BGP vpnv4 prefixes in RIB, not in FIB

brad hendrickse Thu, 29 Jun 2017 06:59:34 -0700

Hi folks,

I have a problem with routes learnt from BGP vpnv4 not being inserted intothe FIB I'd expect. A tcpdump on the OpenBSD box shows we are receivingthe prefixes (from a Cisco) with the labels intact. The MPE interface isconfigured in rdomain 1 with MPLS label 200. The loopback interface lo1was automatically created as mentioned in the 6.1 changelog.

We have this working on OpenBSD 5.4. My colleagues have seen this samebehaviour since OpenBSD 5.9 explaining why we're still using 5.4. Allconfigs and output below is from OpenBSD 6.1.


Any help with this would be much appreciated.

Thank you


/etc/bgpd.conf:
----/----
# global configuration
AS 65002
router-id 192.168.1.2
holdtime 180
listen on 192.168.1.2
log updates

group "peering AS65520" {
        remote-as 65520
        neighbor 192.168.1.1 {
                descr   "AS 65520"
                announce capabilities yes
                announce self
                announce IPv4 vpn
                announce refresh yes
                announce restart yes
        }
}

rdomain 1 {
        descr "200:1"
        rd 200:1
        import-target rt 200:1
        export-target rt 200:1
        depend on mpe1
        network 10.10.10.2/32
}


----/----
bash-4.4# bgpctl show summary

Neighbor AS MsgRcvd MsgSent OutQ Up/DownState/PrfRcvd

AS 65520                65520         30         27     0 00:23:23      4


----/----
bash-4.4# bgpctl show rib
flags: * = Valid, > = Selected, I = via IBGP, A = Announced, S = Stale
origin: i = IGP, e = EGP, ? = Incomplete

flags destination          gateway          lpref   med aspath origin
AI*>  rd 200:1 10.10.10.2/32 rd 0:0 0.0.0.0     100     0 i
*>    rd 200:1 100.10.0.0/24 192.168.1.1        100     0 65520 ?
*>    rd 200:1 155.10.0.0/24 192.168.1.1        100     0 65520 ?
*>    rd 200:1 200.10.0.0/24 192.168.1.1        100     0 65520 ?
*>    rd 200:1 210.10.0.0/24 192.168.1.1        100     0 65520 ?


The next-hop for 155.10.0.0/24 is pingable
----/----
bash-4.4# ping -c 3 192.168.1.1
PING 192.168.1.1 (192.168.1.1): 56 data bytes
64 bytes from 192.168.1.1: icmp_seq=0 ttl=255 time=0.536 ms
64 bytes from 192.168.1.1: icmp_seq=1 ttl=255 time=0.604 ms
64 bytes from 192.168.1.1: icmp_seq=2 ttl=255 time=0.587 ms

--- 192.168.1.1 ping statistics ---
3 packets transmitted, 3 packets received, 0.0% packet loss
round-trip min/avg/max/std-dev = 0.536/0.576/0.604/0.029 ms


----/----
bash-4.4# bgpctl show fib
flags: * = valid, B = BGP, C = Connected, S = Static, D = Dynamic
       N = BGP Nexthop reachable via this route R = redistributed
       r = reject route, b = blackhole route

flags prio destination          gateway
*S       8 0.0.0.0/0            10.0.2.1
*C       4 10.0.2.0/24          link#1
*C       0 127.0.0.0/8          link#0
*CN      4 192.168.1.0/30       link#2
*S       8 192.168.2.1/32       192.168.1.1
*        1 192.168.2.2/32       192.168.2.2
*S  r    8 224.0.0.0/4          127.0.0.1
*S  r    8 ::/96                ::1
*S  r    8 ::/104               ::1
*C       0 ::1/128              link#0
*        1 ::1/128              ::1
*S  r    8 ::127.0.0.0/104      ::1
*S  r    8 ::224.0.0.0/100      ::1
*S  r    8 ::255.0.0.0/104      ::1
*S  r    8 ::ffff:0.0.0.0/96    ::1
*S  r    8 2002::/24            ::1
*S  r    8 2002:7f00::/24       ::1
*S  r    8 2002:e000::/20       ::1
*S  r    8 2002:ff00::/24       ::1
*S  r    8 fe80::/10            ::1
*        1 fe80:4::1/128        fe80:4::1
*S  r    8 fec0::/10            ::1
*S  r    8 ff01::/16            ::1
*        4 ff01:4::/32          ::1
*S  r    8 ff02::/16            ::1
*        4 ff02:4::/32          ::1


The tables are coupled
----/----
bash-4.4# bgpctl show table
Table Description          State
    0 Loc-RIB              coupled
    1 200:1                coupled

I don't expect to be able to ping the destination, but not expecting "Noroute to host"

----/----
bash-4.4# ping -V 1 155.10.0.1
PING 155.10.0.1 (155.10.0.1): 56 data bytes
ping: sendmsg: No route to host
ping: wrote 155.10.0.1 64 chars, ret=-1
ping: sendmsg: No route to host
ping: wrote 155.10.0.1 64 chars, ret=-1
ping: sendmsg: No route to host


