Page MenuHomeVyOS Platform
Create Task
Maniphest T4385

bgp: peer-group member cannot override remote-as of peer-group
Closed, ResolvedPublicBUG
Actions

Description

FRR does not allow that a member of a peer-group will override the remote-as already specified in the peer-group.

Add a verify() implementation to catch this error.

Details

Difficulty level
Easy (less than an hour)
Version
1.4
Why the issue appeared?
Implementation mistake
Is it a breaking change?
Stricter validation
Issue type
Bug (incorrect behavior)

Event Timeline

c-po closed this task as Resolved.Apr 21 2022, 6:16 PM
c-po claimed this task.
c-po triaged this task as Normal priority.
c-po created this task.
c-po changed Why the issue appeared? from Will be filled on close to Implementation mistake.
c-po changed Is it a breaking change? from Perfectly compatible to Stricter validation.
c-po reopened this task as In progress.EditedMay 2 2022, 6:19 PM

We also need to verify remote-as in v6only or interface definitions:

set protocols bgp local-as '100'
set protocols bgp neighbor eth2.2000 description Management BGP Peering'
set protocols bgp neighbor eth2.2000 interface v6only peer-group 'Management'
set protocols bgp neighbor eth2.2000 interface v6only remote-as 'external'
set protocols bgp neighbor eth2.2000 'shutdown'
set protocols bgp neighbor eth2.2001 address-family ipv4-unicast soft-reconfiguration 'inbound'
set protocols bgp neighbor eth2.2001 description Cluster-1 BGP Peering'
set protocols bgp neighbor eth2.2001 graceful-restart 'enable'
set protocols bgp neighbor eth2.2001 interface remote-as '64512'
set protocols bgp neighbor eth2.2001 'shutdown'
set protocols bgp parameters router-id '10.10.200.1'
set protocols bgp peer-group Cluster-1 description All Cluster-1 BGP Peering'
set protocols bgp peer-group Cluster-1 remote-as '64512'
set protocols bgp peer-group Cluster-1 update-source 'eth2.2001'
set protocols bgp peer-group Management address-family 'ipv4-unicast'
set protocols bgp peer-group Management address-family 'ipv6-unicast'
set protocols bgp peer-group Management capability 'extended-nexthop'
set protocols bgp peer-group Management description All Management BGP Peering'
set protocols bgp peer-group Management remote-as 'external'

Will report:

frr-reload output: 274 2022-05-02 20:16:44,483  INFO: /var/run/frr/reload-S7MZBR.txt content
frr-reload output: 275 ['router bgp 100\n neighbor eth2.2000 interface v6only remote-as external\n',
frr-reload output: 276  'router bgp 100\n neighbor eth2.2000 interface v6only remote-as external\n']
frr-reload output: 277 % Peer-group member cannot override remote-as of peer-group.
frr-reload output: 278 line 2: Failure to communicate[13] to bgpd, line:  neighbor eth2.2000 interface v6only remote-as external
frr-reload output: 279
frr-reload output: 280 % Peer-group member cannot override remote-as of peer-group.
frr-reload output: 281 line 5: Failure to communicate[13] to bgpd, line:  neighbor eth2.2000 interface v6only remote-as external
frr-reload output: 282
frr-reload output: 283 2022-05-02 20:16:44,590 WARNING: frr-reload.py failed due to
frr-reload output: 284 vtysh (exec file) exited with status 13
VyOS had an issue completing a command.
pasik added a subscriber: pasik.May 2 2022, 7:38 PM
c-po closed this task as Resolved.May 6 2022, 4:32 PM