Page MenuHomeVyOS Platform
Create Task
Maniphest T3602

Renaming BGP Peer Groups Leaves Router Broken
Closed, ResolvedPublicBUG
Actions

Description

It appears there is an issue renaming and modifying peer groups which leaves the peer-groups and associated neighbors broken, even after a restart of FRR.
Original BGP configuration:

set protocols bgp 4242420670 neighbor 192.168.253.6 peer-group 'DAL13'
set protocols bgp 4242420670 neighbor 192.168.253.7 peer-group 'DAL13'
set protocols bgp 4242420670 neighbor 192.168.253.15 peer-group 'WDC07'
set protocols bgp 4242420670 neighbor fd52:d62e:8011:fffe:192:168:253:6 peer-group 'DAL13v6'
set protocols bgp 4242420670 neighbor fd52:d62e:8011:fffe:192:168:253:7 peer-group 'DAL13v6'
set protocols bgp 4242420670 neighbor fd52:d62e:8011:fffe:192:168:253:15 peer-group 'WDC07v6'
set protocols bgp 4242420670 parameters confederation identifier '4242420696'
set protocols bgp 4242420670 parameters confederation peers '4242420668'
set protocols bgp 4242420670 parameters default no-ipv4-unicast
set protocols bgp 4242420670 parameters graceful-restart
set protocols bgp 4242420670 peer-group DAL13 address-family ipv4-unicast nexthop-self
set protocols bgp 4242420670 peer-group DAL13 address-family ipv4-unicast soft-reconfiguration inbound
set protocols bgp 4242420670 peer-group DAL13 bfd
set protocols bgp 4242420670 peer-group DAL13 ebgp-multihop '2'
set protocols bgp 4242420670 peer-group DAL13 remote-as '4242420668'
set protocols bgp 4242420670 peer-group DAL13 update-source 'dum0'
set protocols bgp 4242420670 peer-group DAL13v6 address-family ipv6-unicast nexthop-self
set protocols bgp 4242420670 peer-group DAL13v6 address-family ipv6-unicast soft-reconfiguration inbound
set protocols bgp 4242420670 peer-group DAL13v6 bfd
set protocols bgp 4242420670 peer-group DAL13v6 ebgp-multihop '2'
set protocols bgp 4242420670 peer-group DAL13v6 remote-as '4242420668'
set protocols bgp 4242420670 peer-group DAL13v6 update-source 'dum0'
set protocols bgp 4242420670 peer-group WDC07 address-family ipv4-unicast nexthop-self
set protocols bgp 4242420670 peer-group WDC07 address-family ipv4-unicast soft-reconfiguration inbound
set protocols bgp 4242420670 peer-group WDC07 bfd
set protocols bgp 4242420670 peer-group WDC07 ebgp-multihop '2'
set protocols bgp 4242420670 peer-group WDC07 remote-as '4242420670'
set protocols bgp 4242420670 peer-group WDC07 update-source 'dum0'
set protocols bgp 4242420670 peer-group WDC07v6 address-family ipv6-unicast nexthop-self
set protocols bgp 4242420670 peer-group WDC07v6 address-family ipv6-unicast soft-reconfiguration inbound
set protocols bgp 4242420670 peer-group WDC07v6 bfd
set protocols bgp 4242420670 peer-group WDC07v6 ebgp-multihop '2'
set protocols bgp 4242420670 peer-group WDC07v6 remote-as '4242420670'
set protocols bgp 4242420670 peer-group WDC07v6 update-source 'dum0'

Changes:

edit protocols bgp 4242420670
  rename peer-group DAL13 to peer-group BACKBONE
  rename peer-group DAL13v6 to peer-group BACKBONEv6
  set peer-group BACKBONE remote-as external
  set peer-group BACKBONEv6 remote-as external
  set neighbor 192.168.253.6 peer-group BACKBONE
  set neighbor 192.168.253.7 peer-group BACKBONE
  set neighbor fd52:d62e:8011:fffe:192:168:253:6 peer-group BACKBONEv6
  set neighbor fd52:d62e:8011:fffe:192:168:253:7 peer-group BACKBONEv6