----/----
bash-4.4# ifconfig -a
lo0: flags=88049<UP,LOOPBACK,RUNNING,MULTICAST,MPLS> mtu 32768
        index 4 priority 0 llprio 3
        groups: lo
        inet6 ::1 prefixlen 128
        inet6 fe80::1%lo0 prefixlen 64 scopeid 0x4
        inet 192.168.2.2 netmask 0xffffffff
xnf0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
        lladdr 4a:2f:aa:55:45:89
        index 1 priority 0 llprio 3
        groups: egress
        media: Ethernet manual
        status: active
        inet 10.0.2.38 netmask 0xffffff00 broadcast 10.0.2.255
xnf1: flags=88843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST,MPLS> mtu 1500
        lladdr 3a:fe:55:6f:ed:10
        index 2 priority 0 llprio 3
        media: Ethernet manual
        status: active
        inet 192.168.1.2 netmask 0xfffffffc broadcast 192.168.1.3
enc0: flags=0<>
        index 3 priority 0 llprio 3
        groups: enc
        status: active
pflog0: flags=141<UP,RUNNING,PROMISC> mtu 33144
        index 5 priority 0 llprio 3
        groups: pflog
mpe1: flags=11<UP,POINTOPOINT> rdomain 1 mtu 1500
        index 6 priority 0 llprio 3
        mpls label: 200
        groups: mpe
        inet 10.10.10.2 --> 255.255.255.255 netmask 0xffffffff
lo1: flags=88008<LOOPBACK,MULTICAST,MPLS> rdomain 1 mtu 32768
        index 7 priority 0 llprio 3
        groups: lo


----/----
bash-4.4# netstat -rn
Routing tables

Internet:

Destination Gateway Flags Refs Use Mtu PrioIfacedefault 10.0.2.1 UGS 4 14416 - 8xnf0224/4 127.0.0.1 URS 0 2987 - 8xnf010.0.2/24 10.0.2.38 UCn 1 19216 - 4xnf010.0.2.1 00:09:0f:b5:58:8f UHLch 1 275 - 3xnf010.0.2.38 4a:2f:aa:55:45:89 UHLl 0 2843 - 1xnf010.0.2.255 10.0.2.38 UHb 0 3424 - 1xnf0192.168.1.0/30 192.168.1.2 UCn 1 0 - 4xnf1192.168.1.1 e8:ed:f3:79:7a:d8 UHLch 3 137 - 3xnf1192.168.1.2 3a:fe:55:6f:ed:10 UHLl 0 206 - 1xnf1192.168.1.3 192.168.1.2 UHb 0 0 - 1xnf1192.168.2.1 192.168.1.1 UGHS 0 0 - 8xnf1192.168.2.2 192.168.2.2 UHl 0 0 32768 1lo0


Internet6:

Destination Gateway FlagsRefs Use Mtu Prio Iface::/96 ::1 UGRS0 0 32768 8 lo0::/104 ::1 UGRS0 0 32768 8 lo0::1 ::1 UHhl14 28 32768 1 lo0::127.0.0.0/104 ::1 UGRS0 0 32768 8 lo0::224.0.0.0/100 ::1 UGRS0 0 32768 8 lo0::255.0.0.0/104 ::1 UGRS0 0 32768 8 lo0::ffff:0.0.0.0/96 ::1 UGRS0 0 32768 8 lo02002::/24 ::1 UGRS0 0 32768 8 lo02002:7f00::/24 ::1 UGRS0 0 32768 8 lo02002:e000::/20 ::1 UGRS0 0 32768 8 lo02002:ff00::/24 ::1 UGRS0 0 32768 8 lo0fe80::/10 ::1 UGRS0 0 32768 8 lo0fec0::/10 ::1 UGRS0 0 32768 8 lo0fe80::1%lo0 fe80::1%lo0 UHl0 0 32768 1 lo0ff01::/16 ::1 UGRS1 1 32768 8 lo0ff01::%lo0/32 ::1 Um0 1 32768 4 lo0ff02::/16 ::1 UGRS1 1 32768 8 lo0ff02::%lo0/32 ::1 Um0 1 32768 4 lo0


MPLS:

In label Out label Op Gateway Flags Refs Use MtuPrio Interface20 - LOCAL 192.168.1.1 UGT 0 0 -8 xnf1



----/----
bash-4.4# netstat -rn -T1
Routing tables

Internet:

Destination Gateway Flags Refs Use Mtu PrioIface10.10.10.2 10.10.10.2 UHl 0 28 - 1mpe1255.255.255.255 10.10.10.2 UH 0 0 - 8mpe1


MPLS:

In label Out label Op Gateway Flags Refs Use MtuPrio Interface200 - POP mpe1 UT 0 0 -8 mpe1

BGP vpnv4 prefixes in RIB, not in FIB

Reply via email to