BGP daemon that works with RADIX_MPATH / ECMP in FreeBSD-HEAD

dhatz

Given some of the recent feedback regarding problems with using BGP under pfSense, I thought the following discussion in the freebsd-net mailing list might be of interest:

Looking for a bgp listener that works with RADIX_MPATH / EQMP that's in HEAD
Peter Wemm peter at wemm.org
Sat Jun 29 20:56:23 UTC 2013

On Sat, Jun 29, 2013 at 1:42 PM, Hiroki Sato <hrs at="" freebsd.org="">wrote:

Peter Wemm <peter at="" wemm.org="">wrote
  in <cage5ycptjkoezdckgu6qc_fvmnrbpnp4bizp0fyi5oyxk1dguw at="" mail.gmail.com="">:

pe> I'm looking for pointers to something that can listen to bgp default
pe> route announcements from two outbound gateways and set a RADIX_MPATH
pe> compatible default route based on whether one or both are alive.
pe>
pe> openbgpd from ports is extremely incompatible with RADIX_MPATH on 10.
pe> You have to turn off fib (kernel routing table) updates or it will
pe> destroy your machine when it runs out of physical memory for duplicate
pe> routes.
pe>
pe> I know I can do an evil hack and poll the 'bgp show …' output and
pe> manually update the default route but that means updates are delayed
pe> to the poll interval.  I'm hoping there is a more elegant solution
pe> that already works and is immediately responsive to a change in bgp
pe> state.
pe>
pe> The caveat is it must run on 10.x, with RADIX_MPATH enabled.  I'd
pe> gladly run openbgpd if it actually worked.  openbgpd has some
pe> awareness of mpath so it might be fixable but openbsd's multipath is
pe> different to ours.
pe>
pe> Ideas?

Unfortunately openbgpd does not work well with RADIX_MPATH yet.  As
 you pointed out, it is due to difference of multiple routes support
 between FreeBSD and OpenBSD.  I think FIB handling can be improved,
 but needs some more investigation for that.

Yes, the port is extremely dangerous if RADIX_MPATH is enabled.  It
does this sort of thing:

cmd = RTM_ADD
retry:
error = routectl(cmdl, data);
if (error && cmd == RTM_ADD) {
   cmd = RTM_CHANGE;
   goto retry;
}

In short, it creates duplicates every single time there's a fib change
if you enable RADIX_MPATH.  This does not end well.

It appears that openbsd allows multiple overlapping routes to coexist
if they have a MPATH flag on them.  Our radix structure is quite
different from what I understand, but the routing socket interface
causes openbgpd to accidently work and spam the rables.

I think Quagga and BIRD can work with injecting ECMP routes into
 RADIX_MPATH-enabled FIB.

– Hiroki

I'm looking for some examples.  See the bgpd.conf fragments I sent Scott.

http://lists.freebsd.org/pipermail/freebsd-net/2013-June/035866.html</cage5ycptjkoezdckgu6qc_fvmnrbpnp4bizp0fyi5oyxk1dguw></peter></hrs>

Scott Long scott4long at yahoo.com
Sat Jun 29 20:28:32 UTC 2013

We run bird for this task.  Can't say if it works on 10 since he haven't
moved to 10 yet, but there have been some experiments with running
a 10 kernel in the 9 userland and bird seems to behave fine with that.

Scott

http://lists.freebsd.org/pipermail/freebsd-net/2013-June/035863.html

So it seems that bird http://www.freshports.org/net/bird/ might be the answer …