Re: openbgp: operation not permitted

2008-06-14 Thread Lu Vo 
2008/6/13 Claudio Jeker [EMAIL PROTECTED]:

 On Fri, Jun 13, 2008 at 12:47:26PM -0700, Lu Vo wrote:
  Greetings,
 
  I set up 2 routers running openbgpd.  The first one is working well.  The
  2nd one is not.
 
  I am  seeing these errors in the syslog
 
  Jun 13 14:18:13 router2 bgpd[9453]: neighbor xxx.191.188.137: write
 error:
  Operation not permitted
  Jun 13 14:22:23 router2 bgpd[9453]: neighbor xxx.191.188.137: connect:
  Operation not permitted
 

 Smells like a pf block rule hitting you.


First thing I checked.  Also disabled it just to make sure.  It is not pf
Thanks

openbgp: operation not permitted

2008-06-13 Thread Lu Vo 
Greetings,

I set up 2 routers running openbgpd.  The first one is working well.  The
2nd one is not.

I am  seeing these errors in the syslog

Jun 13 14:18:13 router2 bgpd[9453]: neighbor xxx.191.188.137: write error:
Operation not permitted
Jun 13 14:22:23 router2 bgpd[9453]: neighbor xxx.191.188.137: connect:
Operation not permitted

I am not yet sure whether the problem is with the peer or with my server.
Because I set both servers up in the same manner, I am stumped as to why it
is complaining about permission issue:

# ps -ax | grep bgp
24233 ??  I   0:03.75 bgpd: route decision engine (bgpd)
 9453 ??  I   0:00.25 bgpd: session engine (bgpd)
14094 ??  Is  0:04.78 bgpd: parent (bgpd)
 1255 p0  R+/00:00.00 grep bgp

# bgpctl show neighbor
BGP neighbor is xxx.191.188.137, remote AS 15290
  BGP version 4, remote router-id xxx.191.66.21
  BGP state = Active, down for 00:26:13
  Last read 00:30:13, holdtime 240s, keepalive interval 80s

  Message statistics:
  Sent   Received
  Opens1  1
  Notifications0  0
  Updates  1  45502
  Keepalives  16 17
  Route Refresh0  0
  Total   18  45520

  Update statistics:
  Sent   Received
  Updates  0  0
  Withdraws0  0

  Local host:   xxx.191.188.139, Local port:  16342
  Remote host:  xxx.191.188.137, Remote port:   179


If you have seen this, please share your experience.

thanks.
Lu

openbgpd community strings

2008-05-20 Thread Lu Vo 
I am hoping someone in the know can shed some lights on this.


My snippet of bgpd.conf:


# MCI 
mci_as=11486
mci_peer1=142.77.114.132
mci_peer2=142.77.114.133
mci_peer3=208.218.245.33
# Allstream 
allstream_as=15290
allstream_peer1=209.82.101.41
allstream_carp_ip=209.82.101.44
pw=*

group MCI {
remote-as $mci_as
tcp md5sig password $pw
announce self
set nexthop $mci_peer3
multihop 3
neighbor $mci_peer1
neighbor $mci_peer2
neighbor $mci_peer3
set community 701:120
}
group Allstream {
remote-as $allstream_as
tcp md5sig password $pw
announce self
neighbor $allstream_peer1
set community 15290:90
}


None of the upstream providers (MCI and Allstream) claim they see the
community strings set by me.  Is this not the correct way of setting
community attribute ?

Thanks for reading.

Lu

Re: openbgpd community strings

2008-05-20 Thread Lu Vo 
2008/5/20 Aaron Glenn [EMAIL PROTECTED]:

 On Tue, May 20, 2008 at 4:21 PM, Lu Vo [EMAIL PROTECTED] wrote:
  I am hoping someone in the know can shed some lights on this.

 match to group MCI set { community 701:120 }
 match to group Allstream set { community 15290:90 }



 Stuart and Aaron,
Thank you for your help.  It is working.

Lu