frr icon indicating copy to clipboard operation
frr copied to clipboard
verified publisher icon FRRouting

EVPN-MPLS T1 Label lost

Open murrant opened this issue 1 year ago • 2 comments

Description

I'm attempting to use FRR as a route reflector for our EVPN/MPLS/ISIS-SR network. It seems to be losing the label for type 1 circuits and sending 1048575 instead (binary 11111111111111111111).

Update received by FRR: image

Update sent by FRR: image

Version

FRRouting 9.1 (hv-reflector-vm) on Linux(5.15.0-97-generic).
Copyright 1996-2005 Kunihiro Ishiguro, et al.
configured with:
    '--build=x86_64-linux-gnu' '--prefix=/usr' '--includedir=${prefix}/include' '--mandir=${prefix}/share/man' '--infodir=${prefix}/share/info' '--sysconfdir=/etc' '--localstatedir=/var' '--disable-option-checking' '--disable-silent-rules' '--libdir=${prefix}/lib/x86_64-linux-gnu' '--libexecdir=${prefix}/lib/x86_64-linux-gnu' '--disable-maintainer-mode' '--localstatedir=/var/run/frr' '--sbindir=/usr/lib/frr' '--sysconfdir=/etc/frr' '--with-vtysh-pager=/usr/bin/pager' '--libdir=/usr/lib/x86_64-linux-gnu/frr' '--with-moduledir=/usr/lib/x86_64-linux-gnu/frr/modules' '--disable-dependency-tracking' '--enable-rpki' '--disable-scripting' '--enable-pim6d' '--with-libpam' '--enable-doc' '--enable-doc-html' '--enable-snmp' '--enable-fpm' '--disable-protobuf' '--disable-zeromq' '--enable-ospfapi' '--enable-bgp-vnc' '--enable-multipath=256' '--enable-user=frr' '--enable-group=frr' '--enable-vty-group=frrvty' '--enable-configfile-mask=0640' '--enable-logfile-mask=0640' 'build_alias=x86_64-linux-gnu' 'PYTHON=python3'

How to reproduce

Set up EVPN-MPLS VPWS circuit on equipment with BGP peering and confirm functionality. Add FRR as route reflector and remove peering. The VPWS no long functions because the devices receive the wrong remote labels.

Expected behavior

Correct labels are sent.

Actual behavior

Labels are sent as 1048575

Additional context

Unclear if this is related to #7292 I have a packet capture with some moderately sensitive data (ASN) in it I can provide access to.

Checklist

  • [X] I have searched the open issues for this bug.
  • [X] I have not included sensitive information in this report.

murrant avatar Apr 03 '24 21:04 murrant

Can confirm I am able to reproduce this with a client We can provide PCAPs if needed

baldoarturo avatar Jun 11 '24 12:06 baldoarturo

@baldoarturo If you can provide some PCAPs with generic data, that might help make it easier for someone to tackle this issue.

murrant avatar Jul 26 '24 14:07 murrant

This issue is stale because it has been open 180 days with no activity. Comment or remove the autoclose label in order to avoid having this issue closed.

github-actions[bot] avatar Jan 23 '25 01:01 github-actions[bot]

This issue will be automatically closed in the specified period unless there is further activity.

frrbot[bot] avatar Jan 23 '25 01:01 frrbot[bot]

This issue still exists. Unfortunately, I do not have a lab to test it at this time.

murrant avatar Jan 23 '25 02:01 murrant

This issue will no longer be automatically closed.

frrbot[bot] avatar Jan 23 '25 02:01 frrbot[bot]

@murrant , do you have the evpn configuration to share, pls? for instance, ios xr config?

pguibert6WIND avatar Feb 03 '25 12:02 pguibert6WIND

https://github.com/FRRouting/frr/pull/17985 should help

pguibert6WIND avatar Feb 03 '25 13:02 pguibert6WIND

This is a sample config from a couple IP Infusion OcNOS boxes Using the same box as RR works as expected. With FRR we do see the missing label

evpn mpls enable
evpn mpls multihoming enable
evpn mpls vtep-ip-global 10.3.3.31

mac vrf EVPN-NE-VLAN250
 evpn-vlan-service vlan-based
 rd 10.3.3.31:250
 route-target both 65000:250

evpn mpls id 250
 host-reachability-protocol evpn-bgp EVPN-NE-VLAN250

interface po31
 description EVPN-MH-NE
 mtu 9216
 evpn multi-homed system-mac 0000.5e00.0001
!
interface po31.250 switchport
 description EVPN-MH-NE-VLAN250
 encapsulation dot1q 250
 mtu 9216
 access-if-evpn
  map vpn-id 250
!

baldoarturo avatar Feb 03 '25 14:02 baldoarturo