Re: BGP lost routes problem

22 Jan 2015

      Reduced the setup slightly, all routers are in single AS 65001. Just one
common route between 10.72.1.1 and 10.72.1.2, which is 10.0.0.0/8. Removed
the third router, so just .1 and .2.

Two routers, same AS, both exporting the same network, which results in
both withdrawing the same network. How can I stop this? I want bird to
install the BGP route for 10.0.0.0/8 if ever the local route is gone (i.e
in my case, it's a vpn that installs a static route for 10.0.0.0/8). How
can I do this? Is it even supported?

Using tcpdump, I can see sometimes one and sometimes both .1 and .2
withdraw the route from each other. Sometimes its not withdrawn at all -
normally the first time everyone sees each others routes. If I restart .1
or .2 bird instance, then I will see one or both of them withdraw the route.

For example, this tcpdump shows both .1 and .2 withdraw the route from each
other:

# 10.72.1.1's logs (tcpdump + syslog)

19:02:18.408782 IP (tos 0xc0, ttl 64, id 56703, offset 0, flags [DF], proto
TCP (6), length 86)
    10.72.1.2.37302 > 10.72.1.1.179: Flags [P.], cksum 0xe441 (correct),
seq 69:115, ack 69, win 5840, length 46: BGP, length: 46
    Update Message (2), length: 46
      Origin (1), length: 1, Flags [T]: IGP
        0x0000:  00
      AS Path (2), length: 0, Flags [T]: empty
      Next Hop (3), length: 4, Flags [T]: 10.72.1.2
        0x0000:  0a48 0102
      Local Preference (5), length: 4, Flags [T]: 980
        0x0000:  0000 03d4
      Updated routes:
        10.0.0.0/8  <---------- .2 advertises 10.0.0.0/8 to .1
19:02:18.408972 IP (tos 0xc0, ttl 64, id 56928, offset 0, flags [DF], proto
TCP (6), length 157)
    10.72.1.1.179 > 10.72.1.2.37302: Flags [P.], cksum 0xba2f (correct),
seq 69:186, ack 115, win 5840, length 117: BGP, length: 117
    Update Message (2), length: 46
      Origin (1), length: 1, Flags [T]: IGP
        0x0000:  00
      AS Path (2), length: 0, Flags [T]: empty
      Next Hop (3), length: 4, Flags [T]: 10.72.1.1
        0x0000:  0a48 0101
      Local Preference (5), length: 4, Flags [T]: 990
        0x0000:  0000 03de
      Updated routes:
        10.0.0.0/8   <---------- .1 advertises 10.0.0.0/8 to .2
    Update Message (2), length: 48
      Origin (1), length: 1, Flags [T]: IGP
        0x0000:  00
      AS Path (2), length: 0, Flags [T]: empty
      Next Hop (3), length: 4, Flags [T]: 10.72.1.1
        0x0000:  0a48 0101
      Local Preference (5), length: 4, Flags [T]: 100
        0x0000:  0000 0064
      Updated routes:
        10.99.10.0/24
    Update Message (2), length: 23
      End-of-Rib Marker (empty NLRI)
19:02:18.409201 IP (tos 0xc0, ttl 64, id 56704, offset 0, flags [DF], proto
TCP (6), length 88)
    10.72.1.2.37302 > 10.72.1.1.179: Flags [P.], cksum 0x7b7c (correct),
seq 115:163, ack 186, win 5840, length 48: BGP, length: 48
    Update Message (2), length: 48
      Origin (1), length: 1, Flags [T]: IGP
        0x0000:  00
      AS Path (2), length: 0, Flags [T]: empty
      Next Hop (3), length: 4, Flags [T]: 10.72.1.2
        0x0000:  0a48 0102
      Local Preference (5), length: 4, Flags [T]: 1000
        0x0000:  0000 03e8
      Updated routes:
        10.88.10.0/24
19:02:18.420970 IP (tos 0xc0, ttl 64, id 56929, offset 0, flags [DF], proto
TCP (6), length 65)
    10.72.1.1.179 > 10.72.1.2.37302: Flags [P.], cksum 0x8f42 (correct),
seq 186:211, ack 163, win 5840, length 25: BGP, length: 25
    Update Message (2), length: 25
      Withdrawn routes:
        10.0.0.0/8   <---------- .1 withdraws 10.0.0.0/8
19:02:18.421204 IP (tos 0xc0, ttl 64, id 56705, offset 0, flags [DF], proto
TCP (6), length 88)
    10.72.1.2.37302 > 10.72.1.1.179: Flags [P.], cksum 0x7a0e (correct),
seq 163:211, ack 211, win 5840, length 48: BGP, length: 48
    Update Message (2), length: 23
      End-of-Rib Marker (empty NLRI)
    Update Message (2), length: 25
      Withdrawn routes:
        10.0.0.0/8  <---------- .2 also withdraws 10.0.0.0/8
19:02:18.460407 IP (tos 0xc0, ttl 64, id 56930, offset 0, flags [DF], proto
TCP (6), length 40)
    10.72.1.1.179 > 10.72.1.2.37302: Flags [.], cksum 0x9d3b (correct), seq
211, ack 211, win 5840, length 0

