Open
Description
Unable to perform BGP route leaking between VRFs on SoNIC switches SW7 and SW8 as expected. The route leaking functionality works on other platforms (e.g., Ubuntu), but it fails on the SoNIC environment.
SONiC A (SW8):
- VRF1111:
- Bound to VLAN1111 (IP Address: 10.10.11.1).
- VM (VM-B) is directly connected to VLAN1111:
- IP Address: 10.10.11.10
- Default GW: 10.10.11.1 (GW of VLAN1111)
- VLAN1300:
- IP Address: 10.10.2.3
- Not bound to any VRF so it is Default VRF
- Default VRF:
- Requires route leaking with VRF1111.
- Requires route leaking with the default VRF of SW7.
SONiC B (SW7):
- VRF2000:
- Bound to VLAN2000.
- VM (VM-B) is directly connected to VLAN2000:
- IP Address: 10.10.4.10
- Default GW: 10.10.4.1 (GW of VLAN2000)
- VLAN1300:
- IP Address: 10.10.2.2
- Not bound to any VRF so it is Default VRF
- Default VRF:
- Requires route leaking with VRF2000.
- Requires route leaking with the default VRF of SW8.
FRR config SW8:
sonic8# show running-config
router bgp 65001
bgp router-id 1.1.1.0
neighbor 10.10.2.2 remote-as 65002
!
address-family ipv4 unicast
redistribute connected route-map map-VrfDefault
neighbor 10.10.2.2 next-hop-self
neighbor 10.10.2.2 soft-reconfiguration inbound
neighbor 10.10.2.2 route-map REDISTRIBUTE_ANY_10.10.2.2 in
neighbor 10.10.2.2 route-map REDISTRIBUTE_ANY_10.10.2.2 out
rd vpn export 65001:10000
rt vpn import 65001:10000 65001:10001
rt vpn export 65001:10000
export vpn
import vpn
exit-address-family
exit
!
router bgp 65001 vrf Vrf1111
bgp router-id 1.1.1.2
!
address-family ipv4 unicast
redistribute connected route-map map-Vrf1111
rd vpn export 65001:10001
rt vpn import 65001:10001 65001:10000
rt vpn export 65001:10001
export vpn
import vpn
exit-address-family
exit
!
route-map map-VrfDefault permit 1000
set extcommunity rt 65001:10000
exit
!
route-map map-Vrf1111 permit 1000
set extcommunity rt 65001:10001
exit
!
route-map REDISTRIBUTE_ANY_10.10.2.2 permit 10
match ip address prefix-list ALLOW_ROUTES_10.10.2.2
exit
ip prefix-list ALLOW_ROUTES_10.10.2.2 seq 10 permit any
Route SW8:
sonic8# show ip route vrf all
VRF Vrf1111:
B>* 10.1.0.1/32 [20/0] is directly connected, Loopback0 (vrf default), weight 1, 01:24:27
B>* 10.10.0.0/24 [20/0] is directly connected, eth0 (vrf default), weight 1, 01:24:27
B>* 10.10.2.0/24 [20/0] is directly connected, Vlan1300 (vrf default), weight 1, 01:18:54
B>* 10.10.4.0/24 [20/0] via 10.10.2.2, Vlan1300 (vrf default), weight 1, 00:23:28
C>* 10.10.11.0/24 is directly connected, Vlan1111, 01:27:09
B>* 172.0.1.0/24 [20/0] is directly connected, Vlan2100 (vrf default), weight 1, 01:24:27
VRF default:
C>* 10.1.0.1/32 is directly connected, Loopback0, 01:27:27
C>* 10.10.0.0/24 is directly connected, eth0, 01:27:31
C>* 10.10.2.0/24 is directly connected, Vlan1300, 01:18:54
B>* 10.10.4.0/24 [20/0] via 10.10.2.2, Vlan1300, weight 1, 00:23:28
B>* 10.10.11.0/24 [20/0] is directly connected, Vrf1111 (vrf Vrf1111), weight 1,
BGP summary SW8:
sonic8# show ip bgp summary
IPv4 Unicast Summary:
BGP router identifier 1.1.1.0, local AS number 65001 VRF default vrf-id 0
BGP table version 12
RIB entries 11, using 1408 bytes of memory
Peers 1, using 20 KiB of memory
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd PfxSnt Desc
10.10.2.2 4 65002 10 10 12 0 0 00:01:25 4 6 N/A
Total number of neighbors 1
BGP advertise route SW8:
sonic8# show ip bgp neighbors 10.10.2.2 advertised-routes
BGP table version is 12, local router ID is 1.1.1.0, vrf id 0
Default local pref 100, local AS 65001
Status codes: s suppressed, d damped, h history, * valid, > best, = multipath,
i internal, r RIB-failure, S Stale, R Removed
Nexthop codes: @NNN nexthop's vrf id, < announce-nh-self
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*> 10.1.0.1/32 0.0.0.0 0 32768 ?
*> 10.10.0.0/24 0.0.0.0 0 32768 ?
*> 10.10.2.0/24 0.0.0.0 0 32768 ?
*> 10.10.4.0/24 0.0.0.0 0 65002 ?
*> 10.10.11.0/24 0.0.0.0 0 32768 ?
*> 172.0.1.0/24 0.0.0.0 0 32768 ?
Total number of prefixes 6
BGP receive route SW8:
sonic8# show ip bgp neighbors 10.10.2.2 received-routes
BGP table version is 12, local router ID is 1.1.1.0, vrf id 0
Default local pref 100, local AS 65001
Status codes: s suppressed, d damped, h history, * valid, > best, = multipath,
i internal, r RIB-failure, S Stale, R Removed
Nexthop codes: @NNN nexthop's vrf id, < announce-nh-self
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*> 10.1.0.1/32 10.10.2.2 0 0 65002 ?
*> 10.10.0.0/24 10.10.2.2 0 0 65002 ?
*> 10.10.2.0/24 10.10.2.2 0 0 65002 ?
*> 10.10.4.0/24 10.10.2.2 0 0 65002 ?
*> 10.10.11.0/24 10.10.2.2 0 65002 65001 ?
*> 172.0.1.0/24 10.10.2.2 0 65002 65001 ?
Total number of prefixes 6
FRR config SW7:
sonic7# show running-config
router bgp 65002
bgp router-id 2.2.2.0
neighbor 10.10.2.3 remote-as 65001
!
address-family ipv4 unicast
network 10.10.4.0/24
redistribute connected route-map map-VrfDefault
neighbor 10.10.2.3 next-hop-self
neighbor 10.10.2.3 soft-reconfiguration inbound
neighbor 10.10.2.3 route-map REDISTRIBUTE_ANY_10.10.2.3 in
neighbor 10.10.2.3 route-map REDISTRIBUTE_ANY_10.10.2.3 out
rd vpn export 65002:10100
rt vpn import 65002:10100 65002:11100
rt vpn export 65002:10100
export vpn
import vpn
exit-address-family
exit
!
router bgp 65002 vrf Vrf2000
bgp router-id 2.2.2.3
!
address-family ipv4 unicast
redistribute connected route-map map-Vrf2000
rd vpn export 65002:11100
rt vpn import 65002:11100 65002:10100
rt vpn export 65002:11100
export vpn
import vpn
exit-address-family
exit
!
address-family ipv4 unicast
redistribute static route-map STATIC_ROUTE_FILTER
exit-address-family
!
address-family ipv6 unicast
redistribute static route-map STATIC_ROUTE_FILTER
exit-address-family
exit
!
route-map map-VrfDefault permit 1000
set extcommunity rt 65002:10100
exit
!
route-map map-Vrf2000 permit 1000
set extcommunity rt 65002:11100
exit
!
route-map REDISTRIBUTE_ANY_10.10.2.3 permit 10
match ip address prefix-list ALLOW_ROUTES_10.10.2.3
exit
!
ip prefix-list ALLOW_ROUTES_10.10.2.3 seq 10 permit any
Route SW7:
sonic7# show ip route vrf all
VRF Vrf2000:
B>* 10.1.0.1/32 [20/0] is directly connected, Loopback0 (vrf default), weight 1, 00:26:20
B>* 10.10.0.0/24 [20/0] is directly connected, eth0 (vrf default), weight 1, 00:26:20
B>* 10.10.2.0/24 [20/0] is directly connected, Vlan1300 (vrf default), weight 1, 00:26:10
C>* 10.10.4.0/24 is directly connected, Vlan2000, 00:26:10
B>* 10.10.11.0/24 [20/0] via 10.10.2.3, Vlan1300 (vrf default), weight 1, 00:26:00
B>* 172.0.1.0/24 [20/0] via 10.10.2.3, Vlan1300 (vrf default), weight 1, 00:26:00
VRF default:
C>* 10.1.0.1/32 is directly connected, Loopback0, 00:26:25
C>* 10.10.0.0/24 is directly connected, eth0, 00:26:29
C>* 10.10.2.0/24 is directly connected, Vlan1300, 00:26:10
B>* 10.10.4.0/24 [20/0] is directly connected, Vrf2000 (vrf Vrf2000), weight 1, 00:26:10
B>* 10.10.11.0/24 [20/0] via 10.10.2.3, Vlan1300, weight 1, 00:26:00
B>* 172.0.1.0/24 [20/0] via 10.10.2.3, Vlan1300, weight 1, 00:26:00
BGP summary SW7:
sonic7# show ip bgp summary
IPv4 Unicast Summary:
BGP router identifier 2.2.2.0, local AS number 65002 VRF default vrf-id 0
BGP table version 10
RIB entries 11, using 1408 bytes of memory
Peers 1, using 20 KiB of memory
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd PfxSnt Desc
10.10.2.3 4 65001 12 12 10 0 0 00:03:06 5 6 N/A
Total number of neighbors 1
BGP advertise route SW7:
sonic7# show ip bgp neighbors 10.10.2.3 advertised-routes
BGP table version is 10, local router ID is 2.2.2.0, vrf id 0
Default local pref 100, local AS 65002
Status codes: s suppressed, d damped, h history, * valid, > best, = multipath,
i internal, r RIB-failure, S Stale, R Removed
Nexthop codes: @NNN nexthop's vrf id, < announce-nh-self
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*> 10.1.0.1/32 0.0.0.0 0 32768 ?
*> 10.10.0.0/24 0.0.0.0 0 32768 ?
*> 10.10.2.0/24 0.0.0.0 0 32768 ?
*> 10.10.4.0/24 0.0.0.0 0 32768 ?
*> 10.10.11.0/24 0.0.0.0 0 65001 ?
*> 172.0.1.0/24 0.0.0.0 0 65001 ?
Total number of prefixes 6
BGP receive route SW7:
sonic7# show ip bgp neighbors 10.10.2.3 received-routes
BGP table version is 10, local router ID is 2.2.2.0, vrf id 0
Default local pref 100, local AS 65002
Status codes: s suppressed, d damped, h history, * valid, > best, = multipath,
i internal, r RIB-failure, S Stale, R Removed
Nexthop codes: @NNN nexthop's vrf id, < announce-nh-self
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*> 10.1.0.1/32 10.10.2.3 0 0 65001 ?
*> 10.10.0.0/24 10.10.2.3 0 0 65001 ?
*> 10.10.2.0/24 10.10.2.3 0 0 65001 ?
*> 10.10.4.0/24 10.10.2.3 0 65001 65002 ?
*> 10.10.11.0/24 10.10.2.3 0 0 65001 ?
*> 172.0.1.0/24 10.10.2.3 0 0 65001 ?
Total number of prefixes 6
Expected Behaviour:
VM-A, connected to VRF1111 on SW8, can successfully ping VM-B, which is connected to VRF2000 on SW7.
Actual Behaviour:
VM-A cannot ping to VM-B
admin@VM_A:~$ ping 10.10.4.10
PING 10.10.4.10 (10.10.4.10) 56(84) bytes of data.
