need help to use freebsd fib and bgp

Marek Zarychta zarychtam at plan-b.pwste.edu.pl
Wed Jun 7 22:01:19 CEST 2023


W dniu 7.06.2023 o 09:03, Benoit Chesneau pisze:
> Hi all,
> 
Hello !

> What I am trying to achieve is to connect to remote peers using information found in fib1 routing table setup in freebsd and export / import routing information in this table using BGP. 
I don't know your exact requirements, but you can use fib 0 for peering 
and fib 1 for keeping routes, that's common. You can also run BIRD under 
fib 1 and use fib 0, 1 or even 2 for routes keeping, that's all allowed.

>The issue I have right now is that this configuratin doesn't work. It can't connect to the remote A.B.C.0 ip and I get such errors in logs:
> 
> ```
> 2023-06-06 02:05:58.571 <TRACE> enkiv4: A.B.C.D/24: ignored
> 2023-06-06 02:05:58.571 <TRACE> enkiv4: A.B.C.D/32: [alien] created
> 2023-06-06 02:05:58.571 <TRACE> enkiv4.ipv4 > added [best] A.B.C.D/32 0L 4G unicast
> 2023-06-06 02:05:58.571 <TRACE> enkiv4.ipv4 < rejected by protocol A.B.C.D/32 0L 4G unicast
> ```
> 
> Is this pattern expected to work? I am wondering if it's not an issue in Freebsd 13.2p0 version. I tried different combination these days without success. Any help would be much appreciated :)
> 
> The connection used for bgp arrived on a vlan 20 on nic2 which I setup on fib1, while the management interface is on another nic (bge0) and get its IP using DHCP:
> 
> ```
> bge0 ---> fib 0 (used for management) DHCP
> vlan20 -> fib 1 (connect to remote BGP peer) , static /31 IPV4
> ```
> 
Is BIRD running in fib 1 ? Are you invoking bird from setfib(1)?

> Here is a snippet of network setup:
> 
> ```
> # ifconfig bge0
> bge0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
>      options=c019b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,TSO4,VLAN_HWTSO,LINKSTATE>
>      ether 94:18:82:7b:88:20
>      inet6 fe80::9618:82ff:fe7b:8820%bge0 prefixlen 64 scopeid 0x3
>      inet 192.168.88.249 netmask 0xffffff00 broadcast 192.168.88.255
>      media: Ethernet autoselect (1000baseT <full-duplex>)
>      status: active
>      nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
> 
> 
> # ifconfig vlan20
> vlan2021: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
>      options=680703<RXCSUM,TXCSUM,TSO4,TSO6,LRO,LINKSTATE,RXCSUM_IPV6,TXCSUM_IPV6>
>      ether 50:65:f3:8b:98:71
>      inet A.B.C.1 netmask 0xfffffffe broadcast 255.255.255.255
>      inet6 fe80::5265:f3ff:fe8b:9871%vlan2021 prefixlen 64 scopeid 0xb
>      groups: vlan
>      vlan: 20 vlanproto: 802.1q vlanpcp: 0 parent interface: mlxen0
>      fib: 1
>      media: Ethernet autoselect (40Gbase-CR4 <full-duplex,rxpause,txpause>)
>      status: active
>      nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
> 
> $ sudo netstat -rn4
> Routing tables
> 
> Internet:
> Destination        Gateway            Flags     Netif Expire
> A.B.C.0/31    link#11            U      vlan2021
> A.B.C.1       link#11            UHS         lo0
> 127.0.0.1          link#7             UHS         lo0
> ```

This is routing table for fib 0, what about:
$netstat -rn4 -F1 ?


> 
> A minimal setup (edited for anonymization) in Bird is the following
> 
> 
> ```
>     router id A.B.C.1;
>     ipv4 table tabv4 sorted;
> 
> 
>      protocol kernel enkiv4 {
>              learn;
>              kernel table 1;
>              ipv4 {
>                      table tabv4;
>                      import all;
>                      export all;
>              };
>      }
> 
>      protocol bgp transit_ipv4_1 {
>          local A.B.C.1 as XXXX;
>          neighbor A.B.C.0 as XXXX;
>          default bgp_med 0;
>          default bgp_local_pref 50;
>          password "somepass";
>          ipv4 {
> 
>              table tabv4;
>              import keep filtered;
>              import filter ebgp_import;
>              export filter ebgp_export;
>              next hop self;
>          };
>      };
> ```
> 
> routes that will be adverised are setup as blackhole routes directly in FreeBSD. Should I setup them using the static protocol?
> 
> 
> 
> Benoît
> 

-- 
Marek Zarychta

-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 495 bytes
Desc: OpenPGP digital signature
URL: <http://trubka.network.cz/pipermail/bird-users/attachments/20230607/f2aaf559/attachment.sig>


More information about the Bird-users mailing list