Review my BGP configuration

Andre Nathan andre at digirati.com.br
Fri Mar 15 16:37:17 CET 2013 

Hello Hans

Sorry for the delay to reply you message. I figured it was best to just
reinstall the second router with Bird and get Quagga out of the
scenario, and now all is working fine, and the routes to my two /24
prefixes are not being added to the t_bgp table.

There's just one weird thing I'm seeing in the logs:

configuration error: tried to export prefix w.z.y.x/32
configuration error: tried to export prefix 77.74.252.0/22
...

The first line is the address of my eBGP peer, and there are a handful
of lines like the second one for prefixes that don't show up anywhere
in my configuration.

The log message comes from a sanity-check export filter that I created
which only allows me to export my own prefixes.

I tried to simplify your drawing from your last message, removing all
the arrows where there's no route flow in the pipes:

                                   filter
                                   proto =
           +--------+    +-------+ "wzyx" +--------+
kernel <-> | master | <- | t_bgp | <----- | t_wzyx | <- export_to_wzyx
           +--------+    +-------+        +--------+
                            ^ |               ^ |
                            | |        filter | | filter
                            | |       wzyx_in | | wzyx_out
                            | v               | v
                           iBGP            wzyx eBGP
                          session           session

From that I can't see how the static route to w.z.y.x/32 would ever
reach filter wzyx_out, which is where the log message comes from... and
neither do I understand how the other routes reach that filter (and why
only a handful of routes...?)

bird> show route for w.z.y.x/32 all
w.z.y.x/32  via w.z.y.1 on eth1 [wzyx_bgp_neighbor Mar14] * (200)
        Type: static unicast univ

bird> show route for 77.74.252.0/22 all
77.74.248.0/21     via w.z.y.1 on eth1 [wzyx 04:56 from w.z.y.x] * (100) [AS42860i]
  Type: BGP unicast univ
  BGP.origin: IGP
  BGP.as_path: 4321 7162 3549 31042 42860
  BGP.next_hop: w.z.y.x
  BGP.local_pref: 200
                   via x.y.z.k on eth1 [iBGP 04:57] (100) [AS42860i]
  Type: BGP unicast univ
  BGP.origin: IGP
  BGP.as_path: 4321 7162 3549 31042 42860
  BGP.next_hop: x.y.z.k
  BGP.local_pref: 200

I'm pasting the new configuration below just in case.

log syslog { info, warning, error, auth, fatal, bug };

router id x.y.z.w;

# The order in which the files are loaded is important.

# This table contains routes learnt via BGP.
table t_bgp;

# Send routes learnt via BGP to the kernel through the master table.
protocol pipe bgp_into_master {
  table master;
  peer table t_bgp;
  import all;  # from table t_bgp into table master
  export none; # from table master into table t_bgp
}

include "/etc/bird-med.conf";

#
# wzyx BGP session
#

# Static route to wzyx's router.
protocol static wzyx_bgp_neighbor {
  route w.z.y.x/32 via w.z.y.1;
}

# This table contains routes exported to and imported from wzyx.
table t_wzyx;

# Prefixes we want to export to wzyx.
protocol static export_to_wzyx {
  table t_wzyx;
  route a.b.0.0/24 reject;
  route a.b.1.0/24 reject;
  route a.b.0.0/23 reject;
  import all;  # send routes to table t_wzyx.
}

# Import filters.
filter wzyx_in
prefix set my_prefixes;
{
  my_prefixes = [
    a.b.0.0/23+,
  ];
  if net ~ my_prefixes then
    accept;
  reject "prefix cannot be imported";
}

# Export filters.
filter wzyx_out
prefix set my_prefixes;
{
  my_prefixes = [
    a.b.0.0/24,
    a.b.1.0/24,
    a.b.0.0/23
  ];
  if net ~ my_prefixes then {
    bgp_med = BGP_MED; # defined in bird-med.conf
    accept;
  }
  printn "configuration error: tried to export prefix ";
  print net;
  reject;
}

# The BGP session.
protocol bgp wzyx {
  description "wzyx";
  table t_wzyx;
  igp table master;
  local as 1234;
  source address x.y.z.w;
  neighbor w.z.y.x as 4321;
  multihop 2;
  default bgp_local_pref 200;
  import filter wzyx_in;
  export filter wzyx_out;
}

# Send all routes learnt in the BGP session above to the central bgp table.
protocol pipe wzyx_into_bgp {
  table t_bgp;
  peer table t_wzyx;
  import where proto = "wzyx";
  export none;
}

#
# iBGP session
#

protocol bgp iBGP {
  description "iBGP";
  table t_bgp;
  igp table master;
  local as 1234;
  source address x.y.z.w;
  neighbor x.y.z.k as 1234;
  next hop self;
  gateway direct;
  default bgp_local_pref 100;
  import all;
  export all;
}

protocol kernel {
  export all;
  scan time 20;
}

protocol device {
  scan time 10;
}

Thanks again,
Andre
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: Digital signature
URL: <http://trubka.network.cz/pipermail/bird-users/attachments/20130315/4a8dc083/attachment-0001.asc>

More information about the Bird-users mailing list