Text only | Text with Images

OPNsense Forum

Archive => 23.1 Legacy Series => Topic started by: michmoor on June 24, 2023, 10:25:12 PM

Title: FRR - Severity Error
Post by: michmoor on June 24, 2023, 10:25:12 PM
I have an existing Github ticket tracking this but i wanted to bring it to the forum as it may be a more appropriate place to troubleshoot

Background: Moving from a pfsense to an opnsense deployment. Currently in POC stage. Routing is done over an IPsec VTY with eBGP.  Routing neighborships do come up and i am able to route across.

Problem: I am not getting any protocol adjacency messages in the log. So for example if a neighbor bonces i should get the following message in the logs

bgpd[73781]: %ADJCHANGE: neighbor 10.6.106.2(790-OPNsensePOC.xxyy) in vrf default Down Peer closed the session

This is useful for me as this is how i build my alerting system off of syslog.

I even switched to OSPF just to see if maybe there was something wrong in my bgp config but even there all ospfd messages are with severity Error.

Not only do those messages not appear I noticed today that all bgpd/ospfd messages are set at severity level Error. Just really strange stuff. All notifications related to routing are at the default and this isnt a logging issue per se. 
This was never seen in pfSense. Comparing of .conf files between both OSs show they are the same.


Dont mind sharing the config here.

Building configuration...

Current configuration:
!
frr version 7.5.1
frr defaults traditional
hostname OPNsense
log syslog notifications
!
router bgp 65001
bgp router-id 192.168.50.254
no bgp ebgp-requires-policy
no bgp default ipv4-unicast
bgp graceful-restart
no bgp network import-check
neighbor 172.28.0.5 remote-as 65002
!
address-family ipv4 unicast
  redistribute connected
  neighbor 172.28.0.5 activate
exit-address-family
!
address-family ipv6 unicast
  redistribute connected
exit-address-family
!
line vty
!
end
Title: Re: FRR - Severity Error
Post by: throwaway26a on June 30, 2023, 02:04:39 AM
Are you running BFD with the BGP neighbor? And I'm assuming you're giving enough time for the BGP hold timer to expire, unless you've manually set it low.?
Title: Re: FRR - Severity Error
Post by: michmoor on June 30, 2023, 04:32:47 AM
Hey
So I ended up finding the issue. On pfsense there is a checkbox to configure logging for each routing protocol (log neighbor changes).
That is missing with the opnsense plugin - that checkbox.
The workaround is to go into the vtysh cli and configure it there but of course any reload of the plug-in wipes it out.
Long term solution is to update the plugin.
I've opened a GitHub request but it has stalled.
Title: Re: FRR - Severity Error
Post by: franco on June 30, 2023, 08:16:27 AM
> I've opened a GitHub request but it has stalled.

I think most people are either about to enter a summer vacation or are already gone so I wouldn't call this stalling. ;)


Cheers,
Franco
Title: Re: FRR - Severity Error
Post by: michmoor on June 30, 2023, 03:17:40 PM
Thats fair. It is summer holiday. Enjoy.
Talk to you later !
Text only | Text with Images