BGP lost routes problem
Mike C
smith.not.western at gmail.com
Thu Jan 22 20:13:31 CET 2015
Reduced the setup slightly, all routers are in single AS 65001. Just one
common route between 10.72.1.1 and 10.72.1.2, which is 10.0.0.0/8. Removed
the third router, so just .1 and .2.
Two routers, same AS, both exporting the same network, which results in
both withdrawing the same network. How can I stop this? I want bird to
install the BGP route for 10.0.0.0/8 if ever the local route is gone (i.e
in my case, it's a vpn that installs a static route for 10.0.0.0/8). How
can I do this? Is it even supported?
Using tcpdump, I can see sometimes one and sometimes both .1 and .2
withdraw the route from each other. Sometimes its not withdrawn at all -
normally the first time everyone sees each others routes. If I restart .1
or .2 bird instance, then I will see one or both of them withdraw the route.
For example, this tcpdump shows both .1 and .2 withdraw the route from each
other:
# 10.72.1.1's logs (tcpdump + syslog)
19:02:18.408782 IP (tos 0xc0, ttl 64, id 56703, offset 0, flags [DF], proto
TCP (6), length 86)
10.72.1.2.37302 > 10.72.1.1.179: Flags [P.], cksum 0xe441 (correct),
seq 69:115, ack 69, win 5840, length 46: BGP, length: 46
Update Message (2), length: 46
Origin (1), length: 1, Flags [T]: IGP
0x0000: 00
AS Path (2), length: 0, Flags [T]: empty
Next Hop (3), length: 4, Flags [T]: 10.72.1.2
0x0000: 0a48 0102
Local Preference (5), length: 4, Flags [T]: 980
0x0000: 0000 03d4
Updated routes:
10.0.0.0/8 <---------- .2 advertises 10.0.0.0/8 to .1
19:02:18.408972 IP (tos 0xc0, ttl 64, id 56928, offset 0, flags [DF], proto
TCP (6), length 157)
10.72.1.1.179 > 10.72.1.2.37302: Flags [P.], cksum 0xba2f (correct),
seq 69:186, ack 115, win 5840, length 117: BGP, length: 117
Update Message (2), length: 46
Origin (1), length: 1, Flags [T]: IGP
0x0000: 00
AS Path (2), length: 0, Flags [T]: empty
Next Hop (3), length: 4, Flags [T]: 10.72.1.1
0x0000: 0a48 0101
Local Preference (5), length: 4, Flags [T]: 990
0x0000: 0000 03de
Updated routes:
10.0.0.0/8 <---------- .1 advertises 10.0.0.0/8 to .2
Update Message (2), length: 48
Origin (1), length: 1, Flags [T]: IGP
0x0000: 00
AS Path (2), length: 0, Flags [T]: empty
Next Hop (3), length: 4, Flags [T]: 10.72.1.1
0x0000: 0a48 0101
Local Preference (5), length: 4, Flags [T]: 100
0x0000: 0000 0064
Updated routes:
10.99.10.0/24
Update Message (2), length: 23
End-of-Rib Marker (empty NLRI)
19:02:18.409201 IP (tos 0xc0, ttl 64, id 56704, offset 0, flags [DF], proto
TCP (6), length 88)
10.72.1.2.37302 > 10.72.1.1.179: Flags [P.], cksum 0x7b7c (correct),
seq 115:163, ack 186, win 5840, length 48: BGP, length: 48
Update Message (2), length: 48
Origin (1), length: 1, Flags [T]: IGP
0x0000: 00
AS Path (2), length: 0, Flags [T]: empty
Next Hop (3), length: 4, Flags [T]: 10.72.1.2
0x0000: 0a48 0102
Local Preference (5), length: 4, Flags [T]: 1000
0x0000: 0000 03e8
Updated routes:
10.88.10.0/24
19:02:18.420970 IP (tos 0xc0, ttl 64, id 56929, offset 0, flags [DF], proto
TCP (6), length 65)
10.72.1.1.179 > 10.72.1.2.37302: Flags [P.], cksum 0x8f42 (correct),
seq 186:211, ack 163, win 5840, length 25: BGP, length: 25
Update Message (2), length: 25
Withdrawn routes:
10.0.0.0/8 <---------- .1 withdraws 10.0.0.0/8
19:02:18.421204 IP (tos 0xc0, ttl 64, id 56705, offset 0, flags [DF], proto
TCP (6), length 88)
10.72.1.2.37302 > 10.72.1.1.179: Flags [P.], cksum 0x7a0e (correct),
seq 163:211, ack 211, win 5840, length 48: BGP, length: 48
Update Message (2), length: 23
End-of-Rib Marker (empty NLRI)
Update Message (2), length: 25
Withdrawn routes:
10.0.0.0/8 <---------- .2 also withdraws 10.0.0.0/8
19:02:18.460407 IP (tos 0xc0, ttl 64, id 56930, offset 0, flags [DF], proto
TCP (6), length 40)
10.72.1.1.179 > 10.72.1.2.37302: Flags [.], cksum 0x9d3b (correct), seq
211, ack 211, win 5840, length 0
Syslogs:
Jan 22 19:02:18 lanrouter daemon.debug bird: AS65001_2: Incoming connection
from 10.72.1.2 (port 37302) accepted
Jan 22 19:02:18 lanrouter daemon.debug bird: AS65001_2: Sending
OPEN(ver=4,as=65001,hold=240,id=0a1810e1)
Jan 22 19:02:18 lanrouter daemon.debug bird: AS65001_2: Got
OPEN(as=65001,hold=240,id=0a480102)
Jan 22 19:02:18 lanrouter daemon.debug bird: AS65001_2: Got KEEPALIVE
Jan 22 19:02:18 lanrouter daemon.debug bird: AS65001_2: BGP session
established
Jan 22 19:02:18 lanrouter daemon.debug bird: AS65001_2: Connected to table
master
Jan 22 19:02:18 lanrouter daemon.debug bird: AS65001_2: State changed to
feed
Jan 22 19:02:18 lanrouter daemon.debug bird: AS65001_2: Sending KEEPALIVE
Jan 22 19:02:18 lanrouter daemon.debug bird: AS65001_2 < filtered out
0.0.0.0/0 via 2.127.238.77 on ppp0
Jan 22 19:02:18 lanrouter daemon.debug bird: AS65001_2 < added 10.0.0.0/8
dev vpn-3b42d3c8
Jan 22 19:02:18 lanrouter daemon.debug bird: AS65001_2 < filtered out
10.72.0.0/16 dev eth0
Jan 22 19:02:18 lanrouter daemon.debug bird: AS65001_2 < filtered out
10.168.254.0/24 dev vlan254
Jan 22 19:02:18 lanrouter daemon.debug bird: AS65001_2 < filtered out
192.168.0.0/16 dev vpn-3b42d3c8
Jan 22 19:02:18 lanrouter daemon.debug bird: AS65001_2: Got UPDATE
Jan 22 19:02:18 lanrouter daemon.debug bird: AS65001_2 > added [best]
10.0.0.0/8 via 10.72.1.2 on eth0
Jan 22 19:02:18 lanrouter daemon.debug bird: AS65001_2 < rejected by
protocol 10.0.0.0/8 via 10.72.1.2 on eth0
Jan 22 19:02:18 lanrouter daemon.debug bird: AS65001_2 < removed 10.0.0.0/8
dev vpn-3b42d3c8
Jan 22 19:02:18 lanrouter daemon.debug bird: AS65001_2 < rejected by
protocol 10.88.10.0/24 via 10.72.1.2 on eth0
Jan 22 19:02:18 lanrouter daemon.debug bird: AS65001_2: Sending UPDATE
Jan 22 19:02:18 lanrouter daemon.debug bird: AS65001_2: Got UPDATE
Jan 22 19:02:18 lanrouter daemon.debug bird: AS65001_2: Got End-of-RIB
Jan 22 19:02:18 lanrouter daemon.debug bird: AS65001_2: Got UPDATE
Jan 22 19:02:18 lanrouter daemon.debug bird: AS65001_2 > removed [replaced]
10.0.0.0/8 via 10.72.1.2 on eth0
# ip route list proto bird
10.88.10.0/24 via 10.72.1.2 dev eth0
# ip route list | grep 10.0.0.0
10.0.0.0/8 dev vpn-3b42d3c8 proto vpn scope link src 10.72.1.1 metric
10
# 10.72.1.2's logs (tcpdump + syslog)
tcpdump - see both advertise 10.0.0.0/8 and then both withdraw 10.0.0.0/8.
19:02:17.982785 IP (tos 0xc0, ttl 64, id 56703, offset 0, flags [DF], proto
TCP (6), length 86)
10.72.1.2.37302 > 10.72.1.1.179: Flags [P.], cksum 0xe441 (correct),
seq 69:115, ack 69, win 5840, length 46: BGP, length: 46
Update Message (2), length: 46
Origin (1), length: 1, Flags [T]: IGP
0x0000: 00
AS Path (2), length: 0, Flags [T]: empty
Next Hop (3), length: 4, Flags [T]: 10.72.1.2
0x0000: 0a48 0102
Local Preference (5), length: 4, Flags [T]: 980
0x0000: 0000 03d4
Updated routes:
10.0.0.0/8 <---------- .2 advertises 10.0.0.0/8 to .1
19:02:17.983121 IP (tos 0xc0, ttl 64, id 56928, offset 0, flags [DF], proto
TCP (6), length 157)
10.72.1.1.179 > 10.72.1.2.37302: Flags [P.], cksum 0xba2f (correct),
seq 69:186, ack 115, win 5840, length 117: BGP, length: 117
Update Message (2), length: 46
Origin (1), length: 1, Flags [T]: IGP
0x0000: 00
AS Path (2), length: 0, Flags [T]: empty
Next Hop (3), length: 4, Flags [T]: 10.72.1.1
0x0000: 0a48 0101
Local Preference (5), length: 4, Flags [T]: 990
0x0000: 0000 03de
Updated routes:
10.0.0.0/8 <---------- .1 advertises 10.0.0.0/8 to .2
Update Message (2), length: 48
Origin (1), length: 1, Flags [T]: IGP
0x0000: 00
AS Path (2), length: 0, Flags [T]: empty
Next Hop (3), length: 4, Flags [T]: 10.72.1.1
0x0000: 0a48 0101
Local Preference (5), length: 4, Flags [T]: 100
0x0000: 0000 0064
Updated routes:
10.99.10.0/24
Update Message (2), length: 23
End-of-Rib Marker (empty NLRI)
19:02:17.983224 IP (tos 0xc0, ttl 64, id 56704, offset 0, flags [DF], proto
TCP (6), length 88)
10.72.1.2.37302 > 10.72.1.1.179: Flags [P.], cksum 0x7b7c (correct),
seq 115:163, ack 186, win 5840, length 48: BGP, length: 48
Update Message (2), length: 48
Origin (1), length: 1, Flags [T]: IGP
0x0000: 00
AS Path (2), length: 0, Flags [T]: empty
Next Hop (3), length: 4, Flags [T]: 10.72.1.2
0x0000: 0a48 0102
Local Preference (5), length: 4, Flags [T]: 1000
0x0000: 0000 03e8
Updated routes:
10.88.10.0/24
19:02:17.995110 IP (tos 0xc0, ttl 64, id 56929, offset 0, flags [DF], proto
TCP (6), length 65)
10.72.1.1.179 > 10.72.1.2.37302: Flags [P.], cksum 0x8f42 (correct),
seq 186:211, ack 163, win 5840, length 25: BGP, length: 25
Update Message (2), length: 25
Withdrawn routes:
10.0.0.0/8 <---------- .1 withdraws 10.0.0.0/8
19:02:17.995220 IP (tos 0xc0, ttl 64, id 56705, offset 0, flags [DF], proto
TCP (6), length 88)
10.72.1.2.37302 > 10.72.1.1.179: Flags [P.], cksum 0x7a0e (correct),
seq 163:211, ack 211, win 5840, length 48: BGP, length: 48
Update Message (2), length: 23
End-of-Rib Marker (empty NLRI)
Update Message (2), length: 25
Withdrawn routes:
10.0.0.0/8 <---------- .2 withdraws 10.0.0.0/8
19:02:18.034539 IP (tos 0xc0, ttl 64, id 56930, offset 0, flags [DF], proto
TCP (6), length 40)
10.72.1.1.179 > 10.72.1.2.37302: Flags [.], cksum 0x9d3b (correct), seq
211, ack 211, win 5840, length 0
Syslogs:
Jan 22 19:02:17 lanrouter daemon.debug bird: AS65001_2: Connecting to
10.72.1.1 from local address 0.0.0.0
Jan 22 19:02:17 lanrouter daemon.debug bird: AS65001_2: Connected
Jan 22 19:02:17 lanrouter daemon.debug bird: AS65001_2: Sending
OPEN(ver=4,as=65001,hold=240,id=0a480102)
Jan 22 19:02:17 lanrouter daemon.debug bird: AS65001_2: Got
OPEN(as=65001,hold=240,id=0a1810e1)
Jan 22 19:02:17 lanrouter daemon.debug bird: AS65001_2: Sending KEEPALIVE
Jan 22 19:02:17 lanrouter daemon.debug bird: AS65001_2: Got KEEPALIVE
Jan 22 19:02:17 lanrouter daemon.debug bird: AS65001_2: BGP session
established
Jan 22 19:02:17 lanrouter daemon.debug bird: AS65001_2: Connected to table
master
Jan 22 19:02:17 lanrouter daemon.debug bird: AS65001_2: State changed to
feed
Jan 22 19:02:17 lanrouter daemon.debug bird: AS65001_2 < filtered out
0.0.0.0/0 via 10.64.64.65 on ppp1
Jan 22 19:02:17 lanrouter daemon.debug bird: AS65001_2 < added 10.0.0.0/8
dev vpn-3b42d3c8
Jan 22 19:02:17 lanrouter daemon.debug bird: AS65001_2 < filtered out
10.73.10.0/24 dev eth0
Jan 22 19:02:17 lanrouter daemon.debug bird: AS65001_2 < filtered out
10.72.0.0/16 dev eth1
Jan 22 19:02:17 lanrouter daemon.debug bird: AS65001_2 < added 10.88.10.0/24
via 10.73.10.123 on eth0
Jan 22 19:02:17 lanrouter daemon.debug bird: AS65001_2 < filtered out
192.168.0.0/16 dev vpn-3b42d3c8
Jan 22 19:02:17 lanrouter daemon.debug bird: AS65001_2: Got UPDATE
Jan 22 19:02:17 lanrouter daemon.debug bird: AS65001_2 > removed [replaced]
10.0.0.0/8 via 10.72.1.1 on eth1
Jan 22 19:02:17 lanrouter daemon.debug bird: AS65001_2 < filtered out
10.0.0.0/8 dev vpn-3b42d3c8
# ip route list proto bird
10.99.10.0/24 via 10.72.1.1 dev eth1
# ip route list | grep 10.0.0.0
10.0.0.0/8 dev vpn-3b42d3c8 proto vpn scope link src 10.72.1.2 metric
20
Regards,
Mike
On Fri, Jan 16, 2015 at 1:44 PM, Mike C <smith.not.western at gmail.com> wrote:
> Hi,
>
> I'm using bird 1.4.5 with BGP and have a problem where routes seem to be
> lost under my setup.
>
> I find that if two BGP peers with the same routes are importing each
> others routes, a third BGP peer someone ends up picking neither of their
> routes after killing and restarting bird on one peer only.
>
> The problem goes away if I configure these two peers to not import each
> others routes - however that is not ideal as while both peers share some
> common routes, they also have some unique routes which should be shared.
>
> Apologies for the long email. The setup is:
>
> 10.72.1.1 - (AS 65001) - Primary Internet feed
> 10.72.1.2 - (AS 65002) - Secondary Internet feed
> 10.72.1.254 (AS 65003) - LAN Router (LAN is NAT'd, 192.168.18.0/24)
>
> I have various VPNs connecting into both .1 and .2, so they have some
> resilience to outages. The remote ends take care of route weighting so .1
> is prioritised over .2 using static routes (no BGP or other routing
> protocol etc). I want .254 to always have the best route to these VPNs.
>
> * Each router has a BGP link to the others.
> * .254 (65003) imports all routes exported by .1 (65001) and .2 (65002).
> * .254 (65003) exports a single LAN route, 192.186.18.0/24 to .1 and .2
> * .1 (65001) imports all routes exported by .2 and .254
> * .1 (65001) exports all routes from the ipsec0 device or 'vpn' rt_protos
> * .2 (65002) imports all routes exported by .1 and .254
> * .2 (65002) exports all routes from the ipsec0 device or 'vpn' rt_protos
>
> The routes exported by .1 & .2 have their bgp localpref offset based on
> the linux metric of the static route being imported, so BGP knows .2's
> routes are less important than .1's.
>
> The 'vpn' rt_protos routes on .1 look like:
>
> 10.10.10.0/29 dev vpn-3b42d3c8 proto vpn scope link src 10.72.1.1
> metric 15
> 192.168.3.0/24 dev vpn-3b42d3c8 proto vpn scope link src 10.72.1.1
> metric 10
> 192.168.2.0/24 dev vpn-3b42d3c8 proto vpn scope link src 10.72.1.1
> metric 10
> 192.168.254.0/24 dev vpn-3b42d3c8 proto vpn scope link src 10.72.1.1
> metric 10
> 192.168.0.0/16 dev vpn-3b42d3c8 proto vpn scope link src 10.72.1.1
> metric 10
> 172.16.0.0/12 dev vpn-3b42d3c8 proto vpn scope link src 10.72.1.1
> metric 10
> 10.0.0.0/8 dev vpn-3b42d3c8 proto vpn scope link src 10.72.1.1 metric
> 10
>
> The 'vpn' rt_protos routes on .2 look like:
>
> 192.168.3.0/24 dev vpn-3b42d3c8 proto vpn scope link src 10.72.1.2
> metric 20
> 192.168.2.0/24 dev vpn-3b42d3c8 proto vpn scope link src 10.72.1.2
> metric 20
> 192.168.254.0/24 dev vpn-3b42d3c8 proto vpn scope link src 10.72.1.2
> metric 20
> 192.168.0.0/16 dev vpn-3b42d3c8 proto vpn scope link src 10.72.1.2
> metric 20
> 172.16.0.0/12 dev vpn-3b42d3c8 proto vpn scope link src 10.72.1.2
> metric 20
> 10.0.0.0/8 dev vpn-3b42d3c8 proto vpn scope link src 10.72.1.2 metric
> 20
>
> When I kill & restart .2, .254 loses routing info to not just .2 but also
> .1. I need .1 and .2 to be exchanging routes with each other, as there will
> be some VPNs that will only terminate on .1 and some that will only
> terminate on .2 and I want to be able to route traffic between them. E.g. A
> remote endpoint on .2 should be able to access a non-common/unique remote
> endpoint on .1. In this example, it's 10.10.10.0/29.
