BGPd : Announce received prefix to another peer
Hello,
I'm trying to re-announce a received subnet from peer A to peer B.
Here's what I've done :
#peer A
neighbor $peer4_IP {
remote-as $peer4_AS
descr $peer4_NAME
local-address $LOCAL_ADDR
holdtime20
holdtime min3
announceself
set weight 200
set localpref 200
}
#peer B
neighbor $peer3_IP {
remote-as $peer3_AS
descr $peer3_NAME
multihop2
local-address $LOCAL_ADDR
holdtime180
holdtime min3
announceself
set localpref 150
}
allow to $peer3_IP prefix / /24 prefix that I wan to redistribute to
peer A/ prefixlen = 32 set prepend-self 1
Can anybody tell me what's wrong and how I can do that ?
Second question : how can I check the route I'm announcing to a neighbor
with bgpctl (something like bgpctl show neighbor NEIGH1
advertised-routes) ?
Thanks
Cédric
--
OCEANET
---
[AGENCE DU MANS]
7, rue des Frênes
ZAC de la Pointe
72190 SARGE LES LE MANS
[t] +33 (0)2.43.50.26.50
[f] +33 (0)2.43.72.21.14
[AGENCE D'ANGERS]
5, rue Fleming
Angers Technopole
49066 ANGERS
[t] +33 (0)2.41.19.28.65
[f] +33 (0)2.52.19.22.00
http://www.oceanet.com
http://www.oceanet-telecom.com
General question about openbgpd and PF
Hi, Simple and general question : Is it a good thing to run PF on an openbgpd server (for security reasons), or should I de-activate PF ? Regards, Cédric -- OCEANET --- [AGENCE DU MANS] 7, rue des Frênes ZAC de la Pointe 72190 SARGE LES LE MANS [t] +33 (0)2.43.50.26.50 [f] +33 (0)2.43.72.21.14 [AGENCE D'ANGERS] 5, rue Fleming Angers Technopole 49066 ANGERS [t] +33 (0)2.41.19.28.65 [f] +33 (0)2.52.19.22.00 http://www.oceanet.com http://www.oceanet-telecom.com
Re: openBGPd - 2/4byte AS prepend
Hi Stuart, Thanks for the reply, our partner updated his software a few days ago, so it works now with a 32b ASN. Regards, Cédric Le 11/08/2013 00:23, Stuart Henderson a écrit : On 2013-08-02, OCEANET - Cédric BASSAGET ced...@oceanet.com wrote: Always working on my problem, if anybody can help me please. Here's a tcpdump of BGP exchanges between the neighbor (192.168.53.118) and me (192.168.53.113) : _Open from my neighbor, no 4 Byte AS capability :_ 17:26:04.529327 IP (tos 0xc0, ttl 1, id 16154, offset 0, flags [DF], proto TCP (6), length 79) 192.168.53.113.44169 192.168.53.118.bgp: Flags [P.], cksum 0x6e87 (correct), seq 687533061:687533100, ack 2368601536, win 16384, length 39: BGP, length: 39 Open Message (1), length: 39 Version 4, my AS 65426, Holdtime 20s, ID 46.226.128.1 Optional parameters, length: 10 Option Capabilities Advertisement (2), length: 8 Multiprotocol Extensions (1), length: 4 AFI IPv4 (1), SAFI Unicast (1) 0x: 0001 0001 _Open from me, 4 Byte AS capability :_ 17:26:04.530298 IP (tos 0xc0, ttl 1, id 61896, offset 0, flags [DF], proto TCP (6), length 93) 192.168.53.118.bgp 192.168.53.113.44169: Flags [P.], cksum 0x7ecf (correct), seq 1:54, ack 39, win 16345, length 53: BGP, length: 53 Open Message (1), length: 53 Version 4, my AS 35330, Holdtime 180s, ID 192.168.53.118 Optional parameters, length: 24 Option Capabilities Advertisement (2), length: 6 Multiprotocol Extensions (1), length: 4 AFI IPv4 (1), SAFI Unicast (1) 0x: 0001 0001 Option Capabilities Advertisement (2), length: 2 Route Refresh (Cisco) (128), length: 0 Option Capabilities Advertisement (2), length: 2 Route Refresh (2), length: 0 Option Capabilities Advertisement (2), length: 6 * 32-Bit AS Number (65), length: 4** ** 4 Byte AS 35330* 0x: 8a02 _Keepalives..._ 17:26:04.530350 IP (tos 0xc0, ttl 1, id 61897, offset 0, flags [DF], proto TCP (6), length 59) 192.168.53.118.bgp 192.168.53.113.44169: Flags [P.], cksum 0x320e (correct), seq 54:73, ack 39, win 16345, length 19: BGP, length: 19 Keepalive Message (4), length: 19 17:26:04.530479 IP (tos 0xc0, ttl 1, id 28050, offset 0, flags [DF], proto TCP (6), length 59) 192.168.53.113.44169 192.168.53.118.bgp: Flags [P.], cksum 0x31e7 (correct), seq 39:58, ack 73, win 16365, length 19: BGP, length: 19 Keepalive Message (4), length: 19 _Update :_ 17:26:04.530926 IP (tos 0xc0, ttl 1, id 37630, offset 0, flags [DF], proto TCP (6), length 94) 192.168.53.113.44169 192.168.53.118.bgp: Flags [P.], cksum 0x4a46 (correct), seq 58:112, ack 73, win 16384, length 54: BGP, length: 54 Update Message (2), length: 54 Origin (1), length: 1, Flags [T]: IGP 0x: 00 * AS Path (2), length: 4, Flags [T]: 23456 * 0x: 0201 5ba0 Next Hop (3), length: 4, Flags [T]: 192.168.53.113 0x: c0a8 3571 * AS4 Path (17), length: 6, Flags [OT]: 4 byte AS* 0x: 0201 0003 039c Updated routes: net/21 _Error notification :_ 17:26:04.531860 IP (tos 0xc0, ttl 1, id 61899, offset 0, flags [DF], proto TCP (6), length 68) 192.168.53.118.bgp 192.168.53.113.44169: Flags [P.], cksum 0xc800 (correct), seq 73:101, ack 112, win 16272, length 28: BGP, length: 28 *Notification Message (3), length: 28, UPDATE Message Error (3), subcode Malformed AS_PATH (11)* Regards, C�dric I think this is a config error, bgpd behaviour seems correct according to RFC 4893. To represent 4-octet AS numbers (which are not mapped from 2-octets) as 2-octet AS numbers in the AS path information encoded with 2-octet AS numbers, this document reserves a 2-octet AS number. We denote this special AS number as AS_TRANS for ease of description in the rest of this specification. This AS number is also placed in the My Autonomous System field of the OPEN message originated by a NEW BGP speaker, if the speaker does not have a (globally unique) 2-octet AS number. so, the rfc says: 1. in the OPEN you use either AS_TRANS or a unique other 16-bit AS number but, 2. in AS_PATH when talking to an old bgp speaker, you use AS_TRANS (*not* some other ASN) to replace any 32-bit ASN. additionally, whenever peers that handle 32-bit ASN talk to each other, they *always* use just AS_PATH (writing 32-bit ASNs in full), but when they talk to an old 16-bit-only peer, they *regenerate* AS_PATH as 16 bits by writing AS_TRANS in place of any 32-bit ASNs in the path - so even if you were allowed to use a number other than AS_TRANS in the (16-bit) path, that would be overwritten anyway when the update is received by another 32-bit speaker and then passed on to another 16-bit speaker. I think your options are: - ask the 16-bit-only peer to update
BGPD, filtering announced routes
Hi, We used to have two cisco routers for BGP, ans we changed for openbsd servers with bgpd. I'm looking for a feature that was simple on cisco : re-announce a learner subnet to a neighbor. In cisco, I had : router bgp MY_AS bgp router-id 46.226.x.x neighbor 46.18.x.x remote-as NEIGH1_AS neighbor 46.18.x.x description neigh1 address-family ipv4 neighbor 46.18.x.x activate neighbor 46.18.x.x route-map neigh1_voip_in in neighbor 46.18.x.x route-map neigh1_voip_out out route-map neigh1_voip_in permit 10 match ip address prefix-list neigh1_subnets_voip route-map neigh1_voip_in deny 100 match ip address prefix-list REFUSE_ALL route-map neigh1_voip_out permit 10 match ip address prefix-list voice_subnets set as-path prepend MY_AS route-map neigh1_voip_out deny 100 match ip address prefix-list REFUSE_ALL ip prefix-list voice_subnets seq 9 permit 91.213.x.x/24 le 32 == the subnet I want to redistribute to neigh1 ip prefix-list neigh1_subnets_voip seq 10 permit 46.18.x.x/26 le 32 == the subnet that neigh1 announces to me ip prefix-list REFUSE_ALL seq 10 permit 0.0.0.0/0 le 32 I'm trying to do the same thing with bgpd, but I can't find how. Any idea ? Thanks for your help. Regards, Cédric -- OCEANET --- [AGENCE DU MANS] 7, rue des Frênes ZAC de la Pointe 72190 SARGE LES LE MANS [t] +33 (0)2.43.50.26.50 [f] +33 (0)2.43.72.21.14 [AGENCE D'ANGERS] 5, rue Fleming Angers Technopole 49066 ANGERS [t] +33 (0)2.41.19.28.65 [f] +33 (0)2.52.19.22.00 http://www.oceanet.com http://www.oceanet-telecom.com
Re: BGPD, filtering announced routes
Thanks Gregory for your response, I will try that config.
Regards,
Cédric
Le 27/08/2013 13:20, Gregory Edigarov a écrit :
On 08/27/2013 01:11 PM, OCEANET - Cédric BASSAGET wrote:
Hi,
We used to have two cisco routers for BGP, ans we changed for openbsd
servers with bgpd.
I'm looking for a feature that was simple on cisco : re-announce a
learner subnet to a neighbor.
In cisco, I had :
router bgp MY_AS
bgp router-id 46.226.x.x
neighbor 46.18.x.x remote-as NEIGH1_AS
neighbor 46.18.x.x description neigh1
address-family ipv4
neighbor 46.18.x.x activate
neighbor 46.18.x.x route-map neigh1_voip_in in
neighbor 46.18.x.x route-map neigh1_voip_out out
route-map neigh1_voip_in permit 10
match ip address prefix-list neigh1_subnets_voip
route-map neigh1_voip_in deny 100
match ip address prefix-list REFUSE_ALL
route-map neigh1_voip_out permit 10
match ip address prefix-list voice_subnets
set as-path prepend MY_AS
route-map neigh1_voip_out deny 100
match ip address prefix-list REFUSE_ALL
ip prefix-list voice_subnets seq 9 permit 91.213.x.x/24 le 32
== the subnet I want to redistribute to neigh1
ip prefix-list neigh1_subnets_voip seq 10 permit 46.18.x.x/26 le 32 ==
the subnet that neigh1 announces to me
ip prefix-list REFUSE_ALL seq 10 permit 0.0.0.0/0 le 32
I'm trying to do the same thing with bgpd, but I can't find how.
Any idea ?
like this:
REFUSE_ALL= {}
deny prefix $REFUSE_ALL
allow from 46.18.x.x prefix 46.18.x.x/24 prefixlen = 32
allow to 46.18.x.x prefix 91.213.x.x/24 prefixlen = 32 set
prepend-self 1
--
OCEANET
---
[AGENCE DU MANS]
7, rue des Frênes
ZAC de la Pointe
72190 SARGE LES LE MANS
[t] +33 (0)2.43.50.26.50
[f] +33 (0)2.43.72.21.14
[AGENCE D'ANGERS]
5, rue Fleming
Angers Technopole
49066 ANGERS
[t] +33 (0)2.41.19.28.65
[f] +33 (0)2.52.19.22.00
http://www.oceanet.com
http://www.oceanet-telecom.com
Re: openBGPd - 2/4byte AS prepend
Always working on my problem, if anybody can help me please.
