Hello Roberto: I didn't investigate the os-ken code in depth but I don't see how to configure it not to learn these advertised routes. This is why I was asking this. If you know how to do this (and that implies not modifying the os-ken code), perfect. Let me know and I'll help you (if needed) to change the n-d-r code. If you need it, ping me in IRC (ralonsoh, #openstack-neutron channel) Regards. On Mon, Nov 21, 2022 at 8:49 PM Roberto Bartzen Acosta < roberto.acosta@luizalabs.com> wrote:
Hi Rodolfo, Are you sure it would be on os-ken? I believe that the os-ken is a multi-purpose driver for BGP (bgpspeaker uses for advertising and withdrawal routes). What about other projects that use os-ken and need to learn routes? Shouldn't bgpspeaker be responsible for programming os-ken to not learn routes?
Regards
Em seg., 21 de nov. de 2022 às 13:55, Rodolfo Alonso Hernandez < ralonsoh@redhat.com> escreveu:
Hi Roberto:
Please open a launchpad bug documenting this issue in os-ken.
Thanks!
On Wed, Nov 16, 2022 at 3:41 PM Roberto Bartzen Acosta < roberto.acosta@luizalabs.com> wrote:
Thanks Sean.
I believe that the os-ken driver is not coded to honor this premise because the below function can learn new paths from peer update messages.
https://opendev.org/openstack/os-ken/src/branch/master/os_ken/services/proto...
Em qua., 16 de nov. de 2022 às 09:14, Sean Mooney <smooney@redhat.com> escreveu:
On Wed, 2022-11-16 at 09:05 -0300, Roberto Bartzen Acosta wrote:
Sorry for the mistake, I meant, the bgpspeaker should only "*advertise*!" and not "learn" the AS_PATHs via BGP. yes that used to be the scope of that project to advertise only and not learn so i would geuss either that has change recently and they broke backward compaitbly or they have refactord it to use an external bgp speaker like frr and it learns by default
i dont really see anything here https://github.com/openstack/neutron-dynamic-routing/commits/master im not really familar with the internals of the project but i dont see any code to learn routs form
https://github.com/openstack/neutron-dynamic-routing/blob/master/neutron_dyn...
it just has code for advertizing and withdrawing routes.
Em qua., 16 de nov. de 2022 às 08:57, Sean Mooney <smooney@redhat.com
escreveu:
On Wed, 2022-11-16 at 08:43 -0300, Roberto Bartzen Acosta wrote: > Hey folks, > > Please, I have a question here, the bgpspeaker should only
"learn" and
not > "advertise" the AS_PATHs via BGP, right?
its been a while since i looked at it but in the past it did not supprot learning at all
it just advertised the routes for the neutron netowrks
> > In my tests, I can see that it is learning routes from BGP neighbors. This > behavior can cause an AS_PATH loop because the bgpspeaker learns back its > own advertised routes, and I see a message like this in the logs: > > 2022-11-11 19:45:41.967 7220 ERROR bgpspeaker.peer [-] AS_PATH on UPDATE > message has loops. Ignoring this message: >
BGPUpdate(len=91,nlri=[],path_attributes=[BGPPathAttributeMpReachNLRI(afi=2,flags=144,length=46,next_hop='2001:db7:1::1',nlri=[IP6AddrPrefix(addr='2001:db9:1234::',length=64)],safi=1,type=14),
> BGPPathAttributeOrigin(flags=64,length=1,type=1,value=0), > BGPPathAttributeAsPath(flags=80,length=10,type=2,value=[[65001, >
65000]])],total_path_attribute_len=68,type=2,withdrawn_routes=[],withdrawn_routes_len=0)
> > This can be fixed by suppressing the neighbor route advertisement (using > route-map export), but have I misunderstood how neutron-dymanic-routing > works or do we have a possible bug here? > > Regards >
*‘Esta mensagem é direcionada apenas para os endereços constantes no cabeçalho inicial. Se você não está listado nos endereços constantes no cabeçalho, pedimos-lhe que desconsidere completamente o conteúdo dessa mensagem e cuja cópia, encaminhamento e/ou execução das ações citadas estão imediatamente anuladas e proibidas’.*
*‘Apesar do Magazine Luiza tomar todas as precauções razoáveis para assegurar que nenhum vírus esteja presente nesse e-mail, a empresa não poderá aceitar a responsabilidade por quaisquer perdas ou danos causados por esse e-mail ou por seus anexos’.*
*‘Esta mensagem é direcionada apenas para os endereços constantes no cabeçalho inicial. Se você não está listado nos endereços constantes no cabeçalho, pedimos-lhe que desconsidere completamente o conteúdo dessa mensagem e cuja cópia, encaminhamento e/ou execução das ações citadas estão imediatamente anuladas e proibidas’.*
*‘Apesar do Magazine Luiza tomar todas as precauções razoáveis para assegurar que nenhum vírus esteja presente nesse e-mail, a empresa não poderá aceitar a responsabilidade por quaisquer perdas ou danos causados por esse e-mail ou por seus anexos’.*