Syslogs:

Jan 22 19:02:18 lanrouter daemon.debug bird: AS65001_2: Incoming connection
from 10.72.1.2 (port 37302) accepted
Jan 22 19:02:18 lanrouter daemon.debug bird: AS65001_2: Sending
OPEN(ver=4,as=65001,hold=240,id=0a1810e1)
Jan 22 19:02:18 lanrouter daemon.debug bird: AS65001_2: Got
OPEN(as=65001,hold=240,id=0a480102)
Jan 22 19:02:18 lanrouter daemon.debug bird: AS65001_2: Got KEEPALIVE
Jan 22 19:02:18 lanrouter daemon.debug bird: AS65001_2: BGP session
established
Jan 22 19:02:18 lanrouter daemon.debug bird: AS65001_2: Connected to table
master
Jan 22 19:02:18 lanrouter daemon.debug bird: AS65001_2: State changed to
feed
Jan 22 19:02:18 lanrouter daemon.debug bird: AS65001_2: Sending KEEPALIVE
Jan 22 19:02:18 lanrouter daemon.debug bird: AS65001_2 < filtered out
0.0.0.0/0 via 2.127.238.77 on ppp0
Jan 22 19:02:18 lanrouter daemon.debug bird: AS65001_2 < added 10.0.0.0/8
dev vpn-3b42d3c8
Jan 22 19:02:18 lanrouter daemon.debug bird: AS65001_2 < filtered out
10.72.0.0/16 dev eth0
Jan 22 19:02:18 lanrouter daemon.debug bird: AS65001_2 < filtered out
10.168.254.0/24 dev vlan254
Jan 22 19:02:18 lanrouter daemon.debug bird: AS65001_2 < filtered out
192.168.0.0/16 dev vpn-3b42d3c8
Jan 22 19:02:18 lanrouter daemon.debug bird: AS65001_2: Got UPDATE
Jan 22 19:02:18 lanrouter daemon.debug bird: AS65001_2 > added [best]
10.0.0.0/8 via 10.72.1.2 on eth0
Jan 22 19:02:18 lanrouter daemon.debug bird: AS65001_2 < rejected by
protocol 10.0.0.0/8 via 10.72.1.2 on eth0
Jan 22 19:02:18 lanrouter daemon.debug bird: AS65001_2 < removed 10.0.0.0/8
dev vpn-3b42d3c8
Jan 22 19:02:18 lanrouter daemon.debug bird: AS65001_2 < rejected by
protocol 10.88.10.0/24 via 10.72.1.2 on eth0
Jan 22 19:02:18 lanrouter daemon.debug bird: AS65001_2: Sending UPDATE
Jan 22 19:02:18 lanrouter daemon.debug bird: AS65001_2: Got UPDATE
Jan 22 19:02:18 lanrouter daemon.debug bird: AS65001_2: Got End-of-RIB
Jan 22 19:02:18 lanrouter daemon.debug bird: AS65001_2: Got UPDATE
Jan 22 19:02:18 lanrouter daemon.debug bird: AS65001_2 > removed [replaced]
10.0.0.0/8 via 10.72.1.2 on eth0

# ip route list proto bird
10.88.10.0/24 via 10.72.1.2 dev eth0
# ip route list | grep 10.0.0.0
10.0.0.0/8 dev vpn-3b42d3c8  proto vpn  scope link  src 10.72.1.1  metric
10

# 10.72.1.2's logs (tcpdump + syslog)

tcpdump - see both advertise 10.0.0.0/8 and then both withdraw 10.0.0.0/8.

19:02:17.982785 IP (tos 0xc0, ttl 64, id 56703, offset 0, flags [DF], proto
TCP (6), length 86)
    10.72.1.2.37302 > 10.72.1.1.179: Flags [P.], cksum 0xe441 (correct),
seq 69:115, ack 69, win 5840, length 46: BGP, length: 46
    Update Message (2), length: 46
      Origin (1), length: 1, Flags [T]: IGP
        0x0000:  00
      AS Path (2), length: 0, Flags [T]: empty
      Next Hop (3), length: 4, Flags [T]: 10.72.1.2
        0x0000:  0a48 0102
      Local Preference (5), length: 4, Flags [T]: 980
        0x0000:  0000 03d4
      Updated routes:
        10.0.0.0/8 <---------- .2 advertises 10.0.0.0/8 to .1
19:02:17.983121 IP (tos 0xc0, ttl 64, id 56928, offset 0, flags [DF], proto
TCP (6), length 157)
    10.72.1.1.179 > 10.72.1.2.37302: Flags [P.], cksum 0xba2f (correct),
seq 69:186, ack 115, win 5840, length 117: BGP, length: 117
    Update Message (2), length: 46
      Origin (1), length: 1, Flags [T]: IGP
        0x0000:  00
      AS Path (2), length: 0, Flags [T]: empty
      Next Hop (3), length: 4, Flags [T]: 10.72.1.1
        0x0000:  0a48 0101
      Local Preference (5), length: 4, Flags [T]: 990
        0x0000:  0000 03de
      Updated routes:
        10.0.0.0/8 <---------- .1 advertises 10.0.0.0/8 to .2
    Update Message (2), length: 48
      Origin (1), length: 1, Flags [T]: IGP
        0x0000:  00
      AS Path (2), length: 0, Flags [T]: empty
      Next Hop (3), length: 4, Flags [T]: 10.72.1.1
        0x0000:  0a48 0101
      Local Preference (5), length: 4, Flags [T]: 100
        0x0000:  0000 0064
      Updated routes:
        10.99.10.0/24
    Update Message (2), length: 23
      End-of-Rib Marker (empty NLRI)
19:02:17.983224 IP (tos 0xc0, ttl 64, id 56704, offset 0, flags [DF], proto
TCP (6), length 88)
    10.72.1.2.37302 > 10.72.1.1.179: Flags [P.], cksum 0x7b7c (correct),
seq 115:163, ack 186, win 5840, length 48: BGP, length: 48
    Update Message (2), length: 48
      Origin (1), length: 1, Flags [T]: IGP
        0x0000:  00
      AS Path (2), length: 0, Flags [T]: empty
      Next Hop (3), length: 4, Flags [T]: 10.72.1.2
        0x0000:  0a48 0102
      Local Preference (5), length: 4, Flags [T]: 1000
        0x0000:  0000 03e8
      Updated routes:
        10.88.10.0/24
19:02:17.995110 IP (tos 0xc0, ttl 64, id 56929, offset 0, flags [DF], proto
TCP (6), length 65)
    10.72.1.1.179 > 10.72.1.2.37302: Flags [P.], cksum 0x8f42 (correct),
seq 186:211, ack 163, win 5840, length 25: BGP, length: 25
    Update Message (2), length: 25
      Withdrawn routes:
        10.0.0.0/8 <---------- .1 withdraws 10.0.0.0/8
19:02:17.995220 IP (tos 0xc0, ttl 64, id 56705, offset 0, flags [DF], proto
TCP (6), length 88)
    10.72.1.2.37302 > 10.72.1.1.179: Flags [P.], cksum 0x7a0e (correct),
seq 163:211, ack 211, win 5840, length 48: BGP, length: 48
    Update Message (2), length: 23
      End-of-Rib Marker (empty NLRI)
    Update Message (2), length: 25
      Withdrawn routes:
        10.0.0.0/8 <---------- .2 withdraws 10.0.0.0/8
19:02:18.034539 IP (tos 0xc0, ttl 64, id 56930, offset 0, flags [DF], proto
TCP (6), length 40)
    10.72.1.1.179 > 10.72.1.2.37302: Flags [.], cksum 0x9d3b (correct), seq
211, ack 211, win 5840, length 0

Syslogs:

Jan 22 19:02:17 lanrouter daemon.debug bird: AS65001_2: Connecting to
10.72.1.1 from local address 0.0.0.0
Jan 22 19:02:17 lanrouter daemon.debug bird: AS65001_2: Connected
Jan 22 19:02:17 lanrouter daemon.debug bird: AS65001_2: Sending
OPEN(ver=4,as=65001,hold=240,id=0a480102)
Jan 22 19:02:17 lanrouter daemon.debug bird: AS65001_2: Got
OPEN(as=65001,hold=240,id=0a1810e1)
Jan 22 19:02:17 lanrouter daemon.debug bird: AS65001_2: Sending KEEPALIVE
Jan 22 19:02:17 lanrouter daemon.debug bird: AS65001_2: Got KEEPALIVE
Jan 22 19:02:17 lanrouter daemon.debug bird: AS65001_2: BGP session
established
Jan 22 19:02:17 lanrouter daemon.debug bird: AS65001_2: Connected to table
master
Jan 22 19:02:17 lanrouter daemon.debug bird: AS65001_2: State changed to
feed
Jan 22 19:02:17 lanrouter daemon.debug bird: AS65001_2 < filtered out
0.0.0.0/0 via 10.64.64.65 on ppp1
Jan 22 19:02:17 lanrouter daemon.debug bird: AS65001_2 < added 10.0.0.0/8
dev vpn-3b42d3c8
Jan 22 19:02:17 lanrouter daemon.debug bird: AS65001_2 < filtered out
10.73.10.0/24 dev eth0
Jan 22 19:02:17 lanrouter daemon.debug bird: AS65001_2 < filtered out
10.72.0.0/16 dev eth1
Jan 22 19:02:17 lanrouter daemon.debug bird: AS65001_2 < added 10.88.10.0/24
via 10.73.10.123 on eth0
Jan 22 19:02:17 lanrouter daemon.debug bird: AS65001_2 < filtered out
192.168.0.0/16 dev vpn-3b42d3c8
Jan 22 19:02:17 lanrouter daemon.debug bird: AS65001_2: Got UPDATE
Jan 22 19:02:17 lanrouter daemon.debug bird: AS65001_2 > removed [replaced]
10.0.0.0/8 via 10.72.1.1 on eth1
Jan 22 19:02:17 lanrouter daemon.debug bird: AS65001_2 < filtered out
10.0.0.0/8 dev vpn-3b42d3c8

# ip route list proto bird
10.99.10.0/24 via 10.72.1.1 dev eth1
# ip route list | grep 10.0.0.0
10.0.0.0/8 dev vpn-3b42d3c8  proto vpn  scope link  src 10.72.1.2  metric
20

