bgp soft reconfiguration inbound
Wolfgang Hennerbichler
wh at univie.ac.at
Mon Nov 30 16:40:23 CET 2009
On Nov 23, 2009, at 18:23 , Ondrej Zajicek wrote:
> On Mon, Nov 23, 2009 at 08:19:43AM +0100, Wolfgang Hennerbichler wrote:
>> well, this is because our concept differs from the one of nic.cz. We
>> filter at the border, and build pipes to every neighbor who has decided
>> to peer. See this illustration I've made for the last euro-ix:
>> http://tiny.wogri.at/PP (red is the filters, the arcs are the pipes).
>> This means we have no "main" rib. This is good in certain ways:
>
> Interesting concept. BTW, you should make sure that filters on the
> pipes are set such that there is no loop for each route.
hm. it seems that I do - sometimes - get loops.
Nov 30 14:00:30 rs1 bird: Pipe loop detected when sending 84.205.69.0/24 to table T8596x130
...
this only happens very rarely, maybe during configure soft or a bgp update. nevertheless I don't quite get it, because I do have filters in place which should avoid that. All my pipes look like this:
protocol pipe P30971x30x15 {
table T30971x30;
mode transparent;
peer table T5403x15;
import filter { reject; };
export filter {
if from = 193.203.0.30 then {
accept;
}
else reject;
};
}
Shouldn't the from be enough? Should I add a
if ! source = RTS_BGP reject;
?
Do the pipes ignore the filters at any time?
thanks,
Wolfgang
PS: We've got BIRD running at VIX in Beta now, about 12 participants, no crashes, no problems at all (except for the loop notices)
> --
> Elen sila lumenn' omentielvo
>
> Ondrej 'SanTiago' Zajicek (email: santiago at crfreenet.org)
> OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net)
> "To err is human -- to blame it on a computer is even more so."
--
www.vix.at | www.aco.net
wh at univie.ac.at | WH844-RIPE
Vienna University Computer Center
More information about the Bird-users
mailing list