BGP community not being set on outbound BGP updates

Ondrej Zajicek santiago at crfreenet.org
Sat Apr 7 13:14:32 CEST 2012 

On Thu, Apr 05, 2012 at 03:21:52PM +0200, Lex van Roon wrote:
> Hi All,
> 
> I'm building a s/RTBH setup based on bird 1.3.7. I'm using a single
> route injector which has iBGP peerings with my route-reflector cluster.
> The setup looks like this (with the injector running on
> OpenBSD-4.9/Alpha and router* running on Debian Squeeze amd64 if that
> matters):
> 
>       [injector]
>       /       \
>      /         \
>     /           \
> [router 1]   [router 2]
> 
> On the injector, I configure static routes, which I export over BGP. I
> want to tag these prefixes with a BGP community, so I can nullroute the
> IP's on my route-reflectors and all routers that are connected to this
> cluster.

...

> My questions:
> 
> 1) First, are these configuration snippets and command output enough to
> assist in these questions?
> 2) Is it possible to set a BGP community on a static route which is
> being exported over BGP? The example in the docs(*) says I should be
> able to do this.
> 3) Am i doing something wrong in this setup that is causing the BGP
> community not being set?
> 4) Is there a more intelligent way to get this to work? Imho, using a
> BGP community is the most cleanest and generic way to implement this,
> but I want this to be set on the injector, and not on my RR cluster.

Yes, this is a proper way to do this, setting bgp_community in this way
should work and in my test setup that config and that commands work as
expected.

There are some steps you could try to find the problem:

1) check the log to see if there is no filter error report.

2) restart the injector to see if the config is really used.

3) remove import filter on router_* (use import all) to see whether
the problem is only in 'birdc show route export router_1 all' command
or also in the real export (it is independently computed).

4) you could try to move setting bgp_community to the import filter of
static protocol 'blacklist', in that case community should be seen even
with 'birdc show route 1.2.3.4/32 all'. But the position in export
filter of bgp should work too.

5) send me full config, i will check if there isn't some other problem
that might be related.

6) you could try another architecture for injector, perhaps there is
some obscure problem in BIRD on Alphas.


BTW, resetting BGP community with 'bgp_community = -empty-;' is not
necessary, it is implicitly handled as empty, but should not harm
anyway.


-- 
Elen sila lumenn' omentielvo

Ondrej 'SanTiago' Zajicek (email: santiago at crfreenet.org)
OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net)
"To err is human -- to blame it on a computer is even more so."
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: Digital signature
URL: <http://trubka.network.cz/pipermail/bird-users/attachments/20120407/bb8ce805/attachment-0001.asc>

More information about the Bird-users mailing list