<html><head><meta http-equiv="Content-Type" content="text/html charset=utf-8"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class="">Hello Ondrej,<div class=""><br class=""></div><div class="">Thanks for your precious explanations. Unfortunately I am still stuck, static routes does not apply between 2 hosts.</div><div class=""><br class=""></div><div class="">To solve 1) and 2), and in the way I only need to publish static routes to other BGP hosts, I changed "export all” by "export where proto = “static1” “, but still no luck. I notice that static routes are not received any more on hosts.</div><div class=""><br class=""></div><div class="">Here is my understanding of “show protocol all” on host1 :</div><div class=""><br class=""></div><div class=""><div class="">direct1 Direct master up 17:35:58</div><div class=""> Preference: 240</div><div class=""> Input filter: ACCEPT</div><div class=""> Output filter: REJECT</div><div class=""> Routes: 2 imported, 0 exported, 2 preferred</div><div class=""> Route change stats: received rejected filtered ignored accepted</div><div class=""> Import updates: 2 0 0 0 2</div><div class=""> Import withdraws: 0 0 --- 0 0</div><div class=""> Export updates: 0 0 0 --- 0</div><div class=""> Export withdraws: 0 --- --- --- 0</div></div><div class=""><br class=""></div><div class="">Bird finds 2 direct routes related to eth0 and eth1, so they are received, accepted, but not exported, which is fine.</div><div class=""><br class=""></div><div class=""><div class=""><div class="">kernel1 Kernel master up 17:41:12</div><div class=""> Preference: 10</div><div class=""> Input filter: ACCEPT</div><div class=""> Output filter: REJECT</div><div class=""> Routes: 1 imported, 0 exported, 1 preferred</div><div class=""> Route change stats: received rejected filtered ignored accepted</div><div class=""> Import updates: 1 0 0 0 1</div><div class=""> Import withdraws: 0 0 --- 0 0</div><div class=""> Export updates: 6 5 1 --- 0</div><div class=""> Export withdraws: 0 --- --- --- 0</div></div></div><div class=""><br class=""></div><div class="">Bird find 1 static route and try to export 6 routes but they all get rejected or filtered, which is fine too, but I dont know why “6” routes of the routing table bellow :</div><div class=""><div class=""><br class=""></div><div class="">root@host1:~# ip r</div><div class="">10.10.1.0/24 dev eth0 proto kernel scope link src 10.10.1.1</div><div class="">10.10.2.0/24 via 10.10.1.254 dev eth0</div><div class="">192.168.1.0/24 dev eth1 proto kernel scope link src 192.168.1.1</div></div><div class=""><br class=""></div><div class=""><div class="">device1 Device master up 17:41:12</div><div class=""> Preference: 240</div><div class=""> Input filter: ACCEPT</div><div class=""> Output filter: REJECT</div><div class=""> Routes: 0 imported, 0 exported, 0 preferred</div><div class=""> Route change stats: received rejected filtered ignored accepted</div><div class=""> Import updates: 0 0 0 0 0</div><div class=""> Import withdraws: 0 0 --- 0 0</div><div class=""> Export updates: 0 0 0 --- 0</div><div class=""> Export withdraws: 0 --- --- — 0</div><div class=""><br class=""></div><div class="">Nothing to say about this one, from what I have read it’s role is to feed the kernel protocol.</div><div class=""><br class=""></div><div class=""><div class="">static1 Static master up 17:41:12</div><div class=""> Preference: 200</div><div class=""> Input filter: ACCEPT</div><div class=""> Output filter: ACCEPT</div><div class=""> Routes: 1 imported, 0 exported, 0 preferred</div><div class=""> Route change stats: received rejected filtered ignored accepted</div><div class=""> Import updates: 1 0 0 0 1</div><div class=""> Import withdraws: 0 0 --- 0 0</div><div class=""> Export updates: 0 0 0 --- 0</div><div class=""> Export withdraws: 0 --- --- --- 0</div></div><div class=""><br class=""></div><div class="">This one is annoying me and I think the issue is there, 1 imported but ignored, why ?</div><div class=""><br class=""></div><div class=""><div class="">bgp1 BGP master up 17:41:13 Established</div><div class=""> Preference: 100</div><div class=""> Input filter: ACCEPT</div><div class=""> Output filter: (unnamed)</div><div class=""> Routes: 0 imported, 0 exported, 0 preferred</div><div class=""> Route change stats: received rejected filtered ignored accepted</div><div class=""> Import updates: 0 0 0 0 0</div><div class=""> Import withdraws: 0 0 --- 0 0</div><div class=""> Export updates: 3 0 3 --- 0</div><div class=""> Export withdraws: 0 --- --- --- 0</div><div class=""> BGP state: Established</div><div class=""> Neighbor address: 10.10.2.1</div><div class=""> Neighbor AS: 3000</div><div class=""> Neighbor ID: 10.10.2.1</div><div class=""> Neighbor caps: refresh restart-aware AS4</div><div class=""> Session: internal multihop AS4</div><div class=""> Source address: 10.10.1.1</div><div class=""> Hold timer: 162/240</div><div class=""> Keepalive timer: 53/80</div></div><div class=""><br class=""></div><div class="">I don’t understand why 3 routes are received because protocols direct1 and kernel1 should not export anything, and only one static route should be received via BGP from host2 ! Also the ouput filter is unamed, which I thinks is not good.</div><div class=""><br class=""></div><div class="">Below the host1 bird.conf.</div><div class=""><br class=""></div><div class="">As you can see I think I misunderstand some things, and I am a bit disappointed.</div><div class=""><br class=""></div><div class="">Cheers</div><div class=""><br class=""></div><div class=""><br class=""></div><div class=""><div class="">router id 10.10.1.1;</div><div class="">protocol direct {</div><div class=""> interface "*"; # Restrict network interfaces it works with</div><div class="">}</div><div class="">protocol kernel {</div><div class=""> learn; # Learn all alien routes from the kernel</div><div class=""> #persist; # Don't remove routes on bird shutdown</div><div class=""> scan time 20; # Scan kernel routing table every 20 seconds</div><div class=""> import all; # Default is import all</div><div class=""> export none; # Default is export none</div><div class="">}</div><div class="">protocol device {</div><div class=""> scan time 10; # Scan interfaces every 10 seconds</div><div class="">}</div><div class="">protocol static static1 {</div><div class=""> route 192.168.1.0/24 via 10.10.1.1;</div><div class=""> export all;</div><div class="">}</div><div class="">protocol bgp {</div><div class=""> multihop;</div><div class=""> #gateway recursive;</div><div class=""> import all;</div><div class=""> export where proto = "static1";</div><div class=""> local as 3000;</div><div class=""> neighbor 10.10.2.1 as 3000;</div><div class=""> #next hop self;</div><div class=""> #rr client;</div><div class="">}</div></div><div class=""><br class=""></div><div class="">
<div style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class=""><div style="color: rgb(0, 0, 0); font-family: Helvetica; font-size: 14px; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px;">—</div><div style="color: rgb(0, 0, 0); font-family: Helvetica; font-size: 14px; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px;">Cédric Lemarchand</div></div>
</div>
<br class=""><div><blockquote type="cite" class=""><div class="">On 23 Feb 2017, at 17:10, Ondrej Zajicek <<a href="mailto:santiago@crfreenet.org" class="">santiago@crfreenet.org</a>> wrote:</div><br class="Apple-interchange-newline"><div class=""><div class="">On Thu, Feb 23, 2017 at 04:42:50PM +0100, Cedric Lemarchand wrote:<br class=""><blockquote type="cite" class="">Yes, I am not sure to understand how plays theses options (and if I need it) in the bgp protocol and it they are related to my problem :<br class=""><br class=""></blockquote><br class=""><br class=""><blockquote type="cite" class="">gateway recursive : means that if host2 advertise "route 192.168.2.0/24<br class="">via 10.10.2.1;” to host1, host1 does a lookup in the kernel routing table<br class="">and set the nexthop for 192.168.2.0/24 via the same IP as for host2 ?<br class=""></blockquote><br class="">Mainly yes, but:<br class=""><br class="">1) Not lookup in the kernel routing table, but in the BIRD table. By<br class="">default the same table as used by BGP protocol, but could be configured<br class="">to different one by 'igp table' option.<br class=""><br class="">2) It is not lookup for host2, but lookup for bgp_next_hop attribute, as<br class="">specified by host2, which is usually value of 'via'.<br class=""><br class=""><blockquote type="cite" class="">next hop self : means that every route advertised by host2 will be routed to it self while keeping the “gateway recursive” logic ?<br class=""></blockquote><br class="">That means host2 always announces own IP address as bgp_next_hop instead<br class="">of one from 'via'.<br class=""><br class=""><blockquote type="cite" class="">The output of show route all :<br class=""></blockquote><br class="">There are two issues:<br class=""><br class="">1) both hosts announce all routes (not only 192.168.xx but also 10.10.xx).<br class=""><br class="">2) routes from kernel1 protocol has lower preference (10), so routes<br class="">from BGP are preferred and you get circular lookups for 10.0.1.1, 10.10.2.1<br class=""><br class="">You could change preference of kernel protocol to say 200 and you<br class="">could filter out unwanted routes in BGP export filter.<br class=""><br class="">-- <br class="">Elen sila lumenn' omentielvo<br class=""><br class="">Ondrej 'Santiago' Zajicek (email: <a href="mailto:santiago@crfreenet.org" class="">santiago@crfreenet.org</a>)<br class="">OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, <a href="http://wwwkeys.pgp.net" class="">wwwkeys.pgp.net</a>)<br class="">"To err is human -- to blame it on a computer is even more so."<br class=""></div></div></blockquote></div><br class=""></div></body></html>