Here's a tcpdump of BGP exchanges between the neighbor (192.168.53.118)
and me (192.168.53.113) :
_Open from my neighbor, no 4 Byte AS capability :_
17:26:04.529327 IP (tos 0xc0, ttl 1, id 16154, offset 0, flags [DF],
proto TCP (6), length 79)
192.168.53.113.44169 192.168.53.118.bgp: Flags [P.], cksum 0x6e87
(correct), seq 687533061:687533100, ack 2368601536, win 16384, length
39: BGP, length: 39
Open Message (1), length: 39
Version 4, my AS 65426, Holdtime 20s, ID 46.226.128.1
Optional parameters, length: 10
Option Capabilities Advertisement (2), length: 8
Multiprotocol Extensions (1), length: 4
AFI IPv4 (1), SAFI Unicast (1)
0x: 0001 0001
_Open from me, 4 Byte AS capability :_
17:26:04.530298 IP (tos 0xc0, ttl 1, id 61896, offset 0, flags [DF],
proto TCP (6), length 93)
192.168.53.118.bgp 192.168.53.113.44169: Flags [P.], cksum 0x7ecf
(correct), seq 1:54, ack 39, win 16345, length 53: BGP, length: 53
Open Message (1), length: 53
Version 4, my AS 35330, Holdtime 180s, ID 192.168.53.118
Optional parameters, length: 24
Option Capabilities Advertisement (2), length: 6
Multiprotocol Extensions (1), length: 4
AFI IPv4 (1), SAFI Unicast (1)
0x: 0001 0001
Option Capabilities Advertisement (2), length: 2
Route Refresh (Cisco) (128), length: 0
Option Capabilities Advertisement (2), length: 2
Route Refresh (2), length: 0
Option Capabilities Advertisement (2), length: 6
* 32-Bit AS Number (65), length: 4**
** 4 Byte AS 35330*
0x: 8a02
_Keepalives..._
17:26:04.530350 IP (tos 0xc0, ttl 1, id 61897, offset 0, flags [DF],
proto TCP (6), length 59)
192.168.53.118.bgp 192.168.53.113.44169: Flags [P.], cksum 0x320e
(correct), seq 54:73, ack 39, win 16345, length 19: BGP, length: 19
Keepalive Message (4), length: 19
17:26:04.530479 IP (tos 0xc0, ttl 1, id 28050, offset 0, flags [DF],
proto TCP (6), length 59)
192.168.53.113.44169 192.168.53.118.bgp: Flags [P.], cksum 0x31e7
(correct), seq 39:58, ack 73, win 16365, length 19: BGP, length: 19
Keepalive Message (4), length: 19
_Update :_
17:26:04.530926 IP (tos 0xc0, ttl 1, id 37630, offset 0, flags [DF],
proto TCP (6), length 94)
192.168.53.113.44169 192.168.53.118.bgp: Flags [P.], cksum 0x4a46
(correct), seq 58:112, ack 73, win 16384, length 54: BGP, length: 54
Update Message (2), length: 54
Origin (1), length: 1, Flags [T]: IGP
0x: 00
* AS Path (2), length: 4, Flags [T]: 23456 *
0x: 0201 5ba0
Next Hop (3), length: 4, Flags [T]: 192.168.53.113
0x: c0a8 3571
* AS4 Path (17), length: 6, Flags [OT]: 4 byte AS*
0x: 0201 0003 039c
Updated routes:
net/21
_Error notification :_
17:26:04.531860 IP (tos 0xc0, ttl 1, id 61899, offset 0, flags [DF],
proto TCP (6), length 68)
192.168.53.118.bgp 192.168.53.113.44169: Flags [P.], cksum 0xc800
(correct), seq 73:101, ack 112, win 16272, length 28: BGP, length: 28
*Notification Message (3), length: 28, UPDATE Message Error (3),
subcode Malformed AS_PATH (11)*
Regards,
Cédric
Le 30/07/2013 13:54, OCEANET - Cédric BASSAGET a écrit :
So is my problem a configuration issue, a problem in openbgpd or just
something that is undoable ?
Regards,
Cédric
Le 30/07/2013 09:01, OCEANET - Cédric BASSAGET a écrit :
Hello Claudio,
I'm using AS 65426.
This is the UPDATE message my bgpd sends to my neighbor :
Update Message (2), length: 54
Origin (1), length: 1, Flags [T]: IGP
0x: 00
AS Path (2), length: 4, Flags [T]: 23456
0x: 0201 5ba0
Next Hop (3), length: 4, Flags [T]: 192.168.53.113
0x: c0a8 3571
AS4 Path (17), length: 6, Flags [OT]: 4 bytes AS
0x: 0201 0003 039c
Updated routes:
46.226.x.x/21
Regards,
Cédric
Le 29/07/2013 23:37, Claudio Jeker a écrit :
On Mon, Jul 29, 2013 at 09:33:55AM +0200, OCEANET - Cédric BASSAGET wrote:
Hello,
I'm trying to replace two cisco routers by two openBGPd routers.
A have 3 neighbors, two with 4-bytes AS, and one which only supports
2-bytes AS for now.
I have a 4-bytes AS too.
So in my bgpd.conf, I have :
...
AS my 4bytes a 2bytes AS
network z.z.z.z/21
...
neighbor neighbor's ip address#a neighbor which supports 4 bytes AS
{
remote-as neighbor's AS
set prepend-self 1
}
...
neighbor neighbor's ip address#a neighbor which supports 2 bytes
AS only
{
remote-as neighbor's AS
set prepend-self 2
}
...
My problem is that my second neighbor return this message :
neighbor : received notification: error in UPDATE message, AS-Path
unacceptable
I think bgpd is trying to prepend
Re: openBGPd - 2/4byte AS prepend
Hello Claudio,
I'm using AS 65426.
This is the UPDATE message my bgpd sends to my neighbor :
Update Message (2), length: 54
Origin (1), length: 1, Flags [T]: IGP
0x: 00
AS Path (2), length: 4, Flags [T]: 23456
0x: 0201 5ba0
Next Hop (3), length: 4, Flags [T]: 192.168.53.113
0x: c0a8 3571
AS4 Path (17), length: 6, Flags [OT]: 4 bytes AS
0x: 0201 0003 039c
Updated routes:
46.226.x.x/21
Regards,
Cédric
Le 29/07/2013 23:37, Claudio Jeker a écrit :
On Mon, Jul 29, 2013 at 09:33:55AM +0200, OCEANET - Cédric BASSAGET wrote:
Hello,
I'm trying to replace two cisco routers by two openBGPd routers.
A have 3 neighbors, two with 4-bytes AS, and one which only supports
2-bytes AS for now.
I have a 4-bytes AS too.
So in my bgpd.conf, I have :
...
AS my 4bytes a 2bytes AS
network z.z.z.z/21
...
neighbor neighbor's ip address#a neighbor which supports 4 bytes AS
{
remote-as neighbor's AS
set prepend-self 1
}
...
neighbor neighbor's ip address#a neighbor which supports 2 bytes
AS only
{
remote-as neighbor's AS
set prepend-self 2
}
...
My problem is that my second neighbor return this message :
neighbor : received notification: error in UPDATE message, AS-Path
unacceptable
I think bgpd is trying to prepend the neighbor which does not support
4bytes AS with... a 4 bytes AS, due to the set prepend-self 2.
Now, time for the questions :
- Is it openBGPd's normal behavior ?
- Is there a way to force prepending with the 2 bytes AS ? I saw
announce as-4byte (yes|no) in manpage, is this option designed for that ?
OpenBGPD will prepend with AS_TRANS (23456) if the system has a 4-byte AS.
This comes from the fact that internally all AS_PATHes are 4-byte and we
deflate the AS_PATH for those session that can only handle the 2-byte
ones. Doing that causes all 4-byte AS nummbers to be replaced with
AS_TRANS.
What 2-byte AS are you using for the old connection? By default AS_TRANS
would be used and then enforce neighbor-as would not trigger.
--
OCEANET
---
[AGENCE DU MANS]
7, rue des Frênes
ZAC de la Pointe
72190 SARGE LES LE MANS
[t] +33 (0)2.43.50.26.50
[f] +33 (0)2.43.72.21.14
[AGENCE D'ANGERS]
5, rue Fleming
Angers Technopole
49066 ANGERS
[t] +33 (0)2.41.19.28.65
[f] +33 (0)2.52.19.22.00
http://www.oceanet.com
http://www.oceanet-telecom.com
Re: openBGPd - 2/4byte AS prepend
So is my problem a configuration issue, a problem in openbgpd or just
something that is undoable ?
