Re: BGP: Malformed attribute list
On Thu, Apr 08, 2010 at 02:44:11PM +0200, Wolfgang Hennerbichler wrote: > Allright, reply to myself: > > This seems to be a bug in BIRD. > What I actually added was a rule that certain communities should be deleted: > if ((1120,1)) ~ bgp_community then bgp_community.delete((1120,1)); > > this actually seemed to delete the only community attached to a > certain prefix, which led to a bgp announcement that contained the > community attribute which was in fact empty. this causes some cisco > routers to throw up on the bgp session. So I think this is a bug in BIRD > - if the last community is deleted on a prefix, the community tag must > no longer be attached to the prefix. What do you think? Are there any > chances you could fix this in the coming update? Hello. Thank you for the bug report. The RFC 1997 does not explicitly forbid empty community attribute and we assumed that it is valid. But if some Cisco routers don't like it reasonable to not generate such attribute. I fixed it in dev version and the fix will be in coming update. -- Elen sila lumenn' omentielvo Ondrej 'SanTiago' Zajicek (email: santi...@crfreenet.org) OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net) "To err is human -- to blame it on a computer is even more so." signature.asc Description: Digital signature
Re: BGP: Malformed attribute list
On Apr 9, 2010, at 10:08 , Ondrej Zajicek wrote: > Hello. Hi, > Thank you for the bug report. No problem. > The RFC 1997 does not explicitly forbid > empty community attribute and we assumed that it is valid. But if > some Cisco routers don't like it reasonable to not generate such > attribute. I fixed it in dev version and the fix will be in coming > update. Great news. Actually I think every cisco router threw up, JunOS didn't seem to care (I think). BTW: What happens if I do a bgp_community.delete ((1234,1234)) if the community doesn't exist? > -- > Elen sila lumenn' omentielvo > > Ondrej 'SanTiago' Zajicek (email: santi...@crfreenet.org) > OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net) > "To err is human -- to blame it on a computer is even more so." -- www.vix.at | www.aco.net w...@univie.ac.at | WH844-RIPE Vienna University Computer Center Tel: +43 1 4277-14031 | Fax: -9140
another bug: system time change
Hi Ondrejs, I think I found another bug. For some mysterious reason our system time jumped forward (more than 30.000 seconds) on one of our route-servers. I don't know why this happened, but I suspect a broken ntp server could have caused this. Nevetheless, this was reason enough for BIRD to drop the BGP peerings: You see the log-entries from the wtachdog, which is run every minute, all of a sudden the time jumps to 10:08 UTC, and BIRD brings down BGP sessions. Are the session hold timers dependent on the system time? Apr 9 01:33:01 rs2 /USR/SBIN/CRON[25129]: (root) CMD (/usr/local/sbin/watchdog.sh) Apr 9 01:34:01 rs2 /USR/SBIN/CRON[25136]: (root) CMD (/usr/local/sbin/watchdog.sh) Apr 9 01:35:01 rs2 /USR/SBIN/CRON[25143]: (root) CMD (/usr/local/sbin/watchdog.sh) Apr 9 10:08:28 rs2 bird: R8596x189: Error: Hold timer expired Apr 9 10:08:28 rs2 bird: R8596x189: BGP session closed Apr 9 10:08:28 rs2 bird: R8596x189: State changed to flush Apr 9 10:08:28 rs2 bird: R3330x113: Error: Hold timer expired Apr 9 10:08:28 rs2 bird: R3330x113: BGP session closed Apr 9 10:08:28 rs2 bird: R3330x113: State changed to flush Apr 9 10:08:28 rs2 bird: R1853x104: Error: Hold timer expired Wolfgang -- www.vix.at | www.aco.net w...@univie.ac.at | WH844-RIPE Vienna University Computer Center Tel: +43 1 4277-14031 | Fax: -9140
Re: BGP: Malformed attribute list
