<div dir="ltr"><div>But this works:<br><br>protocol static {<br> route <a href="http://192.168.2.0/24">192.168.2.0/24</a> via "test2";<br> route <a href="http://192.168.3.0/24">192.168.3.0/24</a> recursive 192.168.2.1; <br>}<br><br>bird> show route <br><a href="http://192.168.0.0/16">192.168.0.0/16</a> dev dum1 [direct1 23:18:17] * (240)<br><a href="http://192.168.1.0/24">192.168.1.0/24</a> dev test2 [direct1 23:10:42] * (240)<br><a href="http://192.168.2.0/24">192.168.2.0/24</a> dev test2 [static1 23:10:42] * (200)<br><a href="http://192.168.3.0/24">192.168.3.0/24</a> via 192.168.2.1 on test2 [static1 23:22:44] * (200)</div><div><br></div><div>I also succeeded with such bgp setup:</div><div><br></div><div>protocol static {<br> route <a href="http://192.168.2.0/24">192.168.2.0/24</a> via "test2";<br># route <a href="http://192.168.3.0/24">192.168.3.0/24</a> recursive 192.168.2.1;<br>}<br><br>protocol bgp<br>{<br> import all;<br> local as 65002;<br> source address 192.168.1.2;<br> neighbor 192.168.2.1 as 65001;<br> multihop 1;<br>}<br></div><div><br></div><div>bird> show route <br><a href="http://192.168.0.0/16">192.168.0.0/16</a> dev dum1 [direct1 23:18:16] * (240)<br><a href="http://192.168.1.0/24">192.168.1.0/24</a> dev test2 [direct1 23:10:41] * (240)<br><a href="http://192.168.2.0/24">192.168.2.0/24</a> dev test2 [static1 23:10:41] * (200)<br><a href="http://192.168.4.0/24">192.168.4.0/24</a> via 192.168.2.1 on test2 [bgp1 23:38:37] * (100/0) [AS65001i]</div><div><br></div><div>bird> show route all <a href="http://192.168.4.0/24">192.168.4.0/24</a><br><a href="http://192.168.4.0/24">192.168.4.0/24</a> via 192.168.2.1 on test2 [bgp1 23:38:37] * (100/0) [AS65001i]<br> Type: BGP unicast univ<br> BGP.origin: IGP<br> BGP.as_path: 65001<br> BGP.next_hop: 192.168.2.1<br> BGP.local_pref: 100<br></div><div><br></div><div>If I have direct in BGP - bird ignores interface direct route and tries to connect via dum1 interface. But multihop works.<br></div></div><div class="gmail_extra"><br><div class="gmail_quote">On Wed, Nov 8, 2017 at 9:24 PM, Alexander Zubkov <span dir="ltr"><<a href="mailto:green@qrator.net" target="_blank">green@qrator.net</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div><div><div><div><div><div><div>Hi again,<br><br></div>I think I've got you idea. Probably bird can not do "recursive" direct routes. For example I set up:<br></div><div><br></div><div>Linux:<br></div><br>9: test2: <BROADCAST,MULTICAST,UP,LOWER_<wbr>UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000<br> link/ether 56:0a:42:5f:b3:46 brd ff:ff:ff:ff:ff:ff<br> inet <a href="http://192.168.1.2/24" target="_blank">192.168.1.2/24</a> scope global test2<br> valid_lft forever preferred_lft forever<br><br><a href="http://192.168.1.0/24" target="_blank">192.168.1.0/24</a> dev test2 proto kernel scope link src 192.168.1.2 <br><a href="http://192.168.2.0/24" target="_blank">192.168.2.0/24</a> dev test2 scope link <br><br></div>bird have (no export to kernel):<br><br>protocol static {<br> route <a href="http://192.168.2.0/24" target="_blank">192.168.2.0/24</a> via "test2";<br> route <a href="http://192.168.3.0/24" target="_blank">192.168.3.0/24</a> via 192.168.2.1; <br>}<br><br></div>And I see in bird no route for <a href="http://192.168.3.0/24" target="_blank">192.168.3.0/24</a>:<br><br>bird> show route <br><a href="http://192.168.1.0/24" target="_blank">192.168.1.0/24</a> dev test2 [direct1 23:10:42] * (240)<br><a href="http://192.168.2.0/24" target="_blank">192.168.2.0/24</a> dev test2 [static1 23:10:42] * (200)<br><br></div>If I add to Linux such device:<br><br>2: dum1: <BROADCAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN group default <br> link/ether ee:b2:97:43:3c:79 brd ff:ff:ff:ff:ff:ff<br> inet <a href="http://192.168.100.1/16" target="_blank">192.168.100.1/16</a> scope global dum1<br> valid_lft forever preferred_lft forever<br><br></div>And bird starts to route via it:<br><br>bird> show route <br><a href="http://192.168.0.0/16" target="_blank">192.168.0.0/16</a> dev dum1 [direct1 23:18:16] * (240)<br><a href="http://192.168.1.0/24" target="_blank">192.168.1.0/24</a> dev test2 [direct1 23:10:41] * (240)<br><a href="http://192.168.2.0/24" target="_blank">192.168.2.0/24</a> dev test2 [static1 23:10:41] * (200)<br><a href="http://192.168.3.0/24" target="_blank">192.168.3.0/24</a> via 192.168.2.1 on dum1 [static1 23:18:16] * (200)<br></div><div><div><div><br></div></div></div></div><div class="HOEnZb"><div class="h5"><div class="gmail_extra"><br><div class="gmail_quote">On Wed, Nov 8, 2017 at 3:48 PM, Magnus Löfqvist <span dir="ltr"><<a href="mailto:ml@vmi.se" target="_blank">ml@vmi.se</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div link="blue" vlink="purple" lang="SV">
<div class="m_-5776144639878890489m_7524363350378283022WordSection1">
<p class="MsoNormal"><a name="m_-5776144639878890489_m_7524363350378283022__MailEndCompose"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1f497d" lang="EN-GB">Hi again,<u></u><u></u></span></a></p>
<p class="MsoNormal"><span><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1f497d" lang="EN-GB"><u></u> <u></u></span></span></p>
<p class="MsoNormal"><span><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1f497d" lang="EN-GB">If I use multihop (ie removing direct and gateway direct from config), it will
connect, but I get the imported routes with my internet gateway as router. <u></u>
<u></u></span></span></p>
<p class="MsoNormal"><span><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1f497d" lang="EN-GB"><u></u> <u></u></span></span></p>
<p class="MsoNormal"><span><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1f497d">XX.XX.XX.0/27 via 10.6.24.82 dev wwan0 proto bird<u></u><u></u></span></span></p>
<p class="MsoNormal"><span><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1f497d"><u></u> <u></u></span></span></p>
<p class="MsoNormal"><span><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1f497d" lang="EN-GB">It should be
<u></u><u></u></span></span></p>
<p class="MsoNormal"><span><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1f497d">XX.XX.XX.0/27 via 10.9.140.1 dev tap0 proto bird<u></u><u></u></span></span></p>
<p class="MsoNormal"><span><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1f497d"><u></u> <u></u></span></span></p>
<p class="MsoNormal"><span><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1f497d" lang="EN-GB">It doesn’t matter if I specified the source address and local address, it seems
always to try to send the traffic over wwan0 (external wan connection)<u></u><u></u></span></span></p>
<p class="MsoNormal"><span><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1f497d" lang="EN-GB"><u></u> <u></u></span></span></p>
<p class="MsoNormal"><span><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1f497d" lang="EN-GB"><u></u> <u></u></span></span></p>
<p class="MsoNormal"><span><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1f497d" lang="EN-GB"><u></u> <u></u></span></span></p>
<p class="MsoNormal"><span><span style="font-size:10.0pt;font-family:"Calibri",sans-serif;color:#1f497d">Med vänlig hälsning / Best regards<u></u><u></u></span></span></p>
<p class="MsoNormal"><span><span style="font-size:10.0pt;font-family:"Calibri",sans-serif;color:#1f497d">Magnus Löfqvist<u></u><u></u></span></span></p>
<p class="MsoNormal"><span><span style="font-size:8.0pt;font-family:"Calibri",sans-serif;color:#595959"><u></u> <u></u></span></span></p>
<table class="m_-5776144639878890489m_7524363350378283022MsoNormalTable" style="border-collapse:collapse" cellspacing="0" cellpadding="0" border="0">
<tbody>
<tr style="height:7.05pt">
<td colspan="2" style="width:298.3pt;padding:0cm 0cm 0cm 0cm;height:7.05pt" width="398" valign="top">
<p class="MsoNormal"><span><b><span style="font-size:8.0pt;font-family:"Calibri",sans-serif;color:#595959">VMI IT Services AB</span></b></span><span><u><span style="font-size:8.0pt;font-family:"Calibri",sans-serif;color:#595959"><u></u><u></u></span></u></span></p>
</td>
<td><span></span>
</td></tr>
<tr style="height:24.9pt">
<td style="width:149.15pt;padding:0cm 0cm 0cm 0cm;height:24.9pt" width="199" valign="top">
<p class="MsoNormal"><span><u><span style="font-size:8.0pt;font-family:"Calibri",sans-serif;color:#595959">Head office:</span></u></span><span><span style="font-size:8.0pt;font-family:"Calibri",sans-serif;color:#595959"> <wbr> <wbr>
</span></span><span><span style="font-size:10.0pt;font-family:"Calibri",sans-serif;color:#1f497d"><u></u><u></u></span></span></p>
<p class="MsoNormal"><span><span style="font-size:8.0pt;font-family:"Calibri",sans-serif;color:#595959">Hantverksvägen 15</span></span><span><span style="font-size:10.0pt;font-family:"Calibri",sans-serif;color:#1f497d"><u></u><u></u></span></span></p>
<p class="MsoNormal" style="margin-bottom:12.0pt"><span><span style="font-size:8.0pt;font-family:"Calibri",sans-serif;color:#595959">764 93 VÄDDÖ, SWEDEN <wbr>
</span></span><span><span style="font-size:10.0pt;font-family:"Calibri",sans-serif;color:#1f497d"><u></u><u></u></span></span></p>
</td>
<td><span></span>
</td><td style="width:149.15pt;padding:0cm 0cm 0cm 0cm;height:24.9pt" width="199" valign="top">
<p class="MsoNormal"><span><u><span style="font-size:8.0pt;font-family:"Calibri",sans-serif;color:#595959">Visiting address:<u></u><u></u></span></u></span></p>
<p class="MsoNormal"><span><span style="font-size:8.0pt;font-family:"Calibri",sans-serif;color:#595959">Lilla Torget 1A<u></u><u></u></span></span></p>
<p class="MsoNormal"><span><span style="font-size:8.0pt;font-family:"Calibri",sans-serif;color:#595959" lang="EN-US">761 30 NORRTÄLJE, SWEDEN</span></span><span><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1f497d"><u></u><u></u></span></span></p>
</td>
<td><span></span>
</td></tr>
</tbody>
</table>
<p class="MsoNormal"><span><span style="font-size:8.0pt;font-family:"Calibri",sans-serif;color:#595959" lang="EN-US">Tel +46 176 20 89 00 (02)</span></span><span><span style="font-size:10.0pt;font-family:"Calibri",sans-serif;color:#1f497d" lang="EN-US"><u></u><u></u></span></span></p>
<p class="MsoNormal"><span><span style="font-size:8.0pt;font-family:"Calibri",sans-serif;color:#595959" lang="EN-US">Fax +46 176 20 89 19</span></span><span><span style="font-size:10.0pt;font-family:"Calibri",sans-serif;color:#1f497d" lang="EN-US"><u></u><u></u></span></span></p>
<p class="MsoNormal"><span><span style="font-size:8.0pt;font-family:"Calibri",sans-serif;color:#595959" lang="EN-US"><br>
E-mail: </span></span><span></span><a href="mailto:ml@vmi.se" target="_blank"><span><span style="font-size:8.0pt;font-family:"Calibri",sans-serif;color:#0563c1" lang="EN-US">ml@vmi.se</span></span><span></span></a><span><span style="font-size:8.0pt;font-family:"Calibri",sans-serif;color:#595959" lang="EN-US">
<u></u><u></u></span></span></p>
<p class="MsoNormal"><span><span style="font-size:10.0pt;font-family:"Calibri",sans-serif;color:#1f497d" lang="EN-US"><u></u> <u></u></span></span></p>
<p class="MsoNormal"><span><i><span style="font-size:6.0pt;font-family:"Calibri",sans-serif;color:#595959" lang="EN-US">*** VMI E-mail disclaimer ***<u></u><u></u></span></i></span></p>
<p class="MsoNormal"><span><i><span style="font-size:6.0pt;font-family:"Calibri",sans-serif;color:#595959" lang="EN-US"><u></u> <u></u></span></i></span></p>
<p class="MsoNormal"><span><i><span style="font-size:6.0pt;font-family:"Calibri",sans-serif;color:#595959" lang="EN-US">The information in this e-mail is confidential and may be legally privileged.<u></u><u></u></span></i></span></p>
<p class="MsoNormal"><span><i><span style="font-size:6.0pt;font-family:"Calibri",sans-serif;color:#595959" lang="EN-US">It is intended solely for the addressee. Access to this email by anyone else is unauthorized.<u></u><u></u></span></i></span></p>
<p class="MsoNormal"><span><i><span style="font-size:6.0pt;font-family:"Calibri",sans-serif;color:#595959" lang="EN-US">If you are not the intended recipient, any disclosure, copying, distribution or any action taken
<u></u><u></u></span></i></span></p>
<p class="MsoNormal"><span><i><span style="font-size:6.0pt;font-family:"Calibri",sans-serif;color:#595959" lang="EN-US">or omitted to be taken in reliance on it, is prohibited and may be unlawful. Any opinions or
<u></u><u></u></span></i></span></p>
<p class="MsoNormal"><span><i><span style="font-size:6.0pt;font-family:"Calibri",sans-serif;color:#595959" lang="EN-US">advice contained in this e-mail are subject to the terms and conditions expressed in the
<u></u><u></u></span></i></span></p>
<p class="MsoNormal"><span><i><span style="font-size:6.0pt;font-family:"Calibri",sans-serif;color:#595959" lang="EN-US">VMI General terms and conditions.<u></u><u></u></span></i></span></p>
<p class="MsoNormal"><span><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1f497d" lang="EN-GB"><u></u> <u></u></span></span></p>
<span></span>
<p class="MsoNormal"><b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">Från:</span></b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif"> <a href="mailto:green@highloadlab.com" target="_blank">green@highloadlab.com</a> [mailto:<a href="mailto:green@highloadlab.com" target="_blank">green@highloadlab.com</a>]
<b>För </b>Alexander Zubkov<br>
<b>Skickat:</b> den 8 november 2017 11:52</span></p><div><div class="m_-5776144639878890489h5"><br>
<b>Till:</b> Magnus Löfqvist <<a href="mailto:ml@vmi.se" target="_blank">ml@vmi.se</a>><br>
<b>Kopia:</b> <a href="mailto:bird-users@network.cz" target="_blank">bird-users@network.cz</a><br>
<b>Ämne:</b> Re: BGP with wrong netmask on wan interface<u></u><u></u></div></div><p></p><div><div class="m_-5776144639878890489h5">
<p class="MsoNormal"><u></u> <u></u></p>
<div>
<p class="MsoNormal">In that case it probably because you are using direct (not multihop) bgp session and bird binds to the interface which have this address in its direct network - wwan0. In that case only routes with dev wwan0 will be applied. I think you
want to use multihop bgp session. If you want to use direct session and this address is accepted directly via tap0, than I think specifying source address from tap0 in bgp session should work.<u></u><u></u></p>
</div>
<div>
<p class="MsoNormal"><u></u> <u></u></p>
<div>
<p class="MsoNormal">On Wed, Nov 8, 2017 at 10:47 AM, Magnus Löfqvist <<a href="mailto:ml@vmi.se" target="_blank">ml@vmi.se</a>> wrote:<u></u><u></u></p>
<blockquote style="border:none;border-left:solid #cccccc 1.0pt;padding:0cm 0cm 0cm 6.0pt;margin-left:4.8pt;margin-right:0cm">
<div>
<div>
<p class="MsoNormal"><a name="m_-5776144639878890489_m_7524363350378283022_m_1797177521083608046__MailEndCompose"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1f497d" lang="EN-GB">Hi,</span></a><u></u><u></u></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1f497d" lang="EN-GB"> </span><u></u><u></u></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1f497d" lang="EN-GB">Yes, you are correct.</span><u></u><u></u></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1f497d" lang="EN-GB">But we have routes for
<a href="http://10.9.140.0/22" target="_blank">10.9.140.0/22</a> (OpenVPN transport network)</span><u></u><u></u></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1f497d" lang="EN-GB"> </span><u></u><u></u></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1f497d">ip ro sh:</span><u></u><u></u></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1f497d">default via 10.6.52.59 dev wwan0</span><u></u><u></u></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1f497d" lang="EN-GB"><a href="http://10.0.0.0/8" target="_blank">10.0.0.0/8</a> dev wwan0 proto kernel scope
link src 10.6.52.58</span><u></u><u></u></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1f497d" lang="EN-GB"><a href="http://10.9.140.0/22" target="_blank">10.9.140.0/22</a> dev tap0 proto kernel
scope link src 10.9.140.33</span><u></u><u></u></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1f497d" lang="EN-GB"> </span><u></u><u></u></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1f497d" lang="EN-GB">Bird:</span><u></u><u></u></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1f497d" lang="EN-GB">bird> show route</span><u></u><u></u></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1f497d" lang="EN-GB"><a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> via 10.6.52.59 on wwan0
[kernel1 09:43:55] * (10)</span><u></u><u></u></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1f497d" lang="EN-GB"><a href="http://10.9.140.0/22" target="_blank">10.9.140.0/22</a> dev tap0 [direct1
09:44:12] * (240)</span><u></u><u></u></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1f497d"> </span><u></u><u></u></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1f497d" lang="EN-GB">So why are not BGP traffic to 10.9.140.1 going thru tap0 ?</span><u></u><u></u></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1f497d" lang="EN-GB"> </span><u></u><u></u></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1f497d" lang="EN-GB"> </span><u></u><u></u></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1f497d" lang="EN-GB"> </span><u></u><u></u></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1f497d" lang="EN-GB"> </span><u></u><u></u></p>
<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"Calibri",sans-serif;color:#1f497d">Med vänlig hälsning / Best regards</span><u></u><u></u></p>
<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"Calibri",sans-serif;color:#1f497d">Magnus Löfqvist</span><u></u><u></u></p>
<p class="MsoNormal"><span style="font-size:8.0pt;font-family:"Calibri",sans-serif;color:#595959"> </span><u></u><u></u></p>
<table class="m_-5776144639878890489m_7524363350378283022MsoNormalTable" style="border-collapse:collapse" cellspacing="0" cellpadding="0" border="0">
<tbody>
<tr style="height:7.05pt">
<td colspan="2" style="width:298.3pt;padding:0cm 0cm 0cm 0cm;height:7.05pt" width="398" valign="top">
<p class="MsoNormal"><b><span style="font-size:8.0pt;font-family:"Calibri",sans-serif;color:#595959">VMI IT Services AB</span></b><u></u><u></u></p>
</td>
<td style="padding:0cm 0cm 0cm 0cm;height:7.05pt"></td>
</tr>
<tr style="height:24.9pt">
<td style="width:149.15pt;padding:0cm 0cm 0cm 0cm;height:24.9pt" width="199" valign="top">
<p class="MsoNormal"><u><span style="font-size:8.0pt;font-family:"Calibri",sans-serif;color:#595959">Head office:</span></u><span style="font-size:8.0pt;font-family:"Calibri",sans-serif;color:#595959"> <wbr> <wbr>
</span><u></u><u></u></p>
<p class="MsoNormal"><span style="font-size:8.0pt;font-family:"Calibri",sans-serif;color:#595959">Hantverksvägen 15</span><u></u><u></u></p>
<p class="MsoNormal" style="margin-bottom:12.0pt"><span style="font-size:8.0pt;font-family:"Calibri",sans-serif;color:#595959">764 93 VÄDDÖ, SWEDEN <wbr>
</span><u></u><u></u></p>
</td>
<td style="padding:0cm 0cm 0cm 0cm;height:24.9pt"></td>
<td style="width:149.15pt;padding:0cm 0cm 0cm 0cm;height:24.9pt" width="199" valign="top">
<p class="MsoNormal"><u><span style="font-size:8.0pt;font-family:"Calibri",sans-serif;color:#595959">Visiting address:</span></u><u></u><u></u></p>
<p class="MsoNormal"><span style="font-size:8.0pt;font-family:"Calibri",sans-serif;color:#595959">Lilla Torget 1A</span><u></u><u></u></p>
<p class="MsoNormal"><span style="font-size:8.0pt;font-family:"Calibri",sans-serif;color:#595959" lang="EN-US">761 30 NORRTÄLJE, SWEDEN</span><u></u><u></u></p>
</td>
<td style="padding:0cm 0cm 0cm 0cm;height:24.9pt"></td>
</tr>
<tr height="0">
<td style="border:none" width="199"></td>
<td style="border:none" width="199"></td>
<td style="border:none" width="199"></td>
<td style="border:none" width="0"></td>
</tr>
</tbody>
</table>
<p class="MsoNormal"><span style="font-size:8.0pt;font-family:"Calibri",sans-serif;color:#595959" lang="EN-US">Tel +46 176 20 89 00 (02)</span><u></u><u></u></p>
<p class="MsoNormal"><span style="font-size:8.0pt;font-family:"Calibri",sans-serif;color:#595959" lang="EN-US">Fax +46 176 20 89 19</span><u></u><u></u></p>
<p class="MsoNormal"><span style="font-size:8.0pt;font-family:"Calibri",sans-serif;color:#595959" lang="EN-US"><br>
E-mail: </span><a href="mailto:ml@vmi.se" target="_blank"><span style="font-size:8.0pt;font-family:"Calibri",sans-serif;color:#0563c1" lang="EN-US">ml@vmi.se</span></a><span style="font-size:8.0pt;font-family:"Calibri",sans-serif;color:#595959">
</span><u></u><u></u></p>
<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"Calibri",sans-serif;color:#1f497d" lang="EN-US"> </span><u></u><u></u></p>
<p class="MsoNormal"><i><span style="font-size:6.0pt;font-family:"Calibri",sans-serif;color:#595959" lang="EN-US">*** VMI E-mail disclaimer ***</span></i><u></u><u></u></p>
<p class="MsoNormal"><i><span style="font-size:6.0pt;font-family:"Calibri",sans-serif;color:#595959" lang="EN-US"> </span></i><u></u><u></u></p>
<p class="MsoNormal"><i><span style="font-size:6.0pt;font-family:"Calibri",sans-serif;color:#595959" lang="EN-US">The information in this e-mail is confidential and may be legally privileged.</span></i><u></u><u></u></p>
<p class="MsoNormal"><i><span style="font-size:6.0pt;font-family:"Calibri",sans-serif;color:#595959" lang="EN-US">It is intended solely for the addressee. Access to this email by anyone else is unauthorized.</span></i><u></u><u></u></p>
<p class="MsoNormal"><i><span style="font-size:6.0pt;font-family:"Calibri",sans-serif;color:#595959" lang="EN-US">If you are not the intended recipient, any disclosure, copying, distribution or any
action taken </span></i><u></u><u></u></p>
