Vyatta vrrp run-transition-scripts


#1

Hi all,
I have issue with vrrp run-transition-scripts.

I define 2 scripts as the below:

vi vrrpbackup
#!/bin/bash
/opt/vyatta/sbin/vyatta-cfg-cmd-wrapper begin
/opt/vyatta/sbin/vyatta-cfg-cmd-wrapper set policy route-map aspath1 rule 1 action ‘permit’
/opt/vyatta/sbin/vyatta-cfg-cmd-wrapper set policy route-map aspath1 rule 1 set as-path-prepend ‘100 100 100’
/opt/vyatta/sbin/vyatta-cfg-cmd-wrapper set protocols bgp 100 neighbor 10.1.1.56 shutdown
/opt/vyatta/sbin/vyatta-cfg-cmd-wrapper set protocols bgp 100 neighbor 10.1.1.56 route-map export ‘aspath1’
/opt/vyatta/sbin/vyatta-cfg-cmd-wrapper commit
/opt/vyatta/sbin/vyatta-cfg-cmd-wrapper delete protocols bgp 100 neighbor 10.1.1.56 shutdown
/opt/vyatta/sbin/vyatta-cfg-cmd-wrapper commit
/opt/vyatta/sbin/vyatta-cfg-cmd-wrapper save
/opt/vyatta/sbin/vyatta-cfg-cmd-wrapper end

vi vrrpmaster

#!/bin/bash
/opt/vyatta/sbin/vyatta-cfg-cmd-wrapper begin
/opt/vyatta/sbin/vyatta-cfg-cmd-wrapper delete protocols bgp 100 neighbor 10.1.1.56 route-map export ‘aspath1’
/opt/vyatta/sbin/vyatta-cfg-cmd-wrapper delete policy route-map aspath1
/opt/vyatta/sbin/vyatta-cfg-cmd-wrapper commit
/opt/vyatta/sbin/vyatta-cfg-cmd-wrapper set protocols bgp 100 neighbor 10.1.1.56 shutdown
/opt/vyatta/sbin/vyatta-cfg-cmd-wrapper commit
/opt/vyatta/sbin/vyatta-cfg-cmd-wrapper delete protocols bgp 100 neighbor 10.1.1.56 shutdown
/opt/vyatta/sbin/vyatta-cfg-cmd-wrapper commit
/opt/vyatta/sbin/vyatta-cfg-cmd-wrapper save
/opt/vyatta/sbin/vyatta-cfg-cmd-wrapper end

Then i refer the two above for my VRRP configuration
set interfaces ethernet eth1 address ‘192.168.107.102/24’
set interfaces ethernet eth1 vrrp vrrp-group 1 advertise-interval ‘1’
set interfaces ethernet eth1 vrrp vrrp-group 1 preempt ‘true’
set interfaces ethernet eth1 vrrp vrrp-group 1 priority ‘50’
set interfaces ethernet eth1 vrrp vrrp-group 1 ‘rfc3768-compatibility’
set interfaces ethernet eth1 vrrp vrrp-group 1 run-transition-scripts backup ‘/config/scripts/vrrpbackup’
set interfaces ethernet eth1 vrrp vrrp-group 1 run-transition-scripts master ‘/config/scripts/vrrpmaster’

set interfaces ethernet eth1 vrrp vrrp-group 1 virtual-address ‘192.168.107.100/24’
set interfaces loopback lo address ‘172.16.31.2/24’
set interfaces tunnel tun1 address ‘172.16.100.5/30’
set interfaces tunnel tun1 encapsulation ‘gre’
set interfaces tunnel tun1 local-ip ‘10.1.1.66’
set interfaces tunnel tun1 mtu ‘1450’
set interfaces tunnel tun1 multicast ‘disable’
set interfaces tunnel tun1 remote-ip ‘10.1.1.56’
set protocols bgp 100 neighbor 10.1.1.56 remote-as ‘103’
set protocols bgp 100 neighbor 10.1.1.56 ‘route-map’
set protocols bgp 100 neighbor 10.1.1.65 remote-as ‘100’
set protocols bgp 100 network ‘172.16.31.0/24’
set service ssh ‘allow-root’
set system config-management commit-revisions ‘20’
set system host-name ‘ha2’

After i commit, i see the below:
vyatta@vyatta# commit
[ system host-name ha1 ]
Stopping enhanced syslogd: rsyslogd.
Starting enhanced syslogd: rsyslogd.

