Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

wlb: T4470: Migrate WAN Load Balancer to XML/Python #4108

Open
wants to merge 2 commits into
base: current
Choose a base branch
from

Conversation

sarthurdev
Copy link
Member

@sarthurdev sarthurdev commented Sep 29, 2024

Change Summary

This PR migrates the last remaining Vyatta perl module to XML/Python standard.

Types of changes

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Code style update (formatting, renaming)
  • Refactoring (no functional changes)
  • Migration from an old Vyatta component to vyos-1x, please link to related PR inside obsoleted component
  • Other (please describe):

Related Task(s)

Related PR(s)

Component(s) name

wanloadbalance

Proposed changes

  • Migrate perl scripts/daemon to Python
  • Migrate op-mode from vyatta-wanloadbalance package

How to test

Smoketest result

DEBUG - Running Testcase: /usr/libexec/vyos/tests/smoke/cli/test_load-balancing_wan.py
DEBUG - test_check_chains (__main__.TestLoadBalancingWan.test_check_chains) ... ok
DEBUG - test_table_routes (__main__.TestLoadBalancingWan.test_table_routes) ... ok
DEBUG - 
DEBUG - ----------------------------------------------------------------------
DEBUG - Ran 2 tests in 16.750s
DEBUG - 
DEBUG - OK

Checklist:

  • I have read the CONTRIBUTING document
  • I have linked this PR to one or more Phabricator Task(s)
  • I have run the components SMOKETESTS if applicable
  • My commit headlines contain a valid Task id
  • My change requires a change to the documentation
  • I have updated the documentation accordingly

Copy link

github-actions bot commented Sep 29, 2024

👍
No issues in PR Title / Commit Title

Copy link

github-actions bot commented Sep 29, 2024

✅ No issues found in unused-imports check.. Please refer the workflow run

@sarthurdev sarthurdev force-pushed the wlb_python branch 3 times, most recently from b43023b to a139da3 Compare October 8, 2024 08:05
@sarthurdev sarthurdev force-pushed the wlb_python branch 4 times, most recently from f201240 to bc76249 Compare October 8, 2024 21:36
@sarthurdev sarthurdev marked this pull request as ready for review October 9, 2024 08:32
@sarthurdev sarthurdev requested a review from a team as a code owner October 9, 2024 08:32
Copy link

This pull request has conflicts, please resolve those before we can evaluate the pull request.

Copy link

Conflicts have been resolved. A maintainer will review the pull request shortly.

@sever-sever
Copy link
Member

sever-sever commented Nov 5, 2024

  1. ip rules not deleted (after deleting wlb config)
  2. Delete stick-conections fails
set load-balancing wan interface-health eth0 nexthop '10.0.1.1'
set load-balancing wan interface-health eth1 nexthop '10.0.2.1'
set load-balancing wan sticky-connections
commit


vyos@router# delete load-balancing wan sticky-connections 
[edit]
vyos@router# commit
[ load-balancing wan ]
Traceback (most recent call last):
  File "/usr/libexec/vyos/services/vyos-configd", line 136, in run_script
    script.apply(c)
  File "/usr/libexec/vyos//conf_mode/load-balancing_wan.py", line 104, in apply
    cmd(f'systemctl restart {service}')
  File "/usr/lib/python3/dist-packages/vyos/utils/process.py", line 155, in cmd
    raise OSError(code, feedback)
PermissionError: [Errno 1] failed to run command: systemctl restart vyos-wan-load-balance.service
returned: 
exit code: 1

[[load-balancing wan]] failed
Commit failed
[edit]
vyos@router# 

  1. Reverse protocol match does not work:
set load-balancing wan interface-health eth0 nexthop '10.0.1.1'
set load-balancing wan interface-health eth1 nexthop '10.0.2.1'
set load-balancing wan rule 20 inbound-interface 'eth2'
set load-balancing wan rule 20 interface eth1
set load-balancing wan rule 20 protocol 'tcp'
set load-balancing wan sticky-connections inbound
commit
set load-balancing wan rule 20 protocol !tcp 
commit

rules:

        chain wlb_mangle_prerouting {
                type filter hook prerouting priority mangle; policy accept;
                iifname "eth0" ct state new ct mark set 0x000000c9
                iifname "eth1" ct state new ct mark set 0x000000ca
                iifname "eth2" meta l4proto tcp ct state new limit rate 5/second burst 5 packets counter packets 0 bytes 0 jump wlb_mangle_isp_eth1
                iifname "eth2" meta l4proto tcp counter packets 0 bytes 0 meta mark set ct mark
        }

