Hi, i'm trying to filter a kernel default route from beeing imported into frr/zebra. I tried with a prefix-list/route-map bound to ip procotol kernel# but it seems it get only used on export routes to the kernel, not import routes from the kernel. Is there a easy way to filter kernel route imports into frr/zebra? regards, tim -- Tim Weippert http://weiti.org - weiti@weiti.org GPG Fingerprint - E704 7303 6FF0 8393 ADB1 398E 67F2 94AE 5995 7DD8
No there isn't a way, because FRR really needs to know about routes in the kernel so proper routing decisions can be made. What are you really trying to do here? donald On Fri, Apr 9, 2021 at 6:33 AM Tim Weippert <weiti+frog@weiti.org> wrote:
Hi,
i'm trying to filter a kernel default route from beeing imported into frr/zebra.
I tried with a prefix-list/route-map bound to ip procotol kernel# but it seems it get only used on export routes to the kernel, not import routes from the kernel.
Is there a easy way to filter kernel route imports into frr/zebra?
regards, tim
-- Tim Weippert http://weiti.org - weiti@weiti.org GPG Fingerprint - E704 7303 6FF0 8393 ADB1 398E 67F2 94AE 5995 7DD8
_______________________________________________ frog mailing list frog@lists.frrouting.org https://lists.frrouting.org/listinfo/frog
Hi donald, thanks for the answer. I had lab systems which get a default route via vagrant but frr shouldn't use them as the systems had some bgp peerings where i simulate an BGP Internet Peering environment. I solved my issue with the use of an vrf, but badly i can't use bgp flowspec within the vrf so this test cases aren't usable now (it is not really an issue ...). So expecially i would like to remove the kernel default route as within my simulation is a bgp generated default. hope this sounds reasonable. regards, tim On Fri, Apr 09, 2021 at 06:54:42AM -0400, Donald Sharp wrote:
No there isn't a way, because FRR really needs to know about routes in the kernel so proper routing decisions can be made. What are you really trying to do here?
donald
On Fri, Apr 9, 2021 at 6:33 AM Tim Weippert <weiti+frog@weiti.org> wrote:
Hi,
i'm trying to filter a kernel default route from beeing imported into frr/zebra.
I tried with a prefix-list/route-map bound to ip procotol kernel# but it seems it get only used on export routes to the kernel, not import routes from the kernel.
Is there a easy way to filter kernel route imports into frr/zebra?
regards, tim
-- Tim Weippert http://weiti.org - weiti@weiti.org GPG Fingerprint - E704 7303 6FF0 8393 ADB1 398E 67F2 94AE 5995 7DD8
_______________________________________________ frog mailing list frog@lists.frrouting.org https://lists.frrouting.org/listinfo/frog
_______________________________________________ frog mailing list frog@lists.frrouting.org https://lists.frrouting.org/listinfo/frog
-- Tim Weippert http://weiti.org - weiti@weiti.org GPG Fingerprint - E704 7303 6FF0 8393 ADB1 398E 67F2 94AE 5995 7DD8
Specify a very very high metric for the default kernel route then and your bgp default route will win: http://docs.frrouting.org/en/latest/zebra.html#administrative-distance https://www.kernel.org/doc/Documentation/networking/vrf.txt Specifically if you set the kernel metric to say 4278198272 -> FRR will interpret this as a Admin distance of 255 and a metric of 8192. And your BGP route will win. donald On Fri, Apr 9, 2021 at 7:17 AM Tim Weippert <weiti+frog@weiti.org> wrote:
Hi donald,
thanks for the answer.
I had lab systems which get a default route via vagrant but frr shouldn't use them as the systems had some bgp peerings where i simulate an BGP Internet Peering environment.
I solved my issue with the use of an vrf, but badly i can't use bgp flowspec within the vrf so this test cases aren't usable now (it is not really an issue ...).
So expecially i would like to remove the kernel default route as within my simulation is a bgp generated default.
hope this sounds reasonable.
regards, tim
On Fri, Apr 09, 2021 at 06:54:42AM -0400, Donald Sharp wrote:
No there isn't a way, because FRR really needs to know about routes in the kernel so proper routing decisions can be made. What are you really trying to do here?
donald
On Fri, Apr 9, 2021 at 6:33 AM Tim Weippert <weiti+frog@weiti.org> wrote:
Hi,
i'm trying to filter a kernel default route from beeing imported into frr/zebra.
