Community discussions

MikroTik App
 
Datastorm
just joined
Topic Author
Posts: 5
Joined: Tue Apr 02, 2019 4:54 pm

BGP in VRF, routeros_v7

Tue Dec 14, 2021 4:27 pm

Hi guys,

I'm having trouble configuring BGP session in VRF. For testing purposes, I'm recieving on 0.0.0.0/0 and it says that it is invalid, unreachable. Same config in main VRF works just fine.
I had the same problem with version v7.1 but then I saw that it should be fixed in v7.1rc6
*) bgp - fixed connection establishment if peer is in VRF;

Currently running on v7.1rc7

BGP config:
 /routing bgp connection
add as=65500 connect=yes disabled=no listen=yes local.address=10.77.202.230 \
    .role=ebgp-peer name=ISP_RC01 output.network=bgp-networks .redistribute=\
    connected remote.address=10.77.202.229/32 .as=65001 router-id=10.77.202.230 \
    routing-table=vrf_ISP vrf=vrf_ISP

VRF config:
/ip vrf
add interfaces="Lo0,vlan10 - ISP" name=vrf_ISP

Route:
 DIbH  dst-address=0.0.0.0/0 routing-table=vrf_ISP gateway=10.77.202.229 
         distance=20 scope=40 target-scope=10 suppress-hw-offload=no

BGP Session:
 0 E remote.address=10.77.202.229@vrf_ISP .as=65001 .id=10.90.0.1 
     .refused-cap-opt=no .capabilities=mp,rr,as4,err .hold-time=20s 
     .messages=91 .bytes=1766 .eor=ip 
     local.role=ebgp-peer .address=10.77.202.230@vrf_ISP .as=65500 
     .id=10.77.202.230 .capabilities=mp,rr,gr,as4 .messages=90 .bytes=1764 
     .eor="" 
     output.procid=21 .network=bgp-networks 
     input.procid=21 ebgp 
     routing-table=vrf_ISP hold-time=20s keepalive-time=6s670ms
When I take a look at BGP session through GUI, it says - Routing Table:vrf_ISP; VRF: main.

Am I doing something wrong?

Thanks in advance!
 
adcre
newbie
Posts: 27
Joined: Fri Dec 10, 2021 4:18 pm

Re: BGP in VRF, routeros_v7

Thu Dec 16, 2021 12:59 am

Hi,

I got same problem.

I think Is the same related on viewtopic.php?t=181270

No @vrf suffix on route table.

For example on my config peering is in a bond interface and another interface is the connected one so when I do
> routing/route/print
Flags: U, A - ACTIVE; c, s, b, y - COPY; H - HW-OFFLOADED
Columns: DST-ADDRESS, GATEWAY, AFI, DISTANCE, SCOPE, TARGET-SCOPE, IMMEDIATE-GW
    DST-ADDRESS     GATEWAY                 AFI   DI  SC  TA  IMMEDIATE-GW
As  0.0.0.0/0       192.168.0.1             ip4    1  30  10  192.168.0.1%ether1
Ac  192.168.0.0/24  ether1                  ip4    0  10      ether1
UbH 10.0.0.0/24     10.0.0.2                ip4   20  40  10
Ac  10.0.0.0/24     bond-bs-02@vrf-test     ip4    0  10      bond-bs-02
Ac  10.0.1.0/24     sfp-sfpplus12@vrf-test  ip4    0  10      sfp-sfpplus12
UbH 10.0.2.0/24     10.0.0.2                ip4   20  40  10
Local intefaces on vrf (bond-bs-02 and sft-sftpplus12 have it routes on right vrf (@vrf-test) but 10.0.2.0/24 learned from bgp no.
 > routing/route/print detail
Flags: X - disabled, F - filtered, U - unreachable, A - active;
c - connect, s - static, r - rip, b - bgp, o - ospf, d - dhcp, v - vpn, m - mo>
H - hw-offloaded; + - ecmp, B - blackhole
 UbH  afi=ip4 contribution=unreachable dst-address=10.0.2.0/24
       routing-table=vrf-test gateway=10.0.0.2 distance=20 scope=40
       target-scope=10 belongs-to="BGP IP routes from 10.0.0.2@*2"
       bgp.peer-cache-id=*B000003 .as-path="65002" .atomic-aggregate=yes
       .origin=igp
       debug.fwp-ptr=0x20242180
So in gateway is missing the @vrf-test
and
 > ip route/print
Flags: D - DYNAMIC; I, A - ACTIVE; c, s, b, y - COPY; H - HW-OFFLOADED
Columns: DST-ADDRESS, GATEWAY, DISTANCE
#      DST-ADDRESS     GATEWAY                 DISTANCE
0  As  0.0.0.0/0       192.168.0.1                    1
  DAc  192.168.0.0/24  ether1                         0
  DIbH 10.0.0.0/24     10.0.0.2                      20
  DAc  10.0.0.0/24     bond-bs-02@vrf-test            0
  DAc  10.0.1.0/24     sfp-sfpplus12@vrf-test         0
  DIbH 10.0.2.0/24     10.0.0.2                      20
Shows the same, not @vrfname on route learned from bgp daemon running on that vrf
 > ip route/print detail
Flags: D - dynamic; X - disabled, I - inactive, A - active;
c - connect, s - static, r - rip, b - bgp, o - ospf, d - dhcp, v - vpn, m - mo>
H - hw-offloaded; + - ecmp
   DIbH  dst-address=10.0.2.0/24 routing-table=vrf-test gateway=10.0.0.2
         distance=20 scope=40 target-scope=10 suppress-hw-offload=no
Best Regards,

Diego
 
Datastorm
just joined
Topic Author
Posts: 5
Joined: Tue Apr 02, 2019 4:54 pm

Re: BGP in VRF, routeros_v7

Thu Dec 23, 2021 10:36 am

How can they sell devices preinstalled with OS that is full of bugs and it can't do what earlier versions could? :/

@adcre - Thanks for the response!
 
adcre
newbie
Posts: 27
Joined: Fri Dec 10, 2021 4:18 pm

Re: BGP in VRF, routeros_v7

Thu Dec 23, 2021 12:14 pm

I think That happens to all manufacturers this days. I can tell you about any vendor having this kind of problems in new versions.

Best Regards,

Diego.

PS: I hope I got time when we came back from Christmas to do a detailed bug report as I have not yet
 
adcre
newbie
Posts: 27
Joined: Fri Dec 10, 2021 4:18 pm

Re: BGP in VRF, routeros_v7

Thu Dec 23, 2021 11:34 pm

opened SUP-69820 for this issue
 
User avatar
nichky
Forum Guru
Forum Guru
Posts: 1275
Joined: Tue Jun 23, 2015 2:35 pm

Re: BGP in VRF, routeros_v7

Fri Dec 24, 2021 9:43 am

has MikroTik implemented VRF over BGP?
 
adcre
newbie
Posts: 27
Joined: Fri Dec 10, 2021 4:18 pm

Re: BGP in VRF, routeros_v7

Sun Jan 30, 2022 6:57 pm

They have acknowledge the problem both in ticket and in public:

viewtopic.php?t=182699#p908998

Also that is going to be solve in a future version.

Best Regards,

Diego
 
Datastorm
just joined
Topic Author
Posts: 5
Joined: Tue Apr 02, 2019 4:54 pm

Re: BGP in VRF, routeros_v7

Tue Feb 01, 2022 3:54 pm

Great!

Now we wait to see what else is broken :D
 
TheNetworkBerg
just joined
Posts: 15
Joined: Mon Sep 30, 2019 9:50 am

Re: BGP in VRF, routeros_v7

Wed Feb 23, 2022 9:30 pm

What's new in 7.2rc4 (2022-Feb-22 13:37):

*) bgp - fixed VPNv4 route sending to remote peer;

Hoping this actually works, as this will be a decent step into getting v7 into prod networks using BGP for VRF spanning.

Going to test this out

EDIT:

Well at least I can SEE the route now, although this still isn't working. Will tweak some of my own settings, but seems like a step up
[admin@PE2] > ip route print where routing-table=cust1 
Flags: D - DYNAMIC; A - ACTIVE; c, y - COPY
Columns: DST-ADDRESS, GATEWAY, DISTANCE
    DST-ADDRESS    GATEWAY       DISTANCE
DAy 172.16.1.0/30  192.0.0.1            0
DAc 172.16.2.0/30  ether2@cust1         0

[admin@PE2] > ping 172.16.1.1 vrf=cust1 src-address=172.16.2.1
  SEQ HOST                                     SIZE TTL TIME       STATUS      
    0                                                              no route ...
    1 172.16.1.1                                                   timeout     
    2 172.16.1.1                                                   timeout     
    3                                                              no route ...
    4                                                              no route ...
    sent=5 received=0 packet-loss=100%
EDIT2:

I still do not see these prefixes in the LDP bindings, I am also seeing weird behavior with the BGP, something like 70k+ TX messages with the peer only being up for 5 minutes. Guess we wait for another RC to come out... Lulw sorry I was posting in your thread where you were trying to use a source VRF in BGP to create BGP connections. I am posting about VRF spanning using BGP :(
 
adcre
newbie
Posts: 27
Joined: Fri Dec 10, 2021 4:18 pm

Re: BGP in VRF, routeros_v7

Tue Mar 01, 2022 10:23 am

Hello,

I think now it works bgp over vrf and importing the routes on the right table.
What's new in 7.2rc4 (2022-Feb-22 13:37):
*) bgp - fixed VPNv4 route sending to remote peer
*) route - fixed route addition to VRF from BGP
You can see difference from my previous post:
 > routing/route/print
Flags: A - ACTIVE; c, s, b, y - COPY; H - HW-OFFLOADED
Columns: DST-ADDRESS, GATEWAY, AFI, DISTANCE, SCOPE, TARGET-SCOPE
    DST-ADDRESS     GATEWAY                 AFI   DISTANCE  SCOPE  TARGET-SCOPE
As  0.0.0.0/0       192.168.0.1             ip4          1     30            10
Ac  192.168.0.0/24  ether1                  ip4          0     10
 b  10.0.0.0/24     10.0.0.1@vrf-test       ip4         20     40            10
Ac  10.0.0.0/24     bond-bs-02@vrf-test     ip4          0     10
Ab  10.0.1.0/24     10.0.0.1@vrf-test       ip4         20     40            10
Ac  10.0.2.0/24     sfp-sfpplus12@vrf-test  ip4          0     10
A H ether1                                  link         0
And now I can ping new networks received by bgp.

So I got the vrf-lite functionality with bgp on vrf working.

I have not test full mpls (not my current use case) so I do not know what is missing to have ldp forwarding.

Best Regards,

Diego

Who is online

Users browsing this forum: No registered users and 17 guests