Ondrej Zajicek пишет:
On Wed, Jan 27, 2010 at 04:49:45PM +0300, Mikhail A. Grishin wrote:
Handling of no-export community is hardcoded in BIRD, so such routes are not exported to the external neighbors, as it is expected. I can send you a patch that causes BIRD to ignore well-known communities (and leaves such behavior to configured filters) and we will make this behavior configurable in the next version.
Yes, it would be nice, please send me a patch. We expected that we could choose, which well-known communities must go through RS, which is not. Right now we only interested in transparency for "no-export".
Here is the patch that removes hardcoded handling of well-known communities. If you want the other well-known communities to work, you have to add appropriate code to export filters.
Hi, First of all, thank you for patch and for fast respond! After applying both patches (date patch and well-known communities) on production server, we got some strange errors: Jan 28 12:02:04 msk-rsm2 bird: R34485x1: Error: Finite state machine error Jan 28 12:02:17 msk-rsm2 bird: R13174x1: Error: Finite state machine error Jan 28 12:02:28 msk-rsm2 bird: R3218x1: Error: Finite state machine error Jan 28 12:02:30 msk-rsm2 bird: R41842x1: Error: Finite state machine error Jan 28 12:03:09 msk-rsm2 bird: R34485x1: Error: Finite state machine error Jan 28 12:03:26 msk-rsm2 bird: R41842x1: Error: Finite state machine error Jan 28 12:03:29 msk-rsm2 bird: R13174x1: Error: Finite state machine error Jan 28 12:03:37 msk-rsm2 bird: R3218x1: Error: Finite state machine error What does it mean? These peers worked fine before applying the patches. Debug: =================== Jan 28 12:40:17 msk-rsm2 bird: R41842x1: Incoming connection from 193.232.246.200 (port 20880) rejected Jan 28 12:40:19 msk-rsm2 bird: R41842x1: Started Jan 28 12:40:19 msk-rsm2 bird: R41842x1: Connect delayed by 60 seconds Jan 28 12:40:36 msk-rsm2 bird: R41842x1: Incoming connection from 193.232.246.200 (port 33675) accepted Jan 28 12:40:36 msk-rsm2 bird: R41842x1: Sending OPEN(ver=4,as=8631,hold=180,id=c1e8f664) Jan 28 12:40:36 msk-rsm2 bird: R41842x1: Got OPEN(as=41842,hold=180,id=4df660a0) Jan 28 12:40:36 msk-rsm2 bird: R41842x1: Sending KEEPALIVE Jan 28 12:40:36 msk-rsm2 bird: R41842x1: Got UPDATE Jan 28 12:40:36 msk-rsm2 bird: R41842x1: Error: Finite state machine error Jan 28 12:40:36 msk-rsm2 bird: R41842x1: Sending NOTIFICATION(code=5.0) Jan 28 12:40:36 msk-rsm2 bird: R41842x1: Down Jan 28 12:40:36 msk-rsm2 bird: R41842x1: Starting Jan 28 12:40:36 msk-rsm2 bird: R41842x1: Startup delayed by 300 seconds ===================== Config for one of that peers: #--------------------------------------------------------- # Client 'media', AS 41842 table T41842; filter bgp_in_AS41842 prefix set allnet; # AS_PATH filter is temporary disabled #int set allas; { if ! (avoid_martians()) then reject; if (bgp_path.first != 41842 ) then reject; # AS_PATH filter is temporary disabled # allas = [ 47445, 45018, 44522, 45029, 44597, 42728, 42139, 42385 ]; # if ! (bgp_path.last ~ allas) then reject; allnet = [ 62.105.32.0/19, 62.105.48.0/20, 62.109.0.0/20, 62.109.0.0/21, 62.109.8.0/21, 62.109.16.0/21, 62.109.24.0/22, 62.109.28.0/22, 77.236.224.0/19, 77.236.224. 0/20, 77.236.240.0/21, 77.236.248.0/21, 77.246.96.0/21, 77.246.104.0/21, 77.246.144.0/21, 77.246.148.0/22, 78.24.216.0/21, 79.98.136.0/21, 79.174.32.0/19, 79.174.32.0 /20, 79.174.48.0/20, 80.244.224.0/20, 80.253.30.0/24, 80.253.31.0/24, 82.114.96.0/19, 82.114.96.0/20, 82.114.99.0/24, 82.114.112.0/21, 82.114.120.0/21, 82.146.32.0/21 , 82.146.37.0/24, 82.146.40.0/21, 82.146.48.0/21, 82.146.56.0/21, 85.249.0.0/21, 87.255.0.0/23, 87.255.2.0/23, 87.255.2.0/24, 87.255.3.0/24, 87.255.4.0/22, 87.255.8.0 /22, 87.255.8.0/24, 87.255.9.0/24, 87.255.9.252/30, 87.255.10.0/23, 87.255.12.0/22, 87.255.16.0/21, 87.255.24.0/21, 88.210.52.0/22, 89.255.64.0/21, 89.255.68.0/22, 89 .255.72.0/21, 89.255.80.0/22, 89.255.94.0/23, 89.255.95.0/24, 91.192.244.0/22, 91.200.28.0/22, 91.200.28.0/23, 91.200.30.0/23, 91.204.108.0/22, 91.206.14.0/23, 91.210 .84.0/22, 91.210.228.0/22, 91.210.228.0/23, 91.210.230.0/24, 91.210.231.0/24, 92.63.96.0/21, 92.63.104.0/22, 92.63.108.0/22, 92.63.108.0/24, 93.92.32.0/21, 93.186.48. 0/20, 94.28.112.0/22, 94.28.116.0/22, 94.158.160.0/20, 94.158.160.0/21, 94.158.168.0/21, 94.159.0.0/17, 95.128.176.0/22, 95.128.178.0/23, 188.120.32.0/20, 188.120.32. 0/21, 188.120.40.0/22, 188.120.44.0/22, 188.120.224.0/20, 188.120.240.0/21, 188.120.248.0/21, 188.133.136.0/21, 188.133.152.0/21, 193.169.32.0/23, 193.169.96.0/23, 19 3.169.174.0/23, 193.192.128.0/20, 193.192.144.0/20, 193.192.144.0/24, 193.192.144.0/25, 193.192.145.0/24, 194.9.224.0/20, 194.54.176.0/22, 194.107.23.0/24, 194.110.25 3.0/24, 195.62.62.0/23, 195.62.62.0/24, 195.62.63.0/24, 195.88.92.0/23, 195.88.170.0/23, 195.88.170.0/24, 195.88.171.0/24, 195.216.241.0/24, 195.218.134.0/24, 212.16. 0.0/19, 212.16.0.0/20, 212.16.16.0/20, 213.5.184.0/21, 213.33.198.0/24, 213.79.0.0/19, 213.79.0.0/20, 213.79.16.0/23, 213.79.18.0/24, 213.79.19.0/24, 213.79.20.0/22, 213.79.24.0/21, 213.108.128.0/21, 213.221.4.128/26, 217.78.176.0/20, 217.117.112.0/20, 217.117.127.0/24 ]; if ! (net ~ allnet) then reject; bgp_next_hop = 193.232.246.200; accept; } protocol pipe P41842 { table master; mode transparent; peer table T41842; import filter bgp_in_AS41842; export where bgp_out(41842); } protocol bgp R41842x1 { local as myas; neighbor 193.232.246.200 as 41842; hold time 180; startup hold time 180; # connect retry time 120; # path metric 1; # Prefer routes with shorter paths (like Cisco does) # default bgp_med 0; # MED value we use for comparison when none is defined # default bgp_local_pref 0; # The same for local preference import all; export all; table T41842; rs client; start delay time 60; } #--------------------------------------------------------- ... # BGP output filter (based on communities) function bgp_out(int peeras) { if ! (source = RTS_BGP ) then return false; if (0,peeras) ~ bgp_community then return false; if (myas,peeras) ~ bgp_community then return true; if (0, myas) ~ bgp_community then return false; return true; } #--------------------------------------------------------- -- Mikhail A. Grishin E-mail: magr@ripn.net