<p class="MsoNormal"><i><span style="font-size:6.0pt;font-family:"Calibri",sans-serif;color:#595959" lang="EN-US">or omitted to be taken in reliance on it, is prohibited and may be unlawful. Any opinions
or </span></i><u></u><u></u></p>
<p class="MsoNormal"><i><span style="font-size:6.0pt;font-family:"Calibri",sans-serif;color:#595959" lang="EN-US">advice contained in this e-mail are subject to the terms and conditions expressed in
the </span></i><u></u><u></u></p>
<p class="MsoNormal"><i><span style="font-size:6.0pt;font-family:"Calibri",sans-serif;color:#595959" lang="EN-US">VMI General terms and conditions.</span></i><u></u><u></u></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1f497d" lang="EN-GB"> </span><u></u><u></u></p>
<p class="MsoNormal"><b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">Från:</span></b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">
<a href="mailto:green@highloadlab.com" target="_blank">green@highloadlab.com</a> [mailto:<a href="mailto:green@highloadlab.com" target="_blank">green@highloadlab.com</a>]
<b>För </b>Alexander Zubkov<br>
<b>Skickat:</b> den 8 november 2017 10:16<br>
<b>Till:</b> Magnus Löfqvist <<a href="mailto:ml@vmi.se" target="_blank">ml@vmi.se</a>><br>
<b>Kopia:</b> <a href="mailto:bird-users@network.cz" target="_blank">bird-users@network.cz</a><br>
<b>Ämne:</b> Re: BGP with wrong netmask on wan interface</span><u></u><u></u></p>
<div>
<div>
<p class="MsoNormal"> <u></u><u></u></p>
<div>
<div>
<p class="MsoNormal" style="margin-bottom:12.0pt"><span lang="EN-GB">Hi,</span><u></u><u></u></p>
</div>
<p class="MsoNormal" style="margin-bottom:12.0pt"><span lang="EN-GB">You have:</span><u></u><u></u></p>
<p class="MsoNormal"><span lang="EN-GB">WAN (Mobile): 10.6.90.187 / 255.0.0.0</span><u></u><u></u></p>
<p class="MsoNormal"><span lang="EN-GB">OpenVPN interface (tap0): 10.9.140.33 / 255.255.252.0</span><u></u><u></u></p>
<p class="MsoNormal"><span lang="EN-GB"> </span><u></u><u></u></p>
<p class="MsoNormal"><span lang="EN-GB">protocol bgp BGP1 from RR_LTE { neighbor 10.9.140.1 as 1; preference 140;};</span><u></u><u></u></p>
<p class="MsoNormal"><span lang="EN-GB"> </span><u></u><u></u></p>
<p class="MsoNormal"><span lang="EN-GB">So you are trying to reach 10.9.140.1. If you have no additional routes, than this address falls into
</span><u></u><u></u></p>
<p class="MsoNormal"><span lang="EN-GB">10.6.90.187 / 255.0.0.0 network, i.e. WAN interface and will be routed there.</span><u></u><u></u></p>
</div>
<div>
<p class="MsoNormal"><span lang="EN-GB"> </span><u></u><u></u></p>
<div>
<p class="MsoNormal"><span lang="EN-GB">On Wed, Nov 8, 2017 at 8:20 AM, Magnus Löfqvist <</span><a href="mailto:ml@vmi.se" target="_blank"><span lang="EN-GB">ml@vmi.se</span></a><span lang="EN-GB">>
wrote:</span><u></u><u></u></p>
<blockquote style="border:none;border-left:solid #cccccc 1.0pt;padding:0cm 0cm 0cm 6.0pt;margin-left:4.8pt;margin-top:5.0pt;margin-right:0cm;margin-bottom:5.0pt">
<div>
<div>
<p class="MsoNormal"><span lang="EN-GB">Hi,</span><u></u><u></u></p>
<p class="MsoNormal"><span lang="EN-GB"> </span><u></u><u></u></p>
<p class="MsoNormal"><span lang="EN-GB">I have some mobile routers (connected over LTE) and with openvpn.</span><u></u><u></u></p>
<p class="MsoNormal"><span lang="EN-GB"> </span><u></u><u></u></p>
<p class="MsoNormal"><span lang="EN-GB">Over the openvpn we are running a BGP to allow distribute some routes and export routes.</span><u></u><u></u></p>
<p class="MsoNormal"><span lang="EN-GB"> </span><u></u><u></u></p>
<p class="MsoNormal"><span lang="EN-GB">Some of the routers are having wrong netmask (255.0.0.0 instead of 255.255.255.252).
</span><u></u><u></u></p>
<p class="MsoNormal"><span lang="EN-GB">This seems to work (ie internet are working, and the openvpn connection is established).</span><u></u><u></u></p>
<p class="MsoNormal"><span lang="EN-GB"> </span><u></u><u></u></p>
<p class="MsoNormal"><span lang="EN-GB">But when we are trying to get the BGP connection up, it tries to send the BGP connection over the WAN istead of openvpn connection.</span><u></u><u></u></p>
<p class="MsoNormal"><span lang="EN-GB">I guess that I have made some mistake in the config.</span><u></u><u></u></p>
<p class="MsoNormal"><span lang="EN-GB">It should take smaller path before matching the larger..</span><u></u><u></u></p>
<p class="MsoNormal"><span lang="EN-GB"> </span><u></u><u></u></p>
<p class="MsoNormal"><span lang="EN-GB"> </span><u></u><u></u></p>
<p class="MsoNormal"><span lang="EN-GB">WAN (Mobile): 10.6.90.187 / 255.0.0.0</span><u></u><u></u></p>
<p class="MsoNormal"><span lang="EN-GB">OpenVPN interface (tap0): 10.9.140.33 / 255.255.252.0</span><u></u><u></u></p>
<p class="MsoNormal"><span lang="EN-GB"> </span><u></u><u></u></p>
<p class="MsoNormal"><span lang="EN-GB">Bird config:</span><u></u><u></u></p>
<p class="MsoNormal"><span lang="EN-GB"> </span><u></u><u></u></p>
<p class="MsoNormal"><span lang="EN-GB">template bgp RR_LTE {</span><u></u><u></u></p>
<p class="MsoNormal"><span lang="EN-GB"> debug all; <wbr> # debug BGP</span><u></u><u></u></p>
<p class="MsoNormal"><span lang="EN-GB"> description "BIRD RR";</span><u></u><u></u></p>
<p class="MsoNormal"><span lang="EN-GB"> local as 1; <wbr> # the AS used by the local BGP speaker</span><u></u><u></u></p>
<p class="MsoNormal"><span lang="EN-GB"> direct;</span><u></u><u></u></p>
<p class="MsoNormal"><span lang="EN-GB"> gateway direct;</span><u></u><u></u></p>
<p class="MsoNormal"><span lang="EN-GB"> import filter import_ATM; <wbr> # just accept everything</span><u></u><u></u></p>
<p class="MsoNormal"><span lang="EN-GB"> export filter export_ATM; <wbr> # and advertise it to all the neigbors</span><u></u><u></u></p>
<p class="MsoNormal"><span lang="EN-GB"> connect retry time 10; # reconnect try after 10s</span><u></u><u></u></p>
<p class="MsoNormal"><span lang="EN-GB"> hold time 240; <wbr> # hold time send in BGP messages</span><u></u><u></u></p>
<p class="MsoNormal"><span lang="EN-GB">}</span><u></u><u></u></p>
<p class="MsoNormal"><span lang="EN-GB"> </span><u></u><u></u></p>
<p class="MsoNormal"><span lang="EN-GB">protocol bgp BGP1 from RR_LTE { neighbor 10.9.140.1 as 1; preference 140;};</span><u></u><u></u></p>
<p class="MsoNormal"><span lang="EN-GB"> </span><u></u><u></u></p>
<p class="MsoNormal"><span lang="EN-GB">root@client1:/etc# tcpdump -ni wwan0 tcp port 179 and host 10.9.140.1</span><u></u><u></u></p>
<p class="MsoNormal"><span lang="EN-GB">tcpdump: verbose output suppressed, use -v or -vv for full protocol decode</span><u></u><u></u></p>
<p class="MsoNormal"><span lang="EN-GB">listening on wwan0, link-type EN10MB (Ethernet), capture size 65535 bytes</span><u></u><u></u></p>
<p class="MsoNormal"><span lang="EN-GB">15:29:08.755188 IP 10.6.90.187.34974 > 10.9.140.1.179: Flags [S], seq 1482209106, win 14600, options [mss 1460,sackOK,TS val 88007 ecr 0,nop,wscale 8], length
0</span><u></u><u></u></p>
<p class="MsoNormal"><span lang="EN-GB">15:29:11.762726 IP 10.6.90.187.45591 > 10.9.140.1.179: Flags [S], seq 1681977930, win 14600, options [mss 1460,sackOK,TS val 88307 ecr 0,nop,wscale 8], length
0</span><u></u><u></u></p>
<p class="MsoNormal"><span lang="EN-GB"> </span><u></u><u></u></p>
<p class="MsoNormal"><span lang="EN-GB"> </span><u></u><u></u></p>
<p class="MsoNormal"><span lang="EN-GB"> </span><u></u><u></u></p>
<p class="MsoNormal"><span style="font-size:10.0pt">Med vänlig hälsning / Best regards</span><u></u><u></u></p>
<p class="MsoNormal"><span style="font-size:10.0pt;color:#888888">Magnus Löfqvist</span><u></u><u></u></p>
<p class="MsoNormal"><span style="color:#888888"> </span><u></u><u></u></p>
</div>
</div>
</blockquote>
</div>
<p class="MsoNormal"> <u></u><u></u></p>
</div>
</div>
</div>
</div>
</div>
</blockquote>
</div>
<p class="MsoNormal"><u></u> <u></u></p>
</div>
</div></div></div>
</div>
</blockquote></div><br></div>
</div></div></blockquote></div><br></div>