[ service ssh ]
Restarting OpenBSD Secure Shell server: sshd.

[edit]
vyatta@vyatta#
Message from root@ha1 on (none) at 20:17 …
Active configuration has been changed by user ‘root’ on ‘?’.
Please make sure you do not have conflicting changes. You can also discard
the current changes by issuing ‘exit discard’.
EOF

Message from root@ha1 on (none) at 20:17 …
Active configuration has been changed by user ‘root’ on ‘?’.
Please make sure you do not have conflicting changes. You can also discard
the current changes by issuing ‘exit discard’.
EOF

Message from root@ha1 on (none) at 20:17 …
Active configuration has been changed by user ‘root’ on ‘?’.
Please make sure you do not have conflicting changes. You can also discard
the current changes by issuing ‘exit discard’.
EOF

Message from root@ha1 on (none) at 20:17 …
Active configuration has been changed by user ‘root’ on ‘?’.
Please make sure you do not have conflicting changes. You can also discard
the current changes by issuing ‘exit discard’.
EOF

Message from root@ha1 on (none) at 20:17 …
Active configuration has been changed by user ‘root’ on ‘?’.
Please make sure you do not have conflicting changes. You can also discard
the current changes by issuing ‘exit discard’.
EOF

Message from root@ha1 on (none) at 20:17 …
Active configuration has been changed by user ‘root’ on ‘?’.
Please make sure you do not have conflicting changes. You can also discard
the current changes by issuing ‘exit discard’.
EOF

Although looks like that the scripts are implemented when VRRP status change, i found i cant make any change to the current configuration

vyatta@ha1# set system host-name ha

Set failed

[edit]
vyatta@ha1#
vyatta@ha1# delete interfaces ethernet eth1 vrrp vrrp-group 1

Failed to delete specified config path
Delete failed

[edit]
vyatta@ha1#
vyatta@ha1# set protocols bgp 100 neighbor 172.16.100.2 remote-as 103

Set failed

[edit]
vyatta@ha1#
vyatta@ha1# set firewall name vyattafire

[edit]
vyatta@ha1# commit
Aborted

[edit]
vyatta@ha1# discard

Discard failed

[edit]

In addition, I tried to restore to factory default. But no lucky, the error message suggest something is wrong at line 47 but i cant see line 47 in the config.boot.default
vyatta@ha1# load /opt/vyatta/etc/config.boot.default
Loading configuration from ‘/config.boot.default’…
Invalid config file (syntax error): error at line 47, text []
Failed to parse specified config file
No configuration changes to commit

[edit]

vyatta@ha1# cat -n /opt/vyatta/etc/config.boot.default
1 system {
2 login {
3 user vyatta {
4 authentication {
5 encrypted-password “$1$4XHPj9eT$G3ww9B/pYDLSXC8YVvazP0”
6 }
7 }
8 }
9 syslog {
10 global {
11 facility all {
12 level notice
13 }
14 facility protocols {
15 level debug
16 }
17 }
18 user all {
19 facility all {
20 level emerg
21 }
22 }
23 ntp {
24 server “0.vyatta.pool.ntp.org
25 server “1.vyatta.pool.ntp.org
26 server “2.vyatta.pool.ntp.org
27 }
28 console {
29 device ttyS0 {
30 speed 9600
31 }
32 }
33 config-management {
34 commit-revisions 20
35 }
36 }
37
38 interfaces {
39 loopback lo {
40 }
41 }
42
43
44 /* Warning: Do not remove the following line. /
45 /
=== vyatta-config-version: “zone-policy@1:ipsec@4:config-management@1:wanloadbalance@3:dhcp-relay@1:nat@4:quagga@3:qos@1:entitlement@1:pim@1:conntrack@1:conntrack-sync@1:system@7:vrrp@1:firewall@5:webgui@1:dhcp-server@4” === /
46 /
Release version: VSE6.7R5S1 */

[edit]


#2

This may be related to http://forum.vyos.net/showthread.php?tid=12440.


#3

You might be able to do that with “reset ip bgp TXT<ipv4;ipv6> soft out” rather than set shutdown / delete shutdown.

What version? Vyatta or Vyos?

I normally setup ssh keys, so that root can ssh to vyatta@localhost without a password. Then the script changes to something like:

cmd="configure
set policy route map ...
set ...
commit
save
exit
exit
"
echo "$cmd" | ssh -t -t vyatta@localhost