Set 'ipv6: True' on interfaces used for unnumbered IPv6 BGP sessions #460
Comments
|
I think the flag should be I just hit a similar issue through the |
|
See #463 I suspect the reasoning by Cumulus could be that they don't want their devices to do ipv6 unless explicitly configured to do so, for security reasons. In contrast, vanilla FRR enables ipv6 unless forced to disable it (outside of FRR) |
I don't want to test yet-another flag in initial configuration (or later) templates. Setting 'ipv6: True' on the interface data gets the job done, but I wouldn't want it to trigger (for example) OSPFv3. Will check what happens if I set that flag late in BGP module.
The default state depends on the system setting, and as the FRR container serves mostly as a control-plane container (with some of us abusing it as a pure Linux data-plane device), I don't think they would care. |
There is no reasoning. IPv6 (LLA) is enabled on all interfaces in Cumulus VX 4.3.0 container and Cumulus VX 4.4.0 VM, but disabled in Cumulus VX 4.4.0 container. |
…essions (fixes #460) There are devices that need IPv6 enabled on an interface to make unnumbered EBGP sessions work. Those devices might not be able to pass the IPv4-only unnumbered EBGP test case because IPv6 is not enabled. This commit adds 'ipv6: True' to interfaces that have at least one unnumbered EBGP session. The change is made very late in the transformation process (after the links module calculates the node address families) and thus should not impact other routing protocols. It does not impact other modules using address families (like VRF module). An alternative might have been to add yet another flag (example: ipv6_lla) but that would require changes in initial device configuration templates.
…essions (fixes #460) There are devices that need IPv6 enabled on an interface to make unnumbered EBGP sessions work. Those devices might not be able to pass the IPv4-only unnumbered EBGP test case because IPv6 is not enabled. This commit adds 'ipv6: True' to interfaces that have at least one unnumbered EBGP session. The change is made very late in the transformation process (after the links module calculates the node address families) and thus should not impact other routing protocols. It does not impact other modules using address families (like VRF module). An alternative might have been to add yet another flag (example: ipv6_lla) but that would require changes in initial device configuration templates.
An interface that is used for unnumbered IPv4 EBGP session(s) needs IPv6 LLA (that's how the unnumbered sessions are implemented).
Not a big deal, until someone decides to disable IPv6 by default (I'm looking at you, Cumulus Linux 4.4 container). I "fixed" that SNAFU by enabling IPv6 on interfaces that have role 'external', but it would be much nicer to set ipv6: True on such interfaces within the BGP configuration module.
That might mess up the node address family though (all of a sudden, there would be IPv6 and VPNv6 address families) unless we do it at the very end of the transformation process.
Please note that we have a problem only in IPv4-only environments with interfaces configured either with unnumbered: True or ipv4: True.
The only devices currently supporting unnumbered IPv4 EBGP sessions are Cumulus Linux, FRR, and Nokia SR Linux. Any thoughts on this conundrum @jbemmel @petercrocker?
The text was updated successfully, but these errors were encountered: