public inbox for pve-devel@lists.proxmox.com
 help / color / mirror / Atom feed
From: Stefan Hanreich <s.hanreich@proxmox.com>
To: pve-devel@lists.proxmox.com
Subject: [pve-devel] [PATCH frr 1/2] d/patches: add backport for bfd session down fix
Date: Fri, 18 Apr 2025 13:21:13 +0200	[thread overview]
Message-ID: <20250418112114.2747673-1-s.hanreich@proxmox.com> (raw)

This is a backport of the FRR PR #18562 [1], that has been submitted
upstream as well [2].

With already established BGP/BFD sessions via underlay networks that
use a different routing protocol than BGP, rebooting a node could
cause the BFD session to enter the ADMIN_DOWN state without ever
recovering from it. This could be alleviated by manually resetting the
BFD session. The commit was identified by bisecting and manually
backported, since the upstream commit was on top of a refactored
bgpd.c file, so it didn't apply cleanly anymore.

The jump to version 10.2.2-1+pve1 fixed this issue for BGP underlay
networks, but the issue could still crop up with OpenFabric / OSPF /
IS-IS underlay networks.

[1] https://github.com/FRRouting/frr/pull/18562
[2] https://github.com/FRRouting/frr/pull/18682

Signed-off-by: Stefan Hanreich <s.hanreich@proxmox.com>
---
 ...eer-as-not-active-due-to-BFD-down-on.patch | 33 +++++++++++++++++++
 debian/patches/series                         |  1 +
 2 files changed, 34 insertions(+)
 create mode 100644 debian/patches/pve/0007-bgpd-Treat-the-peer-as-not-active-due-to-BFD-down-on.patch

diff --git a/debian/patches/pve/0007-bgpd-Treat-the-peer-as-not-active-due-to-BFD-down-on.patch b/debian/patches/pve/0007-bgpd-Treat-the-peer-as-not-active-due-to-BFD-down-on.patch
new file mode 100644
index 0000000..6d2c379
--- /dev/null
+++ b/debian/patches/pve/0007-bgpd-Treat-the-peer-as-not-active-due-to-BFD-down-on.patch
@@ -0,0 +1,33 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Stefan Hanreich <s.hanreich@proxmox.com>
+Date: Fri, 18 Apr 2025 10:36:19 +0200
+Subject: [PATCH] bgpd: Treat the peer as not active due to BFD down only if
+ established (backport #18562)
+
+If we have `neighbor X bfd` and BFD status is DOWN and/or ADMIN_DOWN, and BGP
+session is not yet established, we never allow the session to establish.
+
+Let's fix this regression that was in 10.2.
+
+Fixes: 1fb48f5 ("bgpd: Do not start BGP session if BFD profile is in shutdown state")
+Signed-off-by: Stefan Hanreich <s.hanreich@proxmox.com>
+---
+ bgpd/bgpd.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/bgpd/bgpd.c b/bgpd/bgpd.c
+index 0601400afd..f6b8abd9cc 100644
+--- a/bgpd/bgpd.c
++++ b/bgpd/bgpd.c
+@@ -4648,7 +4648,7 @@ bool peer_active(struct peer *peer)
+ 		return false;
+ 
+ 	if (peer->bfd_config) {
+-		if (bfd_session_is_down(peer->bfd_config->session))
++		if (peer_established(peer->connection) && bfd_session_is_down(peer->bfd_config->session))
+ 			return false;
+ 	}
+ 
+-- 
+2.39.5
+
diff --git a/debian/patches/series b/debian/patches/series
index c59ef31..e795d6c 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -4,3 +4,4 @@ pve/0003-tests-add-bgp-evpn-autort-test.patch
 pve/0004-zebra-add-ZEBRA_IF_DUMMY-flag-for-dummy-interfaces.patch
 pve/0005-fabricd-add-option-to-treat-dummy-interfaces-as-loop.patch
 pve/0006-fabricd-enable-dummy_as_loopback-option-per-default.patch
+pve/0007-bgpd-Treat-the-peer-as-not-active-due-to-BFD-down-on.patch
-- 
2.39.5


_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel


             reply	other threads:[~2025-04-18 11:21 UTC|newest]

Thread overview: 3+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2025-04-18 11:21 Stefan Hanreich [this message]
2025-04-18 11:21 ` [pve-devel] [PATCH frr 2/2] bump version to 10.2.2-1+pve2 Stefan Hanreich
2025-04-22  9:39 ` [pve-devel] [PATCH frr 1/2] d/patches: add backport for bfd session down fix Stefan Hanreich

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20250418112114.2747673-1-s.hanreich@proxmox.com \
    --to=s.hanreich@proxmox.com \
    --cc=pve-devel@lists.proxmox.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox
Service provided by Proxmox Server Solutions GmbH | Privacy | Legal