Skip to content

CiliumBGPNodeConfigOverride has no effect #35066

New issue
New issue
Closed
Bug
#35552
Closed
CiliumBGPNodeConfigOverride has no effect#35066
Bug
#35552
Assignees
harsimran-pabla
Labels
area/bgpImpacts the Border Gateway Protocol feature.info-completedThe GH issue has received a reply from the authorkind/bugThis is a bug in the Cilium logic.kind/community-reportThis was reported by a user in the Cilium community, eg via Slack.
@starcraft66

Description

@starcraft66
starcraft66
opened on Sep 27, 2024

Is there an existing issue for this?

  • I have searched the existing issues

Version

equal or higher than v1.16.0 and lower than v1.17.0

What happened?

I created a CiliumBGPNodeConfigOverride to override the BGP source address of a node in order to prefer a static IPv6 address instead of the one assigned via SLAAC.

I created the following resources:

---
apiVersion: cilium.io/v2alpha1
kind: CiliumBGPClusterConfig
metadata:
  name: bgp-spike
spec:
  bgpInstances:
  - name: spike
    localASN: 64513
    peers:
    - name: 305-1700-gw-v4
      peerASN: 64512
      peerAddress: 172.17.51.1
      peerConfigRef:
        name: cilium-peer
    - name: 305-1700-gw-v6
      peerASN: 64512
      peerAddress: 2a10:4741:37:51::1
      peerConfigRef:
        name: cilium-peer
---
# The name of CiliumBGPNodeConfigOverride resource must match the name of the node for which the configuration is intended.
# Similarly, the names of the BGP instance and peers must match with what is defined under CiliumBGPClusterConfig.
apiVersion: cilium.io/v2alpha1
kind: CiliumBGPNodeConfigOverride
metadata:
  name: spike
spec:
  bgpInstances:
  - name: spike
    peers:
    - name: 305-1700-gw-v4
      localAddress: 172.17.51.16
    - name: 305-1700-gw-v6
      localAddress: 2a10:4741:37:51::16
---
apiVersion: cilium.io/v2alpha1
kind: CiliumBGPPeerConfig
metadata:
  name: cilium-peer
spec:  
  gracefulRestart:
    enabled: true
    restartTimeSeconds: 15

My node is named spike:

❯ kgno             
NAME    STATUS   ROLES    AGE   VERSION
spike   Ready    <none>   9h    v1.31.0

Despite this, I get messages on my router that the session can't be established because it's expecting the static ip and getting bgp connections from the slaac ip.

How can we reproduce the issue?

Install cilium and apply the manifests above, run cilium bgp peers to validate the establishment of sessions. Check router logs if there's an error.

Cilium Version

Client: 1.17.0-pre.0 d41440c 2024-09-04T23:25:39+00:00 go version go1.23.0 linux/amd64
Daemon: 1.17.0-pre.0 d41440c 2024-09-04T23:25:39+00:00 go version go1.23.0 linux/amd64

Kernel Version

Linux spike 6.6.52 #1-NixOS SMP PREEMPT_DYNAMIC Wed Sep 18 17:24:10 UTC 2024 x86_64 GNU/Linux

Kubernetes Version

Client Version: v1.31.0
Kustomize Version: v5.4.2
Server Version: v1.31.0

Regression

No response

Sysdump

No response

Relevant log output

No response

Anything else?

No response

Cilium Users Document

  • Are you a user of Cilium? Please add yourself to the Users doc

Code of Conduct

  • I agree to follow this project's Code of Conduct

Metadata

Metadata

Assignees

Labels

area/bgpImpacts the Border Gateway Protocol feature.info-completedThe GH issue has received a reply from the authorkind/bugThis is a bug in the Cilium logic.kind/community-reportThis was reported by a user in the Cilium community, eg via Slack.

Type

Bug

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions