Re: Bgpd multipath conf
In the end I found out a way to manage mutipath. Outside the bgpd daemon. Basically I evaluate the bgp peer status from ifstated rules and I install/remove static multipath route on variation. The first test seem promising. In the end I can even manage carp based on peer availabilty with this approach. If someone is interested in conf I can post as well as soon as I finish my test base. Cheers M. Caterpillar: Confidential Green -Original Message- From: Benjamin Raskin Sent: Thursday, May 16, 2024 3:47 PM To: Stuart Henderson ; Marco Agostani Cc: misc@openbsd.org Subject: Re: Bgpd multipath conf CAUTION: EXTERNAL EMAIL This is a message from raskinbenjam...@gmail.com. Use caution when opening unexpected emails and do not click on links or attachments from unknown senders. For more resources, visit security.cat.com/phishing. __ I'm working on something similar right now for bgpd, where any connected /128 ipv6 address will be announced over bgp. For example if the router is connected to an adjacent host that has assigned itself an address through slaac such that the router has an entry for that particular host in the routing table, then the router will announce the host's /128 address. On Thu, May 16, 2024 at 6:24 AM Stuart Henderson wrote: > > On 2024-05-16, Marco Agostani wrote: > > Ok so in the end is there a way to install more then one route in the > > kernel table through bgpd or not ? > > No. That is what "bgpd ... does not handle adding multiple paths for > the same prefix to the FIB" means. (FIB = "forwarding information > base" = kernel route table) > > > And if it's something that could be done in the future ? > > could? sure, if someone were to write the code to support it. > > I don't think it will be a particularly easy thing to do though. > > > -- > Please keep replies on the mailing list. >
Re: Bgpd multipath conf
I'm working on something similar right now for bgpd, where any connected /128 ipv6 address will be announced over bgp. For example if the router is connected to an adjacent host that has assigned itself an address through slaac such that the router has an entry for that particular host in the routing table, then the router will announce the host's /128 address. On Thu, May 16, 2024 at 6:24 AM Stuart Henderson wrote: > > On 2024-05-16, Marco Agostani wrote: > > Ok so in the end is there a way to install more then one route in the > > kernel table through bgpd or not ? > > No. That is what "bgpd ... does not handle adding multiple paths for the > same prefix to the FIB" means. (FIB = "forwarding information base" = > kernel route table) > > > And if it's something that could be done in the future ? > > could? sure, if someone were to write the code to support it. > > I don't think it will be a particularly easy thing to do though. > > > -- > Please keep replies on the mailing list. >
Re: Bgpd multipath conf
>> Ok so in the end is there a way to install more then one route in the kernel >> table through bgpd or not ? >No. That is what "bgpd ... does not handle adding multiple paths for the same >prefix to the FIB" means. (FIB = "forwarding information base" = kernel route >table) Ok so the only thing is having a 3 routers instead of one. Two speaking ebgp and the third speaking ospf with them or static multipath in order to send load balanced traffic . >> And if it's something that could be done in the future ? >could? sure, if someone were to write the code to support it. >I don't think it will be a particularly easy thing to do though. Yeah, probably not me ☹. Anyway tks a lot for your answer . Cheers Marco -- Please keep replies on the mailing list. Caterpillar: Confidential Green
Re: Bgpd multipath conf
On 2024-05-16, Marco Agostani wrote: > Ok so in the end is there a way to install more then one route in the kernel > table through bgpd or not ? No. That is what "bgpd ... does not handle adding multiple paths for the same prefix to the FIB" means. (FIB = "forwarding information base" = kernel route table) > And if it's something that could be done in the future ? could? sure, if someone were to write the code to support it. I don't think it will be a particularly easy thing to do though. -- Please keep replies on the mailing list.
