BGP installing route in RIB even though IPv6 next-hop is not reachable.


Hi,
BGP installing route in RIB even though IPv6 next-hop is not reachable.
Topology:
Cisco--222::11----EBGP---2222::22--R2(Quagga)--3333::22-----IBGP----3333::33---DUT(Quagga) 
Steps to reproduce:
1.From Cisco advertise ipv6 network route (say 4444::/64) to R2 
2.On R2 we are getting EBGP route and instaled in RIB. 3.Do not configure next-hop self on R2. 4.DUT learns routes advertized by Cisco. Installs in the RIB without nexthop reachabilty check.
Debug issue below check is return -1.
static int
make_prefix (int afi, struct bgp_info ri, struct prefix *p)
{
...
case AFI_IP6:
/
We don't register link local NH */
if (ri->attr->extra->mp_nexthop_len != 16
|| IN6_IS_ADDR_LINKLOCAL (&ri->attr->extra->mp_nexthop_global))
return -1;
...
}
Here my debug shows attr->extra->mp_nexthop_len is 32 not 16.
So nexthopt reacabilty return suscess without quering RIB.
Another Observation from From RFC#2545.
section 3:
The link-local address shall be included in the Next Hop field if and
only if the BGP speaker shares a common subnet with the entity
identified by the global IPv6 address carried in the Network Address
of Next Hop field and the peer the route is being advertised to.
The above rule is not respected by quagga and Cisco also. So route is sent to peer with next-hop with global and link-local address making value of the Length of Next Hop Network Address field on a MP_REACH_NLRI attribute set to 32.
Can anyone suggest how to fix this or how to work around it via configuration settings?
Thanks in advance.
LiHongguang

3 replies

Hi LiHongguang,
Can you post the output for the following from DUT:
    show bgp 4444::/64 show ip bgp nexthop
  • show run
It sounds like R2 is sending us a LL nexthop so we are using that so the fact that we cannot reach the NH of the cisco does not come into play. I tried this in the lab and that is the behavior I am seeing. Agreed that this is a bug, I filed CM-7846 for this issue.

I have not found a way to force quagga to NOT send a LL nexthop but will keep digging. Just curious why not do next-hop-self on R2's session to the DUT?

Daniel
Hi Daniel,

Thank you for your replay.

This case is just the test for next-hop-self, so i do not do it on R2.

If i add "nexthop-local unchanged" for every neighbor, Routers will not send a LL nexthop, and I will get it right. At the same time, the global address instead of the link local address is as the route nexthop in the rib of zebra.PS.

The information from the link below can be useful to explain the problem to me.
http://docs.cumulusnetworks.com/display/DOCS/Configuring+Border+Gateway+Protocol+-+BGP
---->Advanced: Understanding How Next-hop Fields Are Set
LiHongguang
Your work-around sounds like the correct one. We'll take a closer look at this via CM-7846.

cheers
Daniel

Reply