On Fri, Apr 09, 2010 at 10:09:22AM +0200, Wolfgang Hennerbichler wrote: > Great news. Actually I think every cisco router threw up, JunOS didn't seem > to care (I think). > BTW: What happens if I do a bgp_community.delete ((1234,1234)) if the > community doesn't exist? It does nothing (with the exception that if there is no community attribute, it creates the empty one). -- Elen sila lumenn' omentielvo Ondrej 'SanTiago' Zajicek (email: santi...@crfreenet.org) OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net) "To err is human -- to blame it on a computer is even more so." signature.asc Description: Digital signature
Re: BGP: Malformed attribute list
On Apr 9, 2010, at 10:43 , Ondrej Zajicek wrote: > On Fri, Apr 09, 2010 at 10:09:22AM +0200, Wolfgang Hennerbichler wrote: >> Great news. Actually I think every cisco router threw up, JunOS didn't seem >> to care (I think). >> BTW: What happens if I do a bgp_community.delete ((1234,1234)) if the >> community doesn't exist? > > It does nothing (with the exception that if there is no community > attribute, it creates the empty one). good, except for the latter, this is my expected behaviour. > -- > Elen sila lumenn' omentielvo > > Ondrej 'SanTiago' Zajicek (email: santi...@crfreenet.org) > OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net) > "To err is human -- to blame it on a computer is even more so." -- www.vix.at | www.aco.net w...@univie.ac.at | WH844-RIPE Vienna University Computer Center Tel: +43 1 4277-14031 | Fax: -9140
Re: another bug: system time change
On Fri, Apr 09, 2010 at 10:22:05AM +0200, Wolfgang Hennerbichler wrote: > Hi Ondrejs, > > I think I found another bug. For some mysterious reason our system time > jumped forward (more than 30.000 seconds) on one of our route-servers. I > don't know why this happened, but I suspect a broken ntp server could have > caused this. Nevetheless, this was reason enough for BIRD to drop the BGP > peerings: > > You see the log-entries from the wtachdog, which is run every minute, > all of a sudden the time jumps to 10:08 UTC, and BIRD brings down BGP > sessions. Are the session hold timers dependent on the system time? That is really strange. On Linux 2.6, we use monotonic timers, which shouldn't be affected by system time change. If monotonic timers are not available (on Linux 2.4), we use system time but we detect time jumps and ignore them. -- Elen sila lumenn' omentielvo Ondrej 'SanTiago' Zajicek (email: santi...@crfreenet.org) OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net) "To err is human -- to blame it on a computer is even more so." signature.asc Description: Digital signature
Re: another bug: system time change
On Apr 9, 2010, at 10:49 , Ondrej Zajicek wrote: > On Fri, Apr 09, 2010 at 10:22:05AM +0200, Wolfgang Hennerbichler wrote: >> Hi Ondrejs, >> >> I think I found another bug. For some mysterious reason our system time >> jumped forward (more than 30.000 seconds) on one of our route-servers. I >> don't know why this happened, but I suspect a broken ntp server could have >> caused this. Nevetheless, this was reason enough for BIRD to drop the BGP >> peerings: >> > >> You see the log-entries from the wtachdog, which is run every minute, >> all of a sudden the time jumps to 10:08 UTC, and BIRD brings down BGP >> sessions. Are the session hold timers dependent on the system time? > > That is really strange. On Linux 2.6, we use monotonic timers, which > shouldn't be affected by system time change. If monotonic timers are not > available (on Linux 2.4), we use system time but we detect time jumps > and ignore them. Hm. Now this is strange indeed. I run linux 2.6.33.1 (amd64) - but it is a virtualized host (with xen). Maybe it was xen's fault, but the logs don't reveal much as you see. Hm. this sucks. > > -- > Elen sila lumenn' omentielvo > > Ondrej 'SanTiago' Zajicek (email: santi...@crfreenet.org) > OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net) > "To err is human -- to blame it on a computer is even more so." -- www.vix.at | www.aco.net w...@univie.ac.at | WH844-RIPE Vienna University Computer Center Tel: +43 1 4277-14031 | Fax: -9140