>
> Below are my tests demonstrating
> 1. The problem when both peers are importing from each other
> 2. No problem when both peers aren't importing from each other
>
> All logs are taken from .254 (AS 65003). The immediate cause of the
> problem is the "rejected by protocol" messages here, although I do not know
> why the protocol feels like it must reject routes.
>
> Jan 16 13:02:44 lanrouter daemon.debug bird: AS65003_1 > removed
> [replaced] 10.0.0.0/8 via 10.72.1.1 on eth0
> Jan 16 13:02:44 lanrouter daemon.debug bird: AS65003_1 < filtered out
> 10.0.0.0/8 via 10.72.1.2 on eth0
> Jan 16 13:02:44 lanrouter daemon.debug bird: AS65003_2 < rejected by
> protocol 10.0.0.0/8 via 10.72.1.2 on eth0
> Jan 16 13:02:44 lanrouter daemon.debug bird: AS65003_1 > removed
> [replaced] 192.168.0.0/16 via 10.72.1.1 on eth0
> Jan 16 13:02:44 lanrouter daemon.debug bird: AS65003_1 < filtered out
> 192.168.0.0/16 via 10.72.1.2 on eth0
> Jan 16 13:02:44 lanrouter daemon.debug bird: AS65003_2 < rejected by
> protocol 192.168.0.0/16 via 10.72.1.2 on eth0
> Jan 16 13:02:44 lanrouter daemon.debug bird: AS65003_1 > removed
> [replaced] 192.168.2.0/24 via 10.72.1.1 on eth0
> Jan 16 13:02:44 lanrouter daemon.debug bird: AS65003_1 < filtered out
> 192.168.2.0/24 via 10.72.1.2 on eth0
> Jan 16 13:02:44 lanrouter daemon.debug bird: AS65003_2 < rejected by
> protocol 192.168.2.0/24 via 10.72.1.2 on eth0
> Jan 16 13:02:44 lanrouter daemon.debug bird: AS65003_1 > removed
> [replaced] 192.168.3.0/24 via 10.72.1.1 on eth0
>
> Full tests:
>
> #### #### #### Where .1 and .2 import each others routes ### ### ###
>
> ### Start bird
>
> Jan 16 13:01:08 lanrouter daemon.debug bird: AS65003_1: Initializing
> Jan 16 13:01:08 lanrouter daemon.debug bird: AS65003_2: Initializing
> Jan 16 13:01:08 lanrouter daemon.info bird: Chosen router ID 10.72.1.254
> according to interface eth0
> Jan 16 13:01:08 lanrouter daemon.debug bird: AS65003_1: Starting
> Jan 16 13:01:08 lanrouter daemon.debug bird: AS65003_1: State changed to
> start
> Jan 16 13:01:08 lanrouter daemon.debug bird: AS65003_2: Starting
> Jan 16 13:01:08 lanrouter daemon.debug bird: AS65003_2: State changed to
> start
> Jan 16 13:01:08 lanrouter daemon.info bird: Started
> Jan 16 13:01:08 lanrouter daemon.debug bird: AS65003_2: Started
> Jan 16 13:01:08 lanrouter daemon.debug bird: AS65003_2: Connect delayed by
> 5 seconds
> Jan 16 13:01:08 lanrouter daemon.debug bird: AS65003_1: Started
> Jan 16 13:01:08 lanrouter daemon.debug bird: AS65003_1: Connect delayed by
> 5 seconds
> Jan 16 13:01:12 lanrouter daemon.debug bird: AS65003_2: Incoming
> connection from 10.72.1.2 (port 58289) accepted
> Jan 16 13:01:12 lanrouter daemon.debug bird: AS65003_2: Sending
> OPEN(ver=4,as=65003,hold=240,id=0a4801fe)
> Jan 16 13:01:12 lanrouter daemon.debug bird: AS65003_1: Incoming
> connection from 10.72.1.1 (port 58374) accepted
> Jan 16 13:01:12 lanrouter daemon.debug bird: AS65003_2: Got
> OPEN(as=65002,hold=240,id=0a480102)
> Jan 16 13:01:12 lanrouter daemon.debug bird: AS65003_2: Got KEEPALIVE
> Jan 16 13:01:12 lanrouter daemon.debug bird: AS65003_2: BGP session
> established
> Jan 16 13:01:12 lanrouter daemon.debug bird: AS65003_2: Connected to table
> master
> Jan 16 13:01:12 lanrouter daemon.debug bird: AS65003_2: State changed to
> feed
> Jan 16 13:01:12 lanrouter daemon.debug bird: AS65003_1: Sending
> OPEN(ver=4,as=65003,hold=240,id=0a4801fe)
> Jan 16 13:01:12 lanrouter daemon.debug bird: AS65003_2: Sending KEEPALIVE
> Jan 16 13:01:12 lanrouter daemon.debug bird: AS65003_2 < filtered out
> 0.0.0.0/0 via 10.72.1.1 on eth0
> Jan 16 13:01:12 lanrouter daemon.debug bird: AS65003_2: Got End-of-RIB
> Jan 16 13:01:12 lanrouter daemon.debug bird: AS65003_1: Got
> OPEN(as=65001,hold=240,id=027e8ddb)
> Jan 16 13:01:12 lanrouter daemon.debug bird: AS65003_1: Got KEEPALIVE
> Jan 16 13:01:12 lanrouter daemon.debug bird: AS65003_1: BGP session
> established
> Jan 16 13:01:12 lanrouter daemon.debug bird: AS65003_1: Connected to table
> master
> Jan 16 13:01:12 lanrouter daemon.debug bird: AS65003_1: State changed to
> feed
> Jan 16 13:01:12 lanrouter daemon.debug bird: AS65003_1: Sending KEEPALIVE
> Jan 16 13:01:12 lanrouter daemon.debug bird: AS65003_1 < filtered out
> 0.0.0.0/0 via 10.72.1.1 on eth0
> Jan 16 13:01:12 lanrouter daemon.debug bird: AS65003_1 < filtered out
> 10.0.0.0/8 via 10.72.1.2 on eth0
> Jan 16 13:01:12 lanrouter daemon.debug bird: AS65003_1 < filtered out
> 10.72.1.0/24 dev eth0
> Jan 16 13:01:12 lanrouter daemon.debug bird: AS65003_1 < filtered out
> 192.168.0.0/16 via 10.72.1.2 on eth0
> Jan 16 13:01:12 lanrouter daemon.debug bird: AS65003_1 < filtered out
> 192.168.2.0/24 via 10.72.1.2 on eth0
> Jan 16 13:01:12 lanrouter daemon.debug bird: AS65003_1 < filtered out
> 192.168.3.0/24 via 10.72.1.2 on eth0
> Jan 16 13:01:12 lanrouter daemon.debug bird: AS65003_1 < added
> 192.168.18.0/24 dev breth1
> Jan 16 13:01:12 lanrouter daemon.debug bird: AS65003_1 < filtered out
> 192.168.19.0/24 dev eth2
> Jan 16 13:01:12 lanrouter daemon.debug bird: AS65003_2 < filtered out
> 172.16.0.0/12 via 10.72.1.1 on eth0
> Jan 16 13:01:12 lanrouter daemon.debug bird: AS65003_1 < rejected by
> protocol 172.16.0.0/12 via 10.72.1.1 on eth0
> Jan 16 13:01:12 lanrouter daemon.debug bird: AS65003_1: Got UPDATE
> Jan 16 13:01:12 lanrouter daemon.debug bird: AS65003_1: Got End-of-RIB
>
> ### .1 and .2 connected. bird knows about both. Correct linux routes
> installed:
>
> # ip route list proto bird
> 10.10.10.0/29 via 10.72.1.1 dev eth0
> 192.168.3.0/24 via 10.72.1.1 dev eth0
> 192.168.2.0/24 via 10.72.1.1 dev eth0
> 192.168.254.0/24 via 10.72.1.1 dev eth0
> 192.168.0.0/16 via 10.72.1.1 dev eth0
> 172.16.0.0/12 via 10.72.1.1 dev eth0
> 10.0.0.0/8 via 10.72.1.1 dev eth0
>
> # birdcl show route all
> BIRD 1.4.5 ready.
