Page MenuHomeVyOS Platform
Create Task
Maniphest T2445

VRF route leaking for ipv4 not working
Closed, ResolvedPublicBUG
Actions

Description

Hi,

while testing vrf route leaking, I've found that the behavior is not as expected.

When using the below config:

set protocols vrf ivrf static route 172.25.200.1/32 next-hop 1.1.1.1 next-hop-vrf default

what I see in the frr config is:

vrf ivrf
 ip route 0.0.0.0/0 XYZ
 ip route 172.25.200.1/32 1.1.1.1
 exit-vrf

but would expect it to be:

vrf ivrf
 ip route 0.0.0.0/0 XYZ
 ip route 172.25.200.1/32 1.1.1.1 nexthop-vrf default
 exit-vrf

As pointed by cpo on slack, I've done some investigation to try to get it fixed and working as expected (based on the ipv6 code).

This led to some additional findings that may be useful when reworking the code:

  1. vrf route leaking logic for ipv4 behaves differently than the one for ipv6 at the moment - as for ipv6 there is a requirement to have both next-hop-interface AND next-hop-vrf set (when only next-hop-vrf set, on commit you see: "VRF route-leaking requires a next-hop interface to be set in the destination VRF"). Logic suggests that the requirement of both variables being set is the same for both ipv4 and ipv6 routes ?
  2. There's inconsistency between the naming of sub-nodes - for ipv4 it's next-hop-interface, while for ipv6 it's just interface - potential area to improve, but I would not know how to handle it, as a change here would break existing configurations if not handled properly. Specifically:

set protocols vrf ivrf static route6 fe:fe::/128 next-hop fe::1 interface eth0 vs
set protocols vrf ivrf static route 1.2.2.0/24 next-hop 1.2.3.3 next-hop-interface eth0

Details

Difficulty level
Unknown (require assessment)
Version
1.3-rolling-202005072035
Why the issue appeared?
Will be filled on close
Is it a breaking change?
Unspecified (possibly destroys the router)
Issue type
Bug (incorrect behavior)

Event Timeline

pptak created this task.May 10 2020, 10:27 AM
c-po changed the task status from Open to In progress.May 10 2020, 10:36 AM
c-po claimed this task.
c-po added a comment.EditedMay 10 2020, 10:38 AM

The inconsitency of the naming is b/c the default routing table naming is inconsitent, too - thus it makes it consitent again :)

This should corrected once the rewrite of this subtree starts

c-po added a comment.EditedMay 10 2020, 10:50 AM

In regards to 1) I do not remember why I added it there as FRR seems to accept that kind of routes - but its actually a warning only no real error.

This should go into a separate task if it should be removed. You can try playing around in the node.def files which take care of the settings. Those files are:

  • /opt/vyatta/share/vyatta-cfg/templates/protocols/vrf/node.tag/static/route6/node.tag/next-hop/node.def
  • /opt/vyatta/share/vyatta-cfg/templates/protocols/static/route6/node.tag/next-hop/node.def
c-po closed this task as Resolved.May 10 2020, 10:51 AM
pasik added a subscriber: pasik.May 10 2020, 3:56 PM
c-po moved this task from Need Triage to Finished on the VyOS 1.3 Equuleus board.May 21 2020, 4:15 PM
erkin set Issue type to Bug (incorrect behavior).Aug 30 2021, 6:15 AM
erkin removed a subscriber: Active contributors.
syncer edited projects, added VyOS 1.3 Equuleus (1.3.0); removed VyOS 1.3 Equuleus.Aug 30 2022, 2:02 PM
syncer moved this task from Need Triage to Finished on the VyOS 1.3 Equuleus (1.3.0) board.