Page MenuHomeVyOS Platform

Error on adding a wireguard interface to OSPFv3
Closed, ResolvedPublicBUG

Description

This is a copy of https://forum.vyos.io/t/error-on-adding-a-wireguard-interface-to-ospfv3/13534
and by request of tjh I'm also posting it here.


i have OSPF (ipv4) up and running with some ipsec-vti (+ neighbor’s) and wireguard (passive) interfaces
this is working fine.

now i’m trying to add OSPFv3 (IPv6) to it.
this works with de VTI interfaces:

XXX@rt01# show protocols ospfv3 | strip-private 
 area 10.10.0.0 {
     range xxxx:xxxx:c2c:2bd9::/64 {
         advertise
     }
     range xxxx:xxxx:fd32::/48 {
         advertise
     }
 }
 interface lo {
     area 10.10.0.0
     passive
 }
 interface vti101 {
     area 10.10.0.0
     network point-to-point
 }
 interface vti201 {
     area 0.0.0.0
     network point-to-point
 }
 interface vti202 {
     area 0.0.0.0
     network point-to-point
 }
 interface vti203 {
     area 0.0.0.0
     network point-to-point
 }
 log-adjacency-changes {
     detail
 }
 parameters {
     router-id xxx.xxx.255.1
 }

but when i’m trying to add the wireguard interfaces i’m getting the following error:

rt01# compare 
[protocols ospfv3 interface]
+ wg231 {
+     area "10.10.0.0"
+     passive
+ }

[edit]
XXX@rt01# commit
[ protocols ospfv3 ]
VyOS had an issue completing a command.

We are sorry that you encountered a problem while using VyOS.
There are a few things you can do to help us (and yourself):
- Contact us using the online help desk if you have a subscription:
  https://support.vyos.io/
- Make sure you are running the latest version of VyOS available at:
  https://vyos.net/get/
- Consult the community forum to see how to handle this issue:
  https://forum.vyos.io
- Join us on Slack where our users exchange help and advice:
  https://vyos.slack.com

When reporting problems, please include as much information as possible:
- do not obfuscate any data (feel free to contact us privately if your 
  business policy requires it)
- and include all the information presented below

Report time:      2024-01-28 21:41:14
Image version:    VyOS 1.5-rolling-202401090834
Release train:    current

Built by:         [email protected]
Built on:         Tue 09 Jan 2024 10:30 UTC
Build UUID:       350f1f79-e581-4dd2-956c-36b7ef1c5e5c
Build commit ID:  92195009af863c

Architecture:     x86_64
Boot via:         installed image
System type:      KVM guest

Hardware vendor:  Hetzner
Hardware model:   vServer
Hardware S/N:     14585311
Hardware UUID:    156eed2a-0020-4471-ad82-eecfe5de4127

Traceback (most recent call last):
  File "/usr/libexec/vyos/conf_mode/protocols_ospfv3.py", line 184, in <module>
    apply(c)
  File "/usr/libexec/vyos/conf_mode/protocols_ospfv3.py", line 175, in apply
    frr_cfg.commit_configuration(ospf6_daemon)
  File "/usr/lib/python3/dist-packages/vyos/frr.py", line 482, in commit_configuration
    raise ConfigurationNotValid(f'Config commit retry counter ({count_max}) exceeded for {daemon} dameon!')
vyos.frr.ConfigurationNotValid: Config commit retry counter (5) exceeded for ospf6d dameon!



[[protocols ospfv3]] failed
Commit failed
[edit]

What gone wrong here?

Details

Difficulty level
Unknown (require assessment)
Version
VyOS 1.5-rolling-202401090834
Why the issue appeared?
Will be filled on close
Is it a breaking change?
Unspecified (possibly destroys the router)
Issue type
Bug (incorrect behavior)

Event Timeline

Some update in the time i posted it on the forum and posted it here,
today i added an additional IPSec-VTI VPN with OSPF (IPv4),
all working as expected.

after also adding OSPFv3 (IPv6) i got the "same" error, so it's not only wireguard or passive interfaces but also on IPSec VTI and/or "Active" OSPF links.

XXX@rt01# compare 
[protocols ospfv3 interface]
+ vti102 {
+     area "10.10.0.0"
+     network "point-to-point"
+ }

[edit]
XXX@rt01# commit
[ protocols ospfv3 ]
VyOS had an issue completing a command.

We are sorry that you encountered a problem while using VyOS.
There are a few things you can do to help us (and yourself):
- Contact us using the online help desk if you have a subscription:
  https://support.vyos.io/
- Make sure you are running the latest version of VyOS available at:
  https://vyos.net/get/
- Consult the community forum to see how to handle this issue:
  https://forum.vyos.io
- Join us on Slack where our users exchange help and advice:
  https://vyos.slack.com

When reporting problems, please include as much information as possible:
- do not obfuscate any data (feel free to contact us privately if your 
  business policy requires it)
- and include all the information presented below

Report time:      2024-01-30 21:22:30
Image version:    VyOS 1.5-rolling-202401090834
Release train:    current

Built by:         [email protected]
Built on:         Tue 09 Jan 2024 10:30 UTC
Build UUID:       350f1f79-e581-4dd2-956c-36b7ef1c5e5c
Build commit ID:  92195009af863c

Architecture:     x86_64
Boot via:         installed image
System type:      KVM guest

Hardware vendor:  Hetzner
Hardware model:   vServer
Hardware S/N:     14585311
Hardware UUID:    156eed2a-0020-4471-ad82-eecfe5de4127

Traceback (most recent call last):
  File "/usr/libexec/vyos/conf_mode/protocols_ospfv3.py", line 184, in <module>
    apply(c)
  File "/usr/libexec/vyos/conf_mode/protocols_ospfv3.py", line 175, in apply
    frr_cfg.commit_configuration(ospf6_daemon)
  File "/usr/lib/python3/dist-packages/vyos/frr.py", line 482, in commit_configuration
    raise ConfigurationNotValid(f'Config commit retry counter ({count_max}) exceeded for {daemon} dameon!')
vyos.frr.ConfigurationNotValid: Config commit retry counter (5) exceeded for ospf6d dameon!



[[protocols ospfv3]] failed
Commit failed
[edit]

Fixed by upstream frr 9.1 release. There was a missing exit when entering frr-reload contexts.

Will be fixed by latest 1.5 rolling release and by 1.4.0-epa1

c-po moved this task from Need Triage to Finished on the VyOS 1.5 Circinus board.
c-po moved this task from Need Triage to Finished on the VyOS 1.4 Sagitta (1.4.0-epa) board.