> 0.0.0.0/0 via 10.72.1.1 on eth0 [kernel1 13:01:09] * (10)
> Type: inherit unicast univ
> Kernel.source: 3
> Kernel.metric: 0
> Kernel.prefsrc: 10.72.1.254
> 10.0.0.0/8 via 10.72.1.1 on eth0 [AS65003_1 13:01:12] * (100)
> [AS65001i]
> Type: BGP unicast univ
> BGP.origin: IGP
> BGP.as_path: 65001
> BGP.next_hop: 10.72.1.1
> BGP.local_pref: 100
> via 10.72.1.2 on eth0 [AS65003_2 13:01:12] (100)
> [AS65002i]
> Type: BGP unicast univ
> BGP.origin: IGP
> BGP.as_path: 65002
> BGP.next_hop: 10.72.1.2
> BGP.local_pref: 100
> 10.10.10.0/29 via 10.72.1.1 on eth0 [AS65003_1 13:01:12] * (100)
> [AS65001i]
> Type: BGP unicast univ
> BGP.origin: IGP
> BGP.as_path: 65001
> BGP.next_hop: 10.72.1.1
> BGP.local_pref: 100
> 10.72.1.0/24 dev eth0 [kernel1 13:01:09] * (10)
> Type: inherit unicast univ
> Kernel.source: 3
> Kernel.metric: 0
> Kernel.prefsrc: 10.72.1.254
> 192.168.0.0/16 via 10.72.1.1 on eth0 [AS65003_1 13:01:12] * (100)
> [AS65001i]
> Type: BGP unicast univ
> BGP.origin: IGP
> BGP.as_path: 65001
> BGP.next_hop: 10.72.1.1
> BGP.local_pref: 100
> via 10.72.1.2 on eth0 [AS65003_2 13:01:12] (100)
> [AS65002i]
> Type: BGP unicast univ
> BGP.origin: IGP
> BGP.as_path: 65002
> BGP.next_hop: 10.72.1.2
> BGP.local_pref: 100
> 192.168.2.0/24 via 10.72.1.1 on eth0 [AS65003_1 13:01:12] * (100)
> [AS65001i]
> Type: BGP unicast univ
> BGP.origin: IGP
> BGP.as_path: 65001
> BGP.next_hop: 10.72.1.1
> BGP.local_pref: 100
> via 10.72.1.2 on eth0 [AS65003_2 13:01:12] (100)
> [AS65002i]
> Type: BGP unicast univ
> BGP.origin: IGP
> BGP.as_path: 65002
> BGP.next_hop: 10.72.1.2
> BGP.local_pref: 100
> 192.168.3.0/24 via 10.72.1.1 on eth0 [AS65003_1 13:01:12] * (100)
> [AS65001i]
> Type: BGP unicast univ
> BGP.origin: IGP
> BGP.as_path: 65001
> BGP.next_hop: 10.72.1.1
> BGP.local_pref: 100
> via 10.72.1.2 on eth0 [AS65003_2 13:01:12] (100)
> [AS65002i]
> Type: BGP unicast univ
> BGP.origin: IGP
> BGP.as_path: 65002
> BGP.next_hop: 10.72.1.2
> BGP.local_pref: 100
> 192.168.18.0/24 dev breth1 [kernel1 13:01:09] * (10)
> Type: inherit unicast univ
> Kernel.source: 3
> Kernel.metric: 0
> Kernel.prefsrc: 192.168.18.253
> 192.168.19.0/24 dev eth2 [kernel1 13:01:09] * (10)
> Type: inherit unicast univ
> Kernel.source: 3
> Kernel.metric: 0
> Kernel.prefsrc: 192.168.19.253
> 192.168.254.0/24 via 10.72.1.1 on eth0 [AS65003_1 13:01:12] * (100)
> [AS65001i]
> Type: BGP unicast univ
> BGP.origin: IGP
> BGP.as_path: 65001
> BGP.next_hop: 10.72.1.1
> BGP.local_pref: 100
> via 10.72.1.2 on eth0 [AS65003_2 13:01:12] (100)
> [AS65002i]
> Type: BGP unicast univ
> BGP.origin: IGP
> BGP.as_path: 65002
> BGP.next_hop: 10.72.1.2
> BGP.local_pref: 100
> 172.16.0.0/12 via 10.72.1.1 on eth0 [AS65003_1 13:01:12] * (100)
> [AS65001i]
> Type: BGP unicast univ
> BGP.origin: IGP
> BGP.as_path: 65001
> BGP.next_hop: 10.72.1.1
> BGP.local_pref: 100
> via 10.72.1.2 on eth0 [AS65003_2 13:01:12] (100)
> [AS65002i]
> Type: BGP unicast univ
> BGP.origin: IGP
> BGP.as_path: 65002
> BGP.next_hop: 10.72.1.2
> BGP.local_pref: 100
> Jan 16 13:02:15 lanrouter daemon.debug bird: AS65003_1: Sending KEEPALIVE
> Jan 16 13:02:18 lanrouter daemon.debug bird: AS65003_2: Got KEEPALIVE
> Jan 16 13:02:22 lanrouter daemon.debug bird: AS65003_1: Got KEEPALIVE
> Jan 16 13:02:27 lanrouter daemon.debug bird: AS65003_2: Sending KEEPALIVE
>
> ### I kill -9 bird on .2
>
> Jan 16 13:02:38 lanrouter daemon.err bird: AS65003_2: Received:
> Administrative shutdown
> Jan 16 13:02:38 lanrouter daemon.debug bird: AS65003_2: BGP session closed
> Jan 16 13:02:38 lanrouter daemon.debug bird: AS65003_2: State changed to
> stop
> Jan 16 13:02:38 lanrouter daemon.debug bird: AS65003_2 > removed
> 10.0.0.0/8 via 10.72.1.2 on eth0
> Jan 16 13:02:38 lanrouter daemon.debug bird: AS65003_2 > removed
> 192.168.0.0/16 via 10.72.1.2 on eth0
> Jan 16 13:02:38 lanrouter daemon.debug bird: AS65003_2 > removed
> 192.168.2.0/24 via 10.72.1.2 on eth0
> Jan 16 13:02:38 lanrouter daemon.debug bird: AS65003_2 > removed
> 192.168.3.0/24 via 10.72.1.2 on eth0
> Jan 16 13:02:38 lanrouter daemon.debug bird: AS65003_2 > removed
> 192.168.254.0/24 via 10.72.1.2 on eth0
> Jan 16 13:02:38 lanrouter daemon.debug bird: AS65003_2 > removed
> 172.16.0.0/12 via 10.72.1.2 on eth0
> Jan 16 13:02:38 lanrouter daemon.debug bird: AS65003_2: Down
> Jan 16 13:02:38 lanrouter daemon.debug bird: AS65003_2: State changed to
> down
>
> ### bird internally still knows about the routes on .1
>
> # birdcl show route all
> BIRD 1.4.5 ready.
> 0.0.0.0/0 via 10.72.1.1 on eth0 [kernel1 13:01:08] * (10)
> Type: inherit unicast univ
> Kernel.source: 3
> Kernel.metric: 0
> Kernel.prefsrc: 10.72.1.254
> 10.0.0.0/8 via 10.72.1.1 on eth0 [AS65003_1 13:01:11] * (100)
> [AS65001i]
> Type: BGP unicast univ
> BGP.origin: IGP
> BGP.as_path: 65001
> BGP.next_hop: 10.72.1.1
> BGP.local_pref: 100
> 10.10.10.0/29 via 10.72.1.1 on eth0 [AS65003_1 13:01:11] * (100)
> [AS65001i]
> Type: BGP unicast univ
> BGP.origin: IGP
> BGP.as_path: 65001
> BGP.next_hop: 10.72.1.1
> BGP.local_pref: 100
> 10.72.1.0/24 dev eth0 [kernel1 13:01:08] * (10)
> Type: inherit unicast univ
> Kernel.source: 3
> Kernel.metric: 0
> Kernel.prefsrc: 10.72.1.254
> 192.168.0.0/16 via 10.72.1.1 on eth0 [AS65003_1 13:01:11] * (100)
> [AS65001i]
> Type: BGP unicast univ
> BGP.origin: IGP
> BGP.as_path: 65001
> BGP.next_hop: 10.72.1.1
> BGP.local_pref: 100
> 192.168.2.0/24 via 10.72.1.1 on eth0 [AS65003_1 13:01:11] * (100)
> [AS65001i]
> Type: BGP unicast univ
> BGP.origin: IGP
> BGP.as_path: 65001
> BGP.next_hop: 10.72.1.1
> BGP.local_pref: 100
> 192.168.3.0/24 via 10.72.1.1 on eth0 [AS65003_1 13:01:11] * (100)
> [AS65001i]
> Type: BGP unicast univ
> BGP.origin: IGP
> BGP.as_path: 65001
> BGP.next_hop: 10.72.1.1
> BGP.local_pref: 100
> 192.168.18.0/24 dev breth1 [kernel1 13:01:08] * (10)
> Type: inherit unicast univ
> Kernel.source: 3
> Kernel.metric: 0
> Kernel.prefsrc: 192.168.18.253
> 192.168.19.0/24 dev eth2 [kernel1 13:01:08] * (10)
