
exit
!
interface enp0s9
 ip address 10.4.4.1/24
exit
!
router bgp 65001
 bgp router-id 10.0.0.1
 no bgp ebgp-requires-policy
 neighbor 10.0.0.254 remote-as 65000
 !
 address-family ipv4 unicast
  redistribute connected
  redistribute nhrp
 exit-address-family
exit
!

R1 Linux kernel routing

root@test:~# ip route
default nhid 12 via 10.3.3.1 dev enp0s8 proto static metric 20
10.0.0.1 nhid 14 dev dm_gre proto nhrp metric 20
10.3.3.0/24 dev enp0s8 proto kernel scope link src 10.3.3.2
192.168.56.0/24 dev enp0s3 proto kernel scope link src 192.168.56.103
root@test:~#

R1 frr route

test# sh ip route
Codes: K - kernel route, C - connected, S - static, R - RIP,
       O - OSPF, I - IS-IS, B - BGP, E - EIGRP, N - NHRP,
       T - Table, v - VNC, V - VNC-Direct, A - Babel, F - PBR,
       f - OpenFabric,
       > - selected route, * - FIB route, q - queued, r - rejected, b - backup
       t - trapped, o - offload failure

S>* 0.0.0.0/0 [1/0] via 10.3.3.1, enp0s8, weight 1, 00:28:57
N>* 10.0.0.1/32 [10/0] is directly connected, dm_gre, weight 1, 00:28:44
B   10.0.0.254/32 [20/0] via 10.0.0.1 inactive, weight 1, 00:25:04
C>* 10.0.0.254/32 is directly connected, dm_gre, 00:28:57
B   10.1.1.0/24 [20/0] via 10.0.0.1 inactive, weight 1, 00:25:04
C>* 10.3.3.0/24 is directly connected, enp0s8, 00:28:57
B   10.4.4.0/24 [20/0] via 10.0.0.1 inactive, weight 1, 00:25:04
C>* 192.168.56.0/24 is directly connected, enp0s3, 00:28:57

Problem results
This problem causes R1 to fail to ping 10.4.4.1 (one of R2 physical ports)

test# ping 10.4.4.1
PING 10.4.4.1 (10.4.4.1) 56(84) bytes of data.
From 10.3.3.1 icmp_seq=1 Destination Net Unreachable
From 10.3.3.1 icmp_seq=2 Destination Net Unreachable
From 10.3.3.1 icmp_seq=3 Destination Net Unreachable
From 10.3.3.1 icmp_seq=4 Destination Net Unreachable

There is no problem with nhrp tunnel addresses pinging each other

test# ping 10.0.0.1
PING 10.0.0.1 (10.0.0.1) 56(84) bytes of data.
64 bytes from 10.0.0.1: icmp_seq=1 ttl=64 time=3.62 ms
64 bytes from 10.0.0.1: icmp_seq=2 ttl=64 time=1.78 ms
64 bytes from 10.0.0.1: icmp_seq=3 ttl=64 time=2.14 ms
64 bytes from 10.0.0.1: icmp_seq=4 ttl=64 time=1.73 ms
64 bytes from 10.0.0.1: icmp_seq=5 ttl=64 time=1.85 ms
64 bytes from 10.0.0.1: icmp_seq=6 ttl=64 time=1.37 ms
64 bytes from 10.0.0.1: icmp_seq=7 ttl=64 time=1.74 ms

Cause of the problem
Because the Linux kernel has checked the validity of the next route, the next address must be written to an address of the same network segment that can be reached directly. As a result, the bgp address learned through frr cannot be correctly configured into the Linux kernel。
For example:

root@test:~# ip route add 10.4.4.0/24 via 10.0.0.1
Error: Nexthop has invalid gateway.
root@test:~#
To solve this problem, you need to add **onlink** at the end of the Linux command
root@test:~#
root@test:~# ip route add 10.4.4.0/24 via 10.0.0.1 dev dm_gre onlink
root@test:~#

Therefore, to solve this problem, we need to modify the command parameters when the bgp learning route is written to the Linux kernel in the frr code, but I will not develop the code. Whether the frr maintenance personnel can modify the code to solve this problem? This problem is very serious, which will lead to the failure of similar tunnels to update the linux kernel route
@gh0813 gh0813 added the triage Needs further investigation label Sep 20, 2022
@gh0813 gh0813 mentioned this issue Sep 21, 2022
Open
2 tasks
@github-actions
Copy link

This issue is stale because it has been open 180 days with no activity. Comment or remove the autoclose label in order to avoid having this issue closed.

@frrbot
Copy link

frrbot bot commented Mar 20, 2023

This issue will be automatically closed in the specified period unless there is further activity.

@qlyoung qlyoung removed the autoclose label Jul 23, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
triage Needs further investigation
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@gh0813 @qlyoung