(Solved) bgpg connection from non-peer 192.168.0.4 refused

cradulescu

Hello,

I would need some support from community with and bgp error. Here is the context:

I have a kubernetes cluster as the above pricture show. Inside the cluster I have deployed Metallb ( a system that is using BGP routing so I will be able to implement loadbalacer services on a "bare-metal kubernetes cluster") . Everything good, until I get the error on bgdp (pfsense) :

Sep 16 15:22:47 bgpd 72696 connection from non-peer 192.168.0.4 refused
Sep 16 15:24:47 bgpd 72696 connection from non-peer 192.168.0.8 refused

On "metallb" bpg pods I am getting:

{"caller":"bgp.go:55","error":"read OPEN from "192.168.0.1:179": EOF","localASN":64501,"msg":"failed to connect to peer","op":"connect","peer":"192.168.0.1:179","peerASN":64500,"ts":"2018-09-1 6T13:20:47.371994307Z"}

I am aware that my bgp router form inside the cluster stays on a different network ( kubernetes network) and the bgp connection coming trough a non-peer ( kubernetes nodes). I keep diving to find a solution on openbgp to allow non-peer connection and I cant find anything.

Anyone has any advice?

Thank you!

cradulescu

@cradulescu I have figureout how to solve this issue.
There is a bug on openBGPD. Event I do setup the neighbors the conf dose not update so I have to update it manually ( I know is not recommended) .

# This file was created by the package manager. Do not edit!

AS 64500
fib-update yes
listen on 0.0.0.0
router-id 192.168.0.1
network 192.168.0.1/24
neighbor 192.168.0.4 { 
	remote-as 64501 
	descr "Kubernetes-Node01" 
}
neighbor 192.168.0.8 { 
	remote-as 64501 
	descr "Kubernetes-Node02" 
}
#deny from any
#deny to any

Resault Kubernetes

{"caller":"main.go:229","event":"serviceAnnounced","ip":"192.168.12.2","msg":"service has IP, announcing","pool":"default","protocol":"bgp","service":"default/elasticsearch","ts":"2018-09-16T14:37:20.876366531Z"}

Resault pfsense:

Neighbor                   AS    MsgRcvd    MsgSent  OutQ Up/Down  State/PrfRcvd
Kubernetes-Node02       64501        337        327     0 02:42:09      1
Kubernetes-Node01       64501        337        327     0 02:42:09      1

OpenBGPD Neighbors
BGP neighbor is 192.168.0.8, remote AS 64501
 Description: Kubernetes-Node02
  BGP version 4, remote router-id 192.168.0.8
  BGP state = Established, up for 02:42:09
  Last read 00:00:09, holdtime 90s, keepalive interval 30s
  Neighbor capabilities:
    Multiprotocol extensions: IPv4 unicast, IPv6 unicast
    4-byte AS numbers

  Message statistics:
                  Sent       Received  
  Opens                    1          1
  Notifications            0          0
  Updates                  1         11
  Keepalives             325        325
  Route Refresh            0          0
  Total                  327        337

  Update statistics:
                  Sent       Received  
  Updates                  4          6
  Withdraws                0          5
  End-of-Rib               0          0

  Local host:           192.168.0.1, Local port:    179
  Remote host:          192.168.0.8, Remote port: 52807

BGP neighbor is 192.168.0.4, remote AS 64501
 Description: Kubernetes-Node01
  BGP version 4, remote router-id 192.168.0.4
  BGP state = Established, up for 02:42:09
  Last read 00:00:09, holdtime 90s, keepalive interval 30s
  Neighbor capabilities:
    Multiprotocol extensions: IPv4 unicast, IPv6 unicast
    4-byte AS numbers

  Message statistics:
                  Sent       Received  
  Opens                    1          1
  Notifications            0          0
  Updates                  1         11
  Keepalives             325        325
  Route Refresh            0          0
  Total                  327        337

  Update statistics:
                  Sent       Received  
  Updates                  4          6
  Withdraws                0          5
  End-of-Rib               0          0

  Local host:           192.168.0.1, Local port:    179
  Remote host:          192.168.0.4, Remote port: 46850