Page MenuHomeVyOS Platform
Create Task
Maniphest T3770

BGP neighbor not generating the correct frr configuration when moved to peer-group
Closed, WontfixPublicBUG
Actions

Description

It seems that bgp neighbors / peer-group / address-family has to be configured in a specific order in order to generate the correct frr config.

Steps to reproduce.

configure ipv6 peer with remote-as
commit
The configuration after first commit

olof@o6-internet-3# show protocols | commands 
set bgp 4200010000 neighbor 2001:db8::2 remote-as '65500'

Then delete ipv6 peer remote-as
configure ipv6 peer-group with remote-as
commit

The configuration in VyOS after commit

olof@o6-internet-3# show protocols | commands 
set bgp 4200010000 address-family ipv6-unicast redistribute connected route-map 'REDISTRIBUTE-INTO-BGP'
set bgp 4200010000 address-family ipv6-unicast redistribute static route-map 'REDISTRIBUTE-INTO-BGP'
set bgp 4200010000 neighbor 2001:db8::2 address-family ipv6-unicast
set bgp 4200010000 neighbor 2001:db8::2 peer-group 'CUST_CR_IPV6'
set bgp 4200010000 peer-group CUST_CR_IPV6 address-family ipv6-unicast route-map export 'OUT-CR'
set bgp 4200010000 peer-group CUST_CR_IPV6 address-family ipv6-unicast route-map import 'IN-CR'
set bgp 4200010000 peer-group CUST_CR_IPV6 remote-as '65500'

it will generate a warning

olof@o6-internet-3# commit
[ protocols bgp 4200010000 ]
[ protocols bgp 4200010000 neighbor 2001:db8::2 ]
  must set remote-as or address-family ipv6-unicast peer-group with remote-as defined

And the configure generated in frr
#VTYSH

router bgp 4200010000
 no bgp ebgp-requires-policy
 no bgp network import-check
 neighbor 2001:db8::2 remote-as 65500
 !
 address-family ipv6 unicast
  neighbor 2001:db8::2 activate
 exit-address-family
!
ipv6 prefix-list IN-CR-IPV6 seq 10 permit ::/0
ipv6 prefix-list CUST-PUBLIC-IPV6 seq 10 permit 2001:db8::/32 le 64
!
route-map IN-CR permit 20
 match ipv6 address prefix-list IN-CR-IPV6
!
route-map OUT-CR permit 20
 match ipv6 address prefix-list CUST-PUBLIC-IPV6
!
route-map REDISTRIBUTE-INTO-BGP permit 20
 match ipv6 address prefix-list CUST-PUBLIC-IPV6
!

As you can see, this part is missing from the expected configuration in frr.

address-family ipv6 unicast
 redistribute connected route-map REDISTRIBUTE-INTO-BGP
 redistribute static route-map REDISTRIBUTE-INTO-BGP
 neighbor CUST_CR_IPV6 activate
 neighbor CUST_CR_IPV6 route-map IN-CR in
 neighbor CUST_CR_IPV6 route-map OUT-CR out

Details

Difficulty level
Unknown (require assessment)
Version
1.3-beta-202108221610
Why the issue appeared?
Will be filled on close
Is it a breaking change?
Unspecified (possibly destroys the router)

Event Timeline

lundgrenolof created this task.Aug 23 2021, 7:54 AM
pasik added a subscriber: pasik.Aug 23 2021, 8:00 AM
fernando added a subscriber: fernando.Aug 23 2021, 9:11 PM
Viacheslav changed the task status from Open to Confirmed.Aug 29 2021, 11:43 AM
syncer assigned this task to Viacheslav.Oct 17 2021, 1:42 PM
syncer triaged this task as Normal priority.
syncer edited projects, added VyOS 1.4 Sagitta, VyOS 1.3 Equuleus (1.3.0-epa3); removed VyOS 1.3 Equuleus.
syncer edited projects, added VyOS 1.3 Equuleus (1.3.0); removed VyOS 1.3 Equuleus (1.3.0-epa3).Nov 1 2021, 10:11 PM
syncer edited projects, added VyOS 1.3 Equuleus (1.3.3); removed VyOS 1.3 Equuleus (1.3.0).Aug 29 2022, 7:04 AM
syncer edited projects, added VyOS 1.3 Equuleus (1.3.4); removed VyOS 1.3 Equuleus (1.3.3).Jul 12 2023, 9:39 PM
syncer edited projects, added VyOS 1.3 Equuleus (1.3.5); removed VyOS 1.3 Equuleus (1.3.4).Aug 25 2023, 9:29 PM
syncer edited projects, added VyOS 1.3 Equuleus (1.3.6); removed VyOS 1.3 Equuleus (1.3.5).Dec 17 2023, 11:37 PM
Viacheslav removed a project: VyOS 1.4 Sagitta.Jan 19 2024, 10:28 PM

Still bug for 1.3.5

set protocols bgp 4200010000 address-family ipv6-unicast redistribute connected
set protocols bgp 4200010000 address-family ipv6-unicast redistribute static
set protocols bgp 4200010000 neighbor 2001:db8::2 address-family ipv6-unicast
set protocols bgp 4200010000 neighbor 2001:db8::2 peer-group 'CUST_CR_IPV6'
set protocols bgp 4200010000 peer-group CUST_CR_IPV6 address-family ipv6-unicast
set protocols bgp 4200010000 peer-group CUST_CR_IPV6 remote-as '65500'

commit:

vyos@r1# commit
[ protocols bgp 4200010000 ]
[ protocols bgp 4200010000 neighbor 2001:db8::2 ]
  must set remote-as or address-family ipv6-unicast peer-group with remote-as defined

[edit protocols]
syncer edited projects, added VyOS 1.3 Equuleus (1.3.7); removed VyOS 1.3 Equuleus (1.3.6).Feb 10 2024, 9:17 AM
a.apostoliuk claimed this task.Mon, Apr 8, 2:29 PM
a.apostoliuk added a subscriber: Viacheslav.
dmbaturin closed this task as Wontfix.Thu, Apr 11, 2:51 PM
dmbaturin added a subscriber: dmbaturin.

Trying to fix it is too risky because it may stop other not-quite-valid configuration from loading and we don't know how big the impact is going to be. 1.4 doesn't have the issue, and 1.3 is in the maintenance phase.

a.apostoliuk added a comment.Thu, Apr 11, 3:09 PM

You can use the next type of configuration

set protocols bgp 4200010000 neighbor 2001:db8::2 address-family ipv6-unicast peer-group 'CUST_CR_IPV6'
set protocols bgp 4200010000 parameters default no-ipv4-unicast
set protocols bgp 4200010000 peer-group CUST_CR_IPV6 address-family ipv6-unicast
set protocols bgp 4200010000 peer-group CUST_CR_IPV6 remote-as '65500'

But we recommend to check the result in FRR configuration.