Page MenuHomeVyOS Platform
Create Task
Maniphest T132

Allow route-map to set "src"
Closed, ResolvedPublic
Actions

Description

When creating a route-map, the ability to use the quagga "set src" action would be very useful as it allows to configure the preferred local source when the system generates packets.

So for a practical usage, lets say I have a 172.30.1.0/30 tunnel on which someone is routing a 1.1.1.1 public IP to me.

I can then set the 1.1.1.1 IP on a loopback, then configure the default route to 172.30.1.1 but when the system generates packets, it would use 172.30.1.2 as source. The solution is then to have a route-map in quagga :

access-list acl_to_gw permit 172.30.1.1/32

route-map RM_SET_SRC permit 10

match ip next-hop acl_to_gw
set src 1.1.1.1

But currently there is no way to get VyOS to generate that "set src" part.

Also need a way to have VyOS generate the "ip protocol static route-map RM_SET_SRC" part as well. Not sure if that's already possible or not.

Details

Difficulty level
Normal (likely a few hours)

Related Objects

Event Timeline

246tnt created this task.Aug 17 2016, 1:33 PM
syncer triaged this task as Normal priority.Aug 17 2016, 1:55 PM
syncer added projects: VyOS 1.1.x (1.1.8), VyOS 2.0.x.
syncer added subscribers: VyOS 1.1.x, VyOS 2.0.x.
246tnt updated the task description. (Show Details)Aug 17 2016, 1:56 PM
246tnt added a comment.Aug 17 2016, 2:23 PM

This is my attempt :

https://github.com/vyos/vyatta-cfg-quagga/pull/10

It does generate what I expect. Although for it to work I had to remove the "match ip next-hop acl_to_gw" ... but that's unrelated I think, still investigating this.

246tnt added a comment.Aug 17 2016, 3:32 PM

Ok, so the main issue is that the route-map is only applied to routes installed _after_ it's been setup ... so you have to remove / readd all the static routes which obviously doesn't work when you reboot :(

mickvav added a subscriber: mickvav.Aug 22 2016, 2:29 PM

You need "create" section in your templates/policy/route-map/node.tag/rule/node.tag/set/src/node.def to make things survive reboots, I think.

246tnt added a comment.Aug 22 2016, 2:43 PM

Changing the priorities, I managed to make it work and it's loaded fine on reboot.

But if you modify them at run-time, changes are not applied ... worse, if you want the policy, then edit static routes, quagga doesn't even properly changes the old routes ...

At the moment, I'm living with that limitation, but I think the best option would be to just hide the 'route-map' stuff from the user for the 'static' protocol and create them under the hood and just have a 'src' node configurable when creating static route.

This way, the sequencing of removing route-maps / routes and reapplying them can be enforced so that quagga doesn't get confused.

mickvav added a comment.Aug 22 2016, 3:27 PM

Can you push your recent changes to github?

246tnt added a comment.Sep 1 2016, 1:51 PM

I pushed the priority changes I had to do on my T132 branch.

However I'll probably try to implement the alternate version I described above. That'll have to wait a couple weeks though ... traveling abroad ATM.

syncer edited projects, added VyOS 1.2 Crux; removed VyOS 2.0.x, VyOS 1.1.x (1.1.8).Dec 14 2016, 4:32 PM
syncer edited subscribers, added: VyOS 1.2 Crux; removed: VyOS 2.0.x, VyOS 1.1.x.
pasik added a subscriber: pasik.Oct 1 2018, 9:54 AM
syncer closed this task as Resolved.Oct 13 2018, 8:55 AM
syncer claimed this task.
syncer edited projects, added VyOS 1.2 Crux (VyOS 1.2.0-rc2); removed VyOS 1.2 Crux.
syncer moved this task from Needs Triage to Finished on the VyOS 1.2 Crux (VyOS 1.2.0-rc2) board.
syncer added a project: VyOS-1.2.0-GA.Oct 15 2018, 10:48 PM
m4rg4sh mentioned this in T1528: Make VyOS generate "ip[v6] protocol bgp route-map foo".Jul 15 2019, 8:56 PM