Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Newer firewalls lose EVPN routes after BGP session restart #186

Open
mreiger opened this issue May 31, 2023 · 1 comment
Open

Newer firewalls lose EVPN routes after BGP session restart #186

mreiger opened this issue May 31, 2023 · 1 comment

Comments

@mreiger
Copy link
Contributor

mreiger commented May 31, 2023

After a reboot of both leaf switches the newer firewalls lose all EVPN routes.

This affects firewalls after version firewall-ubuntu-2.0.20221025.

There was a change of FRR version there from 8.3.1 to 8.4.1: 2022102...2023011

There's a bug in FRR 8.4.1 that seems to match the behaviour we observed: FRRouting/frr#12391

We should check whether a downgrade to FRR 8.3 will fix the problem for us.

@majst01 majst01 mentioned this issue Aug 3, 2023
1 task
@mwindower
Copy link
Contributor

After cold rebooting both leaf switches even with FRR 9.0.1 the default route is missed sometimes either in the customer VRF or the internet VRF of firewalls.
So we have a difference btw. shutting ports (this works without problems) and cold reboot.

To further mitigate this behavior, these options come to my mind:

  • shut all front panel ports down before a upgrade or reboot (preferred)
  • check for the default route in the customer and internet VRF, if one of them is not installed in the Kernel initiate a FRR restart.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants