[action] [PR:17281] Fix can't access IPV6 address via management interface because 'default' route table does not add to route lookup issue. (#17281)#17991
Merged
mssonicbld merged 1 commit intosonic-net:202311from Feb 2, 2024
Conversation
…lt' route table does not add to route lookup issue. (sonic-net#17281) Fix can't access IPV6 address via management interface because 'default' route table does not add to route lookup issue. #### Why I did it When device set with IPV6 TACACS server address, and shutdown all BGP, device can't connect to TACACS server via management interface. After investigation, I found the IPV6 'default' route table does not add to route lookup: admin@vlab-01:~$ ip -6 rule list 1001: from all lookup local 32765: from fec0::ffff:afa:1 lookup default 32766: from all lookup main admin@vlab-01:~$ As compare: admin@vlab-01:~$ ip -4 rule list 1001: from all lookup local 32764: from all to 172.17.0.1/24 lookup default 32765: from 10.250.0.101 lookup default 32766: from all lookup main 32767: from all lookup default <== 'default' route table exist in IPV4 route lookup Issue fix by add 'default' route table to route lookup with following command: admin@vlab-01:~$ sudo ip -6 rule add pref 32767 lookup default admin@vlab-01:~$ ip -6 rule list 1001: from all lookup local 32765: from fec0::ffff:afa:1 lookup default 32766: from all lookup main 32767: from all lookup default <== 'default' route table been added to IPV6 route lookup admin@vlab-01:~$ ##### Work item tracking - Microsoft ADO: 25798732 #### How I did it When management interface using 'default' route table, add 'default' route table to IPV6 route lookup. #### How to verify it Pass all UT. Add new UT to cover this change. Manually verify issue fixed: ### Tested branch (Please provide the tested image version) - [x] master-17281.417570-2133d58fa #### Description for the changelog Fix can't access IPV6 address via management interface because 'default' route table does not add to route lookup issue.
Collaborator
Author
|
Original PR: #17281 |
8 tasks
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Fix can't access IPV6 address via management interface because 'default' route table does not add to route lookup issue.
Why I did it
When device set with IPV6 TACACS server address, and shutdown all BGP, device can't connect to TACACS server via management interface.
After investigation, I found the IPV6 'default' route table does not add to route lookup:
admin@vlab-01:
$ ip -6 rule list$1001: from all lookup local
32765: from fec0::ffff:afa:1 lookup default
32766: from all lookup main
admin@vlab-01:
As compare:
admin@vlab-01:~$ ip -4 rule list
1001: from all lookup local
32764: from all to 172.17.0.1/24 lookup default
32765: from 10.250.0.101 lookup default
32766: from all lookup main
32767: from all lookup default <== 'default' route table exist in IPV4 route lookup
Issue fix by add 'default' route table to route lookup with following command:
admin@vlab-01:
$ sudo ip -6 rule add pref 32767 lookup default$ ip -6 rule listadmin@vlab-01:
1001: from all lookup local
32765: from fec0::ffff:afa:1 lookup default
32766: from all lookup main
32767: from all lookup default <== 'default' route table been added to IPV6 route lookup
admin@vlab-01:~$
Work item tracking
How I did it
When management interface using 'default' route table, add 'default' route table to IPV6 route lookup.
How to verify it
Pass all UT.
Add new UT to cover this change.
Manually verify issue fixed:
Tested branch (Please provide the tested image version)
Description for the changelog
Fix can't access IPV6 address via management interface because 'default' route table does not add to route lookup issue.