<!DOCTYPE html><html><head><title></title><style type="text/css">p.MsoNormal,p.MsoNoSpacing{margin:0}
p.MsoNormal,p.MsoNoSpacing{margin:0}</style></head><body><div>I'm using version 2.0.7, running on Ubuntu 20.04.<br><br>Do you mean minimal config regarding the filters or the whole thing?<br></div><div><br></div><div>On Fri, Aug 14, 2020, at 02:15, Maria Matejka wrote:<br></div><blockquote type="cite" id="qt" style=""><div>I'm unable to reproduce the reported behavior. Could you please try to <br></div><div>reduce your config to a minimum config that would reproduce this <br></div><div>behavior? What version are you using?<br></div><div><br></div><div>Thanks,<br></div><div>Maria<br></div><div><br></div><div>On 8/13/20 5:46 PM, Skyler Mäntysaari wrote:<br></div><div>> Line 360 is the prefix_is_bogon if statement.<br></div><div>> <br></div><div>> The bogon lists can be seen from: <br></div><div>> <a href="https://github.com/neptune-networks/peering/blob/master/out/router.fqdn.example/bird.conf#L36-L84">https://github.com/neptune-networks/peering/blob/master/out/router.fqdn.example/bird.conf#L36-L84</a><br></div><div>> <br></div><div>> -----------------------------------------------------------<br></div><div>> if prefix_is_bogon() then<br></div><div>> reject "prefix is bogon - REJECTING ", net;<br></div><div>> -----------------------------------------------------------<br></div><div>> function prefix_is_bogon() {<br></div><div>> if net.type = NET_IP4 then<br></div><div>> if net ~ BOGONS_4 then return true;<br></div><div>> if net.type = NET_IP6 then<br></div><div>> if net ~ BOGONS_6 then return true;<br></div><div>> return false;<br></div><div>> }<br></div><div>> -----------------------------------------------------------<br></div><div>> <br></div><div>> P.S Please do not reply to me directly, but to the list.<br></div><div>> <br></div><div>> On 13/08/2020 18.41, Maria Matějka wrote:<br></div><div>>> Hello!<br></div><div>>> The error message tells you that you are passing something strange to <br></div><div>>> the condition on line 360. What do you have on line 360?<br></div><div>>> Maria<br></div><div>>><br></div><div>>> On August 13, 2020 4:46:12 PM GMT+02:00, "Skyler Mäntysaari" <br></div><div>>> <<a href="mailto:sm@samip.fi">sm@samip.fi</a>> wrote:<br></div><div>>><br></div><div>>> Hi there,<br></div><div>>><br></div><div>>> I'm using the template from<br></div><div>>> <a href="https://github.com/neptune-networks/peering/blob/master/out/router.fqdn.example/bird.conf">https://github.com/neptune-networks/peering/blob/master/out/router.fqdn.example/bird.conf</a> <br></div><div>>> for my filters, and I'm getting argument related errors in logs.<br></div><div>>><br></div><div>>> What's the issue with those filters?<br></div><div>>><br></div><div>>> P.S I need to find a guide on how to do bird2 and RPKI as well.<br></div><div>>><br></div><div>>> Logs:<br></div><div>>> ------------------------------------------------------------------------<br></div><div>>> 2020-08-13 17:37:47 <ERR> filters, line 360: Argument 1 of instruction<br></div><div>>> FI_CONDITION must be of type T_BOOL, got 0x00<br></div><div>>> 2020-08-13 17:37:47 <ERR> filters, line 360: Argument 1 of instruction<br></div><div>>> FI_CONDITION must be of type T_BOOL, got 0x00<br></div><div>>> 2020-08-13 17:37:47 <ERR> filters, line 360: Argument 1 of instruction<br></div><div>>> FI_CONDITION must be of type T_BOOL, got 0x00<br></div><div>>> 2020-08-13 17:37:47 <ERR> filters, line 360: Argument 1 of instruction<br></div><div>>> FI_CONDITION must be of type T_BOOL, got 0x00<br></div><div>>> 2020-08-13 17:37:47 <ERR> filters, line 360: Argument 1 of instruction<br></div><div>>> FI_CONDITION must be of type T_BOOL, got 0x00<br></div><div>>> 2020-08-13 17:37:47 <ERR> ...<br></div><div>>> ------------------------------------------------------------------------<br></div><div>>> Bird config, the filter functions:<br></div><div>>> ------------------------------------------------------------------------<br></div><div>>> # --- Filters (technically functions) ---<br></div><div>>> function default_import() {<br></div><div>>> if bgp_path.len > 32 then<br></div><div>>> reject "AS_PATH len [", bgp_path.len ,"] longer than 32 - REJECTING<br></div><div>>> ", net;<br></div><div>>><br></div><div>>> if prefix_is_in_global_blacklist() then<br></div><div>>> reject "prefix is in global blacklist - REJECTING ", net;<br></div><div>>><br></div><div>>> if is_own_prefix() then<br></div><div>>> reject "prefix is our own - REJECTING ", net;<br></div><div>>><br></div><div>>> if is_own_internal_prefix() then {<br></div><div>>> if !prefix_is_in_global_whitelist() then<br></div><div>>> reject "prefix is our own and internal - REJECTING ", net;<br></div><div>>> }<br></div><div>>><br></div><div>>> if prefix_is_bogon() then<br></div><div>>> reject "prefix is bogon - REJECTING ", net;<br></div><div>>><br></div><div>>> if net.type = NET_IP4 then<br></div><div>>> if !is_prefix_length_valid(8, 24) then<br></div><div>>> reject "prefix len [", net.len, "] not in 8-24 - REJECTING ", net;<br></div><div>>><br></div><div>>> if net.type = NET_IP6 then<br></div><div>>> if !is_prefix_length_valid(12, 56) then<br></div><div>>> reject "prefix len [", net.len, "] not in 12-56 - REJECTING ", net;<br></div><div>>><br></div><div>>> #perform_rpki_validation();<br></div><div>>><br></div><div>>> if route_is_rpki_invalid() then<br></div><div>>> reject "RPKI, route is INVALID - REJECTING ", net;<br></div><div>>><br></div><div>>> add_region_community();<br></div><div>>> add_site_community();<br></div><div>>> honor_graceful_shutdown();<br></div><div>>><br></div><div>>> accept;<br></div><div>>> }<br></div><div>>><br></div><div>>> function peer_import() {<br></div><div>>> scrub_communities_in();<br></div><div>>> add_peer_community();<br></div><div>>> default_import();<br></div><div>>> }<br></div><div>>><br></div><div>>> function peer_export() {<br></div><div>>> strip_private_asns();<br></div><div>>> add_global_prepends();<br></div><div>>><br></div><div>>> if is_own_prefix() then accept;<br></div><div>>><br></div><div>>> if route_is_rpki_invalid() then<br></div><div>>> reject "RPKI, route is INVALID - NOT ANNOUNCING ", net;<br></div><div>>><br></div><div>>> if is_own_internal_prefix() then {<br></div><div>>> if !prefix_is_in_global_whitelist() then<br></div><div>>> reject "prefix is our own and internal - NOT ANNOUNCING ", net;<br></div><div>>> }<br></div><div>>><br></div><div>>> if net.type = NET_IP4 then<br></div><div>>> if !is_prefix_length_valid(8, 24) then<br></div><div>>> reject "prefix len [", net.len, "] not in 8-24 - REJECTING ", net;<br></div><div>>><br></div><div>>> if net.type = NET_IP6 then<br></div><div>>> if !is_prefix_length_valid(12, 48) then<br></div><div>>> reject "prefix len [", net.len, "] not in 12-48 - REJECTING ", net;<br></div><div>>><br></div><div>>> if prefix_is_bogon() then<br></div><div>>> reject "prefix is bogon - NOT ANNOUNCING ", net;<br></div><div>>><br></div><div>>> if as_path_contains_invalid_asn() then<br></div><div>>> reject "AS_PATH [", bgp_path ,"] contains invalid ASN - REJECTING<br></div><div>>> ", net;<br></div><div>>><br></div><div>>> if should_not_export_to_site() then<br></div><div>>> reject "NO_EXPORT community in place for site - NOT ANNOUNCING ", net;<br></div><div>>><br></div><div>>> if should_not_export_to_region() then<br></div><div>>> reject "NO_EXPORT community in place for region - NOT ANNOUNCING ",<br></div><div>>> net;<br></div><div>>><br></div><div>>> if should_not_export_to_peers() then<br></div><div>>> reject "NO_EXPORT community in place for peers - NOT ANNOUNCING ", net;<br></div><div>>><br></div><div>>> if prefix_is_in_global_blacklist() then<br></div><div>>> reject "prefix is in global blacklist - REJECTING ", net;<br></div><div>>><br></div><div>>> if was_learned_from_customer() then accept;<br></div><div>>><br></div><div>>> reject;<br></div><div>>> }<br></div><div>>><br></div><div>>> function upstream_import() {<br></div><div>>> scrub_communities_in();<br></div><div>>> add_upstream_community();<br></div><div>>> default_import();<br></div><div>>> }<br></div><div>>><br></div><div>>> function upstream_export() {<br></div><div>>> strip_private_asns();<br></div><div>>> add_global_prepends();<br></div><div>>><br></div><div>>> if is_own_prefix() then accept;<br></div><div>>><br></div><div>>> if route_is_rpki_invalid() then<br></div><div>>> reject "RPKI, route is INVALID - NOT ANNOUNCING ", net;<br></div><div>>><br></div><div>>> if is_own_internal_prefix() then {<br></div><div>>> if !prefix_is_in_global_whitelist() then<br></div><div>>> reject "prefix is our own and internal - NOT ANNOUNCING ", net;<br></div><div>>> }<br></div><div>>><br></div><div>>> if net.type = NET_IP4 then<br></div><div>>> if !is_prefix_length_valid(8, 24) then<br></div><div>>> reject "prefix len [", net.len, "] not in 8-24 - REJECTING ", net;<br></div><div>>><br></div><div>>> if net.type = NET_IP6 then<br></div><div>>> if !is_prefix_length_valid(12, 48) then<br></div><div>>> reject "prefix len [", net.len, "] not in 12-48 - REJECTING ", net;<br></div><div>>><br></div><div>>> if prefix_is_bogon() then<br></div><div>>> reject "prefix is bogon - NOT ANNOUNCING ", net;<br></div><div>>><br></div><div>>> if as_path_contains_invalid_asn() then<br></div><div>>> reject "AS_PATH [", bgp_path ,"] contains invalid ASN - REJECTING<br></div><div>>> ", net;<br></div><div>>><br></div><div>>> if should_not_export_to_site() then<br></div><div>>> reject "NO_EXPORT community in place for site - NOT ANNOUNCING ", net;<br></div><div>>><br></div><div>>> if should_not_export_to_region() then<br></div><div>>> reject "NO_EXPORT community in place for region - NOT ANNOUNCING ",<br></div><div>>> net;<br></div><div>>><br></div><div>>> if should_not_export_to_upstreams() then<br></div><div>>> reject "NO_EXPORT community in place for upstreams - NOT ANNOUNCING<br></div><div>>> ", net;<br></div><div>>><br></div><div>>> if prefix_is_in_global_blacklist() then<br></div><div>>> reject "prefix is in global blacklist - REJECTING ", net;<br></div><div>>><br></div><div>>> if was_learned_from_customer() then accept;<br></div><div>>><br></div><div>>> reject;<br></div><div>>> }<br></div><div>>><br></div><div>>> function customer_import() {<br></div><div>>> scrub_communities_in();<br></div><div>>> add_customer_community();<br></div><div>>> default_import();<br></div><div>>> }<br></div><div>>><br></div><div>>> function customer_export() {<br></div><div>>> strip_private_asns();<br></div><div>>> add_global_prepends();<br></div><div>>><br></div><div>>> if is_own_prefix() then accept;<br></div><div>>><br></div><div>>> if route_is_rpki_invalid() then<br></div><div>>> reject "RPKI, route is INVALID - NOT ANNOUNCING ", net;<br></div><div>>><br></div><div>>> if is_own_internal_prefix() then {<br></div><div>>> if !prefix_is_in_global_whitelist() then<br></div><div>>> reject "prefix is our own and internal - NOT ANNOUNCING ", net;<br></div><div>>> }<br></div><div>>><br></div><div>>> if net.type = NET_IP4 then<br></div><div>>> if !is_prefix_length_valid(8, 24) then<br></div><div>>> reject "prefix len [", net.len, "] not in 8-24 - REJECTING ", net;<br></div><div>>><br></div><div>>> if net.type = NET_IP6 then<br></div><div>>> if !is_prefix_length_valid(12, 48) then<br></div><div>>> reject "prefix len [", net.len, "] not in 12-48 - REJECTING ", net;<br></div><div>>><br></div><div>>> if prefix_is_bogon() then<br></div><div>>> reject "prefix is bogon - NOT ANNOUNCING ", net;<br></div><div>>><br></div><div>>> if as_path_contains_invalid_asn() then<br></div><div>>> reject "AS_PATH [", bgp_path ,"] contains invalid ASN - REJECTING<br></div><div>>> ", net;<br></div><div>>><br></div><div>>> if should_not_export_to_site() then<br></div><div>>> reject "NO_EXPORT community in place for site - NOT ANNOUNCING ", net;<br></div><div>>><br></div><div>>> if should_not_export_to_region() then<br></div><div>>> reject "NO_EXPORT community in place for region - NOT ANNOUNCING ",<br></div><div>>> net;<br></div><div>>><br></div><div>>> if should_not_export_to_customers() then<br></div><div>>> reject "NO_EXPORT community in place for customers - NOT ANNOUNCING<br></div><div>>> ", net;<br></div><div>>><br></div><div>>> if prefix_is_in_global_blacklist() then<br></div><div>>> reject "prefix is in global blacklist - REJECTING ", net;<br></div><div>>><br></div><div>>> if was_learned_from_peer() then accept;<br></div><div>>> if was_learned_from_private_peer() then accept;<br></div><div>>> if was_learned_from_upstream() then accept;<br></div><div>>> if was_learned_from_customer() then accept;<br></div><div>>><br></div><div>>> reject;<br></div><div>>> }<br></div><div>>><br></div><div>>> function core_import() {<br></div><div>>> if prefix_is_bogon() then reject;<br></div><div>>><br></div><div>>> if prefix_is_in_global_blacklist() then<br></div><div>>> reject "prefix is in global blacklist - REJECTING ", net;<br></div><div>>><br></div><div>>> honor_graceful_shutdown();<br></div><div>>> accept;<br></div><div>>> }<br></div><div>>><br></div><div>>> function core_export() {<br></div><div>>> if prefix_is_bogon() then reject;<br></div><div>>><br></div><div>>> if prefix_is_in_global_blacklist() then<br></div><div>>> reject "prefix is in global blacklist - REJECTING ", net;<br></div><div>>><br></div><div>>> if is_own_prefix() then accept;<br></div><div>>> if is_own_internal_prefix() then accept;<br></div><div>>> if was_learned_from_peer() then accept;<br></div><div>>> if was_learned_from_private_peer() then accept;<br></div><div>>> if was_learned_from_upstream() then accept;<br></div><div>>> if was_learned_from_customer() then accept;<br></div><div>>><br></div><div>>> reject;<br></div><div>>> }<br></div><div>>> ------------------------------------------------------------------------<br></div><div>>> -- <br></div><div>>> This email has been checked for viruses by Avast antivirus software.<br></div><div>>> <a href="https://www.avast.com/antivirus">https://www.avast.com/antivirus</a><br></div><div>>><br></div><div>>><br></div><div>>> -- <br></div><div>>> Sent from my Android device with K-9 Mail. Please excuse my brevity. <br></div><div>> <br></div><div>> <br></div><div>> ------------------------------------------------------------------------<br></div><div>> Avast logo <br></div><div>> <<a href="https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=emailclient">https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=emailclient</a>> <br></div><div>><br></div><div>> <br></div><div>> This email has been checked for viruses by Avast antivirus software.<br></div><div>> <a href="http://www.avast.com">www.avast.com</a> <br></div><div>> <<a href="https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=emailclient">https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=emailclient</a>> <br></div><div>> <br></div><div>> <br></div><div>> <br></div><div>> <#DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2><br></div><div><br></div></blockquote><div><br></div></body></html>