  1. Delete load-balancing does not flush nft rules
vyos@router:~$ show conf com | match load
set load-balancing wan enable-local-traffic
set load-balancing wan interface-health eth0 nexthop '10.0.1.1'
set load-balancing wan interface-health eth1 nexthop '10.0.2.1'
set load-balancing wan rule 20 inbound-interface 'eth2'
set load-balancing wan rule 20 interface eth1
set load-balancing wan rule 20 protocol '47'
set load-balancing wan sticky-connections inbound
vyos@router:~$ conf
d[edit]
vyos@router# delete load-balancing 
[edit]
vyos@router# commit
[edit]
vyos@router# 

check:

vyos@router:~$ sudo nft list table vyos_wanloadbalance
table ip vyos_wanloadbalance {
	chain wlb_nat_postrouting {
		type nat hook postrouting priority srcnat - 1; policy accept;
		ct mark 0x000000c9 counter packets 0 bytes 0 snat to 10.0.1.2
		ct mark 0x000000ca counter packets 1 bytes 328 snat to 10.0.2.2
	}

	chain wlb_mangle_prerouting {
		type filter hook prerouting priority mangle; policy accept;
		iifname "eth0" ct state new ct mark set 0x000000c9
		iifname "eth1" ct state new ct mark set 0x000000ca
		iifname "eth2" meta l4proto gre ct state new limit rate 5/second burst 5 packets counter packets 0 bytes 0 jump wlb_mangle_isp_eth1
		iifname "eth2" meta l4proto gre counter packets 0 bytes 0 meta mark set ct mark
	}

	chain wlb_mangle_output {
		type filter hook output priority mangle; policy accept;
		meta mark != 0x00000000 counter packets 0 bytes 0 accept
		meta l4proto icmp counter packets 6096 bytes 552936 accept
		ip saddr 127.0.0.0/8 ip daddr 127.0.0.0/8 counter packets 0 bytes 0 accept
		oifname != "eth2" meta l4proto gre ct state new limit rate 5/second burst 5 packets counter packets 0 bytes 0 jump wlb_mangle_isp_eth1
		oifname != "eth2" meta l4proto gre counter packets 0 bytes 0 meta mark set ct mark
	}

	chain wlb_mangle_isp_eth0 {
		meta mark set 0x000000c9 ct mark set 0x000000c9 counter packets 0 bytes 0 accept
	}

	chain wlb_mangle_isp_eth1 {
		meta mark set 0x000000ca ct mark set 0x000000ca counter packets 0 bytes 0 accept
	}
}
vyos@router:~$ 
  1. Delete load-balancing does not flush routes
vyos@router# delete load-balancing 
[edit]
vyos@router# commit
[edit]
vyos@router# 
[edit]
vyos@router# 
[edit]
vyos@router# run show ip route table all
Codes: K - kernel route, C - connected, S - static, R - RIP,
       O - OSPF, I - IS-IS, B - BGP, E - EIGRP, N - NHRP,
       T - Table, v - VNC, V - VNC-Direct, A - Babel, F - PBR,
       f - OpenFabric,
       > - selected route, * - FIB route, q - queued, r - rejected, b - backup
       t - trapped, o - offload failure

VRF default table 201:
K>* 0.0.0.0/0 [0/0] via 10.0.1.1, eth0, 02:32:50

VRF default table 202:
K>* 0.0.0.0/0 [0/0] via 10.0.2.1, eth1, 02:32:50

  1. Next-hop DHCP does not add routes in the tables
set interfaces ethernet eth0 address 'dhcp'
set interfaces ethernet eth1 address 'dhcp'
set load-balancing wan interface-health eth0 nexthop 'dhcp'
set load-balancing wan interface-health eth1 nexthop 'dhcp'
set load-balancing wan rule 20 inbound-interface 'eth2'
set load-balancing wan rule 20 interface eth1
set load-balancing wan rule 20 protocol 'tcp'
set load-balancing wan sticky-connections inbound

Check:

vyos@router# run show ip route table all
Codes: K - kernel route, C - connected, S - static, R - RIP,
       O - OSPF, I - IS-IS, B - BGP, E - EIGRP, N - NHRP,
       T - Table, v - VNC, V - VNC-Direct, A - Babel, F - PBR,
       f - OpenFabric,
       > - selected route, * - FIB route, q - queued, r - rejected, b - backup
       t - trapped, o - offload failure

