Page MenuHomeVyOS Platform
Create Task
Maniphest T4876

mpls - LSP broken on FRR 8.4.1
Closed, ResolvedPublicBUG
Actions

Description

it seems that FRR's latest version, there is a problem with l3vpn vpn over mpls. based on this topology :

https://forum.vyos.io/t/vyos-1-4-l3vpn-bgp-import-export-nexthop-incorrect/9876

it looks like with control-plane all is working , however , it couldn't send traffic over this PEs :

vyos@cust-pe2:~$ show configuration commands | match " bgp| mpls"
set protocols bgp neighbor 10.255.254.2 address-family ipv4-unicast
set protocols bgp neighbor 10.255.254.2 address-family ipv4-vpn nexthop-self force
set protocols bgp neighbor 10.255.254.2 address-family ipv4-vpn soft-reconfiguration inbound
set protocols bgp neighbor 10.255.254.2 description 'MPLS'
set protocols bgp neighbor 10.255.254.2 disable-connected-check
set protocols bgp neighbor 10.255.254.2 remote-as '64532'
set protocols bgp neighbor 10.255.254.2 update-source 'dum20'
set protocols bgp parameters log-neighbor-changes
set protocols bgp parameters router-id '1.1.1.1'
set protocols bgp system-as '64532'
set protocols mpls interface 'eth0'
set protocols mpls interface 'dum20'
set protocols mpls ldp discovery transport-ipv4-address '1.1.1.1'
set protocols mpls ldp export ipv4 explicit-null
set protocols mpls ldp interface 'eth0'
set protocols mpls ldp interface 'dum20'
set protocols mpls ldp router-id '1.1.1.1'
set vrf name customer protocols bgp address-family ipv4-unicast export vpn
set vrf name customer protocols bgp address-family ipv4-unicast import vpn
set vrf name customer protocols bgp address-family ipv4-unicast label vpn export 'auto'
set vrf name customer protocols bgp address-family ipv4-unicast network 5.5.5.5/32
set vrf name customer protocols bgp address-family ipv4-unicast network 10.180.50.0/24
set vrf name customer protocols bgp address-family ipv4-unicast rd vpn export '1:2'
set vrf name customer protocols bgp address-family ipv4-unicast redistribute connected
set vrf name customer protocols bgp address-family ipv4-unicast route-target vpn export '1:2'
set vrf name customer protocols bgp address-family ipv4-unicast route-target vpn import '1:2'
set vrf name customer protocols bgp parameters router-id '10.180.50.50'
set vrf name customer protocols bgp system-as '64531'

this case is related to another task, where we can advertise using network command :

https://phabricator.vyos.net/T4846

I've done some test 8.2.2 , it works without problems . I'll open a case with both bugs .

Details

Difficulty level
Unknown (require assessment)
Version
VyOS 1.4-rolling-202204201428
Why the issue appeared?
Will be filled on close
Is it a breaking change?
Unspecified (possibly destroys the router)
Issue type
Unspecified (please specify)

Related Objects
Search...

StatusSubtypeAssignedTask
 ResolvedBUGNoneT4846 L3VPN- network command doesn't install direct connected prefix
 ResolvedBUGNoneT4876 mpls - LSP broken on FRR 8.4.1

Event Timeline

fernando created this task.Dec 12 2022, 9:06 PM
fernando added a parent task: T4846: L3VPN- network command doesn't install direct connected prefix.
fernando updated the task description. (Show Details)Dec 12 2022, 9:12 PM
pasik added a subscriber: pasik.Dec 12 2022, 9:27 PM
fernando renamed this task from mpls - lsp broke on FRR 8.4.1 to mpls - LSP broken on FRR 8.4.1.Dec 12 2022, 11:12 PM
Cheeze_It added a subscriber: Cheeze_It.Dec 14 2022, 6:02 AM
fernando added a comment.Mar 29 2023, 2:47 PM

frr 8.5 LSP is working as expected:

set protocols bgp neighbor 10.255.254.2 address-family ipv4-vpn nexthop-self
set protocols bgp neighbor 10.255.254.2 address-family ipv4-vpn soft-reconfiguration inbound
set protocols bgp neighbor 10.255.254.2 description 'MPLS'
set protocols bgp neighbor 10.255.254.2 disable-connected-check
set protocols bgp neighbor 10.255.254.2 remote-as '64532'
set protocols bgp neighbor 10.255.254.2 update-source 'dum20'
set protocols bgp parameters log-neighbor-changes
set protocols bgp parameters router-id '1.1.1.1'
set protocols bgp system-as '64532'
set protocols mpls interface 'eth0'
set protocols mpls interface 'dum20'
set protocols mpls ldp discovery transport-ipv4-address '1.1.1.1'
set protocols mpls ldp export ipv4
set protocols mpls ldp interface 'eth0'
set protocols mpls ldp interface 'dum20'
set protocols mpls ldp router-id '1.1.1.1'
set protocols ospf area 0 network '0.0.0.0/0'
set protocols ospf parameters abr-type 'cisco'
set protocols ospf parameters router-id '1.1.1.1'
set service ssh

set system host-name 'cust-pe2'

set vrf bind-to-all
set vrf name customer protocols bgp address-family ipv4-unicast export vpn
set vrf name customer protocols bgp address-family ipv4-unicast import vpn
set vrf name customer protocols bgp address-family ipv4-unicast label vpn export 'auto'
set vrf name customer protocols bgp address-family ipv4-unicast network 172.16.80.0/24
set vrf name customer protocols bgp address-family ipv4-unicast rd vpn export '1:2'
set vrf name customer protocols bgp address-family ipv4-unicast route-target vpn export '1:2'
set vrf name customer protocols bgp address-family ipv4-unicast route-target vpn import '1:2'
set vrf name customer protocols bgp parameters router-id '10.180.50.50'

we can see prefix imported from l3vpn

vyos@cust-pe2:~$ show ip route vrf customer
Codes: K - kernel route, C - connected, S - static, R - RIP,
       O - OSPF, I - IS-IS, B - BGP, E - EIGRP, N - NHRP,
       T - Table, v - VNC, V - VNC-Direct, A - Babel, F - PBR,
       f - OpenFabric,
       > - selected route, * - FIB route, q - queued, r - rejected, b - backup
       t - trapped, o - offload failure

VRF customer:
B>  10.180.2.0/24 [200/0] via 10.255.254.2 (vrf default) (recursive), label 80, weight 1, 00:21:55
  *                         via 10.180.3.2, eth0 (vrf default), label implicit-null/80, weight 1, 00:21:55
C>* 10.180.50.50/32 is directly connected, dum50, 00:29:19
C>* 172.16.80.0/24 is directly connected, eth1, 00:29:18

now i's working frr 8.5 , pings from CE :

vyos@vyos:~$ ping 10.180.2.254 interface 172.16.80.100
PING 10.180.2.254 (10.180.2.254) from 172.16.80.100 : 56(84) bytes of data.
64 bytes from 10.180.2.254: icmp_seq=1 ttl=62 time=1.04 ms
64 bytes from 10.180.2.254: icmp_seq=2 ttl=62 time=1.50 ms
64 bytes from 10.180.2.254: icmp_seq=3 ttl=62 time=1.33 ms
fernando closed this task as Resolved.Mar 29 2023, 2:47 PM