frr bgpd is not running - Won't stay started
-
frr version 7.3.1
pfSense-pkg-frr 0.6.7_3
zebra start's I see bgpd starts then bgpd dies
kernel logs in pfsense will show the pid has died.
There is nothing in /var/log/frr/ to help diagnose what is wrong.
Everything worked wonderfully prior to a reboot.
I force a start of the bgpd service via Status > Services and it dies.
I've confirmed my bgpd config looks good no problems there.
- How do I set up logging for frr to log to /var/log/frr/ ?
- Has anyone experienced this ?
- I have a mirrored system of this with the exact same config that starts fine.
This all started with me noticing that bgpd would not start on boot with frr. So I was being forced to start the service on boot manually.
I have reinstalled the frr package from cli.
[2.4.5-RELEASE][admin@FW.localdomain]/var/log/frr: /usr/local/sbin/pkg-static install -yf pkg pfSense-pkg-frr
Updating pfSense-core repository catalogue...
pfSense-core repository is up to date.
Updating pfSense repository catalogue...
pfSense repository is up to date.
All repositories are up to date.
Checking integrity... done (0 conflicting)
The following 2 package(s) will be affected (of 0 checked):Installed packages to be REINSTALLED:
pfSense-pkg-frr-0.6.7_3 [pfSense]
pkg-1.13.2 [pfSense]Number of packages to be reinstalled: 2
[1/2] Reinstalling pkg-1.13.2...
[1/2] Extracting pkg-1.13.2: 100%
You may need to manually remove /usr/local/etc/pkg.conf if it is no longer needed.
[2/2] Reinstalling pfSense-pkg-frr-0.6.7_3...
[2/2] Extracting pfSense-pkg-frr-0.6.7_3: 100%
Removing frr components...
Menu items... done.
Services... done.
Loading package instructions...
Saving updated package information...
overwrite!
Loading package configuration... done.
Configuring package components...
Loading package instructions...
Custom commands...
Executing custom_php_install_command()...Upgrading FRR Settings ... Nothing to do.
done.
Executing custom_php_resync_config_command()...done.
Menu items... done.
Services... done.
Writing configuration... done.And this was 10 minutes ago i am still waiting for it to complete.
-
@juesor said in frr bgpd is not running - Won't stay started:
Everything worked wonderfully prior to a reboot.
Hi,
it was for you....?????????????
ű+++edit:
highlighted
sysctl.................kern.ipc.maxsock...... (and the rest) -
When I say wonderfully. BGPd would start but still wouldn't start on boot.
[2.4.5-RELEASE][admin@FW.localdomain]/root: service frr status
zebra is running as pid 50181.
babeld is not running.
bfdd is not running.
bgpd is not running.
eigrpd is not running.
fabricd is not running.
isisd is not running.
ospfd is not running.
ospf6d is not running.
ripd is not running.
ripngd is not running.
staticd is not running.As you can see not running no matter what i do to get it started. I'm not running OSPFd on this pfsense.
-
@juesor said in frr bgpd is not running - Won't stay started:
When I say wonderfully.
indeed?
on pfSense, a package will not start, if the conditions are not specified...
(or missconfigured)without any problems we run this package, so you have the fault...etc. etc..
can you give a more detailed description of logs, network topology, etc, -
Is there a way to log FRR status change? Like I said earlier it doesn't seem to be logging to /var/log/frr/
As for BGP config
I'm using this PF to BGP to 4 ipv4 neighbors and 2 ipv6 neighbors. I am using Network Distribution to distribute 15 routes across.
I am using Prefix Lists to limit what gets shared to which neighbor.
Along with Route Maps.
I can not take a look at my bgp config because bgpd is not running.
bgpd is not running
Aug 4 12:07:31 php-fpm 350 /pkg_edit.php: FRR OSPF6d: No config data found.
Aug 4 12:07:31 php-fpm 350 /pkg_edit.php: FRR OSPFd: No config data found.
Aug 4 12:07:31 check_reload_status Syncing firewallThat is the only System Logs -> General that is being displayed nothing about bgpd
-
@juesor said in frr bgpd is not running - Won't stay started:
Is there a way to log FRR status change?
of course, when the running the package...?!
current version of pfSense?
he, will be your man.... @viktor_gthis is an abnormal behavior from FRR (pkg) ()...
(or something is misconfigured, I leave that to myself) -
I am running the latest version of pfsense.
When I ripped out all of the FRR config on this server and reapplied one option at a time neighborship at a time BGP would start and stay started.
Is there something with pfSense's FRR where config changes are not fully applied or applied in an odd timing.
-
When I enter data in from the GUI it's like the config isn't taking all of my options. Hence the reason the service checks my config and fails.
If I enter all my config from CLI via vtysh it works.
Is there something with adding information to GUI that is not working properly?
Can I just upload my cli config and have it populate the GUI?
-
@juesor Can you show your config?
Unable to reproduce this issue. -
The config looks like the following. When I try to recreate all items in the GUI I don't see anything wrong but at some point, bgpd fails to start.
I've modified IP's as i am posting this public's so none of the IP's are real.
router bgp 65006
bgp router-id 10.10.30.4
bgp log-neighbor-changes
neighbor 1.2.3.4 remote-as 65001
neighbor 1.2.3.4 description HEND1 9K - VRF inet
neighbor 1.2.3.4 update-source 1.2.3.3
neighbor 1.2.3.5 remote-as 65001
neighbor 1.2.3.5 description HEND2 9k - VRF inet
neighbor 1.2.3.5 update-source 1.2.3.3
neighbor 1.2.4.12 remote-as 65001
neighbor 1.2.4.12 description HEND1-9k-VRF-inet2
neighbor 1.2.4.12 update-source 1.2.4.11
neighbor 1.2.4.13 remote-as 65001
neighbor 1.2.4.13 description HEND2-9k-VRF-inet2
neighbor 1.2.4.13 update-source 1.2.4.11
neighbor 2802:a100:a100:5::12 remote-as 65001
neighbor 2802:a100:a100:5::12 description HEND1-9k-VRF-inet2v6
neighbor 2802:a100:a100:5::12 update-source 2802:a100:a100:5::11
neighbor 2802:a100:a100:5::13 remote-as 65001
neighbor 2802:a100:a100:5::13 description HEND2-9k-VRF-inet2v6
neighbor 2802:a100:a100:5::13 update-source 2802:a100:a100:5::1
!
address-family ipv4 unicast
network 1.2.5.0/24 route-map VRF-inet2-ipv4
network 1.2.5.23/32 route-map inet
network 1.2.5.25/32 route-map inet
network 192.168.1.0/24 route-map inet
network 1.2.6.12/32 route-map VRF-inet2-ipv4
network 1.2.4.0/29 route-map VRF-inet2-ipv4
network 1.2.4.32/28 route-map VRF-inet2-ipv4
network 1.2.4.48/29
network 1.2.4.128/28 route-map VRF-inet2-ipv4
network 1.2.7.80/28 route-map VRF-inet2-ipv4
network 1.2.8.240/29 route-map VRF-inet2-ipv4
network 1.2.9.240/29 route-map VRF-inet2-ipv4
neighbor 1.2.3.4 prefix-list inet out
neighbor 1.2.3.5 prefix-list inet out
neighbor 1.2.4.12 prefix-list VRF-inet2v4 out
neighbor 1.2.4.13 prefix-list VRF-inet2v4 out
exit-address-family
!
address-family ipv6 unicast
network 2405:1600:a100::/56
network 2405:1600:a101::/56
network 2405:1600:a102:1::/64
neighbor 2802:a100:a100:5::12 activate
neighbor 2802:a100:a100:5::12 prefix-list VRF-inet2-ipv6 out
exit-address-family
!
ip prefix-list Global description VRF Global
ip prefix-list Global seq 1 permit 10.8.1.10/32
ip prefix-list Global seq 2 permit 10.8.1.11/32
ip prefix-list Global seq 3 permit 192.168.1.0/24
ip prefix-list Global seq 4 permit 1.2.4.252/30
ip prefix-list inet description VRF inet
ip prefix-list inet seq 1 permit 1.2.5.23/32
ip prefix-list inet seq 2 permit 1.2.5.25/32
ip prefix-list inet seq 3 permit 192.168.1.0/24 le 28
ip prefix-list VRF-inet2v4 description VRF VRF-inet2 ipv4
ip prefix-list VRF-inet2v4 seq 1 permit 1.2.5.0/24
ip prefix-list VRF-inet2v4 seq 2 permit 1.2.6.12/32
ip prefix-list VRF-inet2v4 seq 3 permit 1.2.4.0/29
ip prefix-list VRF-inet2v4 seq 4 permit 1.2.4.32/28
ip prefix-list VRF-inet2v4 seq 5 permit 1.2.4.128/28
ip prefix-list VRF-inet2v4 seq 6 permit 1.2.7.80/28
ip prefix-list VRF-inet2v4 seq 7 permit 1.2.8.240/29
ip prefix-list VRF-inet2v4 seq 8 permit 1.2.9.240/29
!
ipv6 prefix-list VRF-inet2-ipv6 description VRF VRF-inet2 ipv6
ipv6 prefix-list VRF-inet2-ipv6 seq 1 permit 2405:1600:a100::/56
ipv6 prefix-list VRF-inet2-ipv6 seq 2 permit 2405:1600:a101::/56
!
route-map inet permit 1
match ip address prefix-list inet
!
route-map VRF-inet2-ipv4 permit 2
match ip address prefix-list VRF-inet2v4
!
route-map VRF-inet2-ipv6 permit 3
match ip address prefix-list VRF-inet2-ipv6
!
line vty
!
end -
When I create all of that via GUI something crashes the bgpd service. But if I paste that via CLI it works.
I can do it all again and show you the service failing. But it would be better if frr log something. /var/log/frr/
-
@juesor After completing the FRR WebGUI configuration, try to run it from the console:
# zebra --log --log-level debug -f /var/etc/frr/zebra.conf
and
# zebra --log --log-level debug -f /var/etc/frr/bgpd.confYou can also create a redmine issue:
https://docs.netgate.com/pfsense/en/latest/development/bug-reporting.html
