OpenBGPD restart script error



  • Hello all,

    I am using PFS 1.2.3-Release successfully (more than 15 firewalls installed :) )
    I have found something which IMHO is a bug.

    inside /usr/local/etc/rc.d/bgpd.sh, the test is wrong:

    Original:

    
    NUMBGPD=`ps auxw | grep bgpd | grep parent | grep -v grep | wc -l | awk '{print $1}'`
    # echo $NUMBGPD
    if [ $NUMBGPD -lt 0 ] ; then
      /usr/local/sbin/bgpd -f /usr/local/etc/bgpd.conf
    fi
    
    

    If bgpd is stopped, this script never restarts it  :(

    To get it working properly, the test should be:

    if [ $NUMBGPD -le 0 ] ; then
    

    Hope this can help some people :)

    Regards,
    Nicolas.



  • There was a problem with OpenBGPD starting twice which was corrected by the code you are referring to https://rcs.pfsense.org/projects/pfsense-packages/repos/mainline/commits/f8dace580df905e0d1c093662a434ec4b1c2b58b



  • Sure, but the error is in the test comparator:

    -lt: lower than. I replaced it with -le (lower or equal) because the line

    NUMBGPD=`ps auxw | grep bgpd | grep parent | grep -v grep | wc -l | awk '{print $1}'`
    

    can not give something negative.
    wc -l give 0 or more entries, not -1.

    If not bgpd parent process was found, the result is surely 0, and in that case, we should start bgpd.
    Am i wrong ?

    Regards,
    Nicolas



  • You are 100% right, I do not argue about that.
    What I meant was that correction cited above I think made OpenBGD not start at all (under any circumstances). And as soon as we had OpenBGPD started twice it fixed the problem. Apparently OpenBGPD was starting from some other script. Though I never investigated this issue and can't say anything.



  • ok  ;)

    I agree with you, this script may not be used to start bgpd :) As you wrote, "Though I never investigated this issue and can't say anything" more ;)

    I found that error while deep testing a BGP configuration for OpenVPN/Link failover with carp, where openvpn may be started before bpgd, so that the tap device did not exist before, and for some obscure reasons (yet) bgpd was not started at boot time.
    So, I tested a script that check the existent of bgpd socket to restart it.
    It is not a standard configuration (unsupported).


Locked