10.2.1 mgmtd fails if you have RPKI configured

[f0o]

Description

FRR crash loops with:

Jan 08 09:28:03 rt1.sto1.se.as203038.net frrinit.sh[1831151]: [1831151|mgmtd] Configuration file[/etc/frr/frr.conf] processing failure: 2
Jan 08 09:28:03 rt1.sto1.se.as203038.net frrinit.sh[1831158]: line 1167: % Unknown command[87]:  rpki cache 127.0.0.1 3323 preference 1
Jan 08 09:28:03 rt1.sto1.se.as203038.net frrinit.sh[1831158]: line 1168: % Unknown command[87]:  rpki cache 10.x.x.x 3323 preference 255

Version

FRRouting 10.2.1 (rt1.sto1.se.as203038.net) on Linux(5.15.0-127-generic).
Copyright 1996-2005 Kunihiro Ishiguro, et al.
configured with:
    '--build=x86_64-linux-gnu' '--prefix=/usr' '--includedir=${prefix}/include' '--mandir=${prefix}/share/man' '--infodir=${prefix}/share/info' '--sysconfdir=/etc' '--localstatedir=/var' '--disable-option-checking' '--disable-silent-rules' '--libdir=${prefix}/lib/x86_64-linux-gnu' '--libexecdir=${prefix}/lib/x86_64-linux-gnu' '--disable-maintainer-mode' '--sbindir=/usr/lib/frr' '--with-vtysh-pager=/usr/bin/pager' '--libdir=/usr/lib/x86_64-linux-gnu/frr' '--with-moduledir=/usr/lib/x86_64-linux-gnu/frr/modules' '--disable-dependency-tracking' '--enable-rpki' '--disable-scripting' '--enable-pim6d' '--disable-grpc' '--with-libpam' '--enable-doc' '--enable-doc-html' '--enable-snmp' '--enable-fpm' '--disable-protobuf' '--disable-zeromq' '--enable-ospfapi' '--enable-bgp-vnc' '--enable-multipath=256' '--enable-user=frr' '--enable-group=frr' '--enable-vty-group=frrvty' '--enable-configfile-mask=0640' '--enable-logfile-mask=0640' 'build_alias=x86_64-linux-gnu' 'PYTHON=python3'

How to reproduce

Simply configure RPKI like it was working since 9.x

Expected behavior

Not to crashloop

Actual behavior

Crashloop

Additional context

No response

Checklist

• I have searched the open issues for this bug.
• I have not included sensitive information in this report.

[f0o]

A solution seems to downgrade to 10.1.1

Edit; 10.1.2 also works

[f0o]

Hrm getting a lot of vtysh: error reading from bgpd: Connection reset by peer (104)Warning: closing connection to bgpd because of an I/O error! on 10.1.2

Not sure if this is related. I got 10.1.1 on rt2 which is stable but it seems that updating rt1 from 10.0 to 10.2 and then downgrade to 10.1 messed things up

[ton31337]

Can we get the full log (debug) and configurations?

[f0o]

Unrelated or perhaps related; Did 10.1.2 change VRFs? I bgpd claims vrf-id is -1 on all vrfs. That shouldnt be the case...

I'm not using NETNS based VRFs.

[f0o]

Can we get the full log (debug) and configurations?

Yes once we find a reliable way to get this back into a running state we can break if again and slack you the logs/configs/anything :)

[f0o]

@ton31337 I noticed that 10.1.2 changed the RPKI config lines to be:

 rpki cache tcp 127.0.0.1 3323 preference 1

Noting that addition of tcp which wasnt there before. Could that have caused the mgmtd issues?

[ton31337]

Yes, the syntax is changed.

[f0o]

ok after a few further tests it seems that the crashloop is caused by the missing tcp in the rpki cache config line.

So the jump from 10.0 to 10.2 broke it; going 10.0.x to 10.1.x and then 10.2.x doing do wr mem after each step fixes/rewrites the config.