Re: BFD on 1.4.2
Hi, I?m trying BFD with some Force10 S4810 routers, problem is that sessions only come up every 3 or 4 times I restart bird. Also if Force10 routers are restarted, some times the sessions do not come back up. Also I have to restart bird to get it to work - birdc configure does not do it. I tried with the sysctl -w net.ipv4.ip_local_port_range=49152 65535? but this does not help either. I?m not able to get more debug info from the force10 devices than this: What you get from 'show bfd sessions' in BIRD? # birdc show ospf nei BIRD 1.4.2 ready. ospf1: Router ID Pri State DTime Interface Router IP 77.66.22.229 0 2way/other 00:20 bond0.3000 77.66.22.229 77.66.22.227 0 2way/other 00:20 bond0.3000 77.66.22.227 77.66.22.195 5 full/bdr00:18 bond0.3000 77.66.22.226 77.66.22.194 10 full/dr 00:19 bond0.3000 77.66.22.225 Working: # birdc show bfd ses BIRD 1.4.2 ready. bfd1: IP addressInterface State Since Interval Timeout 77.66.22.227 bond0.3000 Down 17:16:24 1.0000.000 77.66.22.225 bond0.3000 Up 17:16:31 0.1000.300 77.66.22.226 bond0.3000 Up 17:16:30 0.1000.300 77.66.22.229 bond0.3000 Down 17:16:25 1.0000.000 Not working: # birdc show bfd ses BIRD 1.4.2 ready. bfd1: IP addressInterface State Since Interval Timeout 77.66.22.227 bond0.3000 Down 17:27:00 1.0000.000 77.66.22.225 bond0.3000 Init 17:27:08 1.0003.000 77.66.22.229 bond0.3000 Down 17:27:00 1.0000.000 77.66.22.226 bond0.3000 Init 17:27:06 1.0003.000 Could you get some tcpdump of BFD packets in both cases? Sure, see attached tar, including two dumps, working and notworking. .225 is the router, .228 is bird. tcpdump.tar.gz Description: GNU Zip compressed data -- Elen sila lumenn' omentielvo Ondrej 'SanTiago' Zajicek (email: santi...@crfreenet.org) OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net) To err is human -- to blame it on a computer is even more so.
Re: Multiple OSPF adjacencies on same interface...
Yes - the reason is that this router is a VM with two passthrough NICs. The hypervisor is connected to both Force10 routers/switches with LACP, so the VM needs to run linux bonding mode 2 to provide a bond0 interface to the VM. Neighbourship then needs to be established to both routers on this bonded interface. I tried to create neighbourship directly on the interfaces, but this does not work, I assume because the switches loadbalance traffic on the LACP portchannel. I could create a neighbourship with a VRRP interface, but as I understand it this will not work due to different router-ids in case of failover. So basically as I see it, this is the only way to make this work - unless you have another idea? Thanks Regards Kristoffer On 13/12/2013, at 17.37.29, Raphael Mazelier r...@futomaki.net wrote: I?m trying to use a bonded interface on linux to connect to two routers, one router on each physical link, each with a /31 subnet. Only one of the routers (Force10 S4810) forms adjacency with the linux host (whichever comes first), the other gets stuck in EXSTART until I shut/no shut the link, then Bird creates adjacency with both routers. What are you trying to do with this design ? It's rather strange. -- Raphael Mazelier
Re: Multiple OSPF adjacencies on same interface...
It seems this is working if I disable the peer-routing feature on the Force10
routers - I’ll test a little more and get back with a tcpdump
Thanks.
On 13/12/2013, at 18.01.10, Ondrej Zajicek santi...@crfreenet.org wrote:
On Fri, Dec 13, 2013 at 04:47:17PM +0100, Kristoffer Egefelt wrote:
Hi,
Is this not supported?
This is supported on Linux.
I?m trying to use a bonded interface on linux to connect to two routers, one
router on each physical link, each with a /31 subnet.
Only one of the routers (Force10 S4810) forms adjacency with the linux host
(whichever comes first), the other gets stuck in EXSTART
until I shut/no shut the link, then Bird creates adjacency with both routers.
That is even more strange. It would be useful if you could make verbose
tcpdump log (tcpdump -i ethX -vv -s 0) together with BIRD OSPF log ('debug
all'
for OSPF) and send it to me.
--
Elen sila lumenn' omentielvo
Ondrej 'SanTiago' Zajicek (email: santi...@crfreenet.org)
OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net)
To err is human -- to blame it on a computer is even more so.
Re: Multiple OSPF adjacencies on same interface...
