bgpd question...
Hello I am trying to understand the behavior of BGPD. My setup is as below I'm trying to understand when BGPD will withdraw a route of a local interface. /etc/hostname.vether0 inet 192.0.2.1 255.255.255.255 /etc/bgpd.conf myas="65003" AS $myas router-id 1.0.0.1 network inet connected fib-update yes log updates group "tests" { remote-as 65001 local-address 192.168.1.111 neighbor 192.168.1.114 } allow from any allow to any When vether0 is in an UP state I look at the rib and see what I expect. The IP of vether0 is in the rib. router1# bgpctl show rib claustrum# bgpctl show rib flags: * = Valid, > = Selected, I = via IBGP, A = Announced, S = Stale, E = Error origin validation state: N = not-found, V = valid, ! = invalid origin: i = IGP, e = EGP, ? = Incomplete flags ovs destination gateway lpref med aspath origin AI*>N 192.0.2.1/32 0.0.0.0 100 0 i AI*>N 192.168.1.0/24 0.0.0.0 100 0 i * N 192.168.1.0/24 192.168.1.114 100 0 65001 i When I down the vether0 interface with 'ifconfig vether0 down' I would expect that the route is either removed or at least become invalid and the announce is withdrawn. But when I check the rib 'A' and '*' flags are still set. router1# bgpctl show rib flags: * = Valid, > = Selected, I = via IBGP, A = Announced, S = Stale, E = Error origin validation state: N = not-found, V = valid, ! = invalid origin: i = IGP, e = EGP, ? = Incomplete flags ovs destination gateway lpref med aspath origin AI*>N 192.0.2.1/32 0.0.0.0 100 0 i AI*>N 192.168.1.0/24 0.0.0.0 100 0 i * N 192.168.1.0/24 192.168.1.114 100 0 65001 i The rib is unchanged. Is this expected behavior? Thank you in advance
bgpd question
hi there, i found this interesting article http://www.renesys.com/blog/2009/08/staring-into-the-gorge.shtml i am not a bgp user so i would be grateful if someone answered how openbsd's bgpd handles the described problem. thanks, -f -- so you think you can tell heaven from hell.
Re: bgpd question
* frantisek holop min...@obiit.org [2009-08-31 20:27]: hi there, i found this interesting article http://www.renesys.com/blog/2009/08/staring-into-the-gorge.shtml i am not a bgp user so i would be grateful if someone answered how openbsd's bgpd handles the described problem. thanks, executive summary: 1) missing/bad input verification leads to session drops not much you can do but being paranoid about every input. we do as much verification as we can. unfortunately the bgp rfcs are often ... bad or ambiguous, and require you to drop sessions. but we do what we can here. 2) the issue is amplified by every router on the planet forwarding the weird packet. nothing we can do about that - this is how bgp works. well, see 3), helps a bit. 3) session flap dampening could mitigate the amplification a bit, but nobody implements it nobody? in a small village called openbgpd we've done that from day #1 on, and there is no button to disable it. i actually had the flap dampening in my first prototype that couldn't do anything with update messages but drop them. -- Henning Brauer, h...@bsws.de, henn...@openbsd.org BS Web Services, http://bsws.de Full-Service ISP - Secure Hosting, Mail and DNS Services Dedicated Servers, Rootservers, Application Hosting - Hamburg Amsterdam
BGPD question
Hello, I want to create BGP speaker that can give different next-hop address for same prefix dependent on the BGP peer. E.g. for the prefix 10.20.30.40/32 a want to tell peer1 to use next-hop 10.0.0.1 and tell peer2 to use next-hop 10.0.0.2. Would this be possible when using BGPD without code modification? Regards, Jens
Re: BGPD question
On Fri, 12 Sep 2008 19:48:04 +0700, Jens Kassel [EMAIL PROTECTED] wrote: Hello, I want to create BGP speaker that can give different next-hop address for same prefix dependent on the BGP peer. E.g. for the prefix 10.20.30.40/32 a want to tell peer1 to use next-hop 10.0.0.1 and tell peer2 to use next-hop 10.0.0.2. Would this be possible when using BGPD without code modification? Regards, Jens Most likely using match and set :D e.g match from any to $bgp_peer1 inet prefix 10.20.30.40/32 set nexthop 10.0.0.1 match from any to $bgp_peer2 inet prefix 10.20.30.40/32 set nexthop 10.0.0.2 Good luck, -- insandotpraja(at)gmaildotcom
Re: BGPD question
See bgpd.conf(5). On 2008-09-12, Jens Kassel [EMAIL PROTECTED] wrote: Hello, I want to create BGP speaker that can give different next-hop address for same prefix dependent on the BGP peer. E.g. for the prefix 10.20.30.40/32 a want to tell peer1 to use next-hop 10.0.0.1 and tell peer2 to use next-hop 10.0.0.2. Would this be possible when using BGPD without code modification? Regards, Jens
BGPD Question
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hello. I have a question about BGPD. It's my bgpd.conf group peering AS { remote-as neighbor $peer1 { descr Principal announce all local-address $local1 depend on carp1 set metric 1 set localpref 200 } neighbor $peer2 { descr BKP announce all local-address $local2 depend on carp2 set metric 2 set localpref 100 } } I have 2 link whith the same upstream provider, but, i need to use only one, the other link is a backup. I need to send to my peers some bgp attributes. One of this is MED. Using set metric i send the MED attribute to other peer, os it's local only? I need some filters? Thanks. []'s Nadal - -- +---+ | Anderson Nadal [EMAIL PROTECTED] - RHCE | |Coordenador Tecnico| | Fone: + 55 41 3331 8200 | | FAX: + 55 41 3331 8256 | | OndaRPC | | www.ondarpc.com.br | |Registered Linux User: 56841 | | PGP KEY: www.keyserver.net KEY ID 6ABB668D| | M.O.V.I | +---+ Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iD8DBQFEFsmjLQAusHT90XQRAgmfAKCf3oVpUuSq828MLhZu+3fQvKlXigCfTv8p zTIhr01fD38FSZXLn/txUvI= =/9/A -END PGP SIGNATURE-