I tried with a prefix-list/route-map bound to ip procotol kernel# but it seems it get only used on export routes to the kernel, not import routes from the kernel.
Is there a easy way to filter kernel route imports into frr/zebra?
regards, tim
-- Tim Weippert http://weiti.org - weiti@weiti.org GPG Fingerprint - E704 7303 6FF0 8393 ADB1 398E 67F2 94AE 5995 7DD8
_______________________________________________ frog mailing list frog@lists.frrouting.org https://lists.frrouting.org/listinfo/frog
_______________________________________________ frog mailing list frog@lists.frrouting.org https://lists.frrouting.org/listinfo/frog
-- Tim Weippert http://weiti.org - weiti@weiti.org GPG Fingerprint - E704 7303 6FF0 8393 ADB1 398E 67F2 94AE 5995 7DD8
_______________________________________________ frog mailing list frog@lists.frrouting.org https://lists.frrouting.org/listinfo/frog
Hi donald, that works, additional with a BGP protocol route-map to prevent installing the v4 default route from bgp is the best solution for now. Thanks. One small issue, i can't filter the v6 default route from bgp protocol with this route-map, may i miss somethin obvious? ip prefix-list DEFAULT-ROUTE seq 5 permit 0.0.0.0/0 ! ipv6 prefix-list DEFAULT-ROUTE-v6 seq 5 permit ::/0 ! route-map KERNEL deny 10 match ip address prefix-list DEFAULT-ROUTE ! route-map KERNEL deny 15 match ipv6 address prefix-list DEFAULT-ROUTE-v6 ! route-map KERNEL permit 20 ! ip protocol bgp route-map KERNEL The ipv4 filter seems to work, but not the v6 one ... any hints? regards, tim On Fri, Apr 09, 2021 at 09:33:26AM -0400, Donald Sharp wrote:
Specify a very very high metric for the default kernel route then and your bgp default route will win:
http://docs.frrouting.org/en/latest/zebra.html#administrative-distance https://www.kernel.org/doc/Documentation/networking/vrf.txt
Specifically if you set the kernel metric to say 4278198272 -> FRR will interpret this as a Admin distance of 255 and a metric of 8192. And your BGP route will win.
donald
On Fri, Apr 9, 2021 at 7:17 AM Tim Weippert <weiti+frog@weiti.org> wrote:
Hi donald,
thanks for the answer.
I had lab systems which get a default route via vagrant but frr shouldn't use them as the systems had some bgp peerings where i simulate an BGP Internet Peering environment.
I solved my issue with the use of an vrf, but badly i can't use bgp flowspec within the vrf so this test cases aren't usable now (it is not really an issue ...).
So expecially i would like to remove the kernel default route as within my simulation is a bgp generated default.
hope this sounds reasonable.
regards, tim
On Fri, Apr 09, 2021 at 06:54:42AM -0400, Donald Sharp wrote:
No there isn't a way, because FRR really needs to know about routes in the kernel so proper routing decisions can be made. What are you really trying to do here?
donald
On Fri, Apr 9, 2021 at 6:33 AM Tim Weippert <weiti+frog@weiti.org> wrote:
Hi,
i'm trying to filter a kernel default route from beeing imported into frr/zebra.
I tried with a prefix-list/route-map bound to ip procotol kernel# but it seems it get only used on export routes to the kernel, not import routes from the kernel.
Is there a easy way to filter kernel route imports into frr/zebra?
regards, tim
-- Tim Weippert http://weiti.org - weiti@weiti.org GPG Fingerprint - E704 7303 6FF0 8393 ADB1 398E 67F2 94AE 5995 7DD8
_______________________________________________ frog mailing list frog@lists.frrouting.org https://lists.frrouting.org/listinfo/frog
_______________________________________________ frog mailing list frog@lists.frrouting.org https://lists.frrouting.org/listinfo/frog
-- Tim Weippert http://weiti.org - weiti@weiti.org GPG Fingerprint - E704 7303 6FF0 8393 ADB1 398E 67F2 94AE 5995 7DD8
_______________________________________________ frog mailing list frog@lists.frrouting.org https://lists.frrouting.org/listinfo/frog
_______________________________________________ frog mailing list frog@lists.frrouting.org https://lists.frrouting.org/listinfo/frog
-- Tim Weippert http://weiti.org - weiti@weiti.org GPG Fingerprint - E704 7303 6FF0 8393 ADB1 398E 67F2 94AE 5995 7DD8
participants (2)
-
Donald Sharp -
Tim Weippert