BGP daemon that works with RADIX_MPATH / ECMP in FreeBSD-HEAD
-
Given some of the recent feedback regarding problems with using BGP under pfSense, I thought the following discussion in the freebsd-net mailing list might be of interest:
Looking for a bgp listener that works with RADIX_MPATH / EQMP that's in HEAD
Peter Wemm peter at wemm.org
Sat Jun 29 20:56:23 UTC 2013On Sat, Jun 29, 2013 at 1:42 PM, Hiroki Sato <hrs at="" freebsd.org="">wrote:
Peter Wemm <peter at="" wemm.org="">wrote
in <cage5ycptjkoezdckgu6qc_fvmnrbpnp4bizp0fyi5oyxk1dguw at="" mail.gmail.com="">:pe> I'm looking for pointers to something that can listen to bgp default
pe> route announcements from two outbound gateways and set a RADIX_MPATH
pe> compatible default route based on whether one or both are alive.
pe>
pe> openbgpd from ports is extremely incompatible with RADIX_MPATH on 10.
pe> You have to turn off fib (kernel routing table) updates or it will
pe> destroy your machine when it runs out of physical memory for duplicate
pe> routes.
pe>
pe> I know I can do an evil hack and poll the 'bgp show …' output and
pe> manually update the default route but that means updates are delayed
pe> to the poll interval. I'm hoping there is a more elegant solution
pe> that already works and is immediately responsive to a change in bgp
pe> state.
pe>
pe> The caveat is it must run on 10.x, with RADIX_MPATH enabled. I'd
pe> gladly run openbgpd if it actually worked. openbgpd has some
pe> awareness of mpath so it might be fixable but openbsd's multipath is
pe> different to ours.
pe>
pe> Ideas?Unfortunately openbgpd does not work well with RADIX_MPATH yet. As
you pointed out, it is due to difference of multiple routes support
between FreeBSD and OpenBSD. I think FIB handling can be improved,
but needs some more investigation for that.Yes, the port is extremely dangerous if RADIX_MPATH is enabled. It
does this sort of thing:cmd = RTM_ADD
retry:
error = routectl(cmdl, data);
if (error && cmd == RTM_ADD) {
cmd = RTM_CHANGE;
goto retry;
}In short, it creates duplicates every single time there's a fib change
if you enable RADIX_MPATH. This does not end well.It appears that openbsd allows multiple overlapping routes to coexist
if they have a MPATH flag on them. Our radix structure is quite
different from what I understand, but the routing socket interface
causes openbgpd to accidently work and spam the rables.I think Quagga and BIRD can work with injecting ECMP routes into
RADIX_MPATH-enabled FIB.– Hiroki
I'm looking for some examples. See the bgpd.conf fragments I sent Scott.
http://lists.freebsd.org/pipermail/freebsd-net/2013-June/035866.html</cage5ycptjkoezdckgu6qc_fvmnrbpnp4bizp0fyi5oyxk1dguw></peter></hrs>
Scott Long scott4long at yahoo.com
Sat Jun 29 20:28:32 UTC 2013We run bird for this task. Can't say if it works on 10 since he haven't
moved to 10 yet, but there have been some experiments with running
a 10 kernel in the 9 userland and bird seems to behave fine with that.Scott
http://lists.freebsd.org/pipermail/freebsd-net/2013-June/035863.html
So it seems that bird http://www.freshports.org/net/bird/ might be the answer …