Re: Bgpd multipath conf
Ok so in the end is there a way to install more then one route in the kernel table through bgpd or not ? And if it's something that could be done in the future ? Cheers Marco Caterpillar: Confidential Green -Original Message- From: Stuart Henderson Sent: Wednesday, May 15, 2024 8:26 AM To: misc@openbsd.org Subject: Re: Bgpd multipath conf CAUTION: EXTERNAL EMAIL This is a message from owner-m...@openbsd.org. Use caution when opening unexpected emails and do not click on links or attachments from unknown senders. For more resources, visit security.cat.com/phishing. __ On 2024-05-14, Marco Agostani wrote: > I try to setup an openbgpd setup involving multipath configuration > ...with = no success. ... > neighbor $GW01 { > descr "bgp#1" > announce IPv4 unicast > announce add-path recv yes > set localpref 110 > } This just announces the add-path BGP capability. > #bgpctl sh rib > https://urldefense.com/v3/__http://172.18.180.0/24__;!!FtR4BK4x7WL3xYs > !6DAqIASIWdakyXeDyLwAsmIOK4cM3WJigBhTBEZwFP2QSx-N8iqQRQKGfW0L4XpCyVGG2 > 7Pi4GFOtJXl9T8K7jGv49b5Fz40$ > > flags: * =3D Valid, > =3D Selected, I =3D via IBGP, A =3D Announced, >S =3D Stale, E =3D Error > origin validation state: N =3D not-found, V =3D valid, ! =3D invalid > aspa validation state: ? =3D unknown, V =3D valid, ! =3D invalid > origin: i =3D IGP, e =3D EGP, ? =3D Incomplete > > flags vs destination gateway lpref med aspath origin > *>N-? > https://urldefense.com/v3/__http://172.18.180.0/24__;!!FtR4BK4x7WL3xYs!6DAqIASIWdakyXeDyLwAsmIOK4cM3WJigBhTBEZwFP2QSx-N8iqQRQKGfW0L4XpCyVGG27Pi4GFOtJXl9T8K7jGv49b5Fz40$ > > https://urldefense.com/v3/__http://10.0.1.241__;!!FtR4BK4x7WL3xYs!6DAqIASIWdakyXeDyLwAsmIOK4cM3WJigBhTBEZwFP2QSx-N8iqQRQKGfW0L4XpCyVGG27Pi4GFOtJXl9T8K7jGv41J-7V7w$ > 110 0 14381 i > *mN-? > https://urldefense.com/v3/__http://172.18.180.0/24__;!!FtR4BK4x7WL3xYs!6DAqIASIWdakyXeDyLwAsmIOK4cM3WJigBhTBEZwFP2QSx-N8iqQRQKGfW0L4XpCyVGG27Pi4GFOtJXl9T8K7jGv49b5Fz40$ > > https://urldefense.com/v3/__http://10.0.1.245__;!!FtR4BK4x7WL3xYs!6DAqIASIWdakyXeDyLwAsmIOK4cM3WJigBhTBEZwFP2QSx-N8iqQRQKGfW0L4XpCyVGG27Pi4GFOtJXl9T8K7jGv48_2TUKx$ > 110 0 14381 i > > Show me two routes one marked with multipath > > But in fib I see only one route > > #bgpctl sh fib > https://urldefense.com/v3/__http://172.18.180.0/24__;!!FtR4BK4x7WL3xYs > !6DAqIASIWdakyXeDyLwAsmIOK4cM3WJigBhTBEZwFP2QSx-N8iqQRQKGfW0L4XpCyVGG2 > 7Pi4GFOtJXl9T8K7jGv49b5Fz40$ > > flags: B =3D BGP, C =3D Connected, S =3D Static >N =3D BGP Nexthop reachable via this route >r =3D reject route, b =3D blackhole route > flags prio destination gateway > B 48 > https://urldefense.com/v3/__http://172.18.180.0/24__;!!FtR4BK4x7WL3xYs!6DAqIASIWdakyXeDyLwAsmIOK4cM3WJigBhTBEZwFP2QSx-N8iqQRQKGfW0L4XpCyVGG27Pi4GFOtJXl9T8K7jGv49b5Fz40$ > > https://urldefense.com/v3/__http://10.0.1.241__;!!FtR4BK4x7WL3xYs!6DAqIASIWdakyXeDyLwAsmIOK4cM3WJigBhTBEZwFP2QSx-N8iqQRQKGfW0L4XpCyVGG27Pi4GFOtJXl9T8K7jGv41J-7V7w$ ... > What I miss here ?? bgpd does allow add-path and having multiple paths to a prefix in the RIB (e.g. perhaps useful on a route-server) but it does not handle adding multiple paths for the same prefix to the FIB.
Re: Bgpd multipath conf
On 2024-05-14, Marco Agostani wrote: > I try to setup an openbgpd setup involving multipath configuration ...with = > no success. ... > neighbor $GW01 { > descr "bgp#1" > announce IPv4 unicast > announce add-path recv yes > set localpref 110 > } This just announces the add-path BGP capability. > #bgpctl sh rib 172.18.180.0/24 > > flags: * =3D Valid, > =3D Selected, I =3D via IBGP, A =3D Announced, >S =3D Stale, E =3D Error > origin validation state: N =3D not-found, V =3D valid, ! =3D invalid > aspa validation state: ? =3D unknown, V =3D valid, ! =3D invalid > origin: i =3D IGP, e =3D EGP, ? =3D Incomplete > > flags vs destination gateway lpref med aspath origin > *>N-? 172.18.180.0/24 10.0.1.241110 0 14381 i > *mN-? 172.18.180.0/24 10.0.1.245110 0 14381 i > > Show me two routes one marked with multipath > > But in fib I see only one route > > #bgpctl sh fib 172.18.180.0/24 > > flags: B =3D BGP, C =3D Connected, S =3D Static >N =3D BGP Nexthop reachable via this route >r =3D reject route, b =3D blackhole route > flags prio destination gateway > B 48 172.18.180.0/24 10.0.1.241 ... > What I miss here ?? bgpd does allow add-path and having multiple paths to a prefix in the RIB (e.g. perhaps useful on a route-server) but it does not handle adding multiple paths for the same prefix to the FIB.
Bgpd multipath conf
Hello guys, I try to setup an openbgpd setup involving multipath configuration ...with no success. My bgpd.conf is like that prefix-set privnetworks { 10.55.0.0/16 10.60.0.0/16 172.16.0.0/12 } log updates network 10.240.0.0/16 group "eBGP" { remote-as $AS1 neighbor $GW01 { descr "bgp#1" announce IPv4 unicast announce add-path recv yes set localpref 110 } neighbor $GW02 { descr "bgp#2" announce IPv4 unicast announce add-path recv yes set localpref 110 } } match from any community GRACEFUL_SHUTDOWN set { localpref 0 } deny quick from group eBGP prefix 0.0.0.0/0 Deny out internal route deny quick from group eBGP prefix 10.240.0.0/16 or-longer ##allow private allow quick from group eBGP prefix-set privnetworks or-longer set rtlabel PRIVNET allow quick to group eBGP prefix 10.240.0.0/16 deny quick from any #bgpctl sh rib 172.18.180.0/24 flags: * = Valid, > = Selected, I = via IBGP, A = Announced, S = Stale, E = Error origin validation state: N = not-found, V = valid, ! = invalid aspa validation state: ? = unknown, V = valid, ! = invalid origin: i = IGP, e = EGP, ? = Incomplete flags vs destination gateway lpref med aspath origin *>N-? 172.18.180.0/24 10.0.1.241110 0 14381 i *mN-? 172.18.180.0/24 10.0.1.245110 0 14381 i Show me two routes one marked with multipath But in fib I see only one route #bgpctl sh fib 172.18.180.0/24 flags: B = BGP, C = Connected, S = Static N = BGP Nexthop reachable via this route r = reject route, b = blackhole route flags prio destination gateway B 48 172.18.180.0/24 10.0.1.241 Confirmed by route #route -n get 172.18.180.0/24 route to: 172.18.180.0 destination: 172.18.180.0 mask: 255.255.255.0 gateway: 10.0.1.241 interface: sec7130 if address: 10.0.1.242 priority: 48 (bgp) flags: label: PRIVNET use mtuexpire 0 0 0 sockaddrs: Multipath is enabled # sysctl net.inet.ip.multipath net.inet.ip.multipath=1 and static routes with -mpath option are setup correctly What I miss here ?? Cheers Marco Caterpillar: Confidential Green