netlab icon indicating copy to clipboard operation
netlab copied to clipboard
verified publisher icon ipspace

[BUG] Link role is not set to 'external' on inter-AS IRB VLAN links

Open ipspace opened this issue 11 months ago • 1 comments

When two routers from different AS are connected over an IRB VLAN (using SVI interfaces), the "role: external" attribute is not set on the SVI interface, potentially resulting in an IGP running over the same link.

A simple fix (propagation of 'role' attribute) would probably address the "direct connection" scenario but not the "intermediate L2 switch" scenario.

Lab topology: direct connection

---
defaults.device: eos
provider: clab

vlans:
  core:

groups:
  pe:
    members: [ pe1, pe2 ]
    module: [ ospf, bgp, vlan ]

nodes:
  pe1:
    bgp.as: 65001
  pe2:
    bgp.as: 65002

links:
- pe1:
  pe2:
  vlan.trunk: [ core ]

Output

$ netlab inspect --node pe1 interfaces[1]
bridge_group: 1
ifindex: 40000
ifname: Vlan1000
ipv4: 172.16.0.1/24
name: VLAN core (1000) -> [pe2]
neighbors:
- ifname: Vlan1000
  ipv4: 172.16.0.2/24
  node: pe2
ospf:
  area: 0.0.0.0
  network_type: point-to-point
  passive: false
type: svi
virtual_interface: true
vlan:
  mode: irb
  name: core

The role attribute is not set and there's OSPF running on that link.

ipspace avatar Jan 28 '25 11:01 ipspace

Workaround (role: external on VLAN) documented as a warning in d58d83731.

ipspace avatar Jan 28 '25 11:01 ipspace