Hello!

Well, RFC 5575 doesn't explicitly say that the flowspec rule must contain the destination chunk, anyway it specifies that these rules should be understood as additional information for unicast BGP prefixes.

Therefore we assume that the dst is de facto mandatory, despite de iure it is optional.

If there are more benevolent implementations, we may think about waiving this. I think we don't have any strong position on that, we just assume that flowspec is used in the way the RFC says which assumes dst always present.

Maria

On February 5, 2020 8:44:54 PM GMT+01:00, "Alex D." <listensammler@gmx.de> wrote:
Hi,
does anybody know something about the behavior observed ?
Regards,
Alex

-------- Original-Nachricht --------
Betreff: BGP session closed after receipt of flowspec route without destination prefix
Datum: Fri, 24 Jan 2020 21:33:17 +0100
Von: Alex D. <listensammler@gmx.de>
An: bird-users@network.cz


Hi,

i configured the following flowspec route on a Juniper router:
route v6test {
    match {
        source 2a02:xxxx:xxxx:xxxx::1/128;
    }
    then discard;
}

The route was accepted on my Juniper router and blocked all traffic from src ip 2a02:xxxx:xxxx:xxxx::1 as expected. After advertising the route, BIRD closed the BGP session. Is this an expected behaviour, means does is it necessary, that a dst prefix for a flowspec route must exist ?

Log:
2020-01-24 09:52:26.750 <RMT> vs_dis_r1_6838: No dst prefix at first pos
2020-01-24 09:52:26.750 <RMT> vs_dis_r1_6838: Error: Malformed attribute list
2020-01-24 09:52:26.750 <TRACE> vs_dis_r1_6838: BGP session closed

BIRD accepted the route after changing to:
route v6test {
    match {
        destination ::/0;
        source 2a02:xxxx:xxxx:xxxx::1/128;
    }
    then discard;
}

Regards,
Alex


--
Sent from my Android device with K-9 Mail. Please excuse my brevity.