BGP can't pass though Wireguard via link-local with Multiprotocol BGP
Handsome1080P opened this issue · comments
Description
BGP can't pass though Wireguard via link-local with Multiprotocol BGP.
Version
VM-4# show version
FRRouting 8.4.4 (VM-4) on Linux(6.1.0-18-amd64).
Copyright 1996-2005 Kunihiro Ishiguro, et al.
configured with:
'--build=x86_64-linux-gnu' '--prefix=/usr' '--includedir=${prefix}/include' '--mandir=${prefix}/share/man' '--infodir=${prefix}/share/info' '--sysconfdir=/etc' '--localstatedir=/var' '--disable-option-checking' '--disable-silent-rules' '--libdir=${prefix}/lib/x86_64-linux-gnu' '--libexecdir=${prefix}/lib/x86_64-linux-gnu' '--disable-maintainer-mode' '--localstatedir=/var/run/frr' '--sbindir=/usr/lib/frr' '--sysconfdir=/etc/frr' '--with-vtysh-pager=/usr/bin/pager' '--libdir=/usr/lib/x86_64-linux-gnu/frr' '--with-moduledir=/usr/lib/x86_64-linux-gnu/frr/modules' '--disable-dependency-tracking' '--enable-rpki' '--disable-scripting' '--disable-pim6d' '--with-libpam' '--enable-doc' '--enable-doc-html' '--enable-snmp' '--enable-fpm' '--disable-protobuf' '--disable-zeromq' '--enable-ospfapi' '--enable-bgp-vnc' '--enable-multipath=256' '--enable-user=frr' '--enable-group=frr' '--enable-vty-group=frrvty' '--enable-configfile-mask=0640' '--enable-logfile-mask=0640' 'build_alias=x86_64-linux-gnu' 'PYTHON=python3'
How to reproduce
Test Router 1(FE80::1100%WG1):
log syslog informational
service integrated-vtysh-config
!
router bgp 65511
bgp router-id 192.168.250.14
no bgp log-neighbor-changes
no bgp default show-hostname
no bgp default show-nexthop-hostname
no bgp deterministic-med
no bgp network import-check
timers bgp 60 180
neighbor fe80::1200 remote-as 65512
neighbor fe80::1200 interface wg1
neighbor fe80::1200 update-source fe80::1100
neighbor fe80::1200 timers connect 10
!
address-family ipv4 unicast
network 192.168.151.0/24
exit-address-family
exit
!
segment-routing
traffic-eng
exit
exit
!
end
Test Router 2(FE80::1200%WG1):
VM-5# sh running-config
Building configuration...Current configuration:
!
frr version 8.4.4
frr defaults datacenter
hostname VM-5
log syslog informational
service integrated-vtysh-config
!
router bgp 65512
bgp router-id 192.168.250.15
no bgp log-neighbor-changes
no bgp default show-hostname
no bgp default show-nexthop-hostname
no bgp deterministic-med
no bgp network import-check
timers bgp 60 180
neighbor fe80::1100 remote-as 65511
neighbor fe80::1100 interface wg1
neighbor fe80::1100 update-source fe80::1200
neighbor fe80::1100 timers connect 10
!
address-family ipv4 unicast
network 192.168.152.0/24
exit-address-family
exit
!
segment-routing
traffic-eng
exit
exit
!
end
Router 1 Ping Router 2:
root@VM-4:~# ping fe80::1200%wg1
PING fe80::1200%wg1(fe80::1200%wg1) 56 data bytes
64 bytes from fe80::1200%wg1: icmp_seq=1 ttl=64 time=106 ms
64 bytes from fe80::1200%wg1: icmp_seq=2 ttl=64 time=50.7 ms
64 bytes from fe80::1200%wg1: icmp_seq=3 ttl=64 time=54.1 ms
64 bytes from fe80::1200%wg1: icmp_seq=4 ttl=64 time=51.0 ms
64 bytes from fe80::1200%wg1: icmp_seq=5 ttl=64 time=53.0 ms
64 bytes from fe80::1200%wg1: icmp_seq=6 ttl=64 time=52.2 ms
64 bytes from fe80::1200%wg1: icmp_seq=7 ttl=64 time=50.4 ms
Expected behavior
BGP session can‘t connect:
VM-5# show bgp summary
IPv4 Unicast Summary (VRF default):
BGP router identifier 192.168.250.15, local AS number 65512 vrf-id 0
BGP table version 1
RIB entries 1, using 192 bytes of memory
Peers 1, using 724 KiB of memoryNeighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd PfxSnt Desc
fe80::1100 4 65511 0 0 0 0 0 never Active 0 N/ATotal number of neighbors 1
Debug Logs:
Router 1:
2024-05-13 04:21:19.164 [DEBG] bgpd: [JFMSW-YMBC7] fe80::1200 [FSM] Timer (connect timer expire)
2024-05-13 04:21:19.165 [DEBG] bgpd: [ZWCSR-M7FG9] fe80::1200 [FSM] ConnectRetry_timer_expired (Active->Connect), fd -1
2024-05-13 04:21:19.165 [DEBG] bgpd: [T72VK-55DVG] fe80::1200 [FSM] Waiting for NHT
