[R2.20] DM: should push router-id configuration to the MX

Bug #1464456 reported by amit surana
12
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Juniper Openstack
Status tracked in Trunk
R2.20
Fix Committed
High
Suresh Balineni
Trunk
Fix Committed
High
Suresh Balineni

Bug Description

Tracking following issues:

1. DM should push the 'set routing-options router-id' command to the MX. Not doing will cause commit failures of rest of the configurations.

2. ingress-node-replication directive under vxlan hierarchy inside the bridge-domain is not needed with new junos changes (confirm with nischal).

amit surana (asurana-t)
description: updated
Jeba Paulaiyan (jebap)
information type: Proprietary → Public
tags: added: device-manager
Revision history for this message
Suresh Balineni (sbalineni) wrote :
Download full text (4.1 KiB)

Jeba, I looked at your MX box.
I don't see router-id configuration but still commit go through fine. All contrail generated config is pushed successfully.
You said, this is happening in latest build. Please let me know the JUNOS Version.

root@cmbu-sydney# run show version
Hostname: cmbu-sydney
Model: mx480
Junos: 14.2I20150528_0300_ssivaraj

root@cmbu-sydney# show | display set | match router
set groups re0 system backup-router 10.87.159.254
set groups re0 system backup-router destination 0.0.0.0/0
set groups re1 system backup-router 10.87.159.254
set groups re1 system backup-router destination 0.0.0.0/0
set routing-options router-id 172.16.95.1
deactivate routing-options router-id
set routing-instances csol1-vrf routing-options router-id 172.16.95.1

root@cmbu-sydney# run show system commit
0 2015-06-13 17:33:00 PDT by root via netconf

root@cmbu-sydney% date
Sat Jun 13 17:36:03 PDT 2015

root@cmbu-sydney# show groups __contrail__ | display set
set groups __contrail__ interfaces irb gratuitous-arp-reply
set groups __contrail__ interfaces irb unit 12 family inet address 172.16.90.1/24
set groups __contrail__ interfaces irb unit 5 family inet address 172.16.100.1/24
set groups __contrail__ interfaces lo0 unit 0 family inet address 172.16.95.1/32 primary
set groups __contrail__ interfaces lo0 unit 0 family inet address 172.16.95.1/32 preferred
set groups __contrail__ forwarding-options family inet filter input redirect_to___contrail__ad484e9f-fb9f-4fce-a2a1-fc5c6f473e_vrf
set groups __contrail__ routing-options route-distinguisher-id 172.16.95.1
set groups __contrail__ routing-options autonomous-system 64513
set groups __contrail__ routing-options dynamic-tunnels __contrail__ source-address 172.16.95.1
set groups __contrail__ routing-options dynamic-tunnels __contrail__ gre
set groups __contrail__ routing-options dynamic-tunnels __contrail__ destination-networks 172.16.80.0/24
set groups __contrail__ routing-options dynamic-tunnels __contrail__ destination-networks 172.16.80.3/32
set groups __contrail__ routing-options dynamic-tunnels __contrail__ destination-networks 172.16.80.2/32
set groups __contrail__ routing-options dynamic-tunnels __contrail__ destination-networks 172.16.95.1/32
set groups __contrail__ routing-options dynamic-tunnels __contrail__ destination-networks 172.16.80.4/32
set groups __contrail__ routing-options dynamic-tunnels __contrail__ destination-networks 172.16.82.200/32
set groups __contrail__ protocols mpls interface all
set groups __contrail__ protocols bgp group __contrail__ type internal
set groups __contrail__ protocols bgp group __contrail__ multihop
set groups __contrail__ protocols bgp group __contrail__ local-address 172.16.95.1
set groups __contrail__ protocols bgp group __contrail__ hold-time 90
set groups __contrail__ protocols bgp group __contrail__ keep all
set groups __contrail__ protocols bgp group __contrail__ family inet-vpn unicast
set groups __contrail__ protocols bgp group __contrail__ family inet6-vpn unicast
set groups __contrail__ protocols bgp group __contrail__ family evpn signaling
set groups __contrail__ protocols bgp group __contrail__ family route-target
set groups __contrail...

Read more...

Revision history for this message
Nischal Sheth (nsheth) wrote :

@Amit

My understanding is that ingress-node-replication is not needed.
Per Selva it can cause duplicate BUM packets when we advertise
the inclusive multicast route for TOR Agent.

