Page MenuHomeVyOS Platform
Create Task
Maniphest T3604

Changing BGP Neighbor Peer-Group Association Causes Routing Subsystem Failure
Resolved (N/A)PublicBUG
Actions

Description

It appears that when neighbors have their peer group changed, VyOS is not configuring FRR correctly.
Starting config:

set protocols bgp 4242420669 address-family ipv4-unicast
set protocols bgp 4242420669 address-family ipv6-unicast redistribute connected
set protocols bgp 4242420669 neighbor 192.168.253.2 peer-group 'BACKBONE'
set protocols bgp 4242420669 neighbor 192.168.253.3 peer-group 'BACKBONE'
set protocols bgp 4242420669 neighbor 192.168.253.6 peer-group 'BACKBONE'
set protocols bgp 4242420669 neighbor 192.168.253.7 peer-group 'BACKBONE'
set protocols bgp 4242420669 neighbor fd52:d62e:8011:fffe:192:168:253:2 address-family ipv6-unicast peer-group 'BACKBONEv6'
set protocols bgp 4242420669 neighbor fd52:d62e:8011:fffe:192:168:253:3 address-family ipv6-unicast peer-group 'BACKBONEv6'
set protocols bgp 4242420669 neighbor fd52:d62e:8011:fffe:192:168:253:6 address-family ipv6-unicast peer-group 'BACKBONEv6'
set protocols bgp 4242420669 neighbor fd52:d62e:8011:fffe:192:168:253:7 address-family ipv6-unicast peer-group 'BACKBONEv6'
set protocols bgp 4242420669 parameters confederation identifier '4242420696'
set protocols bgp 4242420669 parameters confederation peers '4242420666'
set protocols bgp 4242420669 parameters confederation peers '4242420668'
set protocols bgp 4242420669 parameters default no-ipv4-unicast
set protocols bgp 4242420669 parameters graceful-restart
set protocols bgp 4242420669 peer-group BACKBONE address-family ipv4-unicast nexthop-self
set protocols bgp 4242420669 peer-group BACKBONE address-family ipv4-unicast route-map export 'BGP-BACKBONE'
set protocols bgp 4242420669 peer-group BACKBONE address-family ipv4-unicast route-map import 'BGP-BACKBONE'
set protocols bgp 4242420669 peer-group BACKBONE address-family ipv4-unicast soft-reconfiguration inbound
set protocols bgp 4242420669 peer-group BACKBONE bfd
set protocols bgp 4242420669 peer-group BACKBONE ebgp-multihop '2'
set protocols bgp 4242420669 peer-group BACKBONE remote-as 'external'
set protocols bgp 4242420669 peer-group BACKBONE update-source 'dum0'
set protocols bgp 4242420669 peer-group BACKBONEv6 address-family ipv6-unicast nexthop-self
set protocols bgp 4242420669 peer-group BACKBONEv6 address-family ipv6-unicast route-map export 'BGP-BACKBONE'
set protocols bgp 4242420669 peer-group BACKBONEv6 address-family ipv6-unicast route-map import 'BGP-BACKBONE'
set protocols bgp 4242420669 peer-group BACKBONEv6 address-family ipv6-unicast soft-reconfiguration inbound
set protocols bgp 4242420669 peer-group BACKBONEv6 bfd
set protocols bgp 4242420669 peer-group BACKBONEv6 ebgp-multihop '2'
set protocols bgp 4242420669 peer-group BACKBONEv6 remote-as 'external'
set protocols bgp 4242420669 peer-group BACKBONEv6 update-source 'dum0'

Changes:

edit protocols bgp 4242420669
  copy peer-group BACKBONE to peer-group TEST
  set neighbor 192.168.253.6 peer-group TEST

Error:

trae@cr01-vyos# commit
[ protocols bgp 4242420669 ]
% Cannot change the peer-group. Deconfigure first
Error configuring routing subsystem.  See log for more detailed information

[edit protocols bgp 4242420669]

