Page MenuHomeVyOS Platform
Create Task
Maniphest T1130

Deleting BGP communities from prefix does not work
Closed, ResolvedPublicBUG
Actions

Description

I tried filtering incoming communities on prefixes using the following route-map:

rule 1 {
    action permit
    description "Strip RPKI communities"
    set {
        comm-list {
            comm-list 5
            delete
        }
        local-preference 700
    }
}

And the following community-list:

rule 1 {
    action permit
    regex 60927:404
}

The local-preference is just to see whether the route-map was actually being applied.

But after resetting the connection to the neighbor the community isn't actually being removed:

BGP routing table entry for 2001:5:8::/48
Paths: (2 available, best #1, table default)
  Not advertised to any peer
  6939 200334
    2a0b:b601::9 from 2a0b:b601::9 (185.167.204.236)
      Origin IGP, localpref 700, valid, internal, best
      Community: 60927:404
      Last update: Thu Dec 20 15:56:37 2018

As you can see the local pref is being updated however

Details

Difficulty level
Unknown (require assessment)
Version
1.2.0-rc11
Why the issue appeared?
Will be filled on close
Is it a breaking change?
Unspecified (possibly destroys the router)
Issue type
Bug (incorrect behavior)

Event Timeline

m.cremers created this task.Dec 20 2018, 5:08 PM
pasik added a subscriber: pasik.Dec 20 2018, 5:14 PM
syncer assigned this task to dmbaturin.Dec 21 2018, 10:17 AM
syncer triaged this task as Normal priority.
syncer edited projects, added VyOS 1.3 Equuleus; removed VyOS 1.2 Crux.
Viacheslav added a subscriber: Viacheslav.Dec 10 2019, 7:19 PM

I check it in latest rolling releases and it work fine (ipv4 and ipv6).

vyos@r1# show policy 
 community-list 5 {
     rule 10 {
         action permit
         regex 60927:404
     }
 }
 route-map COM-DEL-IN {
     rule 10 {
         action permit
         set {
             comm-list {
                 comm-list 5
                 delete
             }
             local-preference 700
         }
     }
 }

Routes without route-map (with Community: 60927:404)

vyos@r1:~$ show ip bgp 10.111.0.0/24
BGP routing table entry for 10.111.0.0/24
Paths: (1 available, best #1, table default)
  Advertised to non peer-group peers:
  10.5.1.2
  65534
    10.5.1.2 from 10.5.1.2 (192.168.133.2)
      Origin IGP, metric 0, valid, external, best (First path received)
      Community: 60927:404
      Last update: Tue Dec 10 19:10:45 2019
vyos@r1:~$
vyos@r1:~$ show ipv6 bgp 2001:db8:85a3::/64
BGP routing table entry for 2001:db8:85a3::/64
Paths: (1 available, best #1, table default)
  Advertised to non peer-group peers:
  2001:db8:85a3::8a2e:370:2
  65534
    2001:db8:85a3::8a2e:370:2 from 2001:db8:85a3::8a2e:370:2 (192.168.133.2)
    (fe80::5054:ff:fe69:b9ed) (used)
      Origin IGP, metric 0, valid, external, best (First path received)
      Community: 60927:404
      Last update: Tue Dec 10 19:10:45 2019

Setting route-map to neighbors

set protocols bgp 65535 neighbor 10.5.1.2 address-family ipv4-unicast route-map import 'COM-DEL-IN'
set protocols bgp 65535 neighbor 2001:db8:85a3::8a2e:370:2 address-family ipv6-unicast route-map import 'COM-DEL-IN'

Routes after commit router-map

vyos@r1:~$ show ip bgp 10.111.0.0/24
BGP routing table entry for 10.111.0.0/24
Paths: (1 available, best #1, table default)
  Advertised to non peer-group peers:
  10.5.1.2
  65534
    10.5.1.2 from 10.5.1.2 (192.168.133.2)
      Origin IGP, metric 0, localpref 700, valid, external, best (First path received)
      Last update: Tue Dec 10 19:14:41 2019
vyos@r1:~$ 
vyos@r1:~$ show ipv6 bgp 2001:db8:85a3::/64
BGP routing table entry for 2001:db8:85a3::/64
Paths: (1 available, best #1, table default)
  Advertised to non peer-group peers:
  2001:db8:85a3::8a2e:370:2
  65534
    2001:db8:85a3::8a2e:370:2 from 2001:db8:85a3::8a2e:370:2 (192.168.133.2)
    (fe80::5054:ff:fe69:b9ed) (used)
      Origin IGP, metric 0, localpref 700, valid, external, best (First path received)
      Last update: Tue Dec 10 19:14:40 2019
vyos@r1:~$
Viacheslav closed this task as Resolved.Jul 27 2020, 4:25 PM
c-po moved this task from Need Triage to Finished on the VyOS 1.3 Equuleus board.Aug 3 2020, 3:27 PM
erkin set Is it a breaking change? to Unspecified (possibly destroys the router).Aug 31 2021, 7:00 PM
erkin set Issue type to Bug (incorrect behavior).
dmbaturin edited projects, added VyOS 1.3 Equuleus (1.3.0-epa1); removed VyOS 1.3 Equuleus.Sep 11 2021, 1:52 AM