BGP with wrong netmask on wan interface

Alexander Zubkov green at qrator.net
Wed Nov 8 10:15:53 CET 2017 

Hi,

You have:

WAN (Mobile): 10.6.90.187 / 255.0.0.0

OpenVPN interface (tap0):  10.9.140.33 / 255.255.252.0


protocol bgp BGP1 from RR_LTE { neighbor 10.9.140.1 as 1; preference 140;};


So you are trying to reach 10.9.140.1. If you have no additional routes,
than this address falls into

10.6.90.187 / 255.0.0.0 network, i.e. WAN interface and will be routed
there.


On Wed, Nov 8, 2017 at 8:20 AM, Magnus Löfqvist <ml at vmi.se> wrote:

> Hi,
>
>
>
> I have some mobile routers (connected over LTE) and with openvpn.
>
>
>
> Over the openvpn we are running a BGP to allow distribute some routes and
> export routes.
>
>
>
> Some of the routers are having wrong netmask (255.0.0.0 instead of
> 255.255.255.252).
>
> This seems to work (ie internet are working, and the openvpn connection is
> established).
>
>
>
> But when we are trying to get the BGP connection up, it tries to send the
> BGP connection over the WAN istead of openvpn connection.
>
> I guess that I have made some mistake in the config.
>
> It should take smaller path before matching the larger..
>
>
>
>
>
> WAN (Mobile): 10.6.90.187 / 255.0.0.0
>
> OpenVPN interface (tap0):  10.9.140.33 / 255.255.252.0
>
>
>
> Bird config:
>
>
>
> template bgp RR_LTE {
>
>         debug all;                                  # debug BGP
>
>         description "BIRD RR";
>
>         local as 1;                                 # the AS used by the
> local BGP speaker
>
>         direct;
>
>         gateway direct;
>
>         import filter import_ATM;                                 # just
> accept everything
>
>         export filter export_ATM;                                 # and
> advertise it to all the neigbors
>
>         connect retry time 10;                      # reconnect try after
> 10s
>
>         hold time 240;                               # hold time send in
> BGP messages
>
> }
>
>
>
> protocol bgp BGP1 from RR_LTE { neighbor 10.9.140.1 as 1; preference 140;};
>
>
>
> root at client1:/etc# tcpdump -ni wwan0 tcp port 179 and host 10.9.140.1
>
> tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
>
> listening on wwan0, link-type EN10MB (Ethernet), capture size 65535 bytes
>
> 15:29:08.755188 IP 10.6.90.187.34974 > 10.9.140.1.179: Flags [S], seq
> 1482209106, win 14600, options [mss 1460,sackOK,TS val 88007 ecr
> 0,nop,wscale 8], length 0
>
> 15:29:11.762726 IP 10.6.90.187.45591 > 10.9.140.1.179: Flags [S], seq
> 1681977930, win 14600, options [mss 1460,sackOK,TS val 88307 ecr
> 0,nop,wscale 8], length 0
>
>
>
>
>
>
>
> Med vänlig hälsning / Best regards
>
> Magnus Löfqvist
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://trubka.network.cz/pipermail/bird-users/attachments/20171108/7728cb31/attachment.html>

More information about the Bird-users mailing list