Community discussions

MikroTik App
 
twok
just joined
Topic Author
Posts: 6
Joined: Mon Oct 29, 2018 9:18 pm

Mikrotik BGP ROS v7.2.3 to Linux FRR BGP Setup not working, no session, no routes

Tue May 17, 2022 8:26 am

Hi All,

I'm trying to establish a network using a combination of Mikrotik routers, and Linux boxes running FRR. I appreciate this isn't an FRR help channel, but I imagine others might have similar problems. Ill post this on the FRR github repo issues log if I can figure out where exactly the problem is. I think I'm having problems on the Mikrotik side as I can get two FRR instances talking with relative ease.

I'm not a network engineer. Just in case anyone wants to lower the level a little.

The goal is to get BGP routed over a GRE tunnel, but for now, just getting a session up and a route from either side would probably unblock me.

I can telnet both sides, tcp port 179.

Mikrotik BGP Config
[admin@MikroTik] /routing/bgp/connection> /routing bgp connection print
Flags: D - dynamic, X - disabled, I - inactive                       
 0   name="bgp1" 
     remote.address=139.162.246.218/32 .as=65515 .ttl=255 
     local.address=86.23.210.63 .port=179 .ttl=255 .role=ebgp 
     connect=yes listen=yes routing-table=main router-id=139.162.246.218 as=65514 multihop=yes 
     output.network=bgp-networks 

[admin@MikroTik] /routing/bgp/session> /ip firewall address-list print
Columns: LIST, ADDRESS, CREATION-TIME
# LIST          ADDRESS      CREATION-TIME       
0 bgp-networks  10.0.3.0/24  may/17/2022 05:30:14



# Ive removed some routes here for clarity.
[admin@MikroTik] > /ip/route print
Flags: D - DYNAMIC; X, I, A - ACTIVE; c, s, d, y - COPY; + - ECMP
Columns: DST-ADDRESS, GATEWAY, DISTANCE
#      DST-ADDRESS      GATEWAY                     DISTANCE
  DAd  0.0.0.0/0        86.23.208.1                        1
  DAc  10.0.3.0/24      bridge1                            0

[admin@MikroTik] /routing/bgp/session> print
Flags: E - established 
What else do you guys need?

FRR Config
log file /tmp/frr.log debugging
log record-priority
debug bgp neighbor-events

router bgp 65515
  bgp log-neighbor-changes
  no bgp ebgp-requires-policy
  bgp router-id 139.162.246.218
  neighbor upstream peer-group
  neighbor upstream remote-as 65514
  neighbor upstream capability dynamic
  neighbor 86.23.210.63 peer-group upstream
  neighbor 86.23.210.63 description ACME ISP
  address-family ipv4 unicast
    network 10.0.4.0/24
  exit-address-family
!
line vty
!

# ip add output
Tue May 17 05:21:21 AM UTC 2022 root@ns2:~# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether f2:3c:92:cc:94:55 brd ff:ff:ff:ff:ff:ff
    inet 192.168.202.181/17 brd 192.168.255.255 scope global eth0
       valid_lft forever preferred_lft forever
    inet 139.162.246.218/32 brd 139.162.246.218 scope global eth0
       valid_lft forever preferred_lft forever
    inet 10.0.4.1/32 scope global eth0
       valid_lft forever preferred_lft forever

TCPDump on Linuxbox port 179

05:32:42.091774 IP 218-246-162-139.node.flipkick.media.bgp > pres-26-b2-v4wan-161529-cust574.vm29.cable.virginm.net.37633: Flags [S.], seq 975085469, ack 1338676991, win 65160, options [mss 1460,sackOK,TS val 2852836148 ecr 4258547897,nop,wscale 7], length 0
05:32:42.109065 IP pres-26-b2-v4wan-161529-cust574.vm29.cable.virginm.net.37633 > 218-246-162-139.node.flipkick.media.bgp: Flags [R], seq 1338676991, win 0, length 0


