Page MenuHomeVyOS Platform

BGP route leak at system boot
Resolved (N/A)PublicBUG

Description

When the router is restarted for an image update the BGP daemon leaks routes. The configured prefix list does not take effect immediately and leaks prefixes that it receives from one peer to other peers without filtering based on the prefix list that is set. This probably happens because the BGP daemon starts before the configuration is fully loaded. If you have many BGP peers and in general a big configuration the configuration load on startup can take a significant time (3 minutes). During this time the BGP daemon is already started and it seems to ignore the prefix list until the configuration is fully loaded. This behavior exists since vyatta (I reported this also to vyatta at that time). I am not sure if this happens at every reboot or only on reboot after image update because usually I only reboot for an update. Someone who knows how the configuration is loaded (on normal reboot and on a reboot after update) may know this. I guess a solution would be to start the BGP process only after the configuration is fully loaded. This may also fix https://phabricator.vyos.net/T2003

Details

Difficulty level
Unknown (require assessment)
Version
1.2.6
Why the issue appeared?
Will be filled on close
Is it a breaking change?
Unspecified (possibly destroys the router)