Hello, On Mon, Feb 28, 2011 at 03:56:24PM +0100, Ondrej Zajicek wrote: > > Why should I not use private ASNs? > > You can use private ASNs 64512-65534 (or some other in 32bit space). > 65535 (and 0) is not a private ASN, but a reserved ASN.
I took http://www.apnic.net/services/services-apnic-provides/helpdesk/faqs/asn-faqs#UsePrivateASN as reference. It states that 65535 actually is one. But anyway - the behavior ist the same with ASN 65534: The BGP closes immediately. exacom-kap-gw01:/etc/bird # telnet 2001:67c:39c:8000::8000:a 179 Trying 2001:67c:39c:8000::8000:a... Connected to 2001:67c:39c:8000::8000:a. Escape character is '^]'. Connection closed by foreign host. exacom-kap-gw01:/etc/bird # exacom-kap-gw02:~ # tcpdump host 2001:67c:39c:8000::8000:9 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes 19:32:33.263290 IP6 2001:67c:39c:8000::8000:9.53942 > 2001:67c:39c:8000::8000:a.bgp: Flags [S], seq 3322719686, win 5760, options [mss 1440,sackOK,TS val 68713170 ecr 0,nop,wscale 6], length 0 19:32:33.263340 IP6 2001:67c:39c:8000::8000:a.bgp > 2001:67c:39c:8000::8000:9.53942: Flags [S.], seq 3336922287, ack 3322719687, win 5712, options [mss 1440,sackOK,TS val 70286778 ecr 68713170,nop,wscale 6], length 0 19:32:33.263571 IP6 2001:67c:39c:8000::8000:9.53942 > 2001:67c:39c:8000::8000:a.bgp: Flags [.], ack 1, win 90, options [nop,nop,TS val 68713170 ecr 70286778], length 0 19:32:33.264142 IP6 2001:67c:39c:8000::8000:a.bgp > 2001:67c:39c:8000::8000:9.53942: Flags [F.], seq 1, ack 1, win 90, options [nop,nop,TS val 70286779 ecr 68713170], length 0 19:32:33.264621 IP6 2001:67c:39c:8000::8000:9.53942 > 2001:67c:39c:8000::8000:a.bgp: Flags [F.], seq 1, ack 2, win 90, options [nop,nop,TS val 68713171 ecr 70286779], length 0 19:32:33.264645 IP6 2001:67c:39c:8000::8000:a.bgp > 2001:67c:39c:8000::8000:9.53942: Flags [.], ack 2, win 90, options [nop,nop,TS val 70286779 ecr 68713171], length 0 As already stated - I did some debugging with the previous configuration that showed the same error and found that in bgp.c:bgp_incoming_connection the value of p->start_state is zero (should be >=BSS_CONNECT). I can provide remote access to the affected systems for debugging purposes if necessary. Mit freundlichen Grüßen Dr. Christian Riede Senior IT Architect, Teamleiter Technik -- _________________________________________ =C=O=N=N=E=C=T== Karlsruhe GmbH Computer und Netzwerktechnik Gebrüder-Himmelheber-Straße 7 D-76135 Karlsruhe Amtsgericht Mannheim HRB 110258 Geschäftsführer: Stefan Kratzer Telefon: +49 (0) 721 20120-0 Telefax: +49 (0) 721 20120-500 Internet: www.it-connect.de E-Mail: christian.ri...@it-connect.de _________________________________________