Regards,
Cédric
Le 30/07/2013 09:01, OCEANET - Cédric BASSAGET a écrit :
Hello Claudio,
I'm using AS 65426.
This is the UPDATE message my bgpd sends to my neighbor :
Update Message (2), length: 54
Origin (1), length: 1, Flags [T]: IGP
0x: 00
AS Path (2), length: 4, Flags [T]: 23456
0x: 0201 5ba0
Next Hop (3), length: 4, Flags [T]: 192.168.53.113
0x: c0a8 3571
AS4 Path (17), length: 6, Flags [OT]: 4 bytes AS
0x: 0201 0003 039c
Updated routes:
46.226.x.x/21
Regards,
Cédric
Le 29/07/2013 23:37, Claudio Jeker a écrit :
On Mon, Jul 29, 2013 at 09:33:55AM +0200, OCEANET - Cédric BASSAGET wrote:
Hello,
I'm trying to replace two cisco routers by two openBGPd routers.
A have 3 neighbors, two with 4-bytes AS, and one which only supports
2-bytes AS for now.
I have a 4-bytes AS too.
So in my bgpd.conf, I have :
...
AS my 4bytes a 2bytes AS
network z.z.z.z/21
...
neighbor neighbor's ip address#a neighbor which supports 4 bytes AS
{
remote-as neighbor's AS
set prepend-self 1
}
...
neighbor neighbor's ip address#a neighbor which supports 2 bytes
AS only
{
remote-as neighbor's AS
set prepend-self 2
}
...
My problem is that my second neighbor return this message :
neighbor : received notification: error in UPDATE message, AS-Path
unacceptable
I think bgpd is trying to prepend the neighbor which does not support
4bytes AS with... a 4 bytes AS, due to the set prepend-self 2.
Now, time for the questions :
- Is it openBGPd's normal behavior ?
- Is there a way to force prepending with the 2 bytes AS ? I saw
announce as-4byte (yes|no) in manpage, is this option designed for that ?
OpenBGPD will prepend with AS_TRANS (23456) if the system has a 4-byte AS.
This comes from the fact that internally all AS_PATHes are 4-byte and we
deflate the AS_PATH for those session that can only handle the 2-byte
ones. Doing that causes all 4-byte AS nummbers to be replaced with
AS_TRANS.
What 2-byte AS are you using for the old connection? By default AS_TRANS
would be used and then enforce neighbor-as would not trigger.
--
OCEANET
---
[AGENCE DU MANS]
7, rue des Frênes
ZAC de la Pointe
72190 SARGE LES LE MANS
[t] +33 (0)2.43.50.26.50
[f] +33 (0)2.43.72.21.14
[AGENCE D'ANGERS]
5, rue Fleming
Angers Technopole
49066 ANGERS
[t] +33 (0)2.41.19.28.65
[f] +33 (0)2.52.19.22.00
http://www.oceanet.com
http://www.oceanet-telecom.com
--
OCEANET
---
[AGENCE DU MANS]
7, rue des Frênes
ZAC de la Pointe
72190 SARGE LES LE MANS
[t] +33 (0)2.43.50.26.50
[f] +33 (0)2.43.72.21.14
[AGENCE D'ANGERS]
5, rue Fleming
Angers Technopole
49066 ANGERS
[t] +33 (0)2.41.19.28.65
[f] +33 (0)2.52.19.22.00
http://www.oceanet.com
http://www.oceanet-telecom.com
openBGPd - 2/4byte AS prepend
Hello,
I'm trying to replace two cisco routers by two openBGPd routers.
A have 3 neighbors, two with 4-bytes AS, and one which only supports
2-bytes AS for now.
I have a 4-bytes AS too.
So in my bgpd.conf, I have :
...
AS my 4bytes a 2bytes AS
network z.z.z.z/21
...
neighbor neighbor's ip address#a neighbor which supports 4 bytes AS
{
remote-as neighbor's AS
set prepend-self 1
}
...
neighbor neighbor's ip address#a neighbor which supports 2 bytes
AS only
{
remote-as neighbor's AS
set prepend-self 2
}
...
