When running IPv6 daemon, I have a BGP peer:
protocol bgp bogon_1 from BH_SERVER {
import where net.len < 33;
import filter BLACKHOLE_IN;
import limit 100000 action warn;
}
The filter is simply an “accept;”. The problem I’m seeing however is that I’m getting prefixes imported that are longer than 32. In fact, it looks like “import where” is completely ignored in IPv6 (at least for net.len?). If I put “import where net.len = 0” I still see all the longer prefixes getting imported.
If I go into the filter and add a “if net.len < 33 then reject;” then I see it work.
Is this the expected behavior, a bug or am I missing something?
--
inoc.net!rblayzor
XMPP: rblayzor.AT.inoc.net
PGP: https://inoc.net/~rblayzor/
Hi BIRD team and fellow BIRD users,
are there any plans to implement Graceful BGP session shutdown (https://tools.ietf.org/html/draft-ietf-grow-bgp-gshut) in future releases?
Ingress is pretty easy and only needs to be implemented once by the user: Check for BGP Community 65535:0 and set local pref to 0 on match
Egress is also simple, but more effortful. It also needs a config change in every maintenance window:
- Modify egress filter to add 65535:0
- Reload config and egress filter
BIRD could automate this by offering a command like "birdc disable bgp1 graceful 15"
which would send 65535:0 immediately and then disable the session after a configurable time, in this case 15 minutes.
What do you think?
Regards,
Johannes
--
Johannes Moos
Systems Engineer
DE-CIX Management GmbH | Lindleystr. 12 | 60314 Frankfurt am Main | Germany | www.de-cix.net
Phone +49 69 1730902 45 | Mobile +49 160 97997723 | Fax +49 69 4056 2716 | johannes.moos(a)de-cix.net
Geschaeftsfuehrer Harald A. Summa | Registergericht AG Koeln HRB 51135
I am attempting to setup Bird on a VM to act as a RTBH trigger…
Bird 1.6.0 on FreeBSD 11.1
Is there a alternative way to advertise null routes from Bird rather than using a kernel table?
I have tried using static routes, but because assuming the next hop is not reachable, the routes do not export. I guess I’m looking for a way you would normally do something like a null route in Cisco and get that route into BGP. Using the kernel table at the moment is not desirable… Also other than other routing protocol peering sessions or the kernel, is there another way to get a static null route into Bird?
protocol static trig1 {
route 192.0.2.0/24 blackhole;
route 192.168.255.254/32 via 192.0.2.1;
import none;
export all;
}
bird> show static
192.0.2.0/24 blackhole
192.168.255.254/32 via 192.0.2.1 (dormant)
name proto table state since info
trig1 Static master up 00:02:27
Preference: 200
Input filter: REJECT
Output filter: ACCEPT
Routes: 0 imported, 0 exported, 0 preferred
Route change stats: received rejected filtered ignored accepted
Import updates: 1 0 1 0 0
Import withdraws: 0 0 --- 1 0
Export updates: 0 0 0 --- 0
Export withdraws: 0 --- --- — 0
--
inoc.net!rblayzor
XMPP: rblayzor.AT.inoc.net
PGP: https://inoc.net/~rblayzor/