What FRR looks like after:

router bgp 4242420669
 no bgp ebgp-requires-policy
 no bgp default ipv4-unicast
 bgp confederation identifier 4242420696
 bgp confederation peers 4242420666 4242420668
 no bgp network import-check
 neighbor BACKBONE peer-group
 neighbor BACKBONE remote-as external
 neighbor BACKBONE bfd
 neighbor BACKBONE ebgp-multihop 2
 neighbor BACKBONE update-source dum0
 neighbor BACKBONEv6 peer-group
 neighbor BACKBONEv6 remote-as external
 neighbor BACKBONEv6 bfd
 neighbor BACKBONEv6 ebgp-multihop 2
 neighbor BACKBONEv6 update-source dum0
 neighbor TEST peer-group
 neighbor TEST remote-as external
 neighbor TEST bfd
 neighbor TEST ebgp-multihop 2
 neighbor TEST update-source dum0
 neighbor 192.168.253.2 peer-group BACKBONE
 neighbor 192.168.253.3 peer-group BACKBONE
 neighbor 192.168.253.6 peer-group BACKBONE
 neighbor 192.168.253.7 peer-group BACKBONE
 neighbor fd52:d62e:8011:fffe:192:168:253:2 peer-group BACKBONEv6
 neighbor fd52:d62e:8011:fffe:192:168:253:3 peer-group BACKBONEv6
 neighbor fd52:d62e:8011:fffe:192:168:253:6 peer-group BACKBONEv6
 neighbor fd52:d62e:8011:fffe:192:168:253:7 peer-group BACKBONEv6
 !
 address-family ipv4 unicast
  neighbor BACKBONE activate
  neighbor BACKBONE next-hop-self
  neighbor BACKBONE soft-reconfiguration inbound
  neighbor BACKBONE route-map BGP-BACKBONE in
  neighbor BACKBONE route-map BGP-BACKBONE out
  neighbor TEST activate
  neighbor TEST next-hop-self
  neighbor TEST soft-reconfiguration inbound
  neighbor TEST route-map BGP-BACKBONE in
  neighbor TEST route-map BGP-BACKBONE out
 exit-address-family
 !
 address-family ipv6 unicast
  redistribute connected
  neighbor BACKBONEv6 activate
  neighbor BACKBONEv6 next-hop-self
  neighbor BACKBONEv6 soft-reconfiguration inbound
  neighbor BACKBONEv6 route-map BGP-BACKBONE in
  neighbor BACKBONEv6 route-map BGP-BACKBONE out
 exit-address-family
!

I think what's happening is that VyOS is trying to run this in the router bgp config section:

neighbor <neigh> peer-group <new_pg>

instead of running:

no neighbor <neigh>
neighbor <neigh> peer-group <new_pg>

Details

Difficulty level
Unknown (require assessment)
Version
1.3-beta-202106070642
Why the issue appeared?
Will be filled on close
Is it a breaking change?
Perfectly compatible
Issue type
Unspecified (please specify)

Event Timeline

trae32566 created this task.Jun 7 2021, 8:31 PM
trae32566 updated the task description. (Show Details)
dmbaturin added a project: test.Jul 29 2021, 9:04 AM
pasik added a subscriber: pasik.Jul 29 2021, 9:41 AM
syncer edited projects, added VyOS 1.3 Equuleus (1.3.0-epa1); removed test, VyOS 1.3 Equuleus.Sep 5 2021, 7:06 AM
syncer edited projects, added VyOS 1.3 Equuleus (1.3.0); removed VyOS 1.3 Equuleus (1.3.0-epa1).Nov 1 2021, 10:09 PM
syncer edited projects, added VyOS 1.3 Equuleus (1.3.3); removed VyOS 1.3 Equuleus (1.3.0).Aug 29 2022, 7:04 AM
TMA added a subscriber: TMA.Sep 11 2022, 8:53 PM
syncer edited projects, added VyOS 1.3 Equuleus (1.3.4); removed VyOS 1.3 Equuleus (1.3.3).Jul 12 2023, 9:39 PM
syncer edited projects, added VyOS 1.3 Equuleus (1.3.5); removed VyOS 1.3 Equuleus (1.3.4).Aug 25 2023, 9:29 PM
syncer edited projects, added VyOS 1.3 Equuleus (1.3.6); removed VyOS 1.3 Equuleus (1.3.5).Dec 17 2023, 11:37 PM
dmbaturin closed this task as Resolved N/A.Jan 9 2024, 5:11 PM
dmbaturin added a subscriber: dmbaturin.

The new implementation has been working fine for a while now, but if anything, please reopen.

dmbaturin removed a project: VyOS 1.3 Equuleus (1.3.6).Jan 9 2024, 5:12 PM
dmbaturin set Issue type to Unspecified (please specify).