2024-05-13 04:21:19.165 [DEBG] bgpd: [T91AW-FGMHW] bgp_fsm_change_status : vrf default(0), Status: Connect established_peers 0
2024-05-13 04:21:19.165 [DEBG] bgpd: [ZQHFG-DQGX1] fe80::1200 went from Active to Connect
2024-05-13 04:21:19.165 [DEBG] bgpd: [ZWCSR-M7FG9] fe80::1200 [FSM] TCP_connection_open_failed (Connect->Active), fd -1
2024-05-13 04:21:19.166 [DEBG] bgpd: [T91AW-FGMHW] bgp_fsm_change_status : vrf default(0), Status: Active established_peers 0
2024-05-13 04:21:19.166 [DEBG] bgpd: [ZQHFG-DQGX1] fe80::1200 went from Connect to Active
2024-05-13 04:21:29.167 [DEBG] bgpd: [JFMSW-YMBC7] fe80::1200 [FSM] Timer (connect timer expire)
2024-05-13 04:21:29.167 [DEBG] bgpd: [ZWCSR-M7FG9] fe80::1200 [FSM] ConnectRetry_timer_expired (Active->Connect), fd -1
2024-05-13 04:21:29.167 [DEBG] bgpd: [T72VK-55DVG] fe80::1200 [FSM] Waiting for NHT
2024-05-13 04:21:29.167 [DEBG] bgpd: [T91AW-FGMHW] bgp_fsm_change_status : vrf default(0), Status: Connect established_peers 0
2024-05-13 04:21:29.167 [DEBG] bgpd: [ZQHFG-DQGX1] fe80::1200 went from Active to Connect
2024-05-13 04:21:29.167 [DEBG] bgpd: [ZWCSR-M7FG9] fe80::1200 [FSM] TCP_connection_open_failed (Connect->Active), fd -1
2024-05-13 04:21:29.169 [DEBG] bgpd: [T91AW-FGMHW] bgp_fsm_change_status : vrf default(0), Status: Active established_peers 0
2024-05-13 04:21:29.169 [DEBG] bgpd: [ZQHFG-DQGX1] fe80::1200 went from Connect to Active
2024-05-13 04:21:39.169 [DEBG] bgpd: [JFMSW-YMBC7] fe80::1200 [FSM] Timer (connect timer expire)
2024-05-13 04:21:39.169 [DEBG] bgpd: [ZWCSR-M7FG9] fe80::1200 [FSM] ConnectRetry_timer_expired (Active->Connect), fd -1
Router 2:
VM-5# terminal monitor
2024-05-13 04:21:15.183 [DEBG] bgpd: [JFMSW-YMBC7] fe80::1100 [FSM] Timer (connect timer expire)
2024-05-13 04:21:15.184 [DEBG] bgpd: [ZWCSR-M7FG9] fe80::1100 [FSM] ConnectRetry_timer_expired (Active->Connect), fd -1
2024-05-13 04:21:15.184 [DEBG] bgpd: [T72VK-55DVG] fe80::1100 [FSM] Waiting for NHT
2024-05-13 04:21:15.184 [DEBG] bgpd: [T91AW-FGMHW] bgp_fsm_change_status : vrf default(0), Status: Connect established_peers 0
2024-05-13 04:21:15.184 [DEBG] bgpd: [ZQHFG-DQGX1] fe80::1100 went from Active to Connect
2024-05-13 04:21:15.184 [DEBG] bgpd: [ZWCSR-M7FG9] fe80::1100 [FSM] TCP_connection_open_failed (Connect->Active), fd -1
2024-05-13 04:21:15.185 [DEBG] bgpd: [T91AW-FGMHW] bgp_fsm_change_status : vrf default(0), Status: Active established_peers 0
2024-05-13 04:21:15.185 [DEBG] bgpd: [ZQHFG-DQGX1] fe80::1100 went from Connect to Active
Actual behavior
it can connect via correct wg tunnel interfaces.
Additional context
No response
Checklist
- I have searched the open issues for this bug.
- I have not included sensitive information in this report.
Router 1 WG interface:
VM-4# show interface wg1
Interface wg1 is up, line protocol is up
Link ups: 1 last: 2024/05/13 04:09:27.18
Link downs: 0 last: (never)
vrf: default
index 12 metric 0 mtu 1420 speed 0
flags: <UP,POINTOPOINT,RUNNING,NOARP>
Type: Unknown
inet6 fe80::1100/64
Interface Type Other
Interface Slave Type None
protodown: off
Router 2 WG Interface:
VM-5# show interface wg1
Interface wg1 is up, line protocol is up
Link ups: 1 last: 2024/05/13 04:09:22.88
Link downs: 0 last: (never)
vrf: default
index 12 metric 0 mtu 1420 speed 0
flags: <UP,POINTOPOINT,RUNNING,NOARP>
Type: Unknown
inet6 fe80::1200/64
Interface Type Other
Interface Slave Type None
protodown: off
Does it work with 9.1, 10.0, master? Any of these.
P.S. Turn on debug bgp neighbor to see more details on what's going on.
Does it work with 9.1, 10.0, master? Any of these.
P.S. Turn on
debug bgp neighborto see more details on what's going on.
debug bgp neighbor already enabled,but did't see any logs about that.and I will build the latest 10 and try again.
Does it work with 9.1, 10.0, master? Any of these.
P.S. Turn on
debug bgp neighborto see more details on what's going on.
upgrade to latest 10 version,problem resolved.
