BIRD 2.0.0: RFC8097 extended communities and rpki-light

Pier Carlo Chiodi pierky at pierky.com
Tue Dec 12 18:47:44 CET 2017 

Hello,

while I was running some tests on BIRD 2.0.0 I've noticed that the
handling of RFC8097 extended communities is different from 1.6.3.

Scenario:
- AS10 announces a route to the route server;
- the route server adds the (0x4300, 0, 1) ext community (RFC8097);
- AS20 receives the route;
- clients are always both on 1.6.3.

This is the filter I'm using:

filter from_client {
	bgp_ext_community.add((unknown 0x4300, 0, 1));
	accept;
}

The results I get follow:

- when 1.6.3 is used on the route server, BIRD treats the community
  strictly according to RFC4360:

   If a route has a non-transitivity extended community, then before
   advertising the route across the Autonomous System boundary the
   community SHOULD be removed from the route.

- when 2.0.0 is used, the community is treated accordingly to
  draft-ietf-sidrops-route-server-rpki-light-02 and is propagated to the
  client.

Since I didn't find any reference to RFC8097/rpki-light on the web site,
I was wondering if I missed something or if this is the expected
behaviour.

Configs and 'show route' output attached.

Bests,

--
Pier Carlo Chiodi
https://pierky.com
-------------- next part --------------
router id 192.0.2.10;

log "/var/log/bird.log" all;
log syslog all;
debug protocols all;

protocol device { }

protocol static own_prefixes {
	route 1.0.1.0/24 reject;
}
protocol bgp the_rs {
	local as 10;
	neighbor 192.0.2.2 as 999;
	import all;
	export all;
	connect delay time 1;
	connect retry time 1;
}
-------------- next part --------------
router id 192.0.2.20;

log "/var/log/bird.log" all;
log syslog all;
debug protocols all;

protocol device { }

protocol bgp the_rs {
	local as 20;
	neighbor 192.0.2.2 as 999;
	import all;
	export all;
	connect delay time 1;
	connect retry time 1;
}
-------------- next part --------------
With BIRD 2.0.0 on the route server:

rs$ birdcl show route all
BIRD 2.0.0 ready.
Table master4:
1.0.1.0/24           unicast [AS10 17:33:32.159] * (100) [AS10i]
        via 192.0.2.10 on eth0
        Type: BGP univ
        BGP.origin: IGP
        BGP.as_path: 10
        BGP.next_hop: 192.0.2.10
        BGP.local_pref: 100
        BGP.ext_community: (generic, 0x43000000, 0x1)
rs$ birdcl show route all export AS20
BIRD 2.0.0 ready.
Table master4:
1.0.1.0/24           unicast [AS10 17:33:32.159] * (100) [AS10i]
        via 192.0.2.10 on eth0
        Type: BGP univ
        BGP.origin: IGP
        BGP.as_path: 10
        BGP.next_hop: 192.0.2.10
        BGP.local_pref: 100
        BGP.ext_community: (generic, 0x43000000, 0x1)

from the receiving client:

receiver$ birdcl show route all
BIRD 1.6.3 ready.
1.0.1.0/24         via 192.0.2.10 on eth0 [the_rs 17:33:32 from 192.0.2.2] * (100) [AS10i]
        Type: BGP unicast univ
        BGP.origin: IGP
        BGP.as_path: 10
        BGP.next_hop: 192.0.2.10
        BGP.local_pref: 100
        BGP.ext_community: (generic, 0x43000000, 0x1)




With BIRD 1.6.3 on the route server:

rs$ birdcl show route all
BIRD 1.6.3 ready.
1.0.1.0/24         via 192.0.2.10 on eth0 [AS10 17:36:56] * (100) [AS10i]
        Type: BGP unicast univ
        BGP.origin: IGP
        BGP.as_path: 10
        BGP.next_hop: 192.0.2.10
        BGP.local_pref: 100
        BGP.ext_community: (generic, 0x43000000, 0x1)
rs$ birdcl show route all export AS20
BIRD 1.6.3 ready.
1.0.1.0/24         via 192.0.2.10 on eth0 [AS10 17:36:56] * (100) [AS10i]
        Type: BGP unicast univ
        BGP.origin: IGP
        BGP.as_path: 10
        BGP.next_hop: 192.0.2.10
        BGP.local_pref: 100
        BGP.ext_community: (generic, 0x43000000, 0x1)

from the receiving client:

receiver$ birdcl show route all
BIRD 1.6.3 ready.
1.0.1.0/24         via 192.0.2.10 on eth0 [the_rs 17:36:56 from 192.0.2.2] * (100) [AS10i]
        Type: BGP unicast univ
        BGP.origin: IGP
        BGP.as_path: 10
        BGP.next_hop: 192.0.2.10
        BGP.local_pref: 100
-------------- next part --------------
router id 192.0.2.2;
define rs_as = 999;

log "/var/log/bird.log" all;
log syslog all;
debug protocols { states, routes, filters, interfaces, events };

protocol device {};

table master sorted;

filter from_client {
	bgp_ext_community.add((unknown 0x4300, 0, 1));
	accept;
}

protocol bgp AS10 {
	description "AS10";

	local as 999;
	neighbor 192.0.2.10 as 10;
	rs client;

	passive on;
	ttl security off;
	interpret communities off;

	secondary;
	import keep filtered on;
	import filter from_client;
	export all;
}

protocol bgp AS20 {
	description "AS20";

	local as 999;
	neighbor 192.0.2.20 as 20;
	rs client;

	passive on;
	ttl security off;
	interpret communities off;

	secondary;
	import keep filtered on;
	import filter from_client;
	export all;
}
-------------- next part --------------
router id 192.0.2.2;
define rs_as = 999;

log "/var/log/bird.log" all;
log syslog all;
debug protocols { states, routes, filters, interfaces, events };

protocol device {};

ipv4 table master4 sorted;
ipv6 table master6 sorted;

filter from_client {
	bgp_ext_community.add((unknown 0x4300, 0, 1));
	accept;
}

protocol bgp AS10 {
	description "AS10";

	local as 999;
	neighbor 192.0.2.10 as 10;
	rs client;

	passive on;
	ttl security off;
	interpret communities off;

	ipv4 {
		secondary;
		import keep filtered on;
		import filter from_client;
		export all;
	};
}

protocol bgp AS20 {
	description "AS20";

	local as 999;
	neighbor 192.0.2.20 as 20;
	rs client;

	passive on;
	ttl security off;
	interpret communities off;

	ipv4 {
		secondary;
		import keep filtered on;
		import filter from_client;
		export all;
	};
}

More information about the Bird-users mailing list