Regards,

Mike

On Fri, Jan 16, 2015 at 1:44 PM, Mike C <smith.not.western@gmail.com> wrote:
...
Hi,
I'm using bird 1.4.5 with BGP and have a problem where routes seem to be
lost under my setup.
I find that if two BGP peers with the same routes are importing each
others routes, a third BGP peer someone ends up picking neither of their
routes after killing and restarting bird on one peer only.
The problem goes away if I configure these two peers to not import each
others routes - however that is not ideal as while both peers share some
common routes, they also have some unique routes which should be shared.
Apologies for the long email. The setup is:
10.72.1.1 - (AS 65001) - Primary Internet feed
10.72.1.2 - (AS 65002) - Secondary Internet feed
10.72.1.254 (AS 65003) - LAN Router (LAN is NAT'd, 192.168.18.0/24)
I have various VPNs connecting into both .1 and .2, so they have some
resilience to outages. The remote ends take care of route weighting so .1
is prioritised over .2 using static routes (no BGP or other routing
protocol etc). I want .254 to always have the best route to these VPNs.
* Each router has a BGP link to the others.
* .254 (65003) imports all routes exported by .1 (65001) and .2 (65002).
* .254 (65003) exports a single LAN route, 192.186.18.0/24 to .1 and .2
* .1 (65001) imports all routes exported by .2 and .254
* .1 (65001) exports all routes from the ipsec0 device or 'vpn' rt_protos
* .2 (65002) imports all routes exported by .1 and .254
* .2 (65002) exports all routes from the ipsec0 device or 'vpn' rt_protos
The routes exported by .1 & .2 have their bgp localpref offset based on
the linux metric of the static route being imported, so BGP knows .2's
routes are less important than .1's.
The 'vpn' rt_protos routes on .1 look like:
10.10.10.0/29 dev vpn-3b42d3c8  proto vpn  scope link  src 10.72.1.1
metric 15
192.168.3.0/24 dev vpn-3b42d3c8  proto vpn  scope link  src 10.72.1.1
metric 10
192.168.2.0/24 dev vpn-3b42d3c8  proto vpn  scope link  src 10.72.1.1
metric 10
192.168.254.0/24 dev vpn-3b42d3c8  proto vpn  scope link  src 10.72.1.1
metric 10
192.168.0.0/16 dev vpn-3b42d3c8  proto vpn  scope link  src 10.72.1.1
metric 10
172.16.0.0/12 dev vpn-3b42d3c8  proto vpn  scope link  src 10.72.1.1
metric 10
10.0.0.0/8 dev vpn-3b42d3c8  proto vpn  scope link  src 10.72.1.1  metric
10
The 'vpn' rt_protos routes on .2 look like:
192.168.3.0/24 dev vpn-3b42d3c8  proto vpn  scope link  src 10.72.1.2
metric 20
192.168.2.0/24 dev vpn-3b42d3c8  proto vpn  scope link  src 10.72.1.2
metric 20
192.168.254.0/24 dev vpn-3b42d3c8  proto vpn  scope link  src 10.72.1.2
metric 20
192.168.0.0/16 dev vpn-3b42d3c8  proto vpn  scope link  src 10.72.1.2
metric 20
172.16.0.0/12 dev vpn-3b42d3c8  proto vpn  scope link  src 10.72.1.2
metric 20
10.0.0.0/8 dev vpn-3b42d3c8  proto vpn  scope link  src 10.72.1.2  metric
20
When I kill & restart .2, .254 loses routing info to not just .2 but also
.1. I need .1 and .2 to be exchanging routes with each other, as there will
be some VPNs that will only terminate on .1 and some that will only
terminate on .2 and I want to be able to route traffic between them. E.g. A
remote endpoint on .2 should be able to access a non-common/unique remote
endpoint on .1. In this example, it's 10.10.10.0/29.
Below are my tests demonstrating
1. The problem when both peers are importing from each other
2. No problem when both peers aren't importing from each other
All logs are taken from .254 (AS 65003). The immediate cause of the
problem is the "rejected by protocol" messages here, although I do not know
why the protocol feels like it must reject routes.
Jan 16 13:02:44 lanrouter daemon.debug bird: AS65003_1 > removed
[replaced] 10.0.0.0/8 via 10.72.1.1 on eth0
Jan 16 13:02:44 lanrouter daemon.debug bird: AS65003_1 < filtered out
10.0.0.0/8 via 10.72.1.2 on eth0
Jan 16 13:02:44 lanrouter daemon.debug bird: AS65003_2 < rejected by
protocol 10.0.0.0/8 via 10.72.1.2 on eth0
Jan 16 13:02:44 lanrouter daemon.debug bird: AS65003_1 > removed
[replaced] 192.168.0.0/16 via 10.72.1.1 on eth0
Jan 16 13:02:44 lanrouter daemon.debug bird: AS65003_1 < filtered out
192.168.0.0/16 via 10.72.1.2 on eth0
Jan 16 13:02:44 lanrouter daemon.debug bird: AS65003_2 < rejected by
protocol 192.168.0.0/16 via 10.72.1.2 on eth0
Jan 16 13:02:44 lanrouter daemon.debug bird: AS65003_1 > removed
[replaced] 192.168.2.0/24 via 10.72.1.1 on eth0
Jan 16 13:02:44 lanrouter daemon.debug bird: AS65003_1 < filtered out
192.168.2.0/24 via 10.72.1.2 on eth0
Jan 16 13:02:44 lanrouter daemon.debug bird: AS65003_2 < rejected by
protocol 192.168.2.0/24 via 10.72.1.2 on eth0
Jan 16 13:02:44 lanrouter daemon.debug bird: AS65003_1 > removed
[replaced] 192.168.3.0/24 via 10.72.1.1 on eth0
Full tests:
#### #### #### Where .1 and .2 import each others routes ### ### ###
### Start bird
Jan 16 13:01:08 lanrouter daemon.debug bird: AS65003_1: Initializing
Jan 16 13:01:08 lanrouter daemon.debug bird: AS65003_2: Initializing
Jan 16 13:01:08 lanrouter daemon.info bird: Chosen router ID 10.72.1.254
according to interface eth0
Jan 16 13:01:08 lanrouter daemon.debug bird: AS65003_1: Starting
Jan 16 13:01:08 lanrouter daemon.debug bird: AS65003_1: State changed to
start
Jan 16 13:01:08 lanrouter daemon.debug bird: AS65003_2: Starting
Jan 16 13:01:08 lanrouter daemon.debug bird: AS65003_2: State changed to
start
Jan 16 13:01:08 lanrouter daemon.info bird: Started
Jan 16 13:01:08 lanrouter daemon.debug bird: AS65003_2: Started
Jan 16 13:01:08 lanrouter daemon.debug bird: AS65003_2: Connect delayed by
5 seconds
Jan 16 13:01:08 lanrouter daemon.debug bird: AS65003_1: Started
Jan 16 13:01:08 lanrouter daemon.debug bird: AS65003_1: Connect delayed by
5 seconds
Jan 16 13:01:12 lanrouter daemon.debug bird: AS65003_2: Incoming
connection from 10.72.1.2 (port 58289) accepted
Jan 16 13:01:12 lanrouter daemon.debug bird: AS65003_2: Sending
OPEN(ver=4,as=65003,hold=240,id=0a4801fe)
Jan 16 13:01:12 lanrouter daemon.debug bird: AS65003_1: Incoming
connection from 10.72.1.1 (port 58374) accepted
Jan 16 13:01:12 lanrouter daemon.debug bird: AS65003_2: Got
OPEN(as=65002,hold=240,id=0a480102)
Jan 16 13:01:12 lanrouter daemon.debug bird: AS65003_2: Got KEEPALIVE
Jan 16 13:01:12 lanrouter daemon.debug bird: AS65003_2: BGP session
established
Jan 16 13:01:12 lanrouter daemon.debug bird: AS65003_2: Connected to table
master
Jan 16 13:01:12 lanrouter daemon.debug bird: AS65003_2: State changed to
feed
Jan 16 13:01:12 lanrouter daemon.debug bird: AS65003_1: Sending
OPEN(ver=4,as=65003,hold=240,id=0a4801fe)
Jan 16 13:01:12 lanrouter daemon.debug bird: AS65003_2: Sending KEEPALIVE
Jan 16 13:01:12 lanrouter daemon.debug bird: AS65003_2 < filtered out
0.0.0.0/0 via 10.72.1.1 on eth0
Jan 16 13:01:12 lanrouter daemon.debug bird: AS65003_2: Got End-of-RIB
Jan 16 13:01:12 lanrouter daemon.debug bird: AS65003_1: Got
OPEN(as=65001,hold=240,id=027e8ddb)
Jan 16 13:01:12 lanrouter daemon.debug bird: AS65003_1: Got KEEPALIVE
Jan 16 13:01:12 lanrouter daemon.debug bird: AS65003_1: BGP session
established
Jan 16 13:01:12 lanrouter daemon.debug bird: AS65003_1: Connected to table
master
Jan 16 13:01:12 lanrouter daemon.debug bird: AS65003_1: State changed to
feed
