FRR logs are huge

aserkin · October 4, 2022, 12:48pm

When remote access vpn session is established the syslog gets quite a number of messages like:

Oct 04 15:40:00 vyos-lns-1 ospfd[921]: [VCGF0-X62M1][EC 100663301] INTERFACE_STATE: Cannot find IF l2tp0 in VRF 5
Oct 04 15:40:00 vyos-lns-1 bfdd[933]: [VCGF0-X62M1][EC 100663301] INTERFACE_STATE: Cannot find IF l2tp0 in VRF 5
Oct 04 15:40:00 vyos-lns-1 staticd[930]: [VCGF0-X62M1][EC 100663301] INTERFACE_STATE: Cannot find IF l2tp0 in VRF 5
Oct 04 15:40:00 vyos-lns-1 staticd[930]: [VCGF0-X62M1][EC 100663301] INTERFACE_STATE: Cannot find IF l2tp0 in VRF 5
Oct 04 15:40:00 vyos-lns-1 bgpd[914]: [VCGF0-X62M1][EC 100663301] INTERFACE_STATE: Cannot find IF l2tp0 in VRF 5
Oct 04 15:40:00 vyos-lns-1 ldpd[926]: [VCGF0-X62M1][EC 100663301] INTERFACE_STATE: Cannot find IF l2tp0 in VRF 5
Oct 04 15:40:00 vyos-lns-1 accel-l2tp[181877]: l2tp0:: def_set_vrf rtnl_talk failed
Oct 04 15:40:00 vyos-lns-1 accel-l2tp[181877]: l2tp0:: set vrf default failed ifindex=67, vrf_ifindex=0

In case of thousands sessions this generates huge amount of unnecessary information upon session establishment and tear down. How can we avoid this?
I set all facilities to err level but this does not seem to influence FRR processes logging. Getting tested the L2TP LNS node on vyos we got 5Gb of messages in less than an hour with ~2000 active sessions. This is not acceptable for production system.

Viacheslav · October 4, 2022, 1:04pm

Change log file to /dev/null
But it does not exist in the CLI
log-file=/dev/null

aserkin · October 4, 2022, 1:28pm

Sorry, where should i do this?

Viacheslav · October 4, 2022, 2:05pm

I guess /run/acel-ppp l2tp.conf

[log]
log-file=/dev/null

Update
it is better to set the log level
log level=1

Dmitry · October 5, 2022, 7:18am

I believe the idea already described: to get log level via syslog node and use this level for accel-ppp config. Also accel-ppp can apply log level changes via accel-cmd reload command
What about FRR part, I still thinking how to run only configured daemons/protocols like we do that with PIMd configuration

aserkin · October 5, 2022, 8:59am

Yes, my post is more about FRR daemons logging when using vpn remote access.
Regarding messages like
INTERFACE_STATE: Cannot find IF l2tp0 in VRF …
i’d assign them warning level or even notification rather than error. This is not an error condition in case you launch session within vrf other than default.
You have to filter error level logging (vtysh configure: log syslog emergencies) to avoid this messages, but you definitely want to see messages about BGP going down, and, i guess, they are unavailable when error level is filtered.