BIRD BGP and VRF - Cannot assign requested address

Clément Guivy clement at guivy.fr
Fri Aug 4 16:43:01 CEST 2017


Hello, I am trying to set up 2 BIRD routers as AS border routers (on Debian
9). 
Installation is as follows :

  |BIRD router 1|-----IBGP-----|BIRD router 2|
        |                             |
       EBGP                          EBGP
        |                             |
|Hardware router 1|---IBGP---|Hardware router 2|
|  (downstream)   |          |  (downstream)   |

(later the BIRD routers would also be connected to our upstreams ISPs, 
but for the sake of simplicity let's just consider this part of the setup)

I plan to use both ipv4 and ipv6 and also, on BIRD routers both the
forwarding 
and the BGP peerings are to take place in a linux vrf named "internet"
(using 
l3mdev, not namespaces or custom ip rules). At the BIRD level I also set up
a 
table named "internet".

Now, to my problem : the EBGP peerings with the downstreams routers are UP,
but 
on the other hand the IBGP between the two BIRD routers won't come up, I get
the 
following error messages :

On ipv4 peering, the service complains that :
ibgp_internet: Socket error: bind: Cannot assign requested address

On ipv6 peering : the service won't complain but using birdc6 I can see that
the 
protocol says :
Socket: Network is unreachable

Both routers have almost identical config (apart from the IP addresses of
course), 
here is the conf on BIRD router 1 :

------------------------------------------------------
---------------------bird.conf------------------------
------------------------------------------------------
table internet;
router id 10.206.81.36;
define my_as=205555;

protocol device {
}

protocol kernel {
        kernel table 10;
        table internet;
        metric 64;
        import all;
        export all;
        scan time 10;
}

protocol static default_route_to_bgp {
        import all;
        table internet;

        route 0.0.0.0/0 reject;
}

template bgp template_base_bgp {
med metric;
}

protocol bgp ibgp_internet from template_base_bgp {
        table internet;

        source address 10.206.81.81;
        local as my_as;
        neighbor 10.206.81.82 as my_as;

        import all;
        export all;

        next hop self;

}

protocol bgp downstream_internet from template_base_bgp {
        table internet;
        export where proto = "default_route_to_bgp";

        source address 10.206.81.90;
        local as my_as;
        neighbor 10.206.81.89 as 65206;
}
------------------------------------------------------
------------------end of bird.conf--------------------
------------------------------------------------------

------------------------------------------------------
---------------------bird6.conf-----------------------
------------------------------------------------------
table internet;
router id 10.206.81.36;
define my_as=205555;

protocol device {
}

protocol kernel {
        kernel table 10;
        table internet;
        metric 64;      
        import all;
        export all;
        scan time 10;
}

template bgp template_base_bgp {
        med metric;
}

protocol bgp ibgp_internet from template_base_bgp {
        table internet;

        source address 2a0b:95c0:0000:0101::1;
        local as my_as;
        neighbor 2a0b:95c0:0000:0101::2 as my_as;

        import all;
        export all;

        next hop self;
}

protocol static default_route_to_bgp {
        import all;
        table internet;

        route ::/0 reject;
}

protocol bgp downstream_internet from template_base_bgp {
        table internet;
        export where proto = "default_route_to_bgp";

        source address 2a0b:95c0:0000:0102::2;
        local as my_as;
        neighbor 2a0b:95c0:0000:0102::1 as 65206;
}
------------------------------------------------------
-----------------end of bird6.conf--------------------
------------------------------------------------------

The network interfaces seems to be properly UP and attached
to the internet VRF, here is the IBGP one :

# ip addr show eth1.3
7: eth1.3 at eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue
master internet state UP group default qlen 1000
    link/ether 94:18:82:ab:8b:ec brd ff:ff:ff:ff:ff:ff
    inet 10.206.81.81/29 brd 10.206.81.87 scope global eth1.3
       valid_lft forever preferred_lft forever
    inet6 2a0b:95c0:0:101::1/64 scope global
       valid_lft forever preferred_lft forever
    inet6 fe80::9618:82ff:feab:8bec/64 scope link
       valid_lft forever preferred_lft forever

and here is the EBGP one (the one which has the functional peering) :

# ip addr show ens1.14
8: ens1.14 at ens1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue
master internet state UP group default qlen 1000
    link/ether 9c:dc:71:45:5f:e0 brd ff:ff:ff:ff:ff:ff
    inet 10.206.81.90/29 brd 10.206.81.95 scope global ens1.14
       valid_lft forever preferred_lft forever
    inet6 2a0b:95c0:0:102::2/64 scope global
       valid_lft forever preferred_lft forever
    inet6 fe80::9edc:71ff:fe45:5fe0/64 scope link
       valid_lft forever preferred_lft forever

Now the "internet" kernel routing table, we can see that the local 
and broadcast routes are attached to it too :

# ip route show table internet
unreachable default proto bird metric 64
broadcast 10.206.81.80 dev eth1.3 proto kernel scope link src 10.206.81.81
10.206.81.80/29 dev eth1.3 proto kernel scope link src 10.206.81.81
local 10.206.81.81 dev eth1.3 proto kernel scope host src 10.206.81.81
broadcast 10.206.81.87 dev eth1.3 proto kernel scope link src 10.206.81.81
broadcast 10.206.81.88 dev ens1.14 proto kernel scope link src 10.206.81.90
10.206.81.88/29 dev ens1.14 proto kernel scope link src 10.206.81.90
local 10.206.81.90 dev ens1.14 proto kernel scope host src 10.206.81.90
broadcast 10.206.81.95 dev ens1.14 proto kernel scope link src 10.206.81.90

Finally, netstat shows that the BGP service is listening on * as it is
supposed to.
We also see the established EBGP downstream sessions :

# netstat -an | grep 179
tcp        0      0 0.0.0.0:179             0.0.0.0:*               LISTEN
tcp        0      0 10.206.81.90:179        10.206.81.89:9266
ESTABLISHED
tcp6       0      0 :::179                  :::*                    LISTEN
tcp6       0      0 2a0b:95c0:0:102::2:179  2a0b:95c0:0:102:::64247
ESTABLISHED

and tcp_l3mdev_accept is enabled in the kernel config :

# sysctl net.ipv4.tcp_l3mdev_accept
net.ipv4.tcp_l3mdev_accept = 1


So overall it seems like BIRD fails to bind to one interface, this is
possibly
linked to the kernel VRF setup but I can't see why it doesn't work when the
peering
to downstream routers using the same VRF do work properly.

Any help would be greatly appreciated. Thanks.


clément




More information about the Bird-users mailing list