ipv6 configuration issue

Delete IPv6 route on EdgeRouter™-X

What to do, when you messed up your router routing configuration?

Configuring your router, things might go wrong. Probably this is interesting fore everyone dealing with routing configurations using an EdgeRouter™. How to delete an IPv6 route using an EdgeRouter™?

What happend?

show configuration commands | grep -P 'route6 \x27fd12'
...
set protocols static route6 'fd12:1234:1234:1234:1234:1234:1234:1234/128' next-hop 'fd23:2345:2345:1::2' distance 10
...

In this blog post IPv6 addresses have been modified to dummies.

Unfortunately, I’ve chosen the wrong destination address. Well, I thought that is not a dramatic thing. This can be corrected:

configure
delete protocols static route6 'fd12:1234:1234:1234:1234:1234:1234:1234/128'
set protocols static route6 'fd12:1234:1234:1234:5678:5678:5678:5678/128' next-hop 'fd23:2345:2345:1::2' distance 10
commit
save

Learned my lesson! Validating the configuration with:

show ipv6 route static
...
S      fd12:1234:1234:1234:1234:1234:1234:1234/128 [1/0] via fd23:2345:2345:1::2, wg1
S      fd12:1234:1234:1234:5678:5678:5678:5678/128 [1/0] via fd23:2345:2345:1::2, wg1
...

Well, something is wrong here! I deleted the first route!

Let’s try again:

configure
delete protocols static route6 'fd12:1234:1234:1234:1234:1234:1234:1234/128' next-hop 'fd23:2345:2345:1::1'
commit
Nothing to delete (the specified node does not exist)

Well, that is expected. I’m not that stupid as I thought.

Reviewing the current router configuration with…

show configuration commands | grep route6

…did provide evidence! The route has been delete in the router configuration. But its still in the routing table.

How can we sort this out?

During my research in the internet I did found a couple of recommendations:

Reboot the router!

Unfortunately, internet is a critical infrastructure, even at home. So I’ve to follow the ITIL process and discuss an accurate downtime with my family. Weird times! As I’m using complex zone based firewall rules, the router might need more than 10 minutes to come up, after reboot. This isn’t an acceptable approach. There is a requirement to find a better way.

Review router configuration JSON style files

I don’t have much detail on this, but I’ve a indication that the running router configuration will be stored in JSON based files. So there was a recommendation to review and maybe delete related files and folders:

/opt/vyatta/config/active/protocols/static/route6/

This was not valide in my case. Maybe someone finds the information useful.

Zebra/Quagga Routing Service

I could find out that the Zebra or Quagga Routing Suite will be the basement of the routing capabilities. And this finally made my day!

It’s possible to review the running configuration in different ways:

Stored in ZebOS.conf file:

less /var/run/ZebOS.conf

Quagga/vtysh wrapper:

sudo vtysh -c "show running-config"

With the help of the vtysh wrapper its possible to make use of the Quagga Routing Suite!

Executing…

 sudo vtysh -c "show running-config" | grep 'ipv6 route fd12'
 ipv6 route fd12:1234:1234:1234:1234:1234:1234:1234/128 fd23:2345:2345:1::2 wg1 10
 ipv6 route fd12:1234:1234:1234:5678:5678:5678:5678/128 fd23:2345:2345:1::2 wg1 10

…perfectly did provide evidence. Despite the fact, that the route was deleted in the router configuration, it still exists in the Quagga configuration.

And comparing these two commands, I received the same result:

show ipv6 route static | grep fd12
S      fd12:1234:1234:1234:1234:1234:1234:1234/128 [1/0] via fd23:2345:2345:1::2, wg1
S      fd12:1234:1234:1234:5678:5678:5678:5678/128 [1/0] via fd23:2345:2345:1::2, wg1

sudo vtysh -c 'show ipv6 route static' | grep fd12
S      fd12:1234:1234:1234:1234:1234:1234:1234/128 [1/0] via fd23:2345:2345:1::2, wg1
S      fd12:1234:1234:1234:5678:5678:5678:5678/128 [1/0] via fd23:2345:2345:1::2, wg1

This must be an answer out of Quagga!

Enemy Spotted!

Following the Quagga documentation http://www.quagga.net I executed the following command:

sudo vtysh -c "conf t" -c "no ipv6 route  fd12:1234:1234:1234:1234:1234:1234:1234/128"

This deleted the route out of my routing table.

Validation

show ipv6 route static | grep fd12
S fd12:1234:1234:1234:5678:5678:5678:5678/128 [1/0] via fd23:2345:2345:1::2, wg1

Done!

If you’re interested in some more routing topics you might find this useful: It’s not me, it’s you! … Me? No! It’s you! – black hole/null routing