News | Profile | Code | Photography | Looking Glass | Projects | System Statistics | Uncategorized |
Blog |
I upgraded dax from FreeBSD 10.2 to FreeBSD 10.3 this morning. Since I haven't upgraded ports in awhile I upgraded net/quagga from 0.99.24.1_2 to 1.0.20160315 and boy that was a mistake!
First off, my IPv6 default route wasn't getting redistributed anymore. I've got a static IPv6 route in zebra pointing to Internap's upstream router:
ipv6 route ::/0 2001:48c8:1:2::1
It's seen fine by zebra:
S>* ::/0 [1/0] via 2001:48c8:1:2::1, em0
However, bgpd doesn't see it at all:
dax_bgpd# show ipv6 bgp ::/0 % Network not in table dax_bgpd#
The redistribution statement I've got in bgpd isn't doing any good, apparently:
! router bgp 65304 bgp router-id 10.3.4.6 [snip] address-family ipv6 [snip] redistribute static route-map IPv6_ADVERTISE_STATICS [snip] ! ! ipv6 prefix-list IPv6_DEFAULT seq 5 permit ::/0 ! route-map IPv6_ADVERTISE_STATICS permit 10 match ipv6 address prefix-list IPv6_DEFAULT
I managed to get this working without restarting the daemons by doing this a few times in zebra:
no ipv6 route ::/0 2001:48c8:1:2::1 ipv6 route ::/0 2001:48c8:1:2::1
This fixed it once, but it wasn't consistent, so that's a fail.
While I was trying to fix this, I noticed that some of my single-homed VPN tunnels from dax appeared down, but it was because bgpd wasn't consistently advertising my IPv6 prefixes over the EBGP sessions. I couldn't figure it out but I didn't spend too much time on it. 2001:48c8:1:1ff::3a is an example VPN neighbor that isn't getting all of the IPv6 routes and 2001:48c8:1:105::/64 is a LAN prefix in Seattle, where my desktop sits.
(dax:13:31:EDT)% show ipv6 bgp 2001:48c8:1:105::/64 BGP routing table entry for 2001:48c8:1:105::/64 Paths: (4 available, best #4, table Default-IP-Routing-Table) Advertised to non peer-group peers: 2001:48c8:1:1ff::6 2001:48c8:1:1ff::16 2001:48c8:1:1ff::1e 2001:48c8:1:1ff::32 2001:48c8:1:1ff::3a 2001:48c8:1:1ff::52 2001:48c8:1:1ff::56
bgpd says it's advertising it above just fine to 2001:48c8:1:1ff::3a, but advertising-routes says otherwise. The remote box, firefly, doesn't see it at all. I lost the command output when I closed the terminal in a fit of rage.
Anyway, I downgraded to 0.99.24.1_2 using ports-mgmt/portdowngrade and rebuilt. All of the problems magically disappeared. I suppose I'll try to reproduce this on a FreeBSD VM and see what I can figure with some debugging enabled.
I'm thinking of switching to BIRD but I'll have to do it when I've got a bit more time on my hands.
New comments are currently disabled for this entry.
This HTML for this page was generated in 0.000 seconds. |