Join Log in
Score:0
Ignatella avatar Server

iBGP with recursive next-hop (FRR)

in flag
Ignatella

I'm trying to set up k8s cluster on Hetzner and export pods routes to server (172.20.0.5 in topology below) with FRR(Quagga) running on it. I use calico with BIRD as cni plugin. The problem is that FRR incorrectly exports (recursive) routes to kernel table.

Network topology

Frr config: show running-config

Current configuration:
!
frr version 8.1
frr defaults traditional
hostname deb-front-1
log syslog informational
no ipv6 forwarding
service integrated-vtysh-config
!
router bgp 64512
 no bgp default ipv4-unicast
 neighbor 172.20.0.2 remote-as 64512
 neighbor 172.20.0.3 remote-as 64512
 neighbor 172.20.0.4 remote-as 64512
 !
 address-family ipv4 unicast
  neighbor 172.20.0.2 activate
  neighbor 172.20.0.3 activate
  neighbor 172.20.0.4 activate
 exit-address-family
exit
!
end

So I obtain following routes: show ip route

K>* 0.0.0.0/0 [0/0] via 172.31.1.1, eth0, 01w1d04h
C>* *.*.*.*/32 is directly connected, eth0, 09:16:40 # public IP hidden
K>* 172.20.0.0/16 [0/0] via 172.20.0.1, ens10, 00:31:04
K>* 172.20.0.1/32 [0/0] is directly connected, ens10, 00:31:28
C>* 172.20.0.5/32 is directly connected, ens10, 05:57:07
K>* 172.31.1.1/32 [0/0] is directly connected, eth0, 01w1d04h
B>  192.168.69.64/26 [200/0] via 172.20.0.4 (recursive), weight 1, 00:31:04
  *                            via 172.20.0.1, ens10, weight 1, 00:31:04
B>  192.168.155.64/26 [200/0] via 172.20.0.2 (recursive), weight 1, 00:31:04
  *                             via 172.20.0.1, ens10, weight 1, 00:31:04
B>  192.168.253.64/26 [200/0] via 172.20.0.3 (recursive), weight 1, 00:31:04
  *                             via 172.20.0.1, ens10, weight 1, 00:31:04

As You see it successfully got routes via iBGP and understands, that they are recursive (traffic goes via 172.20.0.1 vSwitch in the middle of topology)

Here is an output of the show bgp neighbor command: output

[Kernel] ip route show:

default via 172.31.1.1 dev eth0
172.20.0.0/16 via 172.20.0.1 dev ens10
172.20.0.1 dev ens10 scope link
172.31.1.1 dev eth0 scope link
192.168.69.64/26 nhid 79 via 172.20.0.1 dev ens10 proto bgp metric 20
192.168.155.64/26 nhid 79 via 172.20.0.1 dev ens10 proto bgp metric 20
192.168.253.64/26 nhid 79 via 172.20.0.1 dev ens10 proto bgp metric 20

As You finally can see it have exported routes via 172.20.0.1 but not 172.20.0.(2/3/4) as it supposed to export.

Example of expected routing config:

192.168.69.64/26 nhid 79 via 172.20.0.2
192.168.155.64/26 nhid 79 via 172.20.0.3
192.168.253.64/26 nhid 79 via 172.20.0.4

Thank You in advance for any idea! :)

145
0 + 0
bgp
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.