> Type: inherit unicast univ
> Kernel.source: 3
> Kernel.metric: 0
> Kernel.prefsrc: 192.168.19.253
> 192.168.254.0/24 via 10.72.1.1 on eth0 [AS65003_1 13:01:11] * (100)
> [AS65001i]
> Type: BGP unicast univ
> BGP.origin: IGP
> BGP.as_path: 65001
> BGP.next_hop: 10.72.1.1
> BGP.local_pref: 100
> 172.16.0.0/12 via 10.72.1.1 on eth0 [AS65003_1 13:01:11] * (100)
> [AS65001i]
> Type: BGP unicast univ
> BGP.origin: IGP
> BGP.as_path: 65001
> BGP.next_hop: 10.72.1.1
> BGP.local_pref: 100
>
> ### I restart bird on .2
>
> Jan 16 13:02:42 lanrouter daemon.debug bird: AS65003_2: Connecting to
> 10.72.1.2 from local address 10.72.1.254
> Jan 16 13:02:42 lanrouter daemon.debug bird: AS65003_2: Connected
> Jan 16 13:02:42 lanrouter daemon.debug bird: AS65003_2: Sending
> OPEN(ver=4,as=65003,hold=240,id=0a4801fe)
> Jan 16 13:02:42 lanrouter daemon.debug bird: AS65003_2: Got
> OPEN(as=65002,hold=240,id=0a480102)
> Jan 16 13:02:42 lanrouter daemon.debug bird: AS65003_2: Sending KEEPALIVE
> Jan 16 13:02:42 lanrouter daemon.debug bird: AS65003_2: Got KEEPALIVE
> Jan 16 13:02:42 lanrouter daemon.debug bird: AS65003_2: BGP session
> established
> Jan 16 13:02:42 lanrouter daemon.debug bird: AS65003_2: Connected to table
> master
> Jan 16 13:02:42 lanrouter daemon.debug bird: AS65003_2: State changed to
> feed
> Jan 16 13:02:42 lanrouter daemon.debug bird: AS65003_2 < filtered out
> 0.0.0.0/0 via 10.72.1.1 on eth0
> Jan 16 13:02:42 lanrouter daemon.debug bird: AS65003_2 < filtered out
> 10.0.0.0/8 via 10.72.1.1 on eth0
> Jan 16 13:02:42 lanrouter daemon.debug bird: AS65003_2 < filtered out
> 10.10.10.0/29 via 10.72.1.1 on eth0
> Jan 16 13:02:43 lanrouter daemon.debug bird: AS65003_2: Got UPDATE
> Jan 16 13:02:43 lanrouter daemon.debug bird: AS65003_2 > added 10.0.0.0/8
> via 10.72.1.2 on eth0
> Jan 16 13:02:43 lanrouter daemon.debug bird: AS65003_2 > added
> 192.168.0.0/16 via 10.72.1.2 on eth0
> Jan 16 13:02:43 lanrouter daemon.debug bird: AS65003_2 > added
> 192.168.2.0/24 via 10.72.1.2 on eth0
> Jan 16 13:02:43 lanrouter daemon.debug bird: AS65003_2 > added
> 192.168.3.0/24 via 10.72.1.2 on eth0
> Jan 16 13:02:43 lanrouter daemon.debug bird: AS65003_2 > added
> 192.168.254.0/24 via 10.72.1.2 on eth0
> Jan 16 13:02:43 lanrouter daemon.debug bird: AS65003_2 > added
> 172.16.0.0/12 via 10.72.1.2 on eth0
> Jan 16 13:02:43 lanrouter daemon.debug bird: AS65003_2: Got UPDATE
> Jan 16 13:02:43 lanrouter daemon.debug bird: AS65003_2: Got End-of-RIB
> Jan 16 13:02:44 lanrouter daemon.debug bird: AS65003_1: Got UPDATE
> Jan 16 13:02:44 lanrouter daemon.debug bird: AS65003_1 > removed
> [replaced] 10.0.0.0/8 via 10.72.1.1 on eth0
> Jan 16 13:02:44 lanrouter daemon.debug bird: AS65003_1 < filtered out
> 10.0.0.0/8 via 10.72.1.2 on eth0
> Jan 16 13:02:44 lanrouter daemon.debug bird: AS65003_2 < rejected by
> protocol 10.0.0.0/8 via 10.72.1.2 on eth0
> Jan 16 13:02:44 lanrouter daemon.debug bird: AS65003_1 > removed
> [replaced] 192.168.0.0/16 via 10.72.1.1 on eth0
> Jan 16 13:02:44 lanrouter daemon.debug bird: AS65003_1 < filtered out
> 192.168.0.0/16 via 10.72.1.2 on eth0
> Jan 16 13:02:44 lanrouter daemon.debug bird: AS65003_2 < rejected by
> protocol 192.168.0.0/16 via 10.72.1.2 on eth0
> Jan 16 13:02:44 lanrouter daemon.debug bird: AS65003_1 > removed
> [replaced] 192.168.2.0/24 via 10.72.1.1 on eth0
> Jan 16 13:02:44 lanrouter daemon.debug bird: AS65003_1 < filtered out
> 192.168.2.0/24 via 10.72.1.2 on eth0
> Jan 16 13:02:44 lanrouter daemon.debug bird: AS65003_2 < rejected by
> protocol 192.168.2.0/24 via 10.72.1.2 on eth0
> Jan 16 13:02:44 lanrouter daemon.debug bird: AS65003_1 > removed
> [replaced] 192.168.3.0/24 via 10.72.1.1 on eth0
>
> ### Bird internally now lost all routes it used to know about on .1, and
> hasn’t picked up any routes from .2
> ### Except for the one route that .1 & .2 don’t have in common (
> 10.10.10.0/29).
>
> # birdcl show route all
> BIRD 1.4.5 ready.
> 0.0.0.0/0 via 10.72.1.1 on eth0 [kernel1 13:01:09] * (10)
> Type: inherit unicast univ
> Kernel.source: 3
> Kernel.metric: 0
> Kernel.prefsrc: 10.72.1.254
> 10.10.10.0/29 via 10.72.1.1 on eth0 [AS65003_1 13:01:12] * (100)
> [AS65001i]
> Type: BGP unicast univ
> BGP.origin: IGP
> BGP.as_path: 65001
> BGP.next_hop: 10.72.1.1
> BGP.local_pref: 100
> 10.72.1.0/24 dev eth0 [kernel1 13:01:09] * (10)
> Type: inherit unicast univ
> Kernel.source: 3
> Kernel.metric: 0
> Kernel.prefsrc: 10.72.1.254
> 192.168.18.0/24 dev breth1 [kernel1 13:01:09] * (10)
> Type: inherit unicast univ
> Kernel.source: 3
> Kernel.metric: 0
> Kernel.prefsrc: 192.168.18.253
> 192.168.19.0/24 dev eth2 [kernel1 13:01:09] * (10)
> Type: inherit unicast univ
> Kernel.source: 3
> Kernel.metric: 0
> Kernel.prefsrc: 192.168.19.253
>
> # ip route list proto bird
> 10.10.10.0/29 via 10.72.1.1 dev eth0
>
>
>
> ### Config on .1 (AS 65001):
>
> filter kernel_import1 {
> accept;
> }
> filter kernel_export1 {
> accept;
> }
> filter export_AS65001_1 {
> if ifname ~ "ipsec0" then {
> bgp_local_pref=1000-krt_metric;
> accept;
> }
> if krt_source = ipp_vpn then {
> bgp_local_pref=1000-krt_metric;
> accept;
> }
> reject;
> }
> filter export_AS65001_2 {
> if ifname ~ "ipsec0" then {
> bgp_local_pref=1000-krt_metric;
> accept;
> }
> if krt_source = ipp_vpn then {
> bgp_local_pref=1000-krt_metric;
> accept;
> }
> reject;
> }
> protocol kernel kernel1 {
> persist;
> scan time 20;
> export filter kernel_export1;
> import filter kernel_import1;
> learn;
> }
> protocol device device1 {
> scan time 10;
> }
> protocol bgp AS65001_1 {
> local as 65001;
> neighbor 10.72.1.254 as 65003;
> import all;
> export filter export_AS65001_1;
> }
> protocol bgp AS65001_2 {
> local as 65001;
> neighbor 10.72.1.2 as 65002;
> import all;
> export filter export_AS65001_2;
> }
>
> ### Config on .2 (AS 65002):
>
> filter kernel_import1 {
> accept;
> }
> filter kernel_export1 {
> accept;
> }
> filter export_AS65002_1 {
> if ifname ~ "ipsec0" then {
> bgp_local_pref=1000-krt_metric;
> accept;
> }
> if krt_source = ipp_vpn then {
> bgp_local_pref=1000-krt_metric;
> accept;
> }
> reject;
> }
> filter export_AS65002_2 {
> if ifname ~ "ipsec0" then {
> bgp_local_pref=1000-krt_metric;
> accept;
> }
> if krt_source = ipp_vpn then {
> bgp_local_pref=1000-krt_metric;
> accept;
> }
> reject;
> }
> protocol kernel kernel1 {
> persist;
> scan time 20;
> export filter kernel_export1;
> import filter kernel_import1;
> learn;
> }
> protocol device device1 {
> scan time 10;
> }
> protocol bgp AS65002_1 {
> local as 65002;
> neighbor 10.72.1.254 as 65003;
> import all;
> export filter export_AS65002_1;
> }
> protocol bgp AS65002_2 {
> local as 65002;
> neighbor 10.72.1.1 as 65001;
> import all;
> export filter export_AS65002_2;
> }
>
> ### Config on .254 (AS 65003):
>
> filter kernel_import1 {
> accept;
> }
> filter kernel_export1 {
> accept;
> }
>
> filter lans {
> if ifname ~ "breth1" then {
> accept;
> }
> reject;
> }
>
> protocol kernel kernel1 {
> persist;
> scan time 20;
> export filter kernel_export1;
> import filter kernel_import1;
> learn;
> }
> protocol device device1 {
> scan time 10;
> }
> protocol bgp AS65003_1 {
> debug all;
> local as 65003;
> neighbor 10.72.1.1 as 65001;
> import all;
> export filter lans;
> }
> protocol bgp AS65003_2 {
> debug all;
> local as 65003;
> neighbor 10.72.1.2 as 65002;
> import all;
> export filter lans;
> }
>
> #### #### #### Where .1 and .2 do not import each others routes ### ### ###
>
> ### Start bird
>
> Jan 16 13:11:40 lanrouter daemon.debug bird: AS65003_1: Initializing
> Jan 16 13:11:40 lanrouter daemon.debug bird: AS65003_2: Initializing
> Jan 16 13:11:40 lanrouter daemon.info bird: Chosen router ID 10.72.1.254
> according to interface eth0
> Jan 16 13:11:40 lanrouter daemon.debug bird: AS65003_1: Starting
> Jan 16 13:11:40 lanrouter daemon.debug bird: AS65003_1: State changed to
> start
> Jan 16 13:11:40 lanrouter daemon.debug bird: AS65003_2: Starting
> Jan 16 13:11:40 lanrouter daemon.debug bird: AS65003_2: State changed to
> start
> Jan 16 13:11:40 lanrouter daemon.info bird: Started
> Jan 16 13:11:40 lanrouter daemon.debug bird: AS65003_2: Started
> Jan 16 13:11:40 lanrouter daemon.debug bird: AS65003_2: Connect delayed by
> 5 seconds
> Jan 16 13:11:40 lanrouter daemon.debug bird: AS65003_1: Started
> Jan 16 13:11:40 lanrouter daemon.debug bird: AS65003_1: Connect delayed by
> 5 seconds
> Jan 16 13:11:42 lanrouter daemon.debug bird: AS65003_2: Incoming
> connection from 10.72.1.2 (port 41464) accepted
> Jan 16 13:11:42 lanrouter daemon.debug bird: AS65003_2: Sending
> OPEN(ver=4,as=65003,hold=240,id=0a4801fe)
> Jan 16 13:11:42 lanrouter daemon.debug bird: AS65003_2: Got
> OPEN(as=65002,hold=240,id=0a480102)
> Jan 16 13:11:42 lanrouter daemon.debug bird: AS65003_2: Sending KEEPALIVE
> Jan 16 13:11:42 lanrouter daemon.debug bird: AS65003_2: Got KEEPALIVE
> Jan 16 13:11:42 lanrouter daemon.debug bird: AS65003_2: BGP session
> established
> Jan 16 13:11:42 lanrouter daemon.debug bird: AS65003_2: Connected to table
> master
> Jan 16 13:11:42 lanrouter daemon.debug bird: AS65003_2: State changed to
> feed
> Jan 16 13:11:42 lanrouter daemon.debug bird: AS65003_2 < filtered out
> 0.0.0.0/0 via 10.72.1.1 on eth0
> Jan 16 13:11:42 lanrouter daemon.debug bird: AS65003_2 < filtered out
> 10.72.1.0/24 dev eth0
> Jan 16 13:11:42 lanrouter daemon.debug bird: AS65003_2 < added
> 192.168.18.0/24 dev breth1
> Jan 16 13:11:44 lanrouter daemon.debug bird: AS65003_1: Incoming
> connection from 10.72.1.1 (port 44841) accepted
> Jan 16 13:11:44 lanrouter daemon.debug bird: AS65003_1: Sending
> OPEN(ver=4,as=65003,hold=240,id=0a4801fe)
> Jan 16 13:11:44 lanrouter daemon.debug bird: AS65003_1: Got
> OPEN(as=65001,hold=240,id=027e8ddb)
> Jan 16 13:11:44 lanrouter daemon.debug bird: AS65003_1: Sending KEEPALIVE
> Jan 16 13:11:44 lanrouter daemon.debug bird: AS65003_1: Got KEEPALIVE
> Jan 16 13:11:44 lanrouter daemon.debug bird: AS65003_1: BGP session
> established
> Jan 16 13:11:44 lanrouter daemon.debug bird: AS65003_1: Connected to table
> master
> Jan 16 13:11:44 lanrouter daemon.debug bird: AS65003_1: State changed to
> feed
> Jan 16 13:11:44 lanrouter daemon.debug bird: AS65003_1 < filtered out
> 0.0.0.0/0 via 10.72.1.1 on eth0
> Jan 16 13:11:44 lanrouter daemon.debug bird: AS65003_1 < filtered out
> 10.0.0.0/8 via 10.72.1.2 on eth0
> Jan 16 13:11:44 lanrouter daemon.debug bird: AS65003_1 < filtered out
> 10.72.1.0/24 dev eth0
> Jan 16 13:11:44 lanrouter daemon.debug bird: AS65003_1 < filtered out
> 192.168.0.0/16 via 10.72.1.2 on eth0
> Jan 16 13:11:44 lanrouter daemon.debug bird: AS65003_1 < filtered out
> 192.168.2.0/24 via 10.72.1.2 on eth0
> Jan 16 13:11:44 lanrouter daemon.debug bird: AS65003_1 < filtered out
> 192.168.3.0/24 via 10.72.1.2 on eth0
> Jan 16 13:11:44 lanrouter daemon.debug bird: AS65003_1 < added
> 192.168.18.0/24 dev breth1
> Jan 16 13:11:44 lanrouter daemon.debug bird: AS65003_1 < filtered out
> 192.168.19.0/24 dev eth2
> Jan 16 13:11:44 lanrouter daemon.debug bird: AS65003_1 < filtered out
> 192.168.254.0/24 via 10.72.1.2 on eth0
> Jan 16 13:11:44 lanrouter daemon.debug bird: AS65003_1 < filtered out
> 172.16.0.0/12 via 10.72.1.2 on eth0
> Jan 16 13:11:44 lanrouter daemon.debug bird: AS65003_1: State changed to up
> Jan 16 13:11:44 lanrouter daemon.debug bird: AS65003_1: Sending UPDATE
> Jan 16 13:11:44 lanrouter daemon.debug bird: AS65003_1: Sending End-of-RIB
> Jan 16 13:11:44 lanrouter daemon.debug bird: AS65003_1: Got UPDATE
>
>
> ### .1 and .2 connected. bird knows about both. Correct linux routes
> installed:
>
> # ip route list proto bird
> 10.10.10.0/29 via 10.72.1.1 dev eth0
> 192.168.3.0/24 via 10.72.1.1 dev eth0
> 192.168.2.0/24 via 10.72.1.1 dev eth0
> 192.168.254.0/24 via 10.72.1.1 dev eth0
> 192.168.0.0/16 via 10.72.1.1 dev eth0
> 172.16.0.0/12 via 10.72.1.1 dev eth0
> 10.0.0.0/8 via 10.72.1.1 dev eth0
>
> # birdcl show route all
> BIRD 1.4.5 ready.
