BIRD BGP and VRF - Cannot assign requested address
Clément Guivy
clement at guivy.fr
Fri Aug 4 16:43:01 CEST 2017
Hello, I am trying to set up 2 BIRD routers as AS border routers (on Debian
9).
Installation is as follows :
|BIRD router 1|-----IBGP-----|BIRD router 2|
| |
EBGP EBGP
| |
|Hardware router 1|---IBGP---|Hardware router 2|
| (downstream) | | (downstream) |
(later the BIRD routers would also be connected to our upstreams ISPs,
but for the sake of simplicity let's just consider this part of the setup)
I plan to use both ipv4 and ipv6 and also, on BIRD routers both the
forwarding
and the BGP peerings are to take place in a linux vrf named "internet"
(using
l3mdev, not namespaces or custom ip rules). At the BIRD level I also set up
a
table named "internet".
Now, to my problem : the EBGP peerings with the downstreams routers are UP,
but
on the other hand the IBGP between the two BIRD routers won't come up, I get
the
following error messages :
On ipv4 peering, the service complains that :
ibgp_internet: Socket error: bind: Cannot assign requested address
On ipv6 peering : the service won't complain but using birdc6 I can see that
the
protocol says :
Socket: Network is unreachable
Both routers have almost identical config (apart from the IP addresses of
course),
here is the conf on BIRD router 1 :
------------------------------------------------------
---------------------bird.conf------------------------
------------------------------------------------------
table internet;
router id 10.206.81.36;
define my_as=205555;
protocol device {
}
protocol kernel {
kernel table 10;
table internet;
metric 64;
import all;
export all;
scan time 10;
}
protocol static default_route_to_bgp {
import all;
table internet;
route 0.0.0.0/0 reject;
}
template bgp template_base_bgp {
med metric;
}
protocol bgp ibgp_internet from template_base_bgp {
table internet;
source address 10.206.81.81;
local as my_as;
neighbor 10.206.81.82 as my_as;
import all;
export all;
next hop self;
}
protocol bgp downstream_internet from template_base_bgp {
table internet;
export where proto = "default_route_to_bgp";
source address 10.206.81.90;
local as my_as;
neighbor 10.206.81.89 as 65206;
}
------------------------------------------------------
------------------end of bird.conf--------------------
------------------------------------------------------
------------------------------------------------------
---------------------bird6.conf-----------------------
------------------------------------------------------
table internet;
router id 10.206.81.36;
define my_as=205555;
protocol device {
}
protocol kernel {
kernel table 10;
table internet;
metric 64;
import all;
export all;
scan time 10;
}
template bgp template_base_bgp {
med metric;
}
protocol bgp ibgp_internet from template_base_bgp {
table internet;
source address 2a0b:95c0:0000:0101::1;
local as my_as;
neighbor 2a0b:95c0:0000:0101::2 as my_as;
import all;
export all;
next hop self;
}
protocol static default_route_to_bgp {
import all;
table internet;
route ::/0 reject;
}
protocol bgp downstream_internet from template_base_bgp {
table internet;
export where proto = "default_route_to_bgp";
source address 2a0b:95c0:0000:0102::2;
local as my_as;
neighbor 2a0b:95c0:0000:0102::1 as 65206;
}
------------------------------------------------------
-----------------end of bird6.conf--------------------
------------------------------------------------------
The network interfaces seems to be properly UP and attached
to the internet VRF, here is the IBGP one :
# ip addr show eth1.3
7: eth1.3 at eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue
master internet state UP group default qlen 1000
link/ether 94:18:82:ab:8b:ec brd ff:ff:ff:ff:ff:ff
inet 10.206.81.81/29 brd 10.206.81.87 scope global eth1.3
valid_lft forever preferred_lft forever
inet6 2a0b:95c0:0:101::1/64 scope global
valid_lft forever preferred_lft forever
inet6 fe80::9618:82ff:feab:8bec/64 scope link
valid_lft forever preferred_lft forever
and here is the EBGP one (the one which has the functional peering) :
# ip addr show ens1.14
8: ens1.14 at ens1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue
master internet state UP group default qlen 1000
link/ether 9c:dc:71:45:5f:e0 brd ff:ff:ff:ff:ff:ff
inet 10.206.81.90/29 brd 10.206.81.95 scope global ens1.14
valid_lft forever preferred_lft forever
inet6 2a0b:95c0:0:102::2/64 scope global
valid_lft forever preferred_lft forever
inet6 fe80::9edc:71ff:fe45:5fe0/64 scope link
valid_lft forever preferred_lft forever
Now the "internet" kernel routing table, we can see that the local
and broadcast routes are attached to it too :
# ip route show table internet
unreachable default proto bird metric 64
broadcast 10.206.81.80 dev eth1.3 proto kernel scope link src 10.206.81.81
10.206.81.80/29 dev eth1.3 proto kernel scope link src 10.206.81.81
local 10.206.81.81 dev eth1.3 proto kernel scope host src 10.206.81.81
broadcast 10.206.81.87 dev eth1.3 proto kernel scope link src 10.206.81.81
broadcast 10.206.81.88 dev ens1.14 proto kernel scope link src 10.206.81.90
10.206.81.88/29 dev ens1.14 proto kernel scope link src 10.206.81.90
local 10.206.81.90 dev ens1.14 proto kernel scope host src 10.206.81.90
broadcast 10.206.81.95 dev ens1.14 proto kernel scope link src 10.206.81.90
Finally, netstat shows that the BGP service is listening on * as it is
supposed to.
We also see the established EBGP downstream sessions :
# netstat -an | grep 179
tcp 0 0 0.0.0.0:179 0.0.0.0:* LISTEN
tcp 0 0 10.206.81.90:179 10.206.81.89:9266
ESTABLISHED
tcp6 0 0 :::179 :::* LISTEN
tcp6 0 0 2a0b:95c0:0:102::2:179 2a0b:95c0:0:102:::64247
ESTABLISHED
and tcp_l3mdev_accept is enabled in the kernel config :
# sysctl net.ipv4.tcp_l3mdev_accept
net.ipv4.tcp_l3mdev_accept = 1
So overall it seems like BIRD fails to bind to one interface, this is
possibly
linked to the kernel VRF setup but I can't see why it doesn't work when the
peering
to downstream routers using the same VRF do work properly.
Any help would be greatly appreciated. Thanks.
clément
More information about the Bird-users
mailing list