Revision history for this message
Suresh Balineni (sbalineni) wrote :

Amit,
I see following error when router-id config is not present and tried to configure evpn:

Jun 14 17:52:13 [29010] Outgoing: <error-info>
Jun 14 17:52:13 [29010] Outgoing: <bad-element>
Jun 14 17:52:13 [29010] Outgoing: evpn-vxlan1
Jun 14 17:52:13 [29010] Outgoing: </bad-element>
Jun 14 17:52:13 [29010] Outgoing: </error-info>
Jun 14 17:52:13 [29010] Outgoing: <error-message>
Jun 14 17:52:13 [29010] Outgoing: Router id mismatch with source vtep: router-id:0.0.0.0 lo0.0:10.87.140.107
Jun 14 17:52:13 [29010] Outgoing: </error-message>

candidate config on MX:

root@cmbu-tasman# show groups __contrail__ routing-instances __contrail__l2_18da8998-3bbf-47b3-b71b-2e4490e531bc_vn-private
vtep-source-interface lo0.0;
instance-type virtual-switch;
vrf-target target:64513:8000007;
protocols {
    evpn {
        encapsulation vxlan;
        extended-vni-list all;
    }
}
bridge-domains {
    bd-16 {
        vlan-id 16;
        routing-interface irb.16;
        vxlan {
            vni 16;
            ingress-node-replication;
        }
    }
}

[edit]
root@cmbu-tasman# show groups __contrail__ interfaces lo0
unit 0 {
    family inet {
        address 10.87.140.107/32 {
            primary;
            preferred;
        }
    }
}

[edit]
root@cmbu-tasman# show routing-options router-id
inactive: router-id 172.16.184.200;

The issue is applicable only for vtep interface configuration for evpn.

Revision history for this message
Suresh Balineni (sbalineni) wrote :
Revision history for this message
OpenContrail Admin (ci-admin-f) wrote : [Review update] R2.20

Review in progress for https://review.opencontrail.org/11649
Submitter: Suresh Balineni (<email address hidden>)

Revision history for this message
OpenContrail Admin (ci-admin-f) wrote : A change has been merged

Reviewed: https://review.opencontrail.org/11649
Committed: http://github.org/Juniper/contrail-controller/commit/479aad9f2e7e2f755c2c57e0c26ddd981f0e3e0f
Submitter: Zuul
Branch: R2.20

commit 479aad9f2e7e2f755c2c57e0c26ddd981f0e3e0f
Author: sbalineni <email address hidden>
Date: Sun Jun 14 17:26:38 2015 -0700

service interfaces need to be configured correctly

DM should configure left service interface static route on private-network-nat-vrf,
and right-service-interface static route on public-network-vrf.
Currently, DM configures lefa and rightt service-interfaces on nat-vrf.

A firewall filter need to be created and applied to private vrf irb interface for
traffic to go from private vrf to natted-vrf.

for l2evpn, router-id configuration is must. Added.

both l2 & l3 need to have import export targets as policies,
vrf-targets config not required for l2
UT to be done, tracking bug https://bugs.launchpad.net/juniperopenstack/+bug/1465437

Closes-Bug: #1464448
Closes-Bug: #1464456
Closes-Bug: #1464453

Change-Id: I705ef74081ed9342fc881321cfb3f7cd2ac46c0d

Revision history for this message
OpenContrail Admin (ci-admin-f) wrote : [Review update] master

Review in progress for https://review.opencontrail.org/11801
Submitter: Suresh Balineni (<email address hidden>)

Revision history for this message
OpenContrail Admin (ci-admin-f) wrote : A change has been merged

Reviewed: https://review.opencontrail.org/11801
Committed: http://github.org/Juniper/contrail-controller/commit/5ce81ce45797a8eddb33fc37a8259d008a7e7edc
Submitter: Zuul
Branch: master

commit 5ce81ce45797a8eddb33fc37a8259d008a7e7edc
Author: sbalineni <email address hidden>
Date: Thu Jun 18 12:00:47 2015 -0700

DM: porting fixes from R2.20 to master

Closes-Bug: #1464448
Closes-Bug: #1464453
Closes-Bug: #1464456
Closes-Bug: #1465904
Closes-Bug: #1466005

Change-Id: Iad3077505507e798d70258d76b40380527410eeb

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Duplicates of this bug

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.