Page MenuHomeVyOS Platform
Create Task
Maniphest T6675

VXLAN Interface configuration lost due to improper bridge detachment
In progress, NormalPublicBUG
Actions

Description

When you add the neighbor-suppress parameter to a VXLAN interface, you will see that the interface needs to be a member of a bridge, which is expected:

vyos@R1# set interfaces vxlan vxlan4000 parameters neighbor-suppress 
[edit]
vyos@R1# commit
[ interfaces vxlan vxlan4000 ]
Neighbor suppression requires that VXLAN interface is member of a bridge
interface!

[[interfaces vxlan vxlan4000]] failed
Commit failed
[edit]

After adding the interface to the bridge, you can commit the changes:

vyos@R1# set interfaces bridge br0 member interface vxlan4000 
[edit]
vyos@R1# commit
[edit]

However, if you remove the interface from the bridge, you do not receive any warning that you need to first remove the neighbor-suppress parameter from the VXLAN interface, and you can still commit the changes.

vyos@R1# delete  interfaces bridge br0 member interface vxlan4000 
[edit]
vyos@R1# commit
[edit]

The issue is that after a reboot, the VXLAN interface will be missing, along with all its configuration information.

To resolve the issue, there need to implement a validation script or warning mechanism that checks if the neighbor-suppress parameter is correctly removed from a VXLAN interface when it is detached from a bridge before allowing configuration commits.

Details

Difficulty level
Unknown (require assessment)
Version
1.5-latest
Why the issue appeared?
Will be filled on close
Is it a breaking change?
Unspecified (possibly destroys the router)
Issue type
Bug (incorrect behavior)