Quagga losses IPv4 addresses in RPKI

Question

Quagga losses IPv4 addresses in RPKI

waehlisch opened this issue 10 years ago · comments

Matthias Wählisch commented 10 years ago

Date: Thu, 12 Jun 2014 07:26:59 -0700 (PDT)
From: alejandroacostaalamo alejandroacostaalamo@gmail.com
To: rtrlib@googlegroups.com
Subject: [rtrlib] Quagga losses IPv4 addresses in RPKI

Hi All,
   I hope you can help me.
   I'm using Quagga + RPKI in Ubuntu with 4 GB of RAM and the latest RPKI RIPE NCC validator 2.16
   If the validator is running and I start quagga, everything is fine, after I execute: "show rpki
prefix-table" I can see IPv4 & IPv6 prefixes; then, after some time (hours) for some reason IPv4
prefixes are lost.
Something like this:

---- cut here ----
my-rtr> sh rpki prefix-table
RPKI/RTR prefix table
Prefix Prefix Length Origin-AS

...[long output]....

Number of IPv4 Prefixes: 0
Number of IPv6 Prefixes: 1344

---- cut here ----

The compiled source I'm using is: https://github.com/rtrlib/quagga-rtrlib/tree/feature/rtrlib
It happens with Ubuntu 13.04 and 14.04
I have double checked the validator and it has all the ROAs, the communication between quagga
and the validator is ok, so, since the validator has all IPv4 ROAs I think the problem is
quagga-rtrlib. Anyway I'm willing to modify either one to make it work.

Thanks,

Alejandro,

Matthias Wählisch commented 8 years ago

Closed.

Christian Felsing · Answer 1 · Wed Jul 01 2015 16:37:38 GMT+0800 (China Standard Time)

Same problem here. Compiler options:

rtrlib:
cmake -D CMAKE_BUILD_TYPE=Release -D LIBSSH_LIBRARY=/usr/lib/x86_64-linux-gnu/libssh.so .
./configure && make && make install

quagga-rtrlib:

./configure
--prefix=/opt/quagga
--localstatedir=/var/run/quagga
--enable-vty-group=quaggavty
--enable-rpki
--sysconfdir=/etc/quagga
--enable-exampledir=/opt/quagga/share/doc/quagga/examples

make && make install

rpki config:

enable-rpki
rpki polling_period 3600
rpki timeout 600
rpki initial-synchronisation-timeout 30
!
rpki group 50
rpki cache 127.0.0.1 8282

using RIPE rpki-validator-app-2.20

Matthias Wählisch · Answer 2 · Wed Jul 01 2015 16:46:16 GMT+0800 (China Standard Time)

@ip6li do you use the latest versions? The problem disappeared for Alejandro with the latest RTRlib update. See his daily dumps http://stats.labs.lacnic.net/RPKI/opendata/show_bgp-routing-with-validation/

Christian Felsing · Answer 3 · Wed Jul 01 2015 17:16:17 GMT+0800 (China Standard Time)

I am using rtrlib from https://github.com/rtrlib/rtrlib.git (git pull from today)

Matthias Wählisch · Answer 4 · Wed Jul 01 2015 19:02:44 GMT+0800 (China Standard Time)

@ip6li OK, I run the same setup in our testbed. How long does it take until v4 prefix disappear?

Christian Felsing · Answer 5 · Wed Jul 01 2015 19:12:35 GMT+0800 (China Standard Time)

about 10minutes, bgp shows about 246246 prefixes announced by peer

Matthias Wählisch · Answer 6 · Wed Jul 01 2015 19:39:42 GMT+0800 (China Standard Time)

At my side cache server connection runs for more than 30 minutes:
show rpki prefix-table
[...]
Number of IPv4 Prefixes: 14456
Number of IPv6 Prefixes: 2149

Via BGP peering I receive 537428 BGP routes.

Can you send a TCP Dump that shows the data between router and cache server until the prefixes disappear?

Matthias Wählisch · Answer 7 · Tue Jul 21 2015 02:04:58 GMT+0800 (China Standard Time)

@ip6li, can you please checkout the latest RTRlib changes using the Master branch in https://github.com/rtrlib/rtrlib.git.
We also slightly updated our Quagga extension: https://github.com/rtrlib/quagga-rtrlib.git.

Would be cool if you try with these latest versions.