Jan 16 13:01:12 lanrouter daemon.debug bird: AS65003_1: Sending KEEPALIVE
Jan 16 13:01:12 lanrouter daemon.debug bird: AS65003_1 < filtered out
0.0.0.0/0 via 10.72.1.1 on eth0
Jan 16 13:01:12 lanrouter daemon.debug bird: AS65003_1 < filtered out
10.0.0.0/8 via 10.72.1.2 on eth0
Jan 16 13:01:12 lanrouter daemon.debug bird: AS65003_1 < filtered out
10.72.1.0/24 dev eth0
Jan 16 13:01:12 lanrouter daemon.debug bird: AS65003_1 < filtered out
192.168.0.0/16 via 10.72.1.2 on eth0
Jan 16 13:01:12 lanrouter daemon.debug bird: AS65003_1 < filtered out
192.168.2.0/24 via 10.72.1.2 on eth0
Jan 16 13:01:12 lanrouter daemon.debug bird: AS65003_1 < filtered out
192.168.3.0/24 via 10.72.1.2 on eth0
Jan 16 13:01:12 lanrouter daemon.debug bird: AS65003_1 < added
192.168.18.0/24 dev breth1
Jan 16 13:01:12 lanrouter daemon.debug bird: AS65003_1 < filtered out
192.168.19.0/24 dev eth2
Jan 16 13:01:12 lanrouter daemon.debug bird: AS65003_2 < filtered out
172.16.0.0/12 via 10.72.1.1 on eth0
Jan 16 13:01:12 lanrouter daemon.debug bird: AS65003_1 < rejected by
protocol 172.16.0.0/12 via 10.72.1.1 on eth0
Jan 16 13:01:12 lanrouter daemon.debug bird: AS65003_1: Got UPDATE
Jan 16 13:01:12 lanrouter daemon.debug bird: AS65003_1: Got End-of-RIB
### .1 and .2 connected. bird knows about both. Correct linux routes
installed:
# ip route list proto bird
10.10.10.0/29 via 10.72.1.1 dev eth0
192.168.3.0/24 via 10.72.1.1 dev eth0
192.168.2.0/24 via 10.72.1.1 dev eth0
192.168.254.0/24 via 10.72.1.1 dev eth0
192.168.0.0/16 via 10.72.1.1 dev eth0
172.16.0.0/12 via 10.72.1.1 dev eth0
10.0.0.0/8 via 10.72.1.1 dev eth0
# birdcl show route all
BIRD 1.4.5 ready.
0.0.0.0/0          via 10.72.1.1 on eth0 [kernel1 13:01:09] * (10)
    Type: inherit unicast univ
    Kernel.source: 3
    Kernel.metric: 0
    Kernel.prefsrc: 10.72.1.254
10.0.0.0/8         via 10.72.1.1 on eth0 [AS65003_1 13:01:12] * (100)
[AS65001i]
    Type: BGP unicast univ
    BGP.origin: IGP
    BGP.as_path: 65001
    BGP.next_hop: 10.72.1.1
    BGP.local_pref: 100
                   via 10.72.1.2 on eth0 [AS65003_2 13:01:12] (100)
[AS65002i]
    Type: BGP unicast univ
    BGP.origin: IGP
    BGP.as_path: 65002
    BGP.next_hop: 10.72.1.2
    BGP.local_pref: 100
10.10.10.0/29      via 10.72.1.1 on eth0 [AS65003_1 13:01:12] * (100)
[AS65001i]
    Type: BGP unicast univ
    BGP.origin: IGP
    BGP.as_path: 65001
    BGP.next_hop: 10.72.1.1
    BGP.local_pref: 100
10.72.1.0/24       dev eth0 [kernel1 13:01:09] * (10)
    Type: inherit unicast univ
    Kernel.source: 3
    Kernel.metric: 0
    Kernel.prefsrc: 10.72.1.254
192.168.0.0/16     via 10.72.1.1 on eth0 [AS65003_1 13:01:12] * (100)
[AS65001i]
    Type: BGP unicast univ
    BGP.origin: IGP
    BGP.as_path: 65001
    BGP.next_hop: 10.72.1.1
    BGP.local_pref: 100
                   via 10.72.1.2 on eth0 [AS65003_2 13:01:12] (100)
[AS65002i]
    Type: BGP unicast univ
    BGP.origin: IGP
    BGP.as_path: 65002
    BGP.next_hop: 10.72.1.2
    BGP.local_pref: 100
192.168.2.0/24     via 10.72.1.1 on eth0 [AS65003_1 13:01:12] * (100)
[AS65001i]
    Type: BGP unicast univ
    BGP.origin: IGP
    BGP.as_path: 65001
    BGP.next_hop: 10.72.1.1
    BGP.local_pref: 100
                   via 10.72.1.2 on eth0 [AS65003_2 13:01:12] (100)
[AS65002i]
    Type: BGP unicast univ
    BGP.origin: IGP
    BGP.as_path: 65002
    BGP.next_hop: 10.72.1.2
    BGP.local_pref: 100
192.168.3.0/24     via 10.72.1.1 on eth0 [AS65003_1 13:01:12] * (100)
[AS65001i]
    Type: BGP unicast univ
    BGP.origin: IGP
    BGP.as_path: 65001
    BGP.next_hop: 10.72.1.1
    BGP.local_pref: 100
                   via 10.72.1.2 on eth0 [AS65003_2 13:01:12] (100)