Versions
- SONiC version
- FRR version
admin@sonic8:~$ show version
SONiC Software Version: SONiC.202411.0-08f108333
SONiC OS Version: 12
Distribution: Debian 12.8
Kernel: 6.1.0-22-2-amd64
Build commit: 08f108333
Build date: Mon Dec 16 10:16:54 UTC 2024
Built by: skylab@skylab
Platform: x86_64-ufispace_s8901_54xc-r0
HwSKU: UFISPACE-S8901-54XC
ASIC: broadcom
ASIC Count: 1
Serial Number: WWJ1E9VH00002P1
Model Number: S8901-54XC-2B1B
Hardware Revision: N/A
Uptime: 00:14:13 up 2:23, 2 users, load average: 1.18, 1.28, 1.18
Date: Thu 28 Nov 2024 00:14:13
Docker images:
REPOSITORY TAG IMAGE ID SIZE
docker-macsec latest 5acca967d693 344MB
docker-dhcp-relay latest f1b90cc98b0f 321MB
docker-syncd-brcm 202411.0-08f108333 781c74667028 753MB
docker-syncd-brcm latest 781c74667028 753MB
docker-sonic-telemetry 202411.0-08f108333 80b3ceb16c4a 402MB
docker-sonic-telemetry latest 80b3ceb16c4a 402MB
docker-teamd 202411.0-08f108333 802cfac9cbd0 341MB
docker-teamd latest 802cfac9cbd0 341MB
docker-sonic-mgmt-framework 202411.0-08f108333 3e71df11e89b 402MB
docker-sonic-mgmt-framework latest 3e71df11e89b 402MB
docker-snmp 202411.0-08f108333 ec9c24f24573 356MB
docker-snmp latest ec9c24f24573 356MB
docker-sflow 202411.0-08f108333 b0b67b300b0b 342MB
docker-sflow latest b0b67b300b0b 342MB
docker-router-advertiser 202411.0-08f108333 38457b809e0a 312MB
docker-router-advertiser latest 38457b809e0a 312MB
docker-sonic-restapi 202411.0-08f108333 23cf4169fed4 330MB
docker-sonic-restapi latest 23cf4169fed4 330MB
docker-platform-monitor 202411.0-08f108333 ee4116df3be8 431MB
docker-platform-monitor latest ee4116df3be8 431MB
docker-orchagent 202411.0-08f108333 09dd8f5415ba 354MB
docker-orchagent latest 09dd8f5415ba 354MB
docker-nat 202411.0-08f108333 548454bff351 344MB
docker-nat latest 548454bff351 344MB
docker-mux 202411.0-08f108333 3f7720fa9023 363MB
docker-mux latest 3f7720fa9023 363MB
docker-lldp 202411.0-08f108333 111a40a538c4 357MB
docker-lldp latest 111a40a538c4 357MB
docker-sonic-gnmi 202411.0-08f108333 38443c99015a 402MB
docker-sonic-gnmi latest 38443c99015a 402MB
docker-fpm-frr 202411.0-08f108333 ddde5deb1174 375MB
docker-fpm-frr latest ddde5deb1174 375MB
docker-eventd 202411.0-08f108333 7c93c33ea791 312MB
docker-eventd latest 7c93c33ea791 312MB
docker-database 202411.0-08f108333 232aab64e2e9 320MB
docker-database latest 232aab64e2e9 320MB
docker-sonic-bmp 202411.0-08f108333 e263e66221c7 313MB
docker-sonic-bmp latest e263e66221c7 313MB
docker-gbsyncd-credo 202411.0-08f108333 9d946e23ee6a 325MB
docker-gbsyncd-credo latest 9d946e23ee6a 325MB
docker-gbsyncd-broncos 202411.0-08f108333 6126f0496c19 352MB
docker-gbsyncd-broncos latest 6126f0496c19 352MB
admin@sonic8:~$ vtysh
Hello, this is FRRouting (version 10.0.1).
Copyright 1996-2005 Kunihiro Ishiguro, et al.
Metadata
Metadata
Assignees
Labels
No labels