Re: another bug: system time change
On 09.04.2010 10:22 Wolfgang Hennerbichler wrote > Hi Ondrejs, > > I think I found another bug. For some mysterious reason our system time > jumped forward (more than 30.000 seconds) on one of our route-servers. I > don't know why this happened, but I suspect a broken ntp server could have > caused this. Nevetheless, this was reason enough for BIRD to drop the BGP > peerings: > > You see the log-entries from the wtachdog, which is run every minute, all of > a sudden the time jumps to 10:08 UTC, and BIRD brings down BGP sessions. Are > the session hold timers dependent on the system time? > > Apr 9 01:33:01 rs2 /USR/SBIN/CRON[25129]: (root) CMD > (/usr/local/sbin/watchdog.sh) > Apr 9 01:34:01 rs2 /USR/SBIN/CRON[25136]: (root) CMD > (/usr/local/sbin/watchdog.sh) > Apr 9 01:35:01 rs2 /USR/SBIN/CRON[25143]: (root) CMD > (/usr/local/sbin/watchdog.sh) > Apr 9 10:08:28 rs2 bird: R8596x189: Error: Hold timer expired > Apr 9 10:08:28 rs2 bird: R8596x189: BGP session closed > Apr 9 10:08:28 rs2 bird: R8596x189: State changed to flush > Apr 9 10:08:28 rs2 bird: R3330x113: Error: Hold timer expired > Apr 9 10:08:28 rs2 bird: R3330x113: BGP session closed > Apr 9 10:08:28 rs2 bird: R3330x113: State changed to flush > Apr 9 10:08:28 rs2 bird: R1853x104: Error: Hold timer expired > Is this really a BIRD bug? I guess it is expected behaviour to drop a session if you _think_ you missed keepalives The bug is w/ the underlying OS. Virtualisation and keeping time really seems to be a problem. For this and other reasons we refrain from using a VM for RS. Arnold -- Arnold Nipper / nIPper consulting, Sandhausen, Germany email: arn...@nipper.de phone: +49 6224 9259 299 mobile: +49 172 2650958 fax: +49 6224 9259 333 signature.asc Description: OpenPGP digital signature
Re: another bug: system time change
On Apr 9, 2010, at 12:44 , Arnold Nipper wrote: > > Is this really a BIRD bug? I guess it is expected behaviour to drop a > session if you _think_ you missed keepalives Time Counters within a Daemon should NEVER be dependent on the system time, so yes, I would consider this a bug of BIRD, but it seems that BIRD has implemented this correctly, as Ondrej said. > The bug is w/ the underlying OS. Virtualisation and keeping time really > seems to be a problem. For this and other reasons we refrain from using > a VM for RS. We'll see how this works out. > > > Arnold > -- > Arnold Nipper / nIPper consulting, Sandhausen, Germany > email: arn...@nipper.de phone: +49 6224 9259 299 > mobile: +49 172 2650958 fax: +49 6224 9259 333 > -- www.vix.at | www.aco.net w...@univie.ac.at | WH844-RIPE Vienna University Computer Center Tel: +43 1 4277-14031 | Fax: -9140
Re: another bug: system time change
On Fri, Apr 09, 2010 at 10:49:15AM +0200, Wolfgang Hennerbichler wrote: > Hm. Now this is strange indeed. I run linux 2.6.33.1 (amd64) - but it > is a virtualized host (with xen). Maybe it was xen's fault, but the logs > don't reveal much as you see. Hm. this sucks. If there is a virtualization involved, then a bug in the virtualized monotonic timers is the simplest explanation. -- Elen sila lumenn' omentielvo Ondrej 'SanTiago' Zajicek (email: santi...@crfreenet.org) OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net) "To err is human -- to blame it on a computer is even more so." signature.asc Description: Digital signature
Re: another bug: system time change
On Apr 9, 2010, at 14:08 , Ondrej Zajicek wrote: > On Fri, Apr 09, 2010 at 10:49:15AM +0200, Wolfgang Hennerbichler wrote: >> Hm. Now this is strange indeed. I run linux 2.6.33.1 (amd64) - but it >> is a virtualized host (with xen). Maybe it was xen's fault, but the logs >> don't reveal much as you see. Hm. this sucks. > > If there is a virtualization involved, then a bug in the virtualized > monotonic timers is the simplest explanation. yes. might be. damn :) > > -- > Elen sila lumenn' omentielvo > > Ondrej 'SanTiago' Zajicek (email: santi...@crfreenet.org) > OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net) > "To err is human -- to blame it on a computer is even more so." -- www.vix.at | www.aco.net w...@univie.ac.at | WH844-RIPE Vienna University Computer Center Tel: +43 1 4277-14031 | Fax: -9140
RE: another bug: system time change
Hello, This is my first time so sorry if I have not done this right. I have seen this problem before. I have seen this in Linux when the BIOS synchronises its time with the OS. The Linux OS could have been fine and have had a valid NTP source, but periodically there is some form of synchronisation that occurs between the BIOS and the OS and weird things can happen. This is probably nothing to do with bird. PS; A Virtual BIOS does exactly the same thing. Ie. the real BIOS time gets synchronised with all the Virtual BIOS clocks (one for each VM), which each in turn synchronise with their respective guest. Check all your BIOS times (physical BIOS and virtual Guest BIOS'). Hope this helps. Andy. -Original Message- From: owner-bird-us...@atrey.karlin.mff.cuni.cz [mailto:owner-bird-us...@atrey.karlin.mff.cuni.cz] On Behalf Of Wolfgang Hennerbichler Sent: 09 April 2010 09:49 To: Ondrej Zajicek Cc: Bird Users Subject: Re: another bug: system time change On Apr 9, 2010, at 10:49 , Ondrej Zajicek wrote: > On Fri, Apr 09, 2010 at 10:22:05AM +0200, Wolfgang Hennerbichler wrote: >> Hi Ondrejs, >> >> I think I found another bug. For some mysterious reason our system time >> jumped forward (more than 30.000 seconds) on one of our route-servers. I >> don't know why this happened, but I suspect a broken ntp server could have >> caused this. Nevetheless, this was reason enough for BIRD to drop the BGP >> peerings: >> > >> You see the log-entries from the wtachdog, which is run every minute, >> all of a sudden the time jumps to 10:08 UTC, and BIRD brings down BGP >> sessions. Are the session hold timers dependent on the system time? > > That is really strange. On Linux 2.6, we use monotonic timers, which > shouldn't be affected by system time change. If monotonic timers are not > available (on Linux 2.4), we use system time but we detect time jumps > and ignore them. Hm. Now this is strange indeed. I run linux 2.6.33.1 (amd64) - but it is a virtualized host (with xen). Maybe it was xen's fault, but the logs don't reveal much as you see. Hm. this sucks. > > -- > Elen sila lumenn' omentielvo > > Ondrej 'SanTiago' Zajicek (email: santi...@crfreenet.org) > OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net) > "To err is human -- to blame it on a computer is even more so." -- www.vix.at | www.aco.net w...@univie.ac.at | WH844-RIPE Vienna University Computer Center Tel: +43 1 4277-14031 | Fax: -9140 Monitor Computer Systems Limited Company Registration Number: NI 17805 Registered Office: 3 Pine Crest, Holywood, North Down, Northern Ireland BT18 9ED
New release 1.2.2
Hi! New version is ready, completely prepared by Santiago, good job. :-) Version 1.2.2 (2010-04-10) o Much better BSD kernel support (IPv6, alien routes, ...). o Deep OSPF socket changes, fixes OSPFv2/v3 behavior on BSD. o OSPFv2 in Linux now supports more non-stub IP prefixes on one physical iface. o Export of device routes to the kernel is more restricted. o Routes with strange scope not allowed in BIRD routing tables. o New filterable route attributes bgp_originator_id, bgp_cluster_list and ospf_router_id. o Restricted read-only CLI (option -r). o Pattern matching for 'show protocols' command. o BGP protocol details in 'show protocols all' command. o Configurable syslog name (and default on IPv6 changed). o Statistic counters for pipes were fixed. o Many bugfixes in BGP, OSPF, filters, ... All distro packages will follow soon. Ondrej