> 0.0.0.0/0 via 10.72.1.1 on eth0 [kernel1 13:11:40] * (10)
> Type: inherit unicast univ
> Kernel.source: 3
> Kernel.metric: 0
> Kernel.prefsrc: 10.72.1.254
> 10.0.0.0/8 via 10.72.1.1 on eth0 [AS65003_1 13:11:44] * (100)
> [AS65001i]
> Type: BGP unicast univ
> BGP.origin: IGP
> BGP.as_path: 65001
> BGP.next_hop: 10.72.1.1
> BGP.local_pref: 100
> via 10.72.1.2 on eth0 [AS65003_2 13:11:42] (100)
> [AS65002i]
> Type: BGP unicast univ
> BGP.origin: IGP
> BGP.as_path: 65002
> BGP.next_hop: 10.72.1.2
> BGP.local_pref: 100
> 10.10.10.0/29 via 10.72.1.1 on eth0 [AS65003_1 13:11:44] * (100)
> [AS65001i]
> Type: BGP unicast univ
> BGP.origin: IGP
> BGP.as_path: 65001
> BGP.next_hop: 10.72.1.1
> BGP.local_pref: 100
> 10.72.1.0/24 dev eth0 [kernel1 13:11:40] * (10)
> Type: inherit unicast univ
> Kernel.source: 3
> Kernel.metric: 0
> Kernel.prefsrc: 10.72.1.254
> 192.168.0.0/16 via 10.72.1.1 on eth0 [AS65003_1 13:11:44] * (100)
> [AS65001i]
> Type: BGP unicast univ
> BGP.origin: IGP
> BGP.as_path: 65001
> BGP.next_hop: 10.72.1.1
> BGP.local_pref: 100
> via 10.72.1.2 on eth0 [AS65003_2 13:11:42] (100)
> [AS65002i]
> Type: BGP unicast univ
> BGP.origin: IGP
> BGP.as_path: 65002
> BGP.next_hop: 10.72.1.2
> BGP.local_pref: 100
> 192.168.2.0/24 via 10.72.1.1 on eth0 [AS65003_1 13:11:44] * (100)
> [AS65001i]
> Type: BGP unicast univ
> BGP.origin: IGP
> BGP.as_path: 65001
> BGP.next_hop: 10.72.1.1
> BGP.local_pref: 100
> via 10.72.1.2 on eth0 [AS65003_2 13:11:42] (100)
> [AS65002i]
> Type: BGP unicast univ
> BGP.origin: IGP
> BGP.as_path: 65002
> BGP.next_hop: 10.72.1.2
> BGP.local_pref: 100
> 192.168.3.0/24 via 10.72.1.1 on eth0 [AS65003_1 13:11:44] * (100)
> [AS65001i]
> Type: BGP unicast univ
> BGP.origin: IGP
> BGP.as_path: 65001
> BGP.next_hop: 10.72.1.1
> BGP.local_pref: 100
> via 10.72.1.2 on eth0 [AS65003_2 13:11:42] (100)
> [AS65002i]
> Type: BGP unicast univ
> BGP.origin: IGP
> BGP.as_path: 65002
> BGP.next_hop: 10.72.1.2
> BGP.local_pref: 100
> 192.168.18.0/24 dev breth1 [kernel1 13:11:40] * (10)
> Type: inherit unicast univ
> Kernel.source: 3
> Kernel.metric: 0
> Kernel.prefsrc: 192.168.18.253
> 192.168.19.0/24 dev eth2 [kernel1 13:11:40] * (10)
> Type: inherit unicast univ
> Kernel.source: 3
> Kernel.metric: 0
> Kernel.prefsrc: 192.168.19.253
> 192.168.254.0/24 via 10.72.1.1 on eth0 [AS65003_1 13:11:44] * (100)
> [AS65001i]
> Type: BGP unicast univ
> BGP.origin: IGP
> BGP.as_path: 65001
> BGP.next_hop: 10.72.1.1
> BGP.local_pref: 100
> via 10.72.1.2 on eth0 [AS65003_2 13:11:42] (100)
> [AS65002i]
> Type: BGP unicast univ
> BGP.origin: IGP
> BGP.as_path: 65002
> BGP.next_hop: 10.72.1.2
> BGP.local_pref: 100
> 172.16.0.0/12 via 10.72.1.1 on eth0 [AS65003_1 13:11:44] * (100)
> [AS65001i]
> Type: BGP unicast univ
> BGP.origin: IGP
> BGP.as_path: 65001
> BGP.next_hop: 10.72.1.1
> BGP.local_pref: 100
> via 10.72.1.2 on eth0 [AS65003_2 13:11:42] (100)
> [AS65002i]
> Type: BGP unicast univ
> BGP.origin: IGP
> BGP.as_path: 65002
> BGP.next_hop: 10.72.1.2
> BGP.local_pref: 100
>
> Jan 16 13:12:44 lanrouter daemon.debug bird: AS65003_2: Got KEEPALIVE
> Jan 16 13:12:49 lanrouter daemon.debug bird: AS65003_2: Sending KEEPALIVE
> Jan 16 13:12:49 lanrouter daemon.debug bird: AS65003_1: Sending KEEPALIVE
> Jan 16 13:12:50 lanrouter daemon.debug bird: AS65003_1: Got KEEPALIVE
>
> ### I kill -9 bird on .2
>
> Jan 16 13:13:06 lanrouter daemon.debug bird: AS65003_2: Connection closed
> Jan 16 13:13:06 lanrouter daemon.debug bird: AS65003_2: BGP session closed
> Jan 16 13:13:06 lanrouter daemon.debug bird: AS65003_2: State changed to
> stop
> Jan 16 13:13:06 lanrouter daemon.debug bird: AS65003_2 > removed
> 10.0.0.0/8 via 10.72.1.2 on eth0
> Jan 16 13:13:06 lanrouter daemon.debug bird: AS65003_2 > removed
> 192.168.0.0/16 via 10.72.1.2 on eth0
> Jan 16 13:13:06 lanrouter daemon.debug bird: AS65003_2 > removed
> 192.168.2.0/24 via 10.72.1.2 on eth0
> Jan 16 13:13:06 lanrouter daemon.debug bird: AS65003_2 > removed
> 192.168.3.0/24 via 10.72.1.2 on eth0
> Jan 16 13:13:06 lanrouter daemon.debug bird: AS65003_2 > removed
> 192.168.254.0/24 via 10.72.1.2 on eth0
> Jan 16 13:13:06 lanrouter daemon.debug bird: AS65003_2 > removed
> 172.16.0.0/12 via 10.72.1.2 on eth0
> Jan 16 13:13:06 lanrouter daemon.debug bird: AS65003_2: Down
> Jan 16 13:13:06 lanrouter daemon.debug bird: AS65003_2: State changed to
> down
>
> ### bird internally still knows about the routes on .1
>
> # birdcl show route all
> BIRD 1.4.5 ready.
> 0.0.0.0/0 via 10.72.1.1 on eth0 [kernel1 13:11:40] * (10)
> Type: inherit unicast univ
> Kernel.source: 3
> Kernel.metric: 0
> Kernel.prefsrc: 10.72.1.254
> 10.0.0.0/8 via 10.72.1.1 on eth0 [AS65003_1 13:11:44] * (100)
> [AS65001i]
> Type: BGP unicast univ
> BGP.origin: IGP
> BGP.as_path: 65001
> BGP.next_hop: 10.72.1.1
> BGP.local_pref: 100
> 10.10.10.0/29 via 10.72.1.1 on eth0 [AS65003_1 13:11:44] * (100)
> [AS65001i]
> Type: BGP unicast univ
> BGP.origin: IGP
> BGP.as_path: 65001
> BGP.next_hop: 10.72.1.1
> BGP.local_pref: 100
> 10.72.1.0/24 dev eth0 [kernel1 13:11:40] * (10)
> Type: inherit unicast univ
> Kernel.source: 3
> Kernel.metric: 0
> Kernel.prefsrc: 10.72.1.254
> 192.168.0.0/16 via 10.72.1.1 on eth0 [AS65003_1 13:11:44] * (100)
> [AS65001i]
> Type: BGP unicast univ
> BGP.origin: IGP
> BGP.as_path: 65001
> BGP.next_hop: 10.72.1.1
> BGP.local_pref: 100
> 192.168.2.0/24 via 10.72.1.1 on eth0 [AS65003_1 13:11:44] * (100)
> [AS65001i]
> Type: BGP unicast univ
> BGP.origin: IGP
> BGP.as_path: 65001
> BGP.next_hop: 10.72.1.1
> BGP.local_pref: 100
> 192.168.3.0/24 via 10.72.1.1 on eth0 [AS65003_1 13:11:44] * (100)
> [AS65001i]
> Type: BGP unicast univ
> BGP.origin: IGP
> BGP.as_path: 65001
> BGP.next_hop: 10.72.1.1
> BGP.local_pref: 100
> 192.168.18.0/24 dev breth1 [kernel1 13:11:40] * (10)
> Type: inherit unicast univ
> Kernel.source: 3
> Kernel.metric: 0
> Kernel.prefsrc: 192.168.18.253
> 192.168.19.0/24 dev eth2 [kernel1 13:11:40] * (10)
> Type: inherit unicast univ
> Kernel.source: 3
> Kernel.metric: 0
> Kernel.prefsrc: 192.168.19.253
> 192.168.254.0/24 via 10.72.1.1 on eth0 [AS65003_1 13:11:44] * (100)
> [AS65001i]
> Type: BGP unicast univ
> BGP.origin: IGP
> BGP.as_path: 65001
> BGP.next_hop: 10.72.1.1
> BGP.local_pref: 100
> 172.16.0.0/12 via 10.72.1.1 on eth0 [AS65003_1 13:11:44] * (100)
> [AS65001i]
> Type: BGP unicast univ
> BGP.origin: IGP
> BGP.as_path: 65001
> BGP.next_hop: 10.72.1.1
> BGP.local_pref: 100
>
>
> ### I restart bird on .2
>
> Jan 16 13:13:31 lanrouter daemon.debug bird: AS65003_2: Connecting to
> 10.72.1.2 from local address 10.72.1.254
> Jan 16 13:13:31 lanrouter daemon.debug bird: AS65003_2: Connected
> Jan 16 13:13:31 lanrouter daemon.debug bird: AS65003_2: Sending
> OPEN(ver=4,as=65003,hold=240,id=0a4801fe)
> Jan 16 13:13:31 lanrouter daemon.debug bird: AS65003_2: Got
> OPEN(as=65002,hold=240,id=0a480102)
> Jan 16 13:13:31 lanrouter daemon.debug bird: AS65003_2: Sending KEEPALIVE
> Jan 16 13:13:31 lanrouter daemon.debug bird: AS65003_2: Got KEEPALIVE
> Jan 16 13:13:31 lanrouter daemon.debug bird: AS65003_2: BGP session
> established
> Jan 16 13:13:31 lanrouter daemon.debug bird: AS65003_2: Connected to table
> master
> Jan 16 13:13:31 lanrouter daemon.debug bird: AS65003_2: State changed to
> feed
> Jan 16 13:13:31 lanrouter daemon.debug bird: AS65003_2 < filtered out
> 0.0.0.0/0 via 10.72.1.1 on eth0
> Jan 16 13:13:31 lanrouter daemon.debug bird: AS65003_2 < filtered out
> 10.0.0.0/8 via 10.72.1.1 on eth0
> Jan 16 13:13:31 lanrouter daemon.debug bird: AS65003_2 < filtered out
> 10.10.10.0/29 via 10.72.1.1 on eth0
>
>
> ### Bird internally now lost all routes it used to know about on .1, and
> hasn’t picked up any routes from .2
> ### Except for the one route that .1 & .2 don’t have in common (
> 10.10.10.0/29).