Hi, Thanks for your input - the Force10 switches have a VLT function (almost the same as cisco vPC) which makes it possible to run LACP against two non-stacked switches. But this VLT stuff is only for L2, not L3, which means that basically servers see the switches as one device through L2, but for routing protocols and other L3 stuff they are two seperate devices... I got it working by disabling peer-routing as written earlier, I’ll test some more. Regards Kristoffer On 16/12/2013, at 10.49.13, Kveri kv...@kveri.com wrote: Hello, you cannot use LACP between 3 devices. That is only possible if two of those devices (Force10 routers/switches) are forming one logical device (Cisco VSS, MEC, virtual PortChannel, HP IRF), I don't know if Force10 has something like that. If you do this however, those 2 routers will appear as one logical device (one OSPF neighbor) to the server, then you don't have a problem. This is preferred solution, because it takes the problem from OSPF to much faster technologies. On the other hand you can do VRRP between the routers and do OSPF on the hypervisor with both of the routers, in this case just beware the asymetric routing (which may/may not be a problem, depending on the setup). Regarding your setup, I assume you're using the same IP on both of the routers, this won't work because from the router perspective the links are UP and they're advertising the same /31 to the rest of the network, this will cause half of the packets/flows to be lost. So, you can either use some virtualization switching technology (if Force10 provides that), or you can use VRRP with 2 OSPF neighborships (but in that case you need /29 subnet), or you can do some sort of script on the server and use master-slave bonding mode, but be sure to always shutdown the inactive interface (be sure to always have enabled only one of them physically), that way only one of the Force10 routers would advertise the subnet... Martin 2013-12-16 10:24 odosielateľ napísal: Yes - the reason is that this router is a VM with two passthrough NICs. The hypervisor is connected to both Force10 routers/switches with LACP, so the VM needs to run linux bonding mode 2 to provide a bond0 interface to the VM. Neighbourship then needs to be established to both routers on this bonded interface. I tried to create neighbourship directly on the interfaces, but this does not work, I assume because the switches loadbalance traffic on the LACP portchannel. I could create a neighbourship with a VRRP interface, but as I understand it this will not work due to different router-ids in case of failover. So basically as I see it, this is the only way to make this work - unless you have another idea? Thanks Regards Kristoffer On 13/12/2013, at 17.37.29, Raphael Mazelier r...@futomaki.net wrote: I?m trying to use a bonded interface on linux to connect to two routers, one router on each physical link, each with a /31 subnet. Only one of the routers (Force10 S4810) forms adjacency with the linux host (whichever comes first), the other gets stuck in EXSTART until I shut/no shut the link, then Bird creates adjacency with both routers. What are you trying to do with this design ? It's rather strange. -- Raphael Mazelier
Re: Multiple OSPF adjacencies on same interface...
The Force10 manual states about peer-routing:
VLT unicast routing locally routes packets destined for the L3 endpoint of the
VLT peer.
So if this means that if LSAs for router1 are sent down the link in the port
channel connecting to router2, then router2 will respond instead of sending the
traffic to router1 - I’m not sure, but this seems plausible as to why it does
not work with the peer routing feature.
Funny actually that it works with quagga then…
Anyway, it seems to be stable now - let me know if you would like the tcpdump
anyway.
Thanks for your help!
Regards
Kristoffer
On 16/12/2013, at 11.07.50, Kristoffer Egefelt kristof...@itoc.dk wrote:
It seems this is working if I disable the peer-routing feature on the Force10
routers - I’ll test a little more and get back with a tcpdump
Thanks.
On 13/12/2013, at 18.01.10, Ondrej Zajicek santi...@crfreenet.org wrote:
On Fri, Dec 13, 2013 at 04:47:17PM +0100, Kristoffer Egefelt wrote:
Hi,
Is this not supported?
This is supported on Linux.
I?m trying to use a bonded interface on linux to connect to two routers,
one router on each physical link, each with a /31 subnet.
Only one of the routers (Force10 S4810) forms adjacency with the linux host
(whichever comes first), the other gets stuck in EXSTART
until I shut/no shut the link, then Bird creates adjacency with both
routers.
That is even more strange. It would be useful if you could make verbose
tcpdump log (tcpdump -i ethX -vv -s 0) together with BIRD OSPF log ('debug
all'
for OSPF) and send it to me.
--
Elen sila lumenn' omentielvo
Ondrej 'SanTiago' Zajicek (email: santi...@crfreenet.org)
OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net)
To err is human -- to blame it on a computer is even more so.
Multiple OSPF adjacencies on same interface...
Hi, Is this not supported? I’m trying to use a bonded interface on linux to connect to two routers, one router on each physical link, each with a /31 subnet. Only one of the routers (Force10 S4810) forms adjacency with the linux host (whichever comes first), the other gets stuck in EXSTART until I shut/no shut the link, then Bird creates adjacency with both routers. Quagga works as expected, but I’d rather use Bird due to better filtering etc. Any ideas ? Thanks Regards Kristoffer
