[FROG] Prefix pointing to itself as a NH

Mark Kamichoff prox at prolixium.com
Mon Aug 29 03:59:40 UTC 2022 

Hi - 

I noticed that after upgrading a few of my boxes to FRR 8, link prefixes
are no longer advertised in BGP.  I tracked it down to this commit:

https://github.com/FRRouting/frr/commit/654a5978f695087af062bfc9a382321fa2ccc4ae

More info:

I run EBGP w/ FRR over a few P-t-P OpenVPN tunnels that are configured
similar to the following:

(dax:23:35:EDT)% ifconfig tun0
tun0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> metric 0 mtu 1414
	options=80000<LINKSTATE>
	inet 10.3.254.11 --> 10.3.254.12 netmask 0xffffffff
	inet6 2620:6:2000:1ff::1181 prefixlen 124
	inet6 fe80::202:bcff:fe56:cb39%tun0 prefixlen 64 scopeid 0x11
	groups: tun
	nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
	Opened by PID 53497

Each side of the link is configured as a /32.  I have network statements
in FRR so that each side advertises its own /32 on the link, to allow
applications that don't bind to the loopback to work properly.

This has worked fine up until FRR 8 on both FreeBSD & Linux.  For
example, peer 10.3.254.83 is advertising 10.3.254.83/32 and it's being
accepted:

nox# show ip bgp nei 10.3.254.83 routes
BGP table version is 70477, local router ID is 10.3.4.20, vrf id 0
Default local pref 100, local AS 65307
Status codes:  s suppressed, d damped, h history, * valid, > best, = multipath,
               i internal, r RIB-failure, S Stale, R Removed
Nexthop codes: @NNN nexthop's vrf id, < announce-nh-self
Origin codes:  i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*> 10.3.4.18/32     10.3.254.83                            0 65306 i
*> 10.3.254.36/32   10.3.254.83                            0 65306 i
*> 10.3.254.83/32   10.3.254.83                            0 65306 i

Displayed  3 routes and 1222 total paths
nox# show ip bgp 10.3.254.83/32
BGP routing table entry for 10.3.254.83/32
Paths: (2 available, best #2, table default)
  Advertised to non peer-group peers:
  10.3.254.5 10.3.254.9 10.3.254.21 10.3.254.40 10.3.254.44 10.3.254.73 10.3.254.83 10.3.254.85 10.3.254.94 10.3.254.113 10.3.254.164 10.3.254.179
  65304 65306
    10.3.254.21 from 10.3.254.21 (10.3.4.6)
      Origin IGP, valid, external
      Last update: Sun Aug 28 22:17:11 2022
  65306
    10.3.254.83 from 10.3.254.83 (10.3.4.18)
      Origin IGP, valid, external, best (AS Path)
      Last update: Sun Aug 28 10:29:03 2022

However, in FRR 8, this no longer works due to the commit above.
Example for 10.3.254.12 advertising 10.3.254.12/32:

dax.prolixium.com# show ip bgp neighbors 10.3.254.12 routes 
BGP table version is 280, local router ID is 10.3.4.6, vrf id 0
Default local pref 100, local AS 65304
Status codes:  s suppressed, d damped, h history, * valid, > best, = multipath,
               i internal, r RIB-failure, S Stale, R Removed
Nexthop codes: @NNN nexthop's vrf id, < announce-nh-self
Origin codes:  i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

   Network          Next Hop            Metric LocPrf Weight Path
*> 10.3.4.25/32     10.3.254.12              0             0 65307 i
   10.3.254.12/32   10.3.254.12              0             0 65307 i

Displayed  2 routes and 1212 total paths
dax.prolixium.com# show ip bgp 10.3.254.12/32
BGP routing table entry for 10.3.254.12/32, version 278
Paths: (2 available, best #2, table default)
  Advertised to non peer-group peers:
  10.3.4.35 10.3.7.238 10.3.254.4 10.3.254.12 10.3.254.14 10.3.254.20 10.3.254.23 10.3.254.36 10.3.254.67 10.3.254.81 10.3.254.115 10.3.254.122 10.3.254.161
  65307
    10.3.254.12 (inaccessible) from 10.3.254.12 (10.3.4.25)
      Origin IGP, metric 0, invalid, external
      Last update: Sun Aug 28 23:42:58 2022
  Local
    0.0.0.0 from 0.0.0.0 (10.3.4.6)
      Origin IGP, metric 0, weight 32768, valid, sourced, local, best (First path received)
      Last update: Sun Aug 28 23:23:21 2022
dax.prolixium.com# 

When turning up debugs, this is clearly seen in the logs:

2022/08/28 23:06:47 BGP: [T5AAP-5GA85] 10.3.254.12(trance_bgpd) rcvd UPDATE w/ attr: nexthop 10.3.254.12, origin i, metric 0, path 65307
2022/08/28 23:06:47 BGP: [PCFFM-WMARW] 10.3.254.12(trance_bgpd) rcvd UPDATE wlen 0 attrlen 28 alen 10
2022/08/28 23:06:47 BGP: [YCKEM-GB33T] 10.3.254.12(trance_bgpd) rcvd 10.3.4.25/32 IPv4 unicast
2022/08/28 23:06:47 BGP: [J47J0-K06GG] Found existing bnc 10.3.254.12/32(VRF default) flags 0xf ifindex 0 #paths 0 peer 0x82fb50740
2022/08/28 23:06:47 BGP: [YCKEM-GB33T] 10.3.254.12(trance_bgpd) rcvd 10.3.254.12/32 IPv4 unicast
2022/08/28 23:06:47 BGP: [N1KDM-HR02D] bgp_find_or_add_nexthop(10.3.254.12/32): prefix loops through itself
2022/08/28 23:06:47 BGP: [YT4EY-7V2YV] bgp_update(10.3.254.12): NH unresolved

Are there workarounds for this or is this capability something that FRR has
intentionally dropped permanently (and I should renumber my tunnels..)?

Thanks!

- Mark

-- 
Mark Kamichoff
prox at prolixium.com
https://www.prolixium.com/

More information about the frog mailing list