"gw" attribute assignment in filter invalidates routes learned via BGP, static, and possibly others?

Sergey Popovich popovich_sergei at mail.ru
Wed Aug 14 09:15:21 CEST 2013


В письме от 13 августа 2013 21:06:44 пользователь Ondrej Zajicek написал:

> > > The attached patch should do that (essentially just lookup iface,
> > > fix it and force the route to RTD_ROUTER in case of setting 'gw').
> > > Is this OK for you?
> > 
> > Yes, thaks. Patch works as expected.
> 
> Well, you should also use this patch, otherwise your BGP sessions
> will be restarted if you shutdown the dummy iface. This bug could
> also be triggered by other means but i noticed it in connection with
> the gw-setting patch.
> 

Wow, really, Im not reaching that, as use IPv6 connection to trouble shoot
IPv6 and not down/up lo255 interface.

Huge thanks.

> > > Thanks for the thorough explanation. I am surprised that route to a
> > > Linux
> > > dummy interface works like that, i always thought that dummy interface
> > > would behave more like an ethernet with nothing connected on it than
> > > like a loopback (therefore you would get ICMP Destination unreachable
> > > instead of TTL exceeded), but i didn't tested that.
> > 
> > Sorry I dont have in mind to confuse you, really dummy interface is more
> > like ethernet interface with nothing attached to it, nothing is looped
> > back
> > from it (nothing received actually). Anything sent to dummy interface
> > simply discarded as with blackhole route, but no neighbor resolution
> > (ARP, NDP) done on it, and general routing rules applied to it, like any
> > other network interface, that makes it different from blackhole route.
> > 
> > But network stack generates ICMP TTL Exceeded when it receives datagram
> > destined on subnet configured on dummy interface, but cant forward to
> > dummy
> > interface because TTL is 1, and thus generaing ICMP TTL Exceeded.
> 
> OK, now i understand. The TTL ICMP message is related just to traceroute
> packets, not to the normal traffic (which has large enough TTL).
> 
Yes.

> So in essence route to dummy iface first checks TTL and then blackholes
> traffic, while RTD_BLACKHOLE just blackholes traffic.

Yes, really. Moreover kernel routing machine checks ttl and  if it is greather 
than 1 after decrement it really transmits packet to dummy interface as in any 
other, and later dummy interface blackholes them (this could be seen with 
tcpdump(8) on dummy interface).

Thanks in advices.

-- 
SP5474-RIPE
Sergey Popovich




More information about the Bird-users mailing list