IPv6 routes not imported into Kernel

Gerdriaan Mulder gmulder+birdcz at freedom.nl
Mon Jan 1 19:15:31 CET 2024 

Hi Robert,

On 15/11/2023 22:58, Robert Finze wrote:
> The Bird config on both systems is nearly identical (only IPs differ) 
> and also the systems are setup in a similar manner.

It would be good to have a dump of the configuration of the non-working 
system (redact sensitive information such as passwords etc, but leave 
other information intact).

> The routes are correctly learned from upstream and exported to the 
> kernel, but the kernel is not "learning" them.

Interesting. The following dumps you sent might further help debugging 
the problem.

> Netlink route
> 0000   00 04 03 38 00 00 00 00 00 00 00 00 00 00 00 00   ...8............
> 0010   68 00 00 00 18 00 05 05 13 0d 66 02 00 00 00 00   h.........f.....
> 0020   0a 28 00 00 fe 0c 00 01 00 00 00 00 14 00 01 00   .(..............
> 0030   26 07 ff 00 0b 00 00 00 00 00 00 00 00 00 00 00   &...............
> 0040   08 00 06 00 20 00 00 00 14 00 07 00 2a 0e 39 40   .... .......*.9@
> 0050   10 00 00 00 00 00 00 00 00 00 00 02 08 00 04 00   ................
> 0060   02 00 00 00 14 00 05 00 2a 0e 39 40 de ad 00 00   ........*.9 at ....
> 0070   00 00 00 00 00 00 00 01                           ........

This decodes to (Wireshark supports "Import from hexdump", as I found out):

Linux rtnetlink (route netlink) protocol
     Netlink message header (type: Add network route)
         Length: 104
         Message type: Add network route (24)
         Flags: 0x0505
         Flags: 0x0505
         Sequence: 40242451
         Port ID: 0
     Address family: AF_INET6 (10)
     Length of destination: 40
     Length of source: 0
     TOS filter: 0x00
     Routing table ID: 254
     Routing protocol: BIRD (0x0c)
     Route origin: global route (0x00)
     Route type: Gateway or direct route (0x01)
     Route flags: 0x00000000
     Attribute: Route destination address
         Len: 20
         Type: 0x0001, Route destination address (1)
         Data: 2607ff000b0000000000000000000000
     Attribute: RTA_PRIORITY
         Len: 8
         Type: 0x0006, RTA_PRIORITY (6)
         Data: 20000000
     Attribute: RTA_PREFSRC
         Len: 20
         Type: 0x0007, RTA_PREFSRC (7)
         Data: 2a0e3940100000000000000000000002
     Attribute: Output interface index: 2
         Len: 8
         Type: 0x0004, Output interface index (4)
         Output interface index: 2
     Attribute: Gateway of the route
         Len: 20
         Type: 0x0005, Gateway of the route (5)
         Data: 2a0e3940dead00000000000000000001

> 0000   00 04 03 38 00 00 00 00 00 00 00 00 00 00 00 00   ...8............
> 0010   7c 00 00 00 02 00 00 00 13 0d 66 02 7a 31 09 81   |.........f.z1..
> 0020   ea ff ff ff 68 00 00 00 18 00 05 05 13 0d 66 02   ....h.........f.
> 0030   00 00 00 00 0a 28 00 00 fe 0c 00 01 00 00 00 00   .....(..........
> 0040   14 00 01 00 26 07 ff 00 0b 00 00 00 00 00 00 00   ....&...........
> 0050   00 00 00 00 08 00 06 00 20 00 00 00 14 00 07 00   ........ .......
> 0060   2a 0e 39 40 10 00 00 00 00 00 00 00 00 00 00 02   *.9 at ............
> 0070   08 00 04 00 02 00 00 00 14 00 05 00 2a 0e 39 40   ............*.9@
> 0080   de ad 00 00 00 00 00 00 00 00 00 01               ............

decodes as:

Netlink message
     Netlink message header (type: Error)
         Length: 124
         Message type: Error (0x0002)
         Flags: 0x0000
         Sequence: 40242451
         Port ID: 2164863354
     Error code: Invalid argument (-EINVAL) (-22)
     Netlink message header (type: 0x0018)
         Length: 104
         Message type: Protocol-specific (0x0018)
         Flags: 0x0505
         Flags: 0x0505
         Sequence: 40242451
         Port ID: 0

The first message could probably be replicated by running:

ip -6 route add 2607:ff00:b::/40 via 2a0e:3940:dead::1 table 254 
protocol bird scope global src 2a0e:3940:1000::2 dev 2

- where dev 2 indicates the network interface with index 2, this is 
probably ens20 in your setup?
- table 254 is most likely the main table (see /etc/iproute2/rt_tables)

I'm unsure how to decode RTA_PRIORITY correctly here. Regardless, you 
could run this command on the non-working host. Perhaps `ip route` can 
tell you a bit more information. In a slightly modified case (I've 
replaced the `via ...` with a known gateway), I get: "Error: Invalid 
source address." (with: iproute2-6.5.0)

My current hunch is that `src 2a0e:3940:1000::2` is not a valid address 
on your system. A closer read on your earlier comment:

> The Bird config on both systems is nearly identical (only IPs differ) 

suggests to look in this direction.

Best regards,
Gerdriaan Mulder

More information about the Bird-users mailing list