Page MenuHomePhabricator
Create Task
Maniphest T236785

Configure conditional advertising in eqdfw and knams
Closed, ResolvedPublic
Actions

Description

Similar to what has been done for eqord in T167841#5414996
Even if eqdfw and knams have more redundancy to their neighbor caching POP. Advertising the site's prefixes only if the router receives a proper contributing route would prevent an outage in case the network POP becomes an island.

We should also investigate why cr2-knams has set routing-options aggregate route 91.198.174.224/28.

Similarly 91.198.174.192/27 is probably not needed on cr2-knams as it doesn't talk directly to LVS

Related Objects

Event Timeline

ayounsi triaged this task as Medium priority.Oct 29 2019, 12:44 PM
ayounsi created this task.
Restricted Application added a project: SRE. · View Herald TranscriptOct 29 2019, 12:44 PM
Restricted Application added a subscriber: Aklapper. · View Herald Transcript
ayounsi updated the task description. (Show Details)Oct 29 2019, 12:44 PM
ayounsi renamed this task from Configure conditional advertizing to eqdfw and knams to Configure conditional advertizing in eqdfw and knams.Oct 29 2019, 12:47 PM
ayounsi renamed this task from Configure conditional advertizing in eqdfw and knams to Configure conditional advertising in eqdfw and knams.Oct 31 2019, 10:48 PM
ayounsi added a comment.EditedMar 25 2020, 9:55 AM
cr2-eqdfw
[edit routing-options rib inet6.0 aggregate route 2620:0:860::/46]
-     policy BGP_aggregate_contributors_eqiad;
+     policy BGP_from_LVS;
[edit routing-options rib inet6.0 aggregate route 2620:0:860::/48]
-     policy BGP_aggregate_contributors_codfw;
+     policy BGP_from_LVS;
[edit routing-options aggregate route 208.80.152.0/22]
-    policy BGP_aggregate_contributors_eqiad;
+    policy BGP_from_LVS;
[edit routing-options aggregate route 208.80.152.0/23]
-    policy BGP_aggregate_contributors_codfw;
+    policy BGP_from_LVS;

Note that the /22 and /46 even if present in the aggregates are not advertised to the world (not in the bgp-out4/6 prefix-list).

  • Push v6
  • check that the prefix is still being advertised
  • Push v4
  • check that the prefix is still being advertised
Stashbot added a comment.Mar 25 2020, 9:56 AM

Mentioned in SAL (#wikimedia-operations) [2020-03-25T09:56:35Z] <XioNoX> change aggregate policy for 2620:0:860::/46 on cr2-eqdfw - T236785

Stashbot added a comment.Mar 25 2020, 10:19 AM

Mentioned in SAL (#wikimedia-operations) [2020-03-25T10:19:46Z] <XioNoX> change aggregate policy for v4 prefixes on cr2-eqdfw - T236785

ayounsi added a comment.Mar 25 2020, 10:36 AM
cr3-knams
[edit routing-options rib inet6.0 aggregate route 2620:0:862::/48]
-     policy BGP_aggregate_contributors;
+     policy BGP_from_LVS;
[edit routing-options aggregate route 91.198.174.0/24]
-    policy BGP_aggregate_contributors;
+    policy BGP_from_LVS;

Note that the other advertised aggregates (2a02:ec80::/32 and 185.15.56.0/22) keep BGP_aggregate_contributors as they don't have any LVS contributing prefix.

  • Push v6
  • check that the prefix is still being advertised
  • Push v4
  • check that the prefix is still being advertised
Stashbot added a comment.Mar 25 2020, 10:37 AM

Mentioned in SAL (#wikimedia-operations) [2020-03-25T10:37:52Z] <XioNoX> change aggregate policy for 2620:0:862::/48 on cr3-knams - T236785

ayounsi added a comment.Mar 25 2020, 12:17 PM

Previous change rolled back as:
* 2620:0:862::/48 Self I
was not being advertised to the world anymore

While there are contributing LVS routes:

2620:0:862:ed1a::1/128
                   *[BGP/170] 2w5d 10:23:40, MED 0, localpref 100, from 91.198.174.244
                      AS path: 64600 I, validation-state: unverified

Which also match the as-path regex:

cr3-knams# run show route aspath-regex "^(65002|65001)? 64600.*" | match 2620:0:862:ed1a::1 
2620:0:862:ed1a::1/128
Stashbot added a comment.Mar 26 2020, 8:27 AM

Mentioned in SAL (#wikimedia-operations) [2020-03-26T08:27:41Z] <XioNoX> troubleshot v6 conditional advertisement from cr3-knams - T236785

ayounsi added a comment.Mar 26 2020, 8:58 AM

Mystery solved.
The reason for the route to not be accepted was:

Inactive reason: Unusable path

This was due to:
rib inet6.0 aggregate route 2620:0:862:ed1a::/64

Causing the contributing BGP routes to be "caught" in the above aggregate.
In consequences, 2620:0:862::/48 was only "seeing" 2620:0:862:ed1a::/64 which didn't match the policy rule.

Similarly, as mentioned in the description the following need to be removed for the v4 equivalent:

[edit routing-options aggregate]
-    route 91.198.174.224/28;
-    route 91.198.174.192/27;

As they are not in use.

Stashbot added a comment.Mar 26 2020, 9:00 AM

Mentioned in SAL (#wikimedia-operations) [2020-03-26T09:00:52Z] <XioNoX> push v4 conditional advertising on cr3-knams - T236785

ayounsi closed this task as Resolved.Mar 26 2020, 9:09 AM

All done!

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits