BGP community not being set on outbound BGP updates

Lex van Roon r3boot at r3blog.nl
Wed Apr 11 11:43:22 CEST 2012


On 07/04/12 13:14, Ondrej Zajicek wrote:
> On Thu, Apr 05, 2012 at 03:21:52PM +0200, Lex van Roon wrote:
>> Hi All,
>> 
>> I'm building a s/RTBH setup based on bird 1.3.7. I'm using a
>> single route injector which has iBGP peerings with my
>> route-reflector cluster. The setup looks like this (with the
>> injector running on OpenBSD-4.9/Alpha and router* running on
>> Debian Squeeze amd64 if that matters):
>> 
>> [injector] /       \ /         \ /           \ [router 1]
>> [router 2]
>> 
>> On the injector, I configure static routes, which I export over
>> BGP. I want to tag these prefixes with a BGP community, so I can
>> nullroute the IP's on my route-reflectors and all routers that
>> are connected to this cluster.
> 
> ...
> 
>> My questions:
>> 
>> 1) First, are these configuration snippets and command output
>> enough to assist in these questions? 2) Is it possible to set a
>> BGP community on a static route which is being exported over BGP?
>> The example in the docs(*) says I should be able to do this. 3)
>> Am i doing something wrong in this setup that is causing the BGP 
>> community not being set? 4) Is there a more intelligent way to
>> get this to work? Imho, using a BGP community is the most
>> cleanest and generic way to implement this, but I want this to be
>> set on the injector, and not on my RR cluster.
> 
> Yes, this is a proper way to do this, setting bgp_community in this
> way should work and in my test setup that config and that commands
> work as expected.
> 
> There are some steps you could try to find the problem:
> 
> 1) check the log to see if there is no filter error report.
> 
> 2) restart the injector to see if the config is really used.
> 
> 3) remove import filter on router_* (use import all) to see
> whether the problem is only in 'birdc show route export router_1
> all' command or also in the real export (it is independently
> computed).
> 
> 4) you could try to move setting bgp_community to the import filter
> of static protocol 'blacklist', in that case community should be
> seen even with 'birdc show route 1.2.3.4/32 all'. But the position
> in export filter of bgp should work too.

This was the actual solution:

protocol static injector {
    route 1.2.3.4/32 via 192.0.2.1;
    import filter {
        bgp_community.add((65342,666));
        accept;
    };
}

> 
> 5) send me full config, i will check if there isn't some other
> problem that might be related.
> 
> 6) you could try another architecture for injector, perhaps there
> is some obscure problem in BIRD on Alphas.

I'm currently porting my software towards debian-squeeze-amd64, to see
if I can replicate this issue.

> 
> 
> BTW, resetting BGP community with 'bgp_community = -empty-;' is
> not necessary, it is implicitly handled as empty, but should not
> harm anyway.
> 
> 


-- 
LRO-RIPE | 11FCBF2A | 756E 845C 0A88 75FF C750  1E7E 9723 E0DF 11FC BF2A



More information about the Bird-users mailing list