Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

vtysh running-config output not showing bgp ttl-security hops option #7848

Closed
cgoncalves opened this issue Jan 11, 2021 · 0 comments · Fixed by #7873
Closed

vtysh running-config output not showing bgp ttl-security hops option #7848

cgoncalves opened this issue Jan 11, 2021 · 0 comments · Fixed by #7873
Labels
triage Needs further investigation

Comments

@cgoncalves
Copy link
Contributor

Describe the bug

[x] Did you check if this is a duplicate issue?
[ ] Did you test it on the latest FRRouting/frr master branch?

BGP configuration option neighbor PEER ttl-security hops NUMBER not displayed in vtysh show running-config output.

Although the configuration is not displayed, it is being set per the BGP daemon log:
2021/01/11 14:56:26 BGP: peer_ttl_security_hops_set: set gtsm_hops to 1 for uplink

Documentation: http://docs.frrouting.org/en/latest/bgp.html#clicmd-[no]neighborPEERttl-securityhopsNUMBER

To Reproduce

  1. Set ttl-security hops in frr.conf. Example:
hostname ctrl-3-0
log file /var/log/frr/frr.log debugging
service integrated-vtysh-config
line vty

router bgp 64999
  bgp log-neighbor-changes
  bgp graceful-shutdown

  neighbor uplink peer-group
  neighbor uplink remote-as internal
  neighbor uplink bfd
  neighbor uplink ttl-security hops 1
  neighbor enp2s0 interface peer-group uplink
  neighbor enp3s0 interface peer-group uplink

  address-family ipv4 unicast
    redistribute connected
    neighbor uplink allowas-in origin
  exit-address-family

  address-family ipv6 unicast
    redistribute connected
    neighbor uplink activate
    neighbor uplink allowas-in origin
  exit-address-family
  1. Start FRR with the BGP daemon enabled.
  2. Check running configuration in vtysh:
[root@ctrl-3-0 frr]# vtysh -c 'show running-config'
Building configuration...

Current configuration:
!
frr version 7.5
frr defaults traditional
hostname ctrl-3-0
log file /var/log/frr/frr.log
no ipv6 forwarding
!
router bgp 64999
 bgp log-neighbor-changes
 bgp graceful-shutdown
 neighbor uplink peer-group
 neighbor uplink remote-as internal
 neighbor uplink bfd
 neighbor enp2s0 interface peer-group uplink
 neighbor enp3s0 interface peer-group uplink
 !
 address-family ipv4 unicast
  redistribute connected
  neighbor uplink allowas-in origin
 exit-address-family
 !
 address-family ipv6 unicast
  redistribute connected
  neighbor uplink activate
  neighbor uplink allowas-in origin
 exit-address-family
!
line vty
!
end

Expected behavior
I would have expected to see an output line with neighbor uplink ttl-security hops 1.

Versions

  • OS Version: RHEL 8.3
  • Kernel: Linux 4.18.0-240.el8.x86_64
  • FRR Version: 7.5
@cgoncalves cgoncalves added the triage Needs further investigation label Jan 11, 2021
donaldsharp added a commit to donaldsharp/frr that referenced this issue Jan 15, 2021
@donaldsharp
bgpd: Allow peer-groups to have ttl-security hops configured
8a66632 
The command `neighbor PGROUP ttl-security hops X` was being
accepted but ignored.  Allow it to be stored.  I am still
not sure that this is applied correctly, but that is another
problem.

Fixes: FRRouting#7848
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
@donaldsharp donaldsharp mentioned this issue Jan 15, 2021
Merged
donaldsharp added a commit to donaldsharp/frr that referenced this issue Jan 15, 2021
@donaldsharp
bgpd: Allow peer-groups to have ttl-security hops configured
4ec7a71 
The command `neighbor PGROUP ttl-security hops X` was being
accepted but ignored.  Allow it to be stored.  I am still
not sure that this is applied correctly, but that is another
problem.

Fixes: FRRouting#7848
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
idryzhov pushed a commit to idryzhov/frr that referenced this issue Jan 20, 2021
@donaldsharp @idryzhov
bgpd: Allow peer-groups to have ttl-security hops configured
f30c002 
The command `neighbor PGROUP ttl-security hops X` was being
accepted but ignored.  Allow it to be stored.  I am still
not sure that this is applied correctly, but that is another
problem.

Fixes: FRRouting#7848
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
triage Needs further investigation
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

bgpd: Allow peer-groups to have ttl-security hops configured donaldsharp/frr
1 participant
@cgoncalves