Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-2263

eBGP multihop peer flapping due to delta miscalculation of new configuration

    • frr-8.3.1-11.el9
    • None
    • Important
    • ZStream
    • rhel-sst-cs-net-perf-services
    • ssg_core_services
    • 12
    • None
    • Hide

      10/02: Reached out directly to Michal, waiting on response.

      9/25: Still not seeing backports, Red at risk for Oct 5th.

      9/18: This needs follow up, will miss 21st 9.2 build.

      9/8: 9.2 z-stream requested through new Jira process.

      9/6: Backports not opened yet, missed the window for kernel build on Sept 7th. 

      8/22: PR posted, tested successfully 
      Target 9.2 fortnightly build - Oct 5th
      Target OCP RC - week of Oct 16th

      Show
      10/02: Reached out directly to Michal, waiting on response. 9/25: Still not seeing backports, Red at risk for Oct 5th. 9/18: This needs follow up, will miss 21st 9.2 build. 9/8: 9.2 z-stream requested through new Jira process. 9/6: Backports not opened yet, missed the window for kernel build on Sept 7th.  8/22: PR posted, tested successfully  Target 9.2 fortnightly build - Oct 5th Target OCP RC - week of Oct 16th
    • False
    • Hide

      None

      Show
      None
    • None
    • Red Hat OpenShift Container Platform
    • None
    • Approved Blocker
    • If docs needed, set a value
    • Unspecified
    • None

      Description of problem:
      The FRR reloader causes eBGP connection flapping when eBGP multihop peer with default TTL (255) is unchanged.

      When creating an eBGP multihop without TTL, FRR will default the TTL to 255 and show it in a vtysh 'running-configuration' command which is used by the frr-reload script to calculate new configuration deltas.

      Version-Release number of selected component (if applicable):
      7.5.1

      How reproducible:
      100%

      Steps to Reproduce:
      1. Create /etc/frr/frr.conf
      frr version 7.5
      frr defaults traditional
      hostname centos8.localdomain
      no ip forwarding
      no ipv6 forwarding
      service integrated-vtysh-config
      line vty
      router bgp 4250001000
      neighbor 192.168.122.207 remote-as 65512
      neighbor 192.168.122.207 ebgp-multihop

      2. Start FRR

      1. systemctl start frr

      3. Show running configuration. Note that FRR explicitly set and shows the default TTL (225)

      1. vtysh -c 'show running-config'
        Building configuration...

      Current configuration:
      !
      frr version 7.5
      frr defaults traditional
      hostname centos8.localdomain
      no ip forwarding
      no ipv6 forwarding
      service integrated-vtysh-config
      !
      router bgp 4250001000
      neighbor 192.168.122.207 remote-as 65512
      neighbor 192.168.122.207 ebgp-multihop 255
      !
      line vty
      !
      end

      4. Copy initial frr.conf to frr.conf.new (no changes)

      1. cp /etc/frr/frr.conf /root/frr.conf.new

      5. Run frr-reload.sh:

      1. /usr/lib/frr/frr-reload.py --test /root/frr.conf.new
        2023-08-20 20:15:48,050 INFO: Called via "Namespace(bindir='/usr/bin', confdir='/etc/frr', daemon='', debug=False, filename='/root/frr.conf.new', input=None, log_level='info', overwrite=False, pathspace=None, reload=False, rundir='/var/run/frr', stdout=False, test=True, vty_socket=None)"
        2023-08-20 20:15:48,050 INFO: Loading Config object from file /root/frr.conf.new
        2023-08-20 20:15:48,124 INFO: Loading Config object from vtysh show running

      Lines To Delete
      ===============
      router bgp 4250001000
      no neighbor 192.168.122.207 ebgp-multihop 255

      Lines To Add
      ============
      router bgp 4250001000
      neighbor 192.168.122.207 ebgp-multihop

      As seen above, the FRR reloader wants to remove the BGP peer and re-add it. This causes the reported BGP peering flapping issue.

      I also reproduced this issue on the latest stable upstream FRR frr-9.0-01.el9.x86_64.

              mruprich@redhat.com Michal Ruprich
              carlosgoncalves Carlos Goncalves
              Frantisek Hrdina Frantisek Hrdina
              Votes:
              0 Vote for this issue
              Watchers:
              12 Start watching this issue

                Created:
                Updated:
                Resolved: