Bird BFD is not compliant to RFC5881
Grant Taylor
gtaylor at tnetconsulting.net
Thu Feb 17 17:36:15 CET 2022
On 2/17/22 5:09 AM, Christian Bruns wrote:
> There is a workaround to limit the port range globally at system level
> (/proc/sys/net/ipv4/ip_local_port_range);
Another workaround might be to match the outgoing BFD traffic and NAT it
such that the source port is altered to be within range.
I know that this isn't a more proper solution, but it would probably
suffice without affecting the rest of the system like
ip_local_port_range does.
There may be more esoteric options too like running BIRD in a different
network namespace with different per-namespace proc entries. (Or vice
versa.)
--
Grant. . . .
unix || die
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4017 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://trubka.network.cz/pipermail/bird-users/attachments/20220217/11e418b4/attachment.p7s>
More information about the Bird-users
mailing list