Page MenuHomeVyOS Platform
Create Task
Maniphest T3359

static route table not working properly
Resolved (N/A)Public
Actions

Description

Hello,

I have upgraded our vyos instance from 1.2 LTS to VyOS 1.3-rolling-202012271303 and we have seen some strange behavior with static routes
We have two provider so I am using PBR to select traffic to be forwarded to ISP1 or ISP2

bellow my configuration

show  policy route FW_OUT 
 rule 1 {
     description "Mark OpenVPN Packets"
     protocol udp
     set {
         table 5
     }
     source {
        port 1100-1299
     }
 }

show  protocols static table 5 
 route 0.0.0.0/0 {
     next-hop 92.103.x.x {
     }
 }

In addition to that, I have a default route which is installed in the main table

show  protocols static route 0.0.0.0/0 
 next-hop 195.200.x.x {
 }

The issue is that each time I reboot the firewall, two static route are installed in the main table with the same cost

S>* 0.0.0.0/0 [1/0] via 92.103.x.x, bond1.100, weight 1, 00:01:55
  *                 via 195.200.x.x, bond1.101, weight 1, 00:01:55

When I have checked FRR, I found the route in table 5 in the config and I have workaround by deleting the route with vtysh

Another abnormal behavior is that the table 5 contains the two static routes

ip route  show table 5
default nhid 204 proto static metric 20 
        nexthop via 92.103.x.x dev bond1.100 weight 1 
        nexthop via 195.200.x.x dev bond1.101 weight 1

Details

Difficulty level
Unknown (require assessment)
Version
VyOS 1.3-rolling-202012271303
Why the issue appeared?
Will be filled on close
Is it a breaking change?
Behavior change
Issue type
Unspecified (please specify)

Event Timeline

zadm triaged this task as High priority.Feb 26 2021, 10:38 AM
zadm created this task.
zadm created this object in space S1 VyOS Public.
pasik added a subscriber: pasik.Feb 26 2021, 10:41 AM
Viacheslav added a subscriber: Viacheslav.Feb 26 2021, 1:56 PM

Your rolling release so old. As I remember it was a bug with FRR, which was fixed.
Try more latest versions or vyos-1.3.0-rc1 https://community.vyos.net/get/snapshots/

c-po changed the task status from Open to Needs testing.Feb 26 2021, 2:36 PM
zadm added a comment.Mar 1 2021, 8:52 AM

I will try the latest

Thank you

Viacheslav added a comment.Mar 19 2021, 12:07 PM

@zadm do you test it?

Viacheslav closed this task as Resolved.Mar 24 2021, 9:07 AM
Viacheslav claimed this task.
SrividyaA changed the task status from Resolved to Resolved N/A.Aug 31 2021, 1:00 PM
SrividyaA set Issue type to Unspecified (please specify).
syncer moved this task from Need Triage to Finished on the VyOS 1.3 Equuleus board.Nov 6 2021, 11:43 AM
syncer edited projects, added VyOS 1.3 Equuleus (1.3.0); removed VyOS 1.3 Equuleus.Aug 29 2022, 12:16 PM
syncer moved this task from Need Triage to Finished on the VyOS 1.3 Equuleus (1.3.0) board.