VRF default table 254:
S>* 0.0.0.0/0 [210/0] via 10.0.1.1, eth0, weight 1, 00:03:15
  *                   via 10.0.2.1, eth1, weight 1, 00:03:15
C>* 10.0.1.0/24 is directly connected, eth0, 00:03:15
C>* 10.0.2.0/24 is directly connected, eth1, 00:03:15
C>* 100.64.0.0/24 is directly connected, eth2, 00:07:34
C>* 192.168.122.0/24 is directly connected, eth4, 00:07:35
[edit]
vyos@router# 
[edit]
vyos@router# run show ip route table 201
[edit]
vyos@router# run show ip route table 202
[edit]
vyos@router# sudo ip route show table 201
Error: ipv4: FIB table does not exist.
Dump terminated
[edit]
vyos@router# sudo ip route show table 202
Error: ipv4: FIB table does not exist.
Dump terminated
[edit]
vyos@router# 

python/vyos/wanloadbalance.py Outdated Show resolved Hide resolved
@sarthurdev sarthurdev force-pushed the wlb_python branch 3 times, most recently from 43a0b4a to f62d3e6 Compare November 15, 2024 20:55
@sarthurdev
Copy link
Member Author

sarthurdev commented Nov 15, 2024

Thanks @sever-sever

1. ip rules not deleted (after deleting wlb config) 

Fixed

2. Delete stick-conections fails

Fixed

3. Reverse protocol match does not work:

Fixed

4. Delete load-balancing does not flush nft rules

Fixed

5. Delete load-balancing does not flush routes

Fixed

6. Next-hop DHCP does not add routes in the tables

Fixed

Copy link

This pull request has conflicts, please resolve those before we can evaluate the pull request.

Copy link

Conflicts have been resolved. A maintainer will review the pull request shortly.

@c-po c-po requested a review from sever-sever December 13, 2024 18:25
@sever-sever
Copy link
Member

sever-sever commented Dec 25, 2024

  1. Cannot start with this configuration (eth1 is not WAN). Probably additional check is required
set load-balancing wan interface-health eth0 nexthop '10.0.1.1'
set load-balancing wan rule 20 inbound-interface 'eth2'
set load-balancing wan rule 20 interface eth1
set load-balancing wan rule 20 protocol 'all'
set load-balancing wan sticky-connections inbound

Log:

