Page MenuHomeVyOS Platform

Lost access to host after VRF re-creating
Closed, ResolvedPublicBUG

Description

After re-creating vrf, the host does not respond to ARP requests
To reproduce, delete all vrf related configuration and create it again

  1. Aadd vrf, attach the interface to vrf
set interfaces ethernet eth0 address '192.168.122.11/24'
set interfaces ethernet eth0 vrf 'foo'
set service ssh vrf 'foo'
set vrf bind-to-all
set vrf name foo protocols static route 0.0.0.0/0 next-hop 192.168.122.1
set vrf name foo table '123'
  1. Delete all related vrf configuration:
delete interfaces ethernet eth0 vrf 
delete service ssh vrf foo 
delete vrf 
commit
  1. Create initial configuration again:
set interfaces ethernet eth0 address '192.168.122.11/24'
set interfaces ethernet eth0 vrf 'foo'
set service ssh vrf 'foo'
set vrf bind-to-all
set vrf name foo protocols static route 0.0.0.0/0 next-hop 192.168.122.1
set vrf name foo table '123'

At this moment there a no responses from the host
Client site:

$ ssh [email protected]
ssh: connect to host 192.168.122.11 port 22: No route to host
$ ssh [email protected]
ssh: connect to host 192.168.122.11 port 22: No route to host
[email protected]:~$ 

$ ping 192.168.122.11
PING 192.168.122.11 (192.168.122.11) 56(84) bytes of data.
^C
--- 192.168.122.11 ping statistics ---
4 packets transmitted, 0 received, 100% packet loss, time 3070ms

VyOS site:

[email protected]# sudo tcpdump -ni eth0 host 192.168.122.1
tcpdump: verbose output suppressed, use -v[v]... for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), snapshot length 262144 bytes
22:01:43.559510 ARP, Request who-has 192.168.122.11 tell 192.168.122.1, length 28
22:01:44.562374 ARP, Request who-has 192.168.122.11 tell 192.168.122.1, length 28
22:01:45.586339 ARP, Request who-has 192.168.122.11 tell 192.168.122.1, length 28
22:01:46.610516 ARP, Request who-has 192.168.122.11 tell 192.168.122.1, length 28
22:01:47.634429 ARP, Request who-has 192.168.122.11 tell 192.168.122.1, length 28
22:01:48.658320 ARP, Request who-has 192.168.122.11 tell 192.168.122.1, length 28

After reboot all works fine again.

Details

Difficulty level
Normal (likely a few hours)
Version
VyOS 1.4-rolling-202201120317
Why the issue appeared?
Will be filled on close
Is it a breaking change?
Unspecified (possibly destroys the router)
Issue type
Bug (incorrect behavior)

Related Objects

Mentioned In
1.3.1

Event Timeline

Issue can be triggered also with a reduced CLI config, just run this multiple times:

set interfaces ethernet eth1 vrf baz
set vrf name baz table '124'
commit
delete interfaces ethernet eth1 vrf
delete vrf

Creating the VRF using iproute2 commands there is no issue - so it's not a 3rd party bug but a VyOS bug.

ip link add vrf-blue type vrf table 1000
ip link set dev vrf-blue up
ip link set dev eth1 master vrf-blue


ip link set dev eth1 nomaster
ip link del vrf-blue
c-po triaged this task as High priority.
c-po moved this task from In Progress to Finished on the VyOS 1.3 Equuleus ( 1.3.1) board.