Here's the commit error:

[email protected]# commit
[ protocols bgp 4242420670 ]
% Ambiguous command: no neighbor DAL13v6 peer-group
Error configuring routing subsystem.  See log for more detailed information

[edit protocols bgp 4242420670]

New configuration:

[email protected]# run show conf com | grep 'set protocols bgp'
set protocols bgp 4242420670 neighbor 192.168.253.6 peer-group 'BACKBONE'
set protocols bgp 4242420670 neighbor 192.168.253.7 peer-group 'BACKBONE'
set protocols bgp 4242420670 neighbor 192.168.253.15 peer-group 'WDC07'
set protocols bgp 4242420670 neighbor fd52:d62e:8011:fffe:192:168:253:6 peer-group 'BACKBONEv6'
set protocols bgp 4242420670 neighbor fd52:d62e:8011:fffe:192:168:253:7 peer-group 'BACKBONEv6'
set protocols bgp 4242420670 neighbor fd52:d62e:8011:fffe:192:168:253:15 peer-group 'WDC07v6'
set protocols bgp 4242420670 parameters confederation identifier '4242420696'
set protocols bgp 4242420670 parameters confederation peers '4242420668'
set protocols bgp 4242420670 parameters default no-ipv4-unicast
set protocols bgp 4242420670 parameters graceful-restart
set protocols bgp 4242420670 peer-group BACKBONE address-family ipv4-unicast nexthop-self
set protocols bgp 4242420670 peer-group BACKBONE address-family ipv4-unicast soft-reconfiguration inbound
set protocols bgp 4242420670 peer-group BACKBONE bfd
set protocols bgp 4242420670 peer-group BACKBONE ebgp-multihop '2'
set protocols bgp 4242420670 peer-group BACKBONE remote-as 'external'
set protocols bgp 4242420670 peer-group BACKBONE update-source 'dum0'
set protocols bgp 4242420670 peer-group BACKBONEv6 address-family ipv6-unicast nexthop-self
set protocols bgp 4242420670 peer-group BACKBONEv6 address-family ipv6-unicast soft-reconfiguration inbound
set protocols bgp 4242420670 peer-group BACKBONEv6 bfd
set protocols bgp 4242420670 peer-group BACKBONEv6 ebgp-multihop '2'
set protocols bgp 4242420670 peer-group BACKBONEv6 remote-as 'external'
set protocols bgp 4242420670 peer-group BACKBONEv6 update-source 'dum0'
set protocols bgp 4242420670 peer-group WDC07 address-family ipv4-unicast nexthop-self
set protocols bgp 4242420670 peer-group WDC07 address-family ipv4-unicast soft-reconfiguration inbound
set protocols bgp 4242420670 peer-group WDC07 bfd
set protocols bgp 4242420670 peer-group WDC07 ebgp-multihop '2'
set protocols bgp 4242420670 peer-group WDC07 remote-as '4242420670'
set protocols bgp 4242420670 peer-group WDC07 update-source 'dum0'
set protocols bgp 4242420670 peer-group WDC07v6 address-family ipv6-unicast nexthop-self
set protocols bgp 4242420670 peer-group WDC07v6 address-family ipv6-unicast soft-reconfiguration inbound
set protocols bgp 4242420670 peer-group WDC07v6 bfd
set protocols bgp 4242420670 peer-group WDC07v6 ebgp-multihop '2'
set protocols bgp 4242420670 peer-group WDC07v6 remote-as '4242420670'
set protocols bgp 4242420670 peer-group WDC07v6 update-source 'dum0'

What FRR looks like after:

[email protected]# vtysh -c 'show run bgpd'
Building configuration...

