import where IPv6 BGP

Ondrej Zajicek santiago at
Mon Oct 9 21:24:57 CEST 2017

On Mon, Oct 09, 2017 at 02:32:44PM -0400, Robert Blayzor wrote:
> When running IPv6 daemon, I have a BGP peer:
> protocol bgp bogon_1 from BH_SERVER {
>         import where net.len < 33;
>         import filter BLACKHOLE_IN;
>         import limit 100000 action warn;
> }
> The filter is simply an “accept;”.  The problem I’m seeing however is
> that I’m getting prefixes imported that are longer than 32. In fact, it
> looks like “import where” is completely ignored in IPv6 (at least for
> net.len?). If I put “import where net.len = 0” I still see all the longer
> prefixes getting imported.
> If I go into the filter and add a “if net.len < 33 then reject;” then I see it work.
> Is this the expected behavior, a bug or am I missing something?


It is not two separate options 'import where' and 'import filter', but
one option 'import', so setting it second time (to 'filter BLACKHOLE_IN')
silently overwrites the previous value ('where net.len < 33').

Elen sila lumenn' omentielvo

Ondrej 'Santiago' Zajicek (email: santiago at
OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3,
"To err is human -- to blame it on a computer is even more so."
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 195 bytes
Desc: not available
URL: <>

More information about the Bird-users mailing list