Dec 25 11:04:20 router python3[4531]:                                                                                                                    ~~~~~~~~~~~~^^^^^^^^
Dec 25 11:04:20 router python3[4531]: KeyError: 'eth1'
Dec 25 11:04:20 router systemd[1]: vyos-wan-load-balance.service: Main process exited, code=exited, status=1/FAILURE
Dec 25 11:04:20 router systemd[1]: vyos-wan-load-balance.service: Failed with result 'exit-code'.
Dec 25 11:04:20 router systemd[1]: vyos-wan-load-balance.service: Scheduled restart job, restart counter is at 4.
Dec 25 11:04:20 router systemd[1]: Stopped vyos-wan-load-balance.service - VyOS WAN Load Balancer.
Dec 25 11:04:20 router systemd[1]: Started vyos-wan-load-balance.service - VyOS WAN Load Balancer.
Dec 25 11:04:20 router python3[4537]: Traceback (most recent call last):
Dec 25 11:04:20 router python3[4537]:   File "/usr/libexec/vyos/vyos-load-balancer.py", line 194, in <module>
Dec 25 11:04:20 router python3[4537]:     nftables_update(lb)
Dec 25 11:04:20 router python3[4537]:   File "/usr/libexec/vyos/vyos-load-balancer.py", line 125, in nftables_update
Dec 25 11:04:20 router python3[4537]:     render(nftables_wlb_conf, 'load-balancing/nftables-wlb.j2', lb)
Dec 25 11:04:20 router python3[4537]:   File "/usr/lib/python3/dist-packages/vyos/template.py", line 152, in render
Dec 25 11:04:20 router python3[4537]:     rendered = render_to_string(template, content, formater, location)
Dec 25 11:04:20 router python3[4537]:                ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Dec 25 11:04:20 router python3[4537]:   File "/usr/lib/python3/dist-packages/vyos/template.py", line 121, in render_to_string
Dec 25 11:04:20 router python3[4537]:     rendered = template.render(content)
Dec 25 11:04:20 router python3[4537]:                ^^^^^^^^^^^^^^^^^^^^^^^^
Dec 25 11:04:20 router python3[4537]:   File "/usr/lib/python3/dist-packages/jinja2/environment.py", line 1301, in render
Dec 25 11:04:20 router python3[4537]:     self.environment.handle_exception()
Dec 25 11:04:20 router python3[4537]:   File "/usr/lib/python3/dist-packages/jinja2/environment.py", line 936, in handle_exception
Dec 25 11:04:20 router python3[4537]:     raise rewrite_traceback_stack(source=source)
Dec 25 11:04:20 router python3[4537]:   File "/usr/share/vyos/templates/load-balancing/nftables-wlb.j2", line 31, in top-level template code
Dec 25 11:04:20 router python3[4537]:     {{ rule_conf | wlb_nft_rule(rule_id, limit=limit, weight=True, health_state=health_state) }}
Dec 25 11:04:20 router python3[4537]: ^^^^^^^^^^^^^^^^^^^^^
Dec 25 11:04:20 router python3[4537]:   File "/usr/lib/python3/dist-packages/vyos/template.py", line 785, in wlb_nft_rule
Dec 25 11:04:20 router python3[4537]:     return wlb_nft_rule(rule_conf, rule_id, local, exclude, limit, weight, health_state, action, restore_mark)
Dec 25 11:04:20 router python3[4537]:            ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Dec 25 11:04:20 router python3[4537]:   File "/usr/lib/python3/dist-packages/vyos/wanloadbalance.py", line 83, in nft_rule
Dec 25 11:04:20 router python3[4537]:     weights, total_weight = wlb_weight_interfaces(rule_conf, health_state)
Dec 25 11:04:20 router python3[4537]:                             ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Dec 25 11:04:20 router python3[4537]:   File "/usr/lib/python3/dist-packages/vyos/wanloadbalance.py", line 98, in wlb_weight_interfaces
Dec 25 11:04:20 router python3[4537]:     interfaces = [(ifname, int(if_conf.get('weight', 1))) for ifname, if_conf in rule_conf['interface'].items() if health_state[ifname]['state']]
Dec 25 11:04:20 router python3[4537]:                  ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Dec 25 11:04:20 router python3[4537]:   File "/usr/lib/python3/dist-packages/vyos/wanloadbalance.py", line 98, in <listcomp>
Dec 25 11:04:20 router python3[4537]:     interfaces = [(ifname, int(if_conf.get('weight', 1))) for ifname, if_conf in rule_conf['interface'].items() if health_state[ifname]['state']]
Dec 25 11:04:20 router python3[4537]:                                                                                                                    ~~~~~~~~~~~~^^^^^^^^
Dec 25 11:04:20 router python3[4537]: KeyError: 'eth1'
Dec 25 11:04:20 router systemd[1]: vyos-wan-load-balance.service: Main process exited, code=exited, status=1/FAILURE
Dec 25 11:04:20 router systemd[1]: vyos-wan-load-balance.service: Failed with result 'exit-code'.
Dec 25 11:04:20 router systemd[1]: vyos-wan-load-balance.service: Scheduled restart job, restart counter is at 5.
Dec 25 11:04:20 router systemd[1]: Stopped vyos-wan-load-balance.service - VyOS WAN Load Balancer.
Dec 25 11:04:20 router systemd[1]: vyos-wan-load-balance.service: Start request repeated too quickly.
Dec 25 11:04:20 router systemd[1]: vyos-wan-load-balance.service: Failed with result 'exit-code'.
Dec 25 11:04:20 router systemd[1]: Failed to start vyos-wan-load-balance.service - VyOS WAN Load Balancer.
^C
vyos@router:~$ 

If it fails, the rules are not deleted:

vyos@router# ip rule
0:	from all lookup local
32761:	from all fwmark 0xc9 lookup 201
32762:	from all fwmark 0xc9 lookup 201
32763:	from all fwmark 0xc9 lookup 201
32764:	from all fwmark 0xc9 lookup 201
32765:	from all fwmark 0xc9 lookup 201
32766:	from all lookup main
32767:	from all lookup default
[edit]
vyos@router# 

Delete load-balancing does not help

vyos@router# delete load-balancing 
[edit]
vyos@router# commit
[edit]
vyos@router# ip rule
0:	from all lookup local
32756:	from all fwmark 0xc9 lookup 201
32757:	from all fwmark 0xc9 lookup 201
32758:	from all fwmark 0xc9 lookup 201
32759:	from all fwmark 0xc9 lookup 201
32760:	from all fwmark 0xc9 lookup 201
32761:	from all fwmark 0xc9 lookup 201
32762:	from all fwmark 0xc9 lookup 201
32763:	from all fwmark 0xc9 lookup 201
32764:	from all fwmark 0xc9 lookup 201
32765:	from all fwmark 0xc9 lookup 201
32766:	from all lookup main
32767:	from all lookup default
[edit]
vyos@router# 

  1. Something is wrong with ip rule logic per adding rules
    Before wlb
vyos@router# ip rule
0:	from all lookup local
32766:	from all lookup main
32767:	from all lookup default
[edit]
vyos@router# 

Add wlb and two rules (2 commits):

set load-balancing wan enable-local-traffic
set load-balancing wan interface-health eth0 nexthop '10.0.1.1'
set load-balancing wan interface-health eth1 nexthop '10.0.2.1'
set load-balancing wan rule 20 inbound-interface 'eth2'
set load-balancing wan rule 20 interface eth0
set load-balancing wan rule 20 interface eth1
commit
set load-balancing wan rule 9999 protocol 'all'
commit

Check IP rules:

vyos@router# ip rule
0:	from all lookup local
32758:	from all fwmark 0xca lookup 202
32759:	from all fwmark 0xc9 lookup 201
32760:	from all fwmark 0xca lookup 202
32761:	from all fwmark 0xc9 lookup 201
32762:	from all fwmark 0xca lookup 202
32763:	from all fwmark 0xc9 lookup 201
32764:	from all fwmark 0xca lookup 202
32765:	from all fwmark 0xc9 lookup 201
32766:	from all lookup main
32767:	from all lookup default
[edit]
vyos@router# 

  1. Empty rule 100 breaks the daemon/process:
set load-balancing wan interface-health eth0 nexthop '10.0.1.1'
set load-balancing wan interface-health eth1 nexthop '10.0.2.1'
set load-balancing wan rule 20 inbound-interface 'eth2'
set load-balancing wan rule 20 interface eth0
set load-balancing wan rule 20 interface eth1
set load-balancing wan rule 100
commit

Log

Dec 25 12:17:12 router python3[22542]: Traceback (most recent call last):
Dec 25 12:17:12 router python3[22542]:   File "/usr/libexec/vyos/vyos-load-balancer.py", line 194, in <module>
Dec 25 12:17:12 router python3[22542]:     nftables_update(lb)
Dec 25 12:17:12 router python3[22542]:   File "/usr/libexec/vyos/vyos-load-balancer.py", line 125, in nftables_update
Dec 25 12:17:12 router python3[22542]:     render(nftables_wlb_conf, 'load-balancing/nftables-wlb.j2', lb)
Dec 25 12:17:12 router python3[22542]:   File "/usr/lib/python3/dist-packages/vyos/template.py", line 152, in render
Dec 25 12:17:12 router python3[22542]:     rendered = render_to_string(template, content, formater, location)
Dec 25 12:17:12 router python3[22542]:                ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Dec 25 12:17:12 router python3[22542]:   File "/usr/lib/python3/dist-packages/vyos/template.py", line 121, in render_to_string
Dec 25 12:17:12 router python3[22542]:     rendered = template.render(content)
Dec 25 12:17:12 router python3[22542]:                ^^^^^^^^^^^^^^^^^^^^^^^^
Dec 25 12:17:12 router python3[22542]:   File "/usr/lib/python3/dist-packages/jinja2/environment.py", line 1301, in render
Dec 25 12:17:12 router python3[22542]:     self.environment.handle_exception()
Dec 25 12:17:12 router python3[22542]:   File "/usr/lib/python3/dist-packages/jinja2/environment.py", line 936, in handle_exception
Dec 25 12:17:12 router python3[22542]:     raise rewrite_traceback_stack(source=source)
Dec 25 12:17:12 router python3[22542]:   File "/usr/share/vyos/templates/load-balancing/nftables-wlb.j2", line 31, in top-level template code
Dec 25 12:17:12 router python3[22542]:     {{ rule_conf | wlb_nft_rule(rule_id, limit=limit, weight=True, health_state=health_state) }}
Dec 25 12:17:12 router python3[22542]: ^^^^^^^^^^^^^^^^^^^^^
Dec 25 12:17:12 router python3[22542]:   File "/usr/lib/python3/dist-packages/vyos/template.py", line 785, in wlb_nft_rule
Dec 25 12:17:12 router python3[22542]:     return wlb_nft_rule(rule_conf, rule_id, local, exclude, limit, weight, health_state, action, restore_mark)
Dec 25 12:17:12 router python3[22542]:            ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Dec 25 12:17:12 router python3[22542]:   File "/usr/lib/python3/dist-packages/vyos/wanloadbalance.py", line 83, in nft_rule
Dec 25 12:17:12 router python3[22542]:     weights, total_weight = wlb_weight_interfaces(rule_conf, health_state)
Dec 25 12:17:12 router python3[22542]:                             ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Dec 25 12:17:12 router python3[22542]:   File "/usr/lib/python3/dist-packages/vyos/wanloadbalance.py", line 98, in wlb_weight_interfaces
Dec 25 12:17:12 router python3[22542]:     interfaces = [(ifname, int(if_conf.get('weight', 1))) for ifname, if_conf in rule_conf['interface'].items() if health_state[ifname]['state']]
Dec 25 12:17:12 router python3[22542]:                                                                                  ~~~~~~~~~^^^^^^^^^^^^^
Dec 25 12:17:12 router python3[22542]: KeyError: 'interface'

Copy link
Member

@sever-sever sever-sever left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Something is wrong with adding/deleting ip rule
I sent examples to reproduce
Thanks!

@sever-sever
Copy link
Member

sever-sever commented Jan 17, 2025

Tested on

vyos@router:~$ show ver
Version:          VyOS 1.5-rolling-202501140634
Release train:    current
Release flavor:   generic

Built by:         autobuild@vyos.net
Built on:         Tue 14 Jan 2025 06:35 UTC
Build UUID:       17bf5ea7-2b1f-45a9-a631-a500d9fa824b
Build commit ID:  0bd5cb4f5038f5
  1. Interface in the down state, but the test shows as active
set interfaces ethernet eth0 address '10.0.1.2/24'
set interfaces ethernet eth0 description 'ISP-01'
set interfaces ethernet eth1 address '10.0.2.2/24'
set interfaces ethernet eth1 description 'ISP-02'

set load-balancing wan hook '/bin/true'
set load-balancing wan interface-health eth0 nexthop '10.0.1.1'
set load-balancing wan interface-health eth1 nexthop '10.0.2.1'

Actual interface status

vyos@router:~$ show int
Codes: S - State, L - Link, u - Up, D - Down, A - Admin Down
Interface    IP Address          MAC                VRF        MTU  S/L    Description
-----------  ------------------  -----------------  -------  -----  -----  -------------
eth0         10.0.1.2/24         0c:67:b0:98:00:00  default   1500  u/D    ISP-01
eth1         10.0.2.2/24         0c:67:b0:98:00:01  default   1500  u/u    ISP-02

Unexpected active for eth0

vyos@router:~$ show wan-load-balance 
Interface: eth0
Status: active
Last Status Change: N/A
Last Interface Success: N/A
Last Interface Failure: N/A
Interface Failures: 0

Interface: eth1
Status: active
Last Status Change: N/A
Last Interface Success: N/A
Last Interface Failure: N/A
Interface Failures: 0

With such a configuration, the service fails:

Jan 17 10:04:35 router systemd[1]: vyos-wan-load-balance.service: Main process exited, code=exited, status=1/FAILURE
Jan 17 10:04:35 router systemd[1]: vyos-wan-load-balance.service: Failed with result 'exit-code'.
Jan 17 10:04:36 router systemd[1]: vyos-wan-load-balance.service: Scheduled restart job, restart counter is at 58.
Jan 17 10:04:36 router systemd[1]: Stopped vyos-wan-load-balance.service - VyOS WAN Load Balancer.
Jan 17 10:04:36 router systemd[1]: Started vyos-wan-load-balance.service - VyOS WAN Load Balancer.
Jan 17 10:04:41 router python3[5811]: Traceback (most recent call last):
Jan 17 10:04:41 router python3[5811]:   File "/usr/libexec/vyos/vyos-load-balancer.py", line 265, in <module>
Jan 17 10:04:41 router python3[5811]:     on_state_change(lb, ifname, state['state'])
Jan 17 10:04:41 router python3[5811]:   File "/usr/libexec/vyos/vyos-load-balancer.py", line 81, in on_state_change
Jan 17 10:04:41 router python3[5811]:     run(script_path, env=[f'WLB_INTERFACE_NAME={ifname}', f'WLB_INTERFACE_STATE={state_str}'])
Jan 17 10:04:41 router python3[5811]:   File "/usr/lib/python3/dist-packages/vyos/utils/process.py", line 144, in run
Jan 17 10:04:41 router python3[5811]:     _, code = popen(
Jan 17 10:04:41 router python3[5811]:               ^^^^^^
Jan 17 10:04:41 router python3[5811]:   File "/usr/lib/python3/dist-packages/vyos/utils/process.py", line 104, in popen
Jan 17 10:04:41 router python3[5811]:     p = Popen(command, stdin=stdin, stdout=stdout, stderr=stderr,
Jan 17 10:04:41 router python3[5811]:         ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Jan 17 10:04:41 router python3[5811]:   File "/usr/lib/python3.11/subprocess.py", line 1024, in __init__
Jan 17 10:04:41 router python3[5811]:     self._execute_child(args, executable, preexec_fn, close_fds,
Jan 17 10:04:41 router python3[5811]:   File "/usr/lib/python3.11/subprocess.py", line 1817, in _execute_child
Jan 17 10:04:41 router python3[5811]:     for k, v in env.items():
Jan 17 10:04:41 router python3[5811]:                 ^^^^^^^^^
Jan 17 10:04:41 router python3[5811]: AttributeError: 'list' object has no attribute 'items'

  1. If the service restarts continuously (as in point 1), it does not clean the rules
vyos@router# ip rule | head -8
0:	from all lookup local
32220:	from all fwmark 0xca lookup 202
32221:	from all fwmark 0xc9 lookup 201
32222:	from all fwmark 0xca lookup 202
32223:	from all fwmark 0xc9 lookup 201
32224:	from all fwmark 0xca lookup 202
32225:	from all fwmark 0xc9 lookup 201
32226:	from all fwmark 0xca lookup 202
[edit]

 vyos@router# ip rule | grep "fwmark 0xc" | wc -l
556
[edit]
vyos@router# 
[edit]
vyos@router# ip rule | grep "fwmark 0xc" | wc -l
558
[edit]
vyos@router# 

  1. If an interfaces in the down (link down) state (suspend in GNS3), the service restarts with ERROR: Failed to apply WLB nftables config continuously
set load-balancing wan interface-health eth0 nexthop '10.0.1.1'
set load-balancing wan interface-health eth1 nexthop '10.0.2.1'
set load-balancing wan rule 10 inbound-interface 'eth2'
set load-balancing wan rule 10 interface eth0
set load-balancing wan rule 10 interface eth1


vyos@router# run show int
Codes: S - State, L - Link, u - Up, D - Down, A - Admin Down
Interface    IP Address          MAC                VRF        MTU  S/L    Description
-----------  ------------------  -----------------  -------  -----  -----  -------------
eth0         10.0.1.2/24         0c:67:b0:98:00:00  default   1500  u/D    ISP-01
eth1         10.0.2.2/24         0c:67:b0:98:00:01  default   1500  u/u    ISP-02

logs:

Jan 17 11:16:15 router vyos-configd[654]: commit_scripts: ['load-balancing_wan']
Jan 17 11:16:15 router vyos-configd[654]: Received message: {"type": "node", "last": true, "data": "/usr/libexec/vyos/conf_mode/load-balancing_wan.py"}
Jan 17 11:16:15 router systemd[1]: Started vyos-wan-load-balance.service - VyOS WAN Load Balancer.
Jan 17 11:16:15 router vyos-configd[654]: Sending reply: error_code 1 with output
Jan 17 11:16:15 router vyos-configd[654]: scripts_called: ['load-balancing_wan']
Jan 17 11:16:15 router systemd[1]: opt-vyatta-config-tmp-new_config_2810.mount: Deactivated successfully.
Jan 17 11:16:16 router commit[3046]: Successful change to active configuration by user vyos on /dev/pts/2

Jan 17 11:16:21 router python3[3001]: Notice: Waiting for commit to complete...
Jan 17 11:16:21 router python3[3001]: INFO: State change: eth0 -> False
Jan 17 11:16:21 router python3[3001]: ERROR: Failed to apply WLB nftables config
Jan 17 11:16:21 router systemd[1]: vyos-wan-load-balance.service: Deactivated successfully.
Jan 17 11:16:22 router systemd[1]: vyos-wan-load-balance.service: Scheduled restart job, restart counter is at 1.
Jan 17 11:16:22 router systemd[1]: Stopped vyos-wan-load-balance.service - VyOS WAN Load Balancer.
Jan 17 11:16:22 router systemd[1]: Started vyos-wan-load-balance.service - VyOS WAN Load Balancer.