Current configuration:
!
frr version 7.5.1-20210604-00-g8ee1377c3
frr defaults traditional
hostname cr01a-vyos
log syslog
log facility local7
service integrated-vtysh-config
!
router bgp 4242420670
 no bgp ebgp-requires-policy
 no bgp default ipv4-unicast
 bgp confederation identifier 4242420696
 bgp confederation peers 4242420668
 no bgp network import-check
 neighbor DAL13 peer-group
 neighbor DAL13 remote-as 4242420668
 neighbor DAL13 bfd
 neighbor DAL13 ebgp-multihop 2
 neighbor DAL13 update-source dum0
 neighbor DAL13v6 peer-group
 neighbor WDC07 peer-group
 neighbor WDC07 remote-as internal
 neighbor WDC07 bfd
 neighbor WDC07 update-source dum0
 neighbor WDC07v6 peer-group
 neighbor WDC07v6 remote-as internal
 neighbor WDC07v6 bfd
 neighbor WDC07v6 update-source dum0
 neighbor 192.168.253.6 peer-group DAL13
 neighbor 192.168.253.7 peer-group DAL13
 neighbor 192.168.253.15 peer-group WDC07
 neighbor 192.168.253.15 ebgp-multihop 2
 neighbor fd52:d62e:8011:fffe:192:168:253:15 peer-group WDC07v6
 neighbor fd52:d62e:8011:fffe:192:168:253:15 ebgp-multihop 2
 !
 address-family ipv4 unicast
  neighbor DAL13 activate
  neighbor DAL13 next-hop-self
  neighbor DAL13 soft-reconfiguration inbound
  neighbor WDC07 activate
  neighbor WDC07 next-hop-self
  neighbor WDC07 soft-reconfiguration inbound
 exit-address-family
 !
 address-family ipv6 unicast
  neighbor WDC07v6 activate
  neighbor WDC07v6 next-hop-self
  neighbor WDC07v6 soft-reconfiguration inbound
 exit-address-family
!
ip prefix-list OSPF-OUT seq 10 permit 192.168.253.14/32
!
ipv6 prefix-list OSPF-OUT-V6 seq 10 permit fd52:d62e:8011:fffe:192:168:253:14/128
!
route-map OSPF-OUT permit 10
 match ip address prefix-list OSPF-OUT
!
route-map OSPF-OUT-V6 permit 10
 match ipv6 address prefix-list OSPF-OUT-V6
!
line vty
!

What FRR should look like after:

[email protected]# vtysh -c 'show run bgpd'
Building configuration...

Current configuration:
!
frr version 7.5.1-20210604-00-g8ee1377c3
frr defaults traditional
hostname cr01a-vyos
log syslog
log facility local7
service integrated-vtysh-config
!
router bgp 4242420670
 no bgp ebgp-requires-policy
 no bgp default ipv4-unicast
 bgp confederation identifier 4242420696
 bgp confederation peers 4242420668
 no bgp network import-check
 neighbor BACKBONE peer-group
 neighbor BACKBONE remote-as external
 neighbor BACKBONE bfd
 neighbor BACKBONE ebgp-multihop 2
 neighbor BACKBONE update-source dum0
 neighbor BACKBONEv6 peer-group
 neighbor BACKBONEv6 remote-as external
 neighbor BACKBONEv6 bfd
 neighbor BACKBONEv6 ebgp-multihop 2
 neighbor BACKBONEv6 update-source dum0
 neighbor WDC07 peer-group
 neighbor WDC07 remote-as internal
 neighbor WDC07 bfd
 neighbor WDC07 update-source dum0
 neighbor WDC07v6 peer-group
 neighbor WDC07v6 remote-as internal
 neighbor WDC07v6 bfd
 neighbor WDC07v6 update-source dum0
 neighbor 192.168.253.6 peer-group BACKBONE
 neighbor 192.168.253.7 peer-group BACKBONE
 neighbor fd52:d62e:8011:fffe:192:168:253:6 peer-group BACKBONEv6
 neighbor fd52:d62e:8011:fffe:192:168:253:7 peer-group BACKBONEv6
 neighbor 192.168.253.15 peer-group WDC07
 neighbor 192.168.253.15 ebgp-multihop 2
 neighbor fd52:d62e:8011:fffe:192:168:253:15 peer-group WDC07v6
 neighbor fd52:d62e:8011:fffe:192:168:253:15 ebgp-multihop 2
 !
 address-family ipv4 unicast
  neighbor BACKBONE activate
  neighbor BACKBONE next-hop-self
  neighbor BACKBONE soft-reconfiguration inbound
  neighbor WDC07 activate
  neighbor WDC07 next-hop-self
  neighbor WDC07 soft-reconfiguration inbound
 exit-address-family
 !
 address-family ipv6 unicast
  neighbor BACKBONEv6 activate
  neighbor BACKBONEv6 next-hop-self
  neighbor BACKBONEv6 soft-reconfiguration inbound
  neighbor WDC07v6 activate
  neighbor WDC07v6 next-hop-self
  neighbor WDC07v6 soft-reconfiguration inbound
 exit-address-family
!
ip prefix-list OSPF-OUT seq 10 permit 192.168.253.14/32
!
ipv6 prefix-list OSPF-OUT-V6 seq 10 permit fd52:d62e:8011:fffe:192:168:253:14/128
!
route-map OSPF-OUT permit 10
 match ip address prefix-list OSPF-OUT
!
route-map OSPF-OUT-V6 permit 10
 match ipv6 address prefix-list OSPF-OUT-V6
!
line vty
!
end
[edit]

How I fixed FRR:

cr01a-vyos(config)# router bgp 4242420670
cr01a-vyos(config-router)# no neighbor DAL13
cr01a-vyos(config-router)# no neighbor DAL13v6
cr01a-vyos(config-router)# neighbor BACKBONE peer-group 
cr01a-vyos(config-router)# neighbor BACKBONE remote-as external
cr01a-vyos(config-router)# neighbor BACKBONE bfd 
cr01a-vyos(config-router)# neighbor BACKBONE ebgp-multihop 2
cr01a-vyos(config-router)# neighbor BACKBONE update-source dum0
cr01a-vyos(config-router)# neighbor BACKBONEv6 peer-group 
cr01a-vyos(config-router)# neighbor BACKBONEv6 remote-as external 
cr01a-vyos(config-router)# neighbor BACKBONEv6 bfd
cr01a-vyos(config-router)# neighbor BACKBONEv6 ebgp-multihop 2
cr01a-vyos(config-router)# neighbor BACKBONEv6 update-source dum0
cr01a-vyos(config-router)# neighbor 192.168.253.6 peer-group BACKBONE
cr01a-vyos(config-router)# neighbor 192.168.253.7 peer-group BACKBONE
cr01a-vyos(config-router)# neighbor fd52:d62e:8011:fffe:192:168:253:6 peer-group BACKBONEv6
cr01a-vyos(config-router)# neighbor fd52:d62e:8011:fffe:192:168:253:7 peer-group BACKBONEv6
cr01a-vyos(config-router)# address-family ipv4 unicast 
cr01a-vyos(config-router-af)# neighbor BACKBONE activate 
cr01a-vyos(config-router-af)# neighbor BACKBONE next-hop-self 
cr01a-vyos(config-router-af)# neighbor BACKBONE soft-reconfiguration inbound 
cr01a-vyos(config-router-af)# exit-address-family 
cr01a-vyos(config-router)# address-family ipv6 unicast 
cr01a-vyos(config-router-af)# neighbor BACKBONEv6 activate 
cr01a-vyos(config-router-af)# neighbor BACKBONEv6 next-hop-self 
cr01a-vyos(config-router-af)# neighbor BACKBONEv6 soft-reconfiguration inbound 
cr01a-vyos(config-router-af)# exit

Details

Difficulty level
Normal (likely a few hours)
Version
1.3-beta-202106041554
Why the issue appeared?
Will be filled on close
Is it a breaking change?
Perfectly compatible
Issue type
Bug (incorrect behavior)

Related Objects
Search...

Event Timeline

trae32566 created this task.Jun 7 2021, 8:39 AM
pasik added a subscriber: pasik.Jun 7 2021, 9:40 AM
Viacheslav added a subscriber: Viacheslav.EditedJun 7 2021, 2:31 PM

https://github.com/vyos/vyatta-cfg-quagga/blob/fef5870b764e6166b639043fadb9317c8a49881d/scripts/bgp/vyatta-bgp.pl#L621-L625
https://github.com/vyos/vyatta-cfg-quagga/blob/fef5870b764e6166b639043fadb9317c8a49881d/scripts/bgp/vyatta-bgp.pl#L802-L806

Additional logs

Jun  7 17:28:53 r4-1 commit: Successful change to active configuration by user vyos on /dev/pts/1
Jun  7 17:29:15 r4-1 bgpd[841]: [EC 33554443] couldn't delete af structure for peer DAL13v6(IPv6, unicast)
Jun  7 17:29:15 r4-1  vyatta-cfg-quagga[3042]: /usr/bin/vtysh -c configure terminal -c router bgp 4242420670 -c no neighbor DAL13v6 peer-group failed: 256
Jun  7 17:29:15 r4-1 systemd[1784]: opt-vyatta-config-tmp-new_config_2175.mount: Succeeded.

Vtysh:

r4-1.3(config)# router bgp 
r4-1.3(config-router)# no neighbor DAL13v6 peer-group
% Ambiguous command: no neighbor DAL13v6 peer-group
r4-1.3(config-router)# no neighbor DAL13v6 peer-group 
  <cr>    
  PGNAME  Peer-group name
     DAL13 DAL13v6 WDC07 WDC07v6 
r4-1.3(config-router)#

It seems a new behavior for FRR 7.5.1
Compare with LTS
LTS:

r2-lts(config-router)# neighbor DAL13v6 peer-group
r2-lts(config-router)# 
r2-lts(config-router)#  no neighbor DAL13v6 peer-group
r2-lts(config-router)#

1.3:

r4-1.3(config-router)# neighbor DAL13v6 peer-group
r4-1.3(config-router)# 
r4-1.3(config-router)# no neighbor DAL13v6 peer-group
% Ambiguous command: no neighbor DAL13v6 peer-group
r4-1.3(config-router)#

The minimal config to reproduce:

set protocols bgp 65001 peer-group FOO
set protocols bgp 65001 peer-group BAR
commit
delete protocols bgp 65001 peer-group FOO
commit
Viacheslav added a parent task: T3182: Main blocker Task for FRR 7.4/7.5 series update.Jun 7 2021, 2:44 PM
Viacheslav added a comment.Jun 7 2021, 4:20 PM

PR https://github.com/vyos/vyatta-cfg-quagga/pull/81

Viacheslav claimed this task.Jun 7 2021, 4:35 PM
Viacheslav changed the task status from Open to Needs testing.Jun 7 2021, 4:40 PM
trae32566 added a comment.Jun 7 2021, 8:27 PM

This is indeed fixed!

Viacheslav closed this task as Resolved.Jun 9 2021, 7:02 AM
c-po moved this task from Need Triage to Finished on the VyOS 1.3 Equuleus board.Jun 13 2021, 11:20 AM
SrividyaA set Issue type to Bug (incorrect behavior).Aug 31 2021, 6:12 PM
syncer edited projects, added VyOS 1.3 Equuleus (1.3.0); removed VyOS 1.3 Equuleus.Aug 29 2022, 12:17 PM
syncer moved this task from Need Triage to Finished on the VyOS 1.3 Equuleus (1.3.0) board.