BIRD exporting to kernel although disabled
Ondrej Filip
feela at network.cz
Tue Jun 14 14:35:58 CEST 2011
On 14.6.2011 12:40, Bernhard Hahn wrote:
> Dear Bird Mailinglist,
Hi Bernhard,
can you please send me output of:
bird> show protocols all kernel1
Ondrej
>
> We are running Bird 1.2.5 under Debian Etch AMD64 as a routeserver. Last
> Friday we changed a filter to allow the import of prefixes from a peer
> with the same AS as the routeserver. The broken design of the
> configuration, allowed the import of prefixes with empty AS-path to the
> master table and their export to the EBGP peers.
> Unfortunately this caused nearly all Cisco (&RFC compliant) machines to
> close their sessions.
>
> At this time, one of our two routeservers started exporting the Master
> table to the kernel table. There is currently no impact, but we are
> wondering how this could happen and how to resolve this situation,
> without affecting the running sessions.
>
> The kernel part of the configuration never changed and looks like:
>
> protocol kernel {
> disabled;
> import all; # Default is import all
> export all; # Default is export none
> scan time 10; # Scan kernel tables every 10 seconds
> }
>
> When we remove one of the kernel prefixes like:
>
> route del -net X.Y.Z.A netmask 255.255.255.0 gw X.X.X.X eth1
>
> It reappears after around 10 seconds. Guess the scan time is taking
> effect here.
>
> "configure soft" was already triggered several times without effect to
> the kernel protocol.
>
> Regards
> Bernhard
>
More information about the Bird-users
mailing list