05:32:43.977805 IP pres-26-b2-v4wan-161529-cust574.vm29.cable.virginm.net.38779 > 218-246-162-139.node.flipkick.media.bgp: Flags [S], seq 3485297570, win 64240, options [mss 1460,sackOK,TS val 4258565107 ecr 0,nop,wscale 5], length 0
05:32:43.977834 IP 218-246-162-139.node.flipkick.media.bgp > pres-26-b2-v4wan-161529-cust574.vm29.cable.virginm.net.38779: Flags [S.], seq 825730618, ack 3485297571, win 65160, options [mss 1460,sackOK,TS val 2852838034 ecr 4258557907,nop,wscale 7], length 0
05:32:46.785052 IP pres-26-b2-v4wan-161529-cust574.vm29.cable.virginm.net.39517 > 218-246-162-139.node.flipkick.media.bgp: Flags [S], seq 1160985003, win 64240, options [mss 1460,sackOK,TS val 4258567917 ecr 0,nop,wscale 5], length 0
05:32:46.785115 IP 218-246-162-139.node.flipkick.media.bgp > pres-26-b2-v4wan-161529-cust574.vm29.cable.virginm.net.39517: Flags [S.], seq 1860749174, ack 1160985004, win 65160, options [mss 1460,sackOK,TS val 2852840841 ecr 4258567917,nop,wscale 7], length 0
05:32:47.787783 IP 218-246-162-139.node.flipkick.media.bgp > pres-26-b2-v4wan-161529-cust574.vm29.cable.virginm.net.39517: Flags [S.], seq 1860749174, ack 1160985004, win 65160, options [mss 1460,sackOK,TS val 2852841844 ecr 4258567917,nop,wscale 7], length 0
05:32:47.817592 IP pres-26-b2-v4wan-161529-cust574.vm29.cable.virginm.net.39517 > 218-246-162-139.node.flipkick.media.bgp: Flags [S], seq 1160985003, win 64240, options [mss 1460,sackOK,TS val 4258568947 ecr 0,nop,wscale 5], length 0
05:32:47.817618 IP 218-246-162-139.node.flipkick.media.bgp > pres-26-b2-v4wan-161529-cust574.vm29.cable.virginm.net.39517: Flags [S.], seq 1860749174, ack 1160985004, win 65160, options [mss 1460,sackOK,TS val 2852841874 ecr 4258567917,nop,wscale 7], length 0
05:32:47.979801 IP 218-246-162-139.node.flipkick.media.bgp > pres-26-b2-v4wan-161529-cust574.vm29.cable.virginm.net.38779: Flags [S.], seq 825730618, ack 3485297571, win 65160, options [mss 1460,sackOK,TS val 2852842036 ecr 4258557907,nop,wscale 7], length 0
05:32:47.997015 IP pres-26-b2-v4wan-161529-cust574.vm29.cable.virginm.net.38779 > 218-246-162-139.node.flipkick.media.bgp: Flags [R], seq 3485297571, win 0, length 0
05:32:49.835795 IP 218-246-162-139.node.flipkick.media.bgp > pres-26-b2-v4wan-161529-cust574.vm29.cable.virginm.net.39517: Flags [S.], seq 1860749174, ack 1160985004, win 65160, options [mss 1460,sackOK,TS val 2852843892 ecr 4258567917,nop,wscale 7], length 0
05:32:49.895031 IP pres-26-b2-v4wan-161529-cust574.vm29.cable.virginm.net.39517 > 218-246-162-139.node.flipkick.media.bgp: Flags [S], seq 1160985003, win 64240, options [mss 1460,sackOK,TS val 4258571027 ecr 0,nop,wscale 5], length 0
05:32:49.895060 IP 218-246-162-139.node.flipkick.media.bgp > pres-26-b2-v4wan-161529-cust574.vm29.cable.virginm.net.39517: Flags [S.], seq 1860749174, ack 1160985004, win 65160, options [mss 1460,sackOK,TS val 2852843951 ecr 4258567917,nop,wscale 7], length 0
heres some output from thr FRR side showing the Mikrotik neighbor, but not being up :(
ns2.node.flipkick.media# show bgp summary

IPv4 Unicast Summary (VRF default):
BGP router identifier 139.162.246.218, local AS number 65515 vrf-id 0
BGP table version 0
RIB entries 1, using 184 bytes of memory
Peers 1, using 723 KiB of memory
Peer groups 1, using 64 bytes of memory

Neighbor        V         AS   MsgRcvd   MsgSent   TblVer  InQ OutQ  Up/Down State/PfxRcd   PfxSnt Desc
86.23.210.63    4      65514         0         0        0    0    0    never       Active        0 ACME ISP

Total number of neighbors 1

ns2.node.flipkick.media# show ip bgp
BGP table version is 0, local router ID is 139.162.246.218, vrf id 0
Default local pref 100, local AS 65515
Status codes:  s suppressed, d damped, h history, * valid, > best, = multipath,
               i internal, r RIB-failure, S Stale, R Removed
Nexthop codes: @NNN nexthop's vrf id, < announce-nh-self
Origin codes:  i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

   Network          Next Hop            Metric LocPrf Weight Path
   10.0.4.0/24      0.0.0.0                  0         32768 i

Displayed  1 routes and 1 total paths

I'm using real IPs here so fee free to hack away. If you break in, let me know how you did it ;)

Any help on making this work would be very much appreciated. The goal is simply to get the session up and get something from both sides, to each other in a full mesh type arrangement.

Cheers,
Tom
 
User avatar
mrz
MikroTik Support
MikroTik Support
Posts: 6821
Joined: Wed Feb 07, 2007 12:45 pm
Location: Latvia
Contact:

Re: Mikrotik BGP ROS v7.2.3 to Linux FRR BGP Setup not working, no session, no routes

Tue May 17, 2022 9:49 am

Most likely you need to set update-source in FRRs BGP config
 
twok
just joined
Topic Author
Posts: 6
Joined: Mon Oct 29, 2018 9:18 pm

Re: Mikrotik BGP ROS v7.2.3 to Linux FRR BGP Setup not working, no session, no routes

Tue May 17, 2022 10:04 am


Most likely you need to set update-source in FRRs BGP config
config now looks like this and Im still unable to get the session up.
router bgp 65515
  bgp log-neighbor-changes
  no bgp ebgp-requires-policy
  bgp router-id 139.162.246.218
  neighbor 86.23.210.63 update-source 139.162.246.218
  neighbor 86.23.210.63 remote-as 65514
  neighbor 86.23.210.63 capability dynamic
  neighbor 86.23.210.63 description ACME ISP
  address-family ipv4 unicast
    redistribute connected
    redistribute static
    redistribute kernel
    redistribute table
    network 10.0.4.0/24
  exit-address-family
!
line vty
!

Who is online

Users browsing this forum: Ahrefs [Bot] and 7 guests