-
Bug
-
Resolution: Won't Do
-
Normal
-
None
-
None
-
None
EVPN configuration for FRR is incomplete which is blocking route advertisement.
Deployed RHOSO with 1 compute node + DVR enabled and 1 provider network.
Problem:
I see that ovn-bgp-agent detects the creation of provider network and updated the FRR configuration once I feed VNI ID to OVN NB DB. But EVPN routes are not seen at all, so it can't advertise.
compute-0# sh bgp l2vpn evpn No prefixes displayed, 0 exist
This is the FRR running config after the reconfiguration ovn-bgp-agent, note that "address-family l2vpn evpn" is inside VRF block.
compute-0# sh running-config
Building configuration...
Current configuration:
!
frr version 8.5.3
frr defaults traditional
hostname compute-0
log stdout informational
log timestamp precision 3
!
vrf vrf-1001
vni 1001
exit-vrf
!
router bgp 64999
bgp router-id 192.168.122.100
bgp log-neighbor-changes
no bgp ebgp-requires-policy
no bgp suppress-duplicates
no bgp hard-administrative-reset
no bgp default ipv4-unicast
bgp graceful-shutdown
no bgp graceful-restart notification
no bgp network import-check
neighbor uplink peer-group
neighbor uplink remote-as internal
neighbor uplink password f00barZ
neighbor uplink ttl-security hops 1
neighbor 12.12.12.2 peer-group uplink
!
address-family ipv4 unicast
redistribute connected
neighbor uplink activate
neighbor uplink allowas-in origin
neighbor uplink prefix-list only-host-prefixes out
exit-address-family
!
address-family ipv6 unicast
redistribute connected
neighbor uplink activate
neighbor uplink allowas-in origin
neighbor uplink prefix-list only-host-prefixes out
exit-address-family
exit
!
router bgp 64999 vrf vrf-1001
no bgp ebgp-requires-policy
no bgp suppress-duplicates
no bgp hard-administrative-reset
no bgp graceful-restart notification
no bgp network import-check
!
address-family ipv4 unicast
redistribute kernel
redistribute connected
exit-address-family
!
address-family ipv6 unicast
redistribute kernel
redistribute connected
exit-address-family
!
address-family l2vpn evpn
advertise ipv4 unicast
advertise ipv6 unicast
rd 12.12.12.1:1001
exit-address-family
exit
!
ip prefix-list only-default seq 5 permit 0.0.0.0/0
ip prefix-list only-host-prefixes seq 5 permit 0.0.0.0/0 ge 32
!
ipv6 prefix-list only-default seq 5 permit ::/0
ipv6 prefix-list only-host-prefixes seq 5 permit ::/0 ge 128
!
route-map rm-only-default permit 10
match ip address prefix-list only-default
set src 192.168.122.100
exit
!
route-map rm-only-default permit 11
match ipv6 address prefix-list only-default
set src 192.168.122.100
exit
!
ip nht resolve-via-default
!
ip protocol bgp route-map rm-only-default
!
ipv6 protocol bgp route-map rm-only-default
!
end
Solution to the problem:
compute-0# config compute-0(config)# router bgp 64999 compute-0(config-router)# address-family l2vpn evpn compute-0(config-router-af)# neighbor 12.12.12.2 activate compute-0(config-router-af)# advertise-all-vni compute-0(config-router-af)# advertise ipv4 unicast compute-0(config-router-af)# exit-address-family
With this configuration, EVPN routes are being advertised and received.
compute-0# sh bgp l2vpn evpn
BGP table version is 5, local router ID is 192.168.122.100
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal
Origin codes: i - IGP, e - EGP, ? - incomplete
EVPN type-1 prefix: [1]:[EthTag]:[ESI]:[IPlen]:[VTEP-IP]:[Frag-id]
EVPN type-2 prefix: [2]:[EthTag]:[MAClen]:[MAC]:[IPlen]:[IP]
EVPN type-3 prefix: [3]:[EthTag]:[IPlen]:[OrigIP]
EVPN type-4 prefix: [4]:[ESI]:[IPlen]:[OrigIP]
EVPN type-5 prefix: [5]:[EthTag]:[IPlen]:[IP]
Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 12.12.12.1:1001
*> [5]:[0]:[0]:[0.0.0.0]
12.12.12.1 0 32768 ?
ET:8 RT:64999:1001 Rmac:fa:16:a0:29:e2:8a
*> [5]:[0]:[32]:[172.16.101.1]
12.12.12.1 0 32768 ?
ET:8 RT:64999:1001 Rmac:fa:16:a0:29:e2:8a
*> [5]:[0]:[32]:[172.16.101.125]
12.12.12.1 0 32768 ?
ET:8 RT:64999:1001 Rmac:fa:16:a0:29:e2:8a
*> [5]:[0]:[32]:[172.16.101.229]
12.12.12.1 0 32768 ?
ET:8 RT:64999:1001 Rmac:fa:16:a0:29:e2:8a
*> [5]:[0]:[128]:[fd53:d91e:400:7f17::]
12.12.12.1 0 32768 ?
ET:8 RT:64999:1001 Rmac:fa:16:a0:29:e2:8a
Route Distinguisher: 12.12.12.2:1001
*>i[5]:[0]:[24]:[42.42.42.0]
12.12.12.2 0 0 0 ?
RT:64999:1001 ET:8 Rmac:72:4d:29:6e:6a:d8
Now with this configuration in place, ping between VM attached to provider network can ping the external IP via EVPN.
