-
Notifications
You must be signed in to change notification settings - Fork 446
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Bug] Multiple IPv6 MPREACH attributes in one UPDATE with group-updates true #493
Comments
Referencing #298 as related. |
Thank you very much for this very clear bug report. I will fix the code soon. |
|
Well, I disagree. Here is why: Section 3.g. in RFC 7606 starts with...
=> true for ExaBGP version 3.4.16 with "group-updates true".
=> false. I did neither see that NOTIFICATION message in the logs nor when I ran tcpdump on the neighbor / peer device. Therefore I expect the vendor to add that NOTIFICATION message to comply with RFC 7606. Do you agree with me here? |
Yes, I had not read the RFC - just looked like a good hypothesis. I stand corrected. |
Could you please confirm if this patch fixes the issue (sorry I mistakenly wrote it for master, I will backport). I think the patch should apply again 3.4. |
backported 69b2107 |
Thanks for the patch! I have tested the backport to 3.4 and unfortunately, it still looks the same:
while I would expect the packet to look something like this:
I double-checked ./lib/exabgp/rib/store.py for "AFI" and "SAFI" to make sure that I have the latest code. As stated before: We have a workaround in place so there is really no need for you to hurry fixing this. Please let me know if you need anything from me. |
Thank you - I will need to look into it in more depth as I was pretty sure that this patch would have done the trick (it disabled update grouping when there is families other than IPv4 Unicast) but I must have missed something. |
The approach was right, the details were wrong. The bug is fixed on 3.4 |
Thanks, Thomas! Yes, I can confirm that it is now working on branch 3.4.
For me it's case closed. Many thanks for the quick fix; it was a pleasure to work with you! One last question remains: Cheers, |
Did this fix get lost in 0be49f6 ? |
will check. Thank you |
Can you please re-check - and if required re-open but I think it should be ok now :-) |
Hi Thomas
I am using ExaBGP for a customer project and would like to express my gratitude at this point. ExaBGP does a great job when it comes to injecting routes into BGP. Thanks a lot for all your efforts!
Observed behavior
Recently, our customer started using IPv6 and injecting a first /128 route using ExaBGP. Everything worked well. Then the customer started to inject two more /128 routes with the same next-hop IPv6 address. Still, everything worked well.
Finally, the customer started setting different next-hops for each route and suddenly, the neighbor device kept learning just one route while simply ignoring the other two. I suspected this to be a bug in the firmware of the neighbor device and started digging.
Long story short
Setting "group-updates true" - which, according to the log will become the default in ExaBGP soon - leads to an incorrect update message sent by ExaBGP.
ExaBGP Version
Example Config
With group-updates enabled (group-updates true)
With group-updates disabled (group-updates false)
Important RFCs
RFC 4271 (BGP-4), section 6.3 states:
RFC 7606 (Revised Error Handling for BGP), section 3.g. states:
Conclusion
It appears that both the neighbor device as well as ExaBGP are not entirely following the RFCs:
May I kindly ask you to take a quick look at this and let me know if you agree? I have advised the customer to set "group-updates false" for the time being, so we are in no hurry at all.
Let me know if you need anything else from me.
Cheers,
Manuel
The text was updated successfully, but these errors were encountered: