0

Diagram of Nodes

I have Calico Node2Node Mesh running. And successfully setup peering with my upstream switches.

What Looks strange, is it appears that every node is advertising all the node networks. I would think that each node should advertise its /26 range and the Services range. Instead, it is advertising all 4 /26 (node specific subnets) and the services range. I am worried this is having some multipathing problems.

Is this expected behavior?

172.16. routes are nodes specific 172.20. is where the kube clusterip services

172.16.149.0/26  proto bgp  metric 20
        nexthop via 192.168.101.201  dev vlan101 weight 1
        nexthop via 192.168.101.202  dev vlan101 weight 1
        nexthop via 192.168.101.203  dev vlan101 weight 1
        nexthop via 192.168.101.204  dev vlan101 weight 1
172.16.155.64/26  proto bgp  metric 20
        nexthop via 192.168.101.201  dev vlan101 weight 1
        nexthop via 192.168.101.202  dev vlan101 weight 1
        nexthop via 192.168.101.203  dev vlan101 weight 1
        nexthop via 192.168.101.204  dev vlan101 weight 1
172.16.176.192/26  proto bgp  metric 20
        nexthop via 192.168.101.201  dev vlan101 weight 1
        nexthop via 192.168.101.202  dev vlan101 weight 1
        nexthop via 192.168.101.203  dev vlan101 weight 1
        nexthop via 192.168.101.204  dev vlan101 weight 1
172.16.248.128/26  proto bgp  metric 20
        nexthop via 192.168.101.201  dev vlan101 weight 1
        nexthop via 192.168.101.202  dev vlan101 weight 1
        nexthop via 192.168.101.203  dev vlan101 weight 1
        nexthop via 192.168.101.204  dev vlan101 weight 1
172.20.0.0/16  proto bgp  metric 20
        nexthop via 192.168.101.201  dev vlan101 weight 1
        nexthop via 192.168.101.202  dev vlan101 weight 1
        nexthop via 192.168.101.203  dev vlan101 weight 1
        nexthop via 192.168.101.204  dev vlan101 weight 1
172.20.88.169  proto bgp  metric 20
        nexthop via 192.168.101.201  dev vlan101 weight 1
        nexthop via 192.168.101.202  dev vlan101 weight 1
        nexthop via 192.168.101.203  dev vlan101 weight 1
        nexthop via 192.168.101.204  dev vlan101 weight 1

Calico BGP Manifest

---
apiVersion: projectcalico.org/v3
kind: BGPPeer
metadata:
  name: netgate
spec:
  peerIP: 192.168.100.1
  asNumber: 65534
Roogles
  • 41
  • 4
  • I don't know much about Calico. But in general it seems prudent to add all relevant configs (Calico and your upstream BGP devices) so that users don't have to assume much about the setup. In a networking sense it might also be helpful to give some idea of network topology so we can understand from where advertisements might come from and what the IP addresses are from (for example, what are 92.168.101.*?). – Andy Shinn Jun 27 '19 at 18:09

1 Answers1

0

If the connections are EBGP ( different AS) then any routes received via EBGP neighbors will be sent to all EBGP neighbors by default. You wont need to advertise that in BGP because its already in the BGP table. To change this you should have outbound filter in place where each node should only permit the node network. Even if you dont put it , it wont create any immediate issue since other routes will be longer however its the best practice to avoid any weird problems in future.

kash88
  • 19
  • 2