Hey there,
so through numerous different configurations of this I still can’t get the routes to not be “inactive” in the routing table, despite the BGP table saying they’re fine so I’m hoping that the current config and outputs might be helpful to somebody who might spot something I haven’t. Both wireguard tunnels are showing succesful handshakes so they look like they’re fine, the BGP sessions are established and sharing routes and those routes are being put into the BGP routing table as shown below, but then they either make it into the routing table but are marked inactive (ipv4) or don’t make it into the routing table at all (ipv6)
Current Config:
interfaces { ethernet eth0 { address 192.168.0.250/24 duplex auto hw-id 52:54:00:a2:1e:91 smp-affinity auto speed auto } ethernet eth1 { duplex auto hw-id 52:54:00:2c:d9:eb smp-affinity auto speed auto } loopback lo { } wireguard wg01 { address 172.20.142.33 peer uk-lon1 { allowed-ips ::/0 allowed-ips 0.0.0.0/0 endpoint 142.93.XX.X:22673 pubkey **************** } port 22673 } wireguard wg02 { address 172.20.142.33 description "uk-Lon1" peer burble { allowed-ips 0.0.0.0/0 endpoint 185.121.XX.XX:31743 pubkey **************** } port 31743 } } policy { prefix-list BGP-OUT { rule 10 { action permit prefix 172.20.142.32/29 } } prefix-list6 BGP6-OUT { rule 10 { action permit prefix fdea:2eb5:7420::/48 } rule 20 { action deny prefix ::/0 } } route-map BGP-OUT { rule 10 { action permit match { ip { address { prefix-list BGP-OUT } } } } rule 15 { action permit match { ipv6 { address { prefix-list BGP6-OUT } } } } rule 20 { action deny } } route-map IPv6-BGP-NextHop-Fix { rule 1 { action permit match { ipv6 { nexthop :: } } } rule 2 { action permit set { ipv6-next-hop { local fe80::42:196 } } } } } protocols { bgp 4242422673 { address-family { ipv4-unicast { network 172.20.142.32/29 { } } ipv6-unicast { network fdea:2eb5:7420::/64 { } } } neighbor 172.20.129.187 { address-family { ipv4-unicast { prefix-list { export BGP-OUT } } } remote-as 4242422601 } neighbor 172.20.170.194 { address-family { ipv4-unicast { filter-list { } prefix-list { export BGP-OUT } } } description "Lon-1" remote-as 4242423934 } neighbor fe80::42:194 { address-family { ipv4-unicast { soft-reconfiguration { inbound } } ipv6-unicast { route-map { import IPv6-BGP-NextHop-Fix } soft-reconfiguration { inbound } } } interface wg01 remote-as 4242423934 } parameters { router-id 172.20.142.33 } } static { interface-route 172.20.129.187/32 { next-hop-interface wg02 { } } interface-route 172.20.170.194/32 { next-hop-interface wg01 { } } interface-route6 ::/0 { next-hop-interface wg01 { } } interface-route6 fe80::42:194/128 { next-hop-interface wg01 { } } route 0.0.0.0/0 { next-hop 192.168.0.1 { distance 254 } } } }
IFCONFIG of wireguard interfaces
wg01 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 inet addr:172.20.142.33 P-t-P:172.20.142.33 Mask:255.255.255.255 UP POINTOPOINT RUNNING NOARP MTU:1420 Metric:1 RX packets:456 errors:0 dropped:188 overruns:0 frame:0 TX packets:461 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:93528 (91.3 KiB) TX bytes:40632 (39.6 KiB) wg02 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 inet addr:172.20.142.33 P-t-P:172.20.142.33 Mask:255.255.255.255 UP POINTOPOINT RUNNING NOARP MTU:1420 Metric:1 RX packets:460 errors:0 dropped:0 overruns:0 frame:0 TX packets:379 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:121540 (118.6 KiB) TX bytes:34840 (34.0 KiB)
show ip bgp neighbors 172.20.129.187 routes
BGP table version is 671, local router ID is 172.20.142.33, vrf id 0 Status codes: s suppressed, d damped, h history, * valid, > best, = multipath, i internal, r RIB-failure, S Stale, R Removed Nexthop codes: @NNN nexthop's vrf id, < announce-nh-self Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path * 10.9.8.0/24 172.20.129.187 0 0 4242422601 64719 4242423759 i * 10.11.0.0/16 172.20.129.187 0 0 4242422601 4242423640 65043 64875 i * 10.11.160.0/20 172.20.129.187 0 0 4242422601 4242423640 65043 64875 i * 10.23.0.0/16 172.20.129.187 0 0 4242422601 4242423640 65043 65210 i
show ip bgp neighbors 172.20.170.194 routes
BGP table version is 671, local router ID is 172.20.142.33, vrf id 0 Status codes: s suppressed, d damped, h history, * valid, > best, = multipath, i internal, r RIB-failure, S Stale, R Removed Nexthop codes: @NNN nexthop's vrf id, < announce-nh-self Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path *> 10.9.8.0/24 172.20.170.194 0 4242423934 4242420789 4242423759 i *> 10.11.0.0/16 172.20.170.194 0 4242423934 4242423640 65043 64875 i *> 10.11.160.0/20 172.20.170.194 0 4242423934 4242421191 65043 64875 i *> 10.23.0.0/16 172.20.170.194 0 4242423934 4242421191 65043 65210 i *> 10.26.64.0/18 172.20.170.194 0 4242423934 4242421926 4242420022 i
show ip route
Codes: K - kernel route, C - connected, S - static, R - RIP, O - OSPF, I - IS-IS, B - BGP, E - EIGRP, N - NHRP, T - Table, v - VNC, V - VNC-Direct, A - Babel, D - SHARP, F - PBR, f - OpenFabric, > - selected route, * - FIB route S>* 0.0.0.0/0 [254/0] via 192.168.0.1, eth0, 00:51:06 B 10.9.8.0/24 [20/0] via 172.20.170.194 inactive, 00:51:01 B 10.11.0.0/16 [20/0] via 172.20.170.194 inactive, 00:51:01 B 10.11.160.0/20 [20/0] via 172.20.170.194 inactive, 00:51:01 B 10.23.0.0/16 [20/0] via 172.20.170.194 inactive, 00:51:01
Any ideas for why this won’t work would be greately appreciated, or if more outputs are needed I can provide them too