My problem is that my second neighbor return this message :
neighbor : received notification: error in UPDATE message, AS-Path
unacceptable
I think bgpd is trying to prepend the neighbor which does not support
4bytes AS with... a 4 bytes AS, due to the set prepend-self 2.
Now, time for the questions :
- Is it openBGPd's normal behavior ?
- Is there a way to force prepending with the 2 bytes AS ? I saw
announce as-4byte (yes|no) in manpage, is this option designed for that ?
Thanks for your replies.
Regards,
Cédric
--
OCEANET
---
[AGENCE DU MANS]
7, rue des Frênes
ZAC de la Pointe
72190 SARGE LES LE MANS
[t] +33 (0)2.43.50.26.50
[f] +33 (0)2.43.72.21.14
[AGENCE D'ANGERS]
5, rue Fleming
Angers Technopole
49066 ANGERS
[t] +33 (0)2.41.19.28.65
[f] +33 (0)2.52.19.22.00
http://www.oceanet.com
http://www.oceanet-telecom.com
Re: openBGPd - 2/4byte AS prepend
Still working on my problem.
When doing a tcpdumpc apture of bgp UPDATE messages sent to neighbor 2
(2-bytes AS), I still have
/Update Message (2), length: 54//
// Origin (1), length: 1, Flags [T]: IGP//
//0x: 00//
// AS Path (2), length: 4, Flags [T]: *23456 *//
//0x: 0201 5ba0//
// Next Hop (3), length: 4, Flags [T]: 192.168.x.x//
//0x: c0a8 3571//
// AS4 Path (17), length: 6, Flags [OT]: my 4bytes AS//
//0x: 0201 0003 039c//
// Updated routes://
//46.226.x.x/21//
/
Why is AS 23456 still here ? Shouldn't it be replaced with my 2bytes AS ?
Regards,
Cédric
Le 29/07/2013 09:33, OCEANET - Cédric BASSAGET a écrit :
Hello,
I'm trying to replace two cisco routers by two openBGPd routers.
A have 3 neighbors, two with 4-bytes AS, and one which only supports
2-bytes AS for now.
I have a 4-bytes AS too.
So in my bgpd.conf, I have :
...
AS my 4bytes a 2bytes AS
network z.z.z.z/21
...
neighbor neighbor's ip address#a neighbor which supports 4 bytes AS
{
remote-as neighbor's AS
set prepend-self 1
}
...
neighbor neighbor's ip address#a neighbor which supports 2 bytes
AS only
{
remote-as neighbor's AS
set prepend-self 2
}
...
My problem is that my second neighbor return this message :
neighbor : received notification: error in UPDATE message, AS-Path
unacceptable
I think bgpd is trying to prepend the neighbor which does not support
4bytes AS with... a 4 bytes AS, due to the set prepend-self 2.
Now, time for the questions :
- Is it openBGPd's normal behavior ?
- Is there a way to force prepending with the 2 bytes AS ? I saw
announce as-4byte (yes|no) in manpage, is this option designed for
that ?
Thanks for your replies.
Regards,
Cédric
--
OCEANET
---
[AGENCE DU MANS]
7, rue des Frênes
ZAC de la Pointe
72190 SARGE LES LE MANS
[t] +33 (0)2.43.50.26.50
[f] +33 (0)2.43.72.21.14
[AGENCE D'ANGERS]
5, rue Fleming
Angers Technopole
49066 ANGERS
[t] +33 (0)2.41.19.28.65
[f] +33 (0)2.52.19.22.00
http://www.oceanet.com
http://www.oceanet-telecom.com
--
OCEANET
---
[AGENCE DU MANS]
7, rue des Frênes
ZAC de la Pointe
72190 SARGE LES LE MANS
[t] +33 (0)2.43.50.26.50
[f] +33 (0)2.43.72.21.14
[AGENCE D'ANGERS]
5, rue Fleming
Angers Technopole
49066 ANGERS
[t] +33 (0)2.41.19.28.65
[f] +33 (0)2.52.19.22.00
http://www.oceanet.com
http://www.oceanet-telecom.com