Jan 17 11:16:27 router python3[3090]: INFO: State change: eth0 -> False
Jan 17 11:16:27 router python3[3090]: ERROR: Failed to apply WLB nftables config
Jan 17 11:16:27 router systemd[1]: vyos-wan-load-balance.service: Deactivated successfully.
Jan 17 11:16:27 router systemd[1]: vyos-wan-load-balance.service: Scheduled restart job, restart counter is at 2.
Jan 17 11:16:27 router systemd[1]: Stopped vyos-wan-load-balance.service - VyOS WAN Load Balancer.
Jan 17 11:16:27 router systemd[1]: Started vyos-wan-load-balance.service - VyOS WAN Load Balancer.

Jan 17 11:16:32 router python3[3112]: INFO: State change: eth0 -> False
Jan 17 11:16:32 router python3[3112]: ERROR: Failed to apply WLB nftables config
Jan 17 11:16:32 router systemd[1]: vyos-wan-load-balance.service: Deactivated successfully.
Jan 17 11:16:33 router systemd[1]: vyos-wan-load-balance.service: Scheduled restart job, restart counter is at 3.
Jan 17 11:16:33 router systemd[1]: Stopped vyos-wan-load-balance.service - VyOS WAN Load Balancer.
Jan 17 11:16:33 router systemd[1]: Started vyos-wan-load-balance.service - VyOS WAN Load Balancer.

Jan 17 11:16:38 router python3[3134]: INFO: State change: eth0 -> False
Jan 17 11:16:38 router python3[3134]: ERROR: Failed to apply WLB nftables config
Jan 17 11:16:38 router systemd[1]: vyos-wan-load-balance.service: Deactivated successfully.
Jan 17 11:16:38 router systemd[1]: vyos-wan-load-balance.service: Scheduled restart job, restart counter is at 4.
Jan 17 11:16:38 router systemd[1]: Stopped vyos-wan-load-balance.service - VyOS WAN Load Balancer.
Jan 17 11:16:38 router systemd[1]: Started vyos-wan-load-balance.service - VyOS WAN Load Balancer.

Jan 17 11:16:43 router python3[3156]: INFO: State change: eth0 -> False
Jan 17 11:16:43 router python3[3156]: ERROR: Failed to apply WLB nftables config
Jan 17 11:16:43 router systemd[1]: vyos-wan-load-balance.service: Deactivated successfully.
Jan 17 11:16:44 router systemd[1]: vyos-wan-load-balance.service: Scheduled restart job, restart counter is at 5.
Jan 17 11:16:44 router systemd[1]: Stopped vyos-wan-load-balance.service - VyOS WAN Load Balancer.
Jan 17 11:16:44 router systemd[1]: Started vyos-wan-load-balance.service - VyOS WAN Load Balancer.

Jan 17 11:16:49 router python3[3178]: INFO: State change: eth0 -> False
Jan 17 11:16:49 router python3[3178]: ERROR: Failed to apply WLB nftables config
Jan 17 11:16:49 router systemd[1]: vyos-wan-load-balance.service: Deactivated successfully.
Jan 17 11:16:49 router systemd[1]: vyos-wan-load-balance.service: Scheduled restart job, restart counter is at 6.
Jan 17 11:16:49 router systemd[1]: Stopped vyos-wan-load-balance.service - VyOS WAN Load Balancer.
Jan 17 11:16:49 router systemd[1]: Started vyos-wan-load-balance.service - VyOS WAN Load Balancer.
^C

src/helpers/vyos-load-balancer.py Outdated Show resolved Hide resolved
Copy link

CI integration 👍 passed!

Details

CI logs

  • CLI Smoketests (no interfaces) 👍 passed
  • CLI Smoketests (interfaces only) 👍 passed
  • Config tests 👍 passed
  • RAID1 tests 👍 passed
  • TPM tests 👍 passed

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Development

Successfully merging this pull request may close these issues.

3 participants