Re: Community for small IX - problem with 4B ASN

22 Jan 2018


      I see AS205082 is yours.  You'll need a 16-bit ASN in order to use the 
communities described below.

Chris

On Mon, 22 Jan 2018, Chris Caputo wrote:
...
What is myas set to?
Chris
On Mon, 22 Jan 2018, Piotr Marciniak wrote:
...
Hello Chris,
Thank you for your config. Looks much better. Still I have know error...
bird> conf check
Reading configuration from /etc/bird/bird.conf
/etc/bird/bird.conf, line 121: Value 205082 out of range (0-65535)
...but not in main section of filter. It is only here now:
#Remove IXP related communities
#(...)
bgp_community.delete([(myas,*)]);
Only this one line. Once commented - no errors in filter reported. Is there
any fix for it?
Rgrds,
Peter
-----Oryginalna wiadomość----- From: Chris Caputo
Sent: Monday, January 22, 2018 2:25 PM
To: Piotr Marciniak
Cc: bird-users@network.cz
Subject: Re: Community for small IX - problem with 4B ASN
...
1. Is it possible to enable 4B ASn for communities in Bird? Will it work
with other rouers?
2. Can we use instead private ASn just for community filters? Are they
processed corretly by other Internet routers of our peers?
1. Yes.
2. I don't recommend it.
To see the communities supported by the SIX route servers, refer to:
https://www.seattleix.net/route-servers#communities
Below is how we do it with bird 1.6.3.  Not sure about 2.0+.
I hope this helps and feedback from the community is welcome.
Chris
---
define myas = SET TO IXP ASN;
define peerPrepend1 = 65001;
define peerPrepend2 = 65002;
define peerPrepend3 = 65003;
# BGP output filter (based on communities)
# Returning false means don't propagate route to peeras.
# Returning true means do propagate route to peeras.
function bgp_out_comm(int peeras)
{
 if ! (source = RTS_BGP ) then return false;
if (myas,0,peeras) ~ bgp_large_community then return false;
 if (myas,1,peeras) ~ bgp_large_community then return true;
 if (myas,0,0) ~ bgp_large_community then return false;
if peeras > 65535 then
 {
   if (ro,0,peeras) ~ bgp_ext_community then return false;
   if (ro,myas,peeras) ~ bgp_ext_community then return true;
   if ((ro,0,myas) ~ bgp_ext_community) then return false;
 } else {
   if ((0,peeras) ~ bgp_community) || ((ro,0,peeras) ~ bgp_ext_community) 
then return false;
   if ((myas,peeras) ~ bgp_community) || ((ro,myas,peeras) ~
bgp_ext_community) then return true;
   if ((0,myas) ~ bgp_community) || ((ro,0,myas) ~ bgp_ext_community) then
return false;
 }
 return true;
}
function bgp_out(int peeras)
{
 if !bgp_out_comm(peeras) then return false;
# Prepends
 if peeras > 65535 then
 {
   if ((ro,peerPrepend1,peeras) ~ bgp_ext_community) ||
((myas,peerPrepend1,peeras) ~ bgp_large_community) then {
     bgp_path.prepend(bgp_path.first);
   }
   if ((ro,peerPrepend2,peeras) ~ bgp_ext_community) || 
((myas,peerPrepend2,peeras) ~ bgp_large_community) then {
     bgp_path.prepend(bgp_path.first);
     bgp_path.prepend(bgp_path.first);
   }
   if ((ro,peerPrepend3,peeras) ~ bgp_ext_community) || 
((myas,peerPrepend3,peeras) ~ bgp_large_community) then {
     bgp_path.prepend(bgp_path.first);
     bgp_path.prepend(bgp_path.first);
     bgp_path.prepend(bgp_path.first);
   }
 } else {
   if ((peerPrepend1,peeras) ~ bgp_community) || ((ro,peerPrepend1,peeras) 
~ bgp_ext_community) || ((myas,peerPrepend1,peeras) ~ bgp_large_community) 
then {
     bgp_path.prepend(bgp_path.first);
   }
   if ((peerPrepend2,peeras) ~ bgp_community) || ((ro,peerPrepend2,peeras) 
~ bgp_ext_community) || ((myas,peerPrepend2,peeras) ~ bgp_large_community) 
then {
     bgp_path.prepend(bgp_path.first);
     bgp_path.prepend(bgp_path.first);
   }
   if ((peerPrepend3,peeras) ~ bgp_community) || ((ro,peerPrepend3,peeras) 
~ bgp_ext_community) || ((myas,peerPrepend3,peeras) ~ bgp_large_community) 
then {
     bgp_path.prepend(bgp_path.first);
     bgp_path.prepend(bgp_path.first);
   bgp_path.prepend(bgp_path.first);
   }
 }
# Remove IXP related communities
 bgp_community.delete([(0,*)]);
 bgp_community.delete([(myas,*)]);
 bgp_community.delete([(peerPrepend1,*)]);
 bgp_community.delete([(peerPrepend2,*)]);
 bgp_community.delete([(peerPrepend3,*)]);
 bgp_ext_community.delete([(ro,0,*)]);
 bgp_ext_community.delete([(ro,myas,*)]);
 bgp_ext_community.delete([(ro,peerPrepend1,*)]);
 bgp_ext_community.delete([(ro,peerPrepend2,*)]);
 bgp_ext_community.delete([(ro,peerPrepend2,*)]);
 bgp_large_community.delete([(myas,*,*)]);
return true;
}
On Mon, 22 Jan 2018, Piotr Marciniak wrote:
...
Dear Advisors ;],
Thank you for all posts. But still I do not know how to make Bird working
with
4B communities and if I may do this - whether it will be accepted for our
peers? In short - I do not know how to adapt to 4B communities following
examples:
https://gitlab.labs.nic.cz/labs/bird/wikis/Route_server_with_community_based...
https://gitlab.labs.nic.cz/labs/bird/wikis/Route_server_with_community_based...
Is there any way to enable 4B communities in bird.conf?
I do not have any problem with 4B ASn. I set bgp peering sessions from Bird
with 4B ASn. Even our IX has AS205082.
This is why I put 2 questions:
1. Is it possible to enable 4B ASn for communities in Bird? Will it work
with other rouers?
2. Can we use instead private ASn just for community filters? Are they
processed corretly by other Internet routers of our peers?
Please - do not explain me theoretical difference between 16 and 32 bits.
Question is simple - can I use 4B communities for filters? If not - what
16bit
"fake ASn" I can use instead safely?
Best wishes,
Piotr Marciniak
-----Oryginalna wiadomość----- From: Paweł Nastachowski
Sent: Monday, January 22, 2018 1:12 PM
To: Piotr Marciniak
Cc: bird-users@network.cz
Subject: Re: Community for small IX - problem with 4B ASN
Hi Piotr,
I should use extended community for 4B ASN, because normal community is too
small “Encodes a 32-bit value displayed as “16-bit ASN:16-bit value”.
Regards,
Pawel
-----Wiadomość oryginalna-----
Od: Bird-users <bird-users-bounces@network.cz> w imieniu użytkownika Piotr
Marciniak <zboj@mnc.pl>
Data: poniedziałek, 22 stycznia 2018 11:15
Do: "bird-users@network.cz" <bird-users@network.cz>
Temat: Community for small IX - problem with 4B ASN
Hello,
I've spent a while on below docs and faced a problem with 4B ASN we use.
   Bird reports an error 'when 'myas' is 4B => so above 65535.
   See some testing example below:
bird> configure
   Reading configuration from /etc/bird/bird.conf
   /etc/bird/bird.conf, line 81: Value 165250 out of range (0-65535)
The only way this config reports no error is to set here private ASn -
fe.
   65250. But it will never match our real ASn.
Two questions:
1. Is it possible to enable 4B ASn for communities in Bird? Will it work
   with other rouers?
   2. Can we use instead private ASn just for community filters? Are they
   processed corretly by other Internet routers of our peers?
Or maybe there is another work around?
Best wishes,
Peter
-----Oryginalna wiadomość-----
   From: Piotr Marciniak
   Sent: Friday, December 29, 2017 5:01 PM
   To: Ondrej Zajicek
   Cc: bird-users@network.cz
   Subject: Re: Community for small IX
There are some examples in BIRD wiki, mainly:
https://urldefense.proofpoint.com/v2/url?u=https-3A__gitlab.labs.nic.cz_labs...
https://urldefense.proofpoint.com/v2/url?u=https-3A__gitlab.labs.nic.cz_labs...
--
   Elen sila lumenn' omentielvo
Ondrej 'Santiago' Zajicek (email: santiago@crfreenet.org)
   OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net)
   "To err is human -- to blame it on a computer is even more so."
This email is from Equinix (EMEA) B.V. or one of its associated companies in
the territory from where this email has been sent. This email, and any files
transmitted with it, contains information which is confidential, is solely
for
the use of the intended recipient and may be legally privileged. If you have
received this email in error, please notify the sender and delete this email
immediately. Equinix (EMEA) B.V.. Registered Office: Amstelplein 1, 1096 HA
Amsterdam, The Netherlands. Registered in The Netherlands No. 57577889.