Page MenuHomeVyOS Platform
Create Task
Maniphest T5398

FRR mangles container network interface names
Closed, ResolvedPublicBUG
Actions

Description

When configuring static routes for leaking a container route into a VRF, the interface name is mangled once installed in FRR:

container {
  name test {
     image ubuntu:20.04
     network TEST {
     }
  }
  network TEST {
     prefix 192.168.0.0/24
  }
}
[...]
vrf name TEST {
    protocols {
         static {
             route 192.168.0.0/24 {
                 interface pod-TEST {
                     vrf default
                 }
             }
         }
   }
}

Resulting FRR running config:

vrf TEST
 ip route 192.168.0.0/24 pod_TEST nexthop-vrf default
exit-vrf

As shown above, the container network pod-TEST is mangled to pod_TEST causing the static route to fail. Manually changing the running configuration in FRR corrects this behavior and allows the routing to behave as expected.

Details

Difficulty level
Unknown (require assessment)
Version
1.4-rolling-202307190317
Why the issue appeared?
Will be filled on close
Is it a breaking change?
Unspecified (possibly destroys the router)
Issue type
Bug (incorrect behavior)

Revisions and Commits

Restricted Diffusion Commit

Related Objects

Event Timeline

jvoss created this task.Jul 24 2023, 11:12 PM
pasik added a subscriber: pasik.Jul 25 2023, 7:02 AM
Viacheslav added a subscriber: Viacheslav.Jul 25 2023, 1:11 PM

Try to add no_tag_node_value_mangle there https://github.com/vyos/vyos-1x/blob/20b7155f4140f54cf7669256160b6fedd8c1ab7a/src/conf_mode/protocols_static.py#L50

You can test it on the running system

sudo nano -c +50 /usr/libexec/vyos/conf_mode/protocols_static.py

and change this line like

static = conf.get_config_dict(base, key_mangling=('-', '_'), get_first_key=True, no_tag_node_value_mangle=True)

sudo systemctl restart vyos-configd

jvoss added a comment.Jul 25 2023, 1:31 PM

Spot on Viacheslav! That absolutely resolved the issue, thanks! I was initially thinking it might have been the key_mangling option. Glad to see there is another option here.

I am happy to submit a PR for this if you would like?

Viacheslav added a comment.Jul 25 2023, 1:55 PM

@jvoss Add the PR, please
Thanks.

jvoss claimed this task.Jul 25 2023, 9:04 PM
jvoss added a commit: Restricted Diffusion Commit.

https://github.com/vyos/vyos-1x/pull/2110

Viacheslav changed the task status from Open to Needs testing.Jul 25 2023, 9:28 PM
Viacheslav closed this task as Resolved.Jul 26 2023, 12:01 PM
Viacheslav moved this task from Need Triage to Finished on the VyOS 1.4 Sagitta board.
jvoss mentioned this in T5407: Static routes pointed to container networks fail to persist after reboot.Jul 27 2023, 2:53 AM