Uploaded image for project: 'OpenShift Request For Enhancement'
  1. OpenShift Request For Enhancement
  2. RFE-7795

Make route table ID predictable for VRF lite CUDNs

XMLWordPrintable

    • Icon: Feature Request Feature Request
    • Resolution: Unresolved
    • Icon: Major Major
    • None
    • None
    • Network - Core
    • None
    • None
    • Product / Portfolio Work
    • None
    • False
    • Hide

      None

      Show
      None
    • None
    • None
    • None
    • None
    • None
    • None
    • None
    • None

      1. Make route table ID predictable for VRF lite CUDNs

      2. When CUDNs are advertised via BGP using VRFs, the route table ID for the created VRF is auto generated in response to the VRF being created by the FRRConfiguration CR. This route table ID is randomly picked by each host where the VRF is being created. This makes it especially hard to create static routes using nmstate to handle eBGP multihop connections.

      The short lived workaround (this workaround does not survive reboots) is to discover the route table on each host using "ip vrf list" and craft a NNCP targeting the explicitly route table ID. For example:

      ---
      apiVersion: nmstate.io/v1
      kind: NodeNetworkConfigurationPolicy
      metadata:
        name: bond0-301-<worker node>
      spec:
        desiredState:
          interfaces:
            - controller: dmz
              ipv4:
                address:
                  - ip: a.a.a.a
                    prefix-length: 27
                dhcp: false
                enabled: true
              ipv6:
                enabled: false
              name: bond0.301
              state: up
              type: vlan
              vlan:
                base-iface: bond0
                id: 301
          routes:
            config:
            - destination: b.b.b.b/32
              metric: 150
              next-hop-address: c.c.c.c
              next-hop-interface: bond0.301
              table-id: 1063
            - destination: d.d.d.d/32
              metric: 150
              next-hop-address: e.e.e.e
              next-hop-interface: bond0.301
              table-id: 1063
        nodeSelector:
          kubernetes.io/hostname: <worker node>

      Potential fixes:

      1. Make the VRF route table ID predictable on the FRRConfiguration by adding a optional ID property to it:

          routers:
            - asn: xxxxx
              neighbors:
                - address: a.a.a.a
                  asn: yyyyy
                  bfdProfile: bfd-default
                  disableMP: true
                  holdTime: 9s
                  keepaliveTime: 3s
                  ebgpMultiHop: true
                  toReceive:
                    allowed:
                      mode: all
              vrf: dmz
                 id: 1063

      2. Make NodeNetworkConfigurationPolicy CR accept a VRF name, instead of route table ID for configuring static routes:

          routes:
            config:
            - destination: b.b.b.b/32
              metric: 150
              next-hop-address: c.c.c.c
              next-hop-interface: bond0.301
              vrf-name: dmz

              mcurry@redhat.com Marc Curry
              rh-ee-mlecki Maciej Lecki
              None
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

                Created:
                Updated:
                None
                None