>
> # birdcl show route all
> BIRD 1.4.5 ready.
> 0.0.0.0/0 via 10.72.1.1 on eth0 [kernel1 13:11:40] * (10)
> Type: inherit unicast univ
> Kernel.source: 3
> Kernel.metric: 0
> Kernel.prefsrc: 10.72.1.254
> 10.0.0.0/8 via 10.72.1.1 on eth0 [AS65003_1 13:11:44] * (100)
> [AS65001i]
> Type: BGP unicast univ
> BGP.origin: IGP
> BGP.as_path: 65001
> BGP.next_hop: 10.72.1.1
> BGP.local_pref: 100
> via 10.72.1.2 on eth0 [AS65003_2 13:13:31] (100)
> [AS65002i]
> Type: BGP unicast univ
> BGP.origin: IGP
> BGP.as_path: 65002
> BGP.next_hop: 10.72.1.2
> BGP.local_pref: 100
> 10.10.10.0/29 via 10.72.1.1 on eth0 [AS65003_1 13:11:44] * (100)
> [AS65001i]
> Type: BGP unicast univ
> BGP.origin: IGP
> BGP.as_path: 65001
> BGP.next_hop: 10.72.1.1
> BGP.local_pref: 100
> 10.72.1.0/24 dev eth0 [kernel1 13:11:40] * (10)
> Type: inherit unicast univ
> Kernel.source: 3
> Kernel.metric: 0
> Kernel.prefsrc: 10.72.1.254
> 192.168.0.0/16 via 10.72.1.1 on eth0 [AS65003_1 13:11:44] * (100)
> [AS65001i]
> Type: BGP unicast univ
> BGP.origin: IGP
> BGP.as_path: 65001
> BGP.next_hop: 10.72.1.1
> BGP.local_pref: 100
> via 10.72.1.2 on eth0 [AS65003_2 13:13:31] (100)
> [AS65002i]
> Type: BGP unicast univ
> BGP.origin: IGP
> BGP.as_path: 65002
> BGP.next_hop: 10.72.1.2
> BGP.local_pref: 100
> 192.168.2.0/24 via 10.72.1.1 on eth0 [AS65003_1 13:11:44] * (100)
> [AS65001i]
> Type: BGP unicast univ
> BGP.origin: IGP
> BGP.as_path: 65001
> BGP.next_hop: 10.72.1.1
> BGP.local_pref: 100
> via 10.72.1.2 on eth0 [AS65003_2 13:13:31] (100)
> [AS65002i]
> Type: BGP unicast univ
> BGP.origin: IGP
> BGP.as_path: 65002
> BGP.next_hop: 10.72.1.2
> BGP.local_pref: 100
> 192.168.3.0/24 via 10.72.1.1 on eth0 [AS65003_1 13:11:44] * (100)
> [AS65001i]
> Type: BGP unicast univ
> BGP.origin: IGP
> BGP.as_path: 65001
> BGP.next_hop: 10.72.1.1
> BGP.local_pref: 100
> via 10.72.1.2 on eth0 [AS65003_2 13:13:31] (100)
> [AS65002i]
> Type: BGP unicast univ
> BGP.origin: IGP
> BGP.as_path: 65002
> BGP.next_hop: 10.72.1.2
> BGP.local_pref: 100
> 192.168.18.0/24 dev breth1 [kernel1 13:11:40] * (10)
> Type: inherit unicast univ
> Kernel.source: 3
> Kernel.metric: 0
> Kernel.prefsrc: 192.168.18.253
> 192.168.19.0/24 dev eth2 [kernel1 13:11:40] * (10)
> Type: inherit unicast univ
> Kernel.source: 3
> Kernel.metric: 0
> Kernel.prefsrc: 192.168.19.253
> 192.168.254.0/24 via 10.72.1.1 on eth0 [AS65003_1 13:11:44] * (100)
> [AS65001i]
> Type: BGP unicast univ
> BGP.origin: IGP
> BGP.as_path: 65001
> BGP.next_hop: 10.72.1.1
> BGP.local_pref: 100
> via 10.72.1.2 on eth0 [AS65003_2 13:13:31] (100)
> [AS65002i]
> Type: BGP unicast univ
> BGP.origin: IGP
> BGP.as_path: 65002
> BGP.next_hop: 10.72.1.2
> BGP.local_pref: 100
> 172.16.0.0/12 via 10.72.1.1 on eth0 [AS65003_1 13:11:44] * (100)
> [AS65001i]
> Type: BGP unicast univ
> BGP.origin: IGP
> BGP.as_path: 65001
> BGP.next_hop: 10.72.1.1
> BGP.local_pref: 100
> via 10.72.1.2 on eth0 [AS65003_2 13:13:31] (100)
> [AS65002i]
> Type: BGP unicast univ
> BGP.origin: IGP
> BGP.as_path: 65002
> BGP.next_hop: 10.72.1.2
> BGP.local_pref: 100
>
> # ip route list proto bird
> 10.10.10.0/29 via 10.72.1.1 dev eth0
> 192.168.3.0/24 via 10.72.1.1 dev eth0
> 192.168.2.0/24 via 10.72.1.1 dev eth0
> 192.168.254.0/24 via 10.72.1.1 dev eth0
> 192.168.0.0/16 via 10.72.1.1 dev eth0
> 172.16.0.0/12 via 10.72.1.1 dev eth0
> 10.0.0.0/8 via 10.72.1.1 dev eth0
>
>
>
>
> ### Config on .1 (AS 65001):
>
> filter kernel_import1 {
> accept;
> }
> filter kernel_export1 {
> accept;
> }
> filter export_AS65001_1 {
> if ifname ~ "ipsec0" then {
> bgp_local_pref=1000-krt_metric;
> accept;
> }
> if krt_source = ipp_vpn then {
> bgp_local_pref=1000-krt_metric;
> accept;
> }
> reject;
> }
> filter export_AS65001_2 {
> if ifname ~ "ipsec0" then {
> bgp_local_pref=1000-krt_metric;
> accept;
> }
> if krt_source = ipp_vpn then {
> bgp_local_pref=1000-krt_metric;
> accept;
> }
> reject;
> }
> protocol kernel kernel1 {
> persist;
> scan time 20;
> export filter kernel_export1;
> import filter kernel_import1;
> learn;
> }
> protocol device device1 {
> scan time 10;
> }
> protocol bgp AS65001_1 {
> local as 65001;
> neighbor 10.72.1.254 as 65003;
> import all;
> export filter export_AS65001_1;
> }
> protocol bgp AS65001_2 {
> local as 65001;
> neighbor 10.72.1.2 as 65002;
> import none;
> export filter export_AS65001_2;
> }
>
> ### Config on .2 (AS 65002):
>
> filter kernel_import1 {
> accept;
> }
> filter kernel_export1 {
> accept;
> }
> filter export_AS65002_1 {
> if ifname ~ "ipsec0" then {
> bgp_local_pref=1000-krt_metric;
> accept;
> }
> if krt_source = ipp_vpn then {
> bgp_local_pref=1000-krt_metric;
> accept;
> }
> reject;
> }
> filter export_AS65002_2 {
> if ifname ~ "ipsec0" then {
> bgp_local_pref=1000-krt_metric;
> accept;
> }
> if krt_source = ipp_vpn then {
> bgp_local_pref=1000-krt_metric;
> accept;
> }
> reject;
> }
> protocol kernel kernel1 {
> persist;
> scan time 20;
> export filter kernel_export1;
> import filter kernel_import1;
> learn;
> }
> protocol device device1 {
> scan time 10;
> }
> protocol bgp AS65002_1 {
> local as 65002;
> neighbor 10.72.1.254 as 65003;
> import all;
> export filter export_AS65002_1;
> }
> protocol bgp AS65002_2 {
> local as 65002;
> neighbor 10.72.1.1 as 65001;
> import none;
> export filter export_AS65002_2;
> }
>
> ### Config on .254 (AS 65003):
>
> filter kernel_import1 {
> accept;
> }
> filter kernel_export1 {
> accept;
> }
>
> filter lans {
> if ifname ~ "breth1" then {
> accept;
> }
> reject;
> }
>
> protocol kernel kernel1 {
> persist;
> scan time 20;
> export filter kernel_export1;
> import filter kernel_import1;
> learn;
> }
> protocol device device1 {
> scan time 10;
> }
> protocol bgp AS65003_1 {
> debug all;
> local as 65003;
> neighbor 10.72.1.1 as 65001;
> import all;
> export filter lans;
> }
> protocol bgp AS65003_2 {
> debug all;
> local as 65003;
> neighbor 10.72.1.2 as 65002;
> import all;
> export filter lans;
> }
>
> Is this a bug? Is it intentional and I need to be using a different
> approach?
>
> Kind Regards,
>
> Mike
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://trubka.network.cz/pipermail/bird-users/attachments/20150122/f3d966bb/attachment.html>
More information about the Bird-users
mailing list