bird version 2.0.4 - peering with cisco version ios xe 16.3.5 - invalid open message
Marco van Tol
marco at tols.org
Fri Mar 8 13:51:31 CET 2019
Op 8 mrt. 2019, om 13:31 heeft Marco van Tol <marco at tols.org> het volgende geschreven:
> Op 8 mrt. 2019, om 13:04 heeft Ondrej Zajicek <santiago at crfreenet.org> het volgende geschreven:
>> On Fri, Mar 08, 2019 at 12:35:30PM +0100, Marco van Tol wrote:
>>> Hi there,
>>>
>>> I'm trying to setup iBGP peering with a cisco router which is giving me an "invalid open message" that I can't seem to fix.
>>>
>>> - The same router is peering with Juniper and other bird 1.6.3 routers without issues.
>>
>> Hi
>>
>> You mean the same BIRD rotuer or the same Cisco router?
>
> Hi,
>
> Many thanks for your quick answer!
>
> Good point, I meant the same BIRD router.
>
> So we have a BIRD 2.0.4 router that is:
> - Having issues to peer with a Cisco ios xe 16.3.5 version router on both ipv4 and ipv6 in the exact same way
> - Is having no issues to peer with a Juniper and another BIRD 1.6.3 router, both ipv4 and ipv6.
>
>>> - The router is also doing IPv6 based peering with all the other routers, which gives the exact same scenario as with IPv4.
>>> -----< cut here >-----
>>>
>>> The debug messages I'm getting are these:
>>> -----< cut here >-----
>>> 2019-03-08 11:02:33.199 <TRACE> peer_type1a_v4: Incoming connection from 10.0.0.2 (port 18581) accepted
>>> 2019-03-08 11:02:33.199 <TRACE> peer_type1a_v4: Sending OPEN(ver=4,as=64512,hold=240,id=0a000001)
>>> 2019-03-08 11:02:33.200 <TRACE> peer_type1a_v4: Got OPEN(as=64512,hold=180,id=10.0.0.2)
>>> 2019-03-08 11:02:33.200 <TRACE> peer_type1a_v4: Sending KEEPALIVE
>>> 2019-03-08 11:02:33.201 <RMT> peer_type1a_v4: Received: Invalid OPEN message
>>> 2019-03-08 11:02:33.201 <TRACE> peer_type1a_v4: State changed to stop
>>> 2019-03-08 11:02:33.201 <TRACE> peer_type1a_v4: Down
>>> -----< cut here >-----
>>>
>>> My suspicion is that the ipv6 like address representation in the sent open message router id might confuse the cisco.
>>> So the opening message we're sending seems to be having the router id represented in hex form, like 32 bits of an IPv6 address.
>>
>> That is just a textual representation in logs, there is no difference in
>> the packet. For some historical reasons there is a different formatting
>> for 'Sending OPEN' and 'Got OPEN' log messages.
>
> Okay that makes sense, thanks for confirming.
>
>> Could you try the 2.0.2 or 2.0.3 versions if they work with the Cisco
>> router?
>
> I will have a go at that and let you know.
Hi,
So I replaced bird 2.0.4 for which I downloaded the rpm from your site with bird 2.0.2 which I installed using yum on a centos 7 system.
I noticed 2 things:
- The Centos 7 2.0.2 rpm makes the bird daemon drop privileges and resumes as user bird
- The 2.0.4 package from your site, when started with the supplied .service file, remains as root, with the exact same bird.conf
- Version 2.0.2 has no issues to peer with the cisco router, it peers fine.
So now I'm curious how worried I should be about the "import bgp fixes" in the 2.0.4 release notes. :-)
Many thanks!
--
Marco van Tol
More information about the Bird-users
mailing list