From owner-freebsd-net@freebsd.org Mon Jul 30 14:07:15 2018 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 062321057870 for ; Mon, 30 Jul 2018 14:07:15 +0000 (UTC) (envelope-from tobias.urdin@binero.se) Received: from smtp-01.ognet.se (smtp-01.ognet.se [83.168.200.41]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 83212730E0 for ; Mon, 30 Jul 2018 14:07:14 +0000 (UTC) (envelope-from tobias.urdin@binero.se) Received: from [172.16.80.35] (unknown [172.16.80.35]) by smtp-01.ognet.se (Halon) with ESMTPSA id b103edf2-9401-11e8-9374-0050568164d6; Mon, 30 Jul 2018 16:06:02 +0200 (CEST) To: freebsd-net@freebsd.org From: Tobias Urdin Subject: ospf redistribute into openbgpd overwrites directly connected routes Message-ID: <9507d752-6815-92fe-924b-55459710bb9d@binero.se> Date: Mon, 30 Jul 2018 16:06:02 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.8.0 MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 8bit Content-Language: en-US X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 30 Jul 2018 14:07:15 -0000 Hello, I have a setup where we connect a OSPF area with a edge router, this edge router then has a BGP peer to my router where it redistributes all OSPF routes into the BGP feed to my router. My router is running FreeBSD 11.1 with openbgpd root@myrouter:~ # uname -a FreeBSD dr20-1-sto1 11.1-RELEASE FreeBSD 11.1-RELEASE #0 r321309: Fri Jul 21 02:08:28 UTC 2017 root@releng2.nyi.freebsd.org:/usr/obj/usr/src/sys/GENERIC  amd64 root@myrouter:~ # pkg info openbgpd openbgpd-5.2.20121209_2 Name           : openbgpd Version        : 5.2.20121209_2 The thing here is that my router has layer 2 access directly to one of the networks that the edge router BGP announces to my router (172.20.104.0/22). When my FreeBSD machine boots it will install a directly connected route for 172.20.104.0/22 in my routing table but as soon as openbgpd starts it will install a 172.20.104.0/22 route with the nexthop of the edge router instead. How can I prevent openbgpd from overwriting the directly connected route? Directly connected networks should never be overwritten by a routing protocol but I suspect this is because of the redistribute. I've tried messing with metrics, but maybe I to create a rtable and mess around with that? Output of some info is below. Best regards Tobias root@myrouter:~ # bgpctl show fib connected | grep 104 *C      48 172.20.104.0/22      link#10 root@myrouter:~ # route get 172.20.104.100    route to: 172.20.104.100 destination: 172.20.104.0        mask: 255.255.252.0     gateway: edgerouter         fib: 0   interface: vlan10       flags:  recvpipe  sendpipe  ssthresh  rtt,msec    mtu        weight expire        0         0         0         0      1500         1         0 root@myrouter:~ # ifconfig vlan10 vlan10: flags=8943 metric 0 mtu 1500 options=600703         ether x         inet 172.20.107.253 netmask 0xfffffc00 broadcast 172.20.107.255         inet 172.20.107.254 netmask 0xfffffc00 broadcast 172.20.107.255 vhid 2         nd6 options=29         media: Ethernet autoselect (10Gbase-Twinax )         status: active         vlan: 10 vlanpcp: 0 parent interface: ix1         carp: MASTER vhid 2 advbase 1 advskew 10         groups: vlan root@myrouter:~ # cat /etc/rc.conf ...snip.. ifconfig_vlan10="inet 172.20.107.253 netmask 255.255.252.0 vlan 10 vlandev ix1" ifconfig_vlan10_alias0="inet vhid 2 advskew 100 pass test123 alias 172.20.107.254/22" root@myrouter:~ # cat /usr/local/etc/bgpd.conf ...snip... group "peering ASxxxx" {   remote-as xxxx   softreconfig in yes   neighbor edgerouter {     announce self     descr "AS xxxx edgerouter"     local-address xxxx     depend on   } } ...snip...