[AS65002i]
    Type: BGP unicast univ
    BGP.origin: IGP
    BGP.as_path: 65002
    BGP.next_hop: 10.72.1.2
    BGP.local_pref: 100
192.168.18.0/24    dev breth1 [kernel1 13:01:09] * (10)
    Type: inherit unicast univ
    Kernel.source: 3
    Kernel.metric: 0
    Kernel.prefsrc: 192.168.18.253
192.168.19.0/24    dev eth2 [kernel1 13:01:09] * (10)
    Type: inherit unicast univ
    Kernel.source: 3
    Kernel.metric: 0
    Kernel.prefsrc: 192.168.19.253
192.168.254.0/24   via 10.72.1.1 on eth0 [AS65003_1 13:01:12] * (100)
[AS65001i]
    Type: BGP unicast univ
    BGP.origin: IGP
    BGP.as_path: 65001
    BGP.next_hop: 10.72.1.1
    BGP.local_pref: 100
                   via 10.72.1.2 on eth0 [AS65003_2 13:01:12] (100)
[AS65002i]
    Type: BGP unicast univ
    BGP.origin: IGP
    BGP.as_path: 65002
    BGP.next_hop: 10.72.1.2
    BGP.local_pref: 100
172.16.0.0/12      via 10.72.1.1 on eth0 [AS65003_1 13:01:12] * (100)
[AS65001i]
    Type: BGP unicast univ
    BGP.origin: IGP
    BGP.as_path: 65001
    BGP.next_hop: 10.72.1.1
    BGP.local_pref: 100
                   via 10.72.1.2 on eth0 [AS65003_2 13:01:12] (100)
[AS65002i]
    Type: BGP unicast univ
    BGP.origin: IGP
    BGP.as_path: 65002
    BGP.next_hop: 10.72.1.2
    BGP.local_pref: 100
Jan 16 13:02:15 lanrouter daemon.debug bird: AS65003_1: Sending KEEPALIVE
Jan 16 13:02:18 lanrouter daemon.debug bird: AS65003_2: Got KEEPALIVE
Jan 16 13:02:22 lanrouter daemon.debug bird: AS65003_1: Got KEEPALIVE
Jan 16 13:02:27 lanrouter daemon.debug bird: AS65003_2: Sending KEEPALIVE
### I kill -9 bird on .2
Jan 16 13:02:38 lanrouter daemon.err bird: AS65003_2: Received:
Administrative shutdown
Jan 16 13:02:38 lanrouter daemon.debug bird: AS65003_2: BGP session closed
Jan 16 13:02:38 lanrouter daemon.debug bird: AS65003_2: State changed to
stop
Jan 16 13:02:38 lanrouter daemon.debug bird: AS65003_2 > removed
10.0.0.0/8 via 10.72.1.2 on eth0
Jan 16 13:02:38 lanrouter daemon.debug bird: AS65003_2 > removed
192.168.0.0/16 via 10.72.1.2 on eth0
Jan 16 13:02:38 lanrouter daemon.debug bird: AS65003_2 > removed
192.168.2.0/24 via 10.72.1.2 on eth0
Jan 16 13:02:38 lanrouter daemon.debug bird: AS65003_2 > removed
192.168.3.0/24 via 10.72.1.2 on eth0
Jan 16 13:02:38 lanrouter daemon.debug bird: AS65003_2 > removed
192.168.254.0/24 via 10.72.1.2 on eth0
Jan 16 13:02:38 lanrouter daemon.debug bird: AS65003_2 > removed
172.16.0.0/12 via 10.72.1.2 on eth0
Jan 16 13:02:38 lanrouter daemon.debug bird: AS65003_2: Down
Jan 16 13:02:38 lanrouter daemon.debug bird: AS65003_2: State changed to
down
### bird internally still knows about the routes on .1
# birdcl show route all
BIRD 1.4.5 ready.
0.0.0.0/0          via 10.72.1.1 on eth0 [kernel1 13:01:08] * (10)
    Type: inherit unicast univ
    Kernel.source: 3
    Kernel.metric: 0
    Kernel.prefsrc: 10.72.1.254
10.0.0.0/8         via 10.72.1.1 on eth0 [AS65003_1 13:01:11] * (100)
[AS65001i]
    Type: BGP unicast univ
    BGP.origin: IGP
    BGP.as_path: 65001
    BGP.next_hop: 10.72.1.1
    BGP.local_pref: 100
10.10.10.0/29      via 10.72.1.1 on eth0 [AS65003_1 13:01:11] * (100)
[AS65001i]
    Type: BGP unicast univ
    BGP.origin: IGP
    BGP.as_path: 65001
    BGP.next_hop: 10.72.1.1
    BGP.local_pref: 100
10.72.1.0/24       dev eth0 [kernel1 13:01:08] * (10)
    Type: inherit unicast univ
    Kernel.source: 3
    Kernel.metric: 0
    Kernel.prefsrc: 10.72.1.254
192.168.0.0/16     via 10.72.1.1 on eth0 [AS65003_1 13:01:11] * (100)
[AS65001i]
    Type: BGP unicast univ
    BGP.origin: IGP
    BGP.as_path: 65001
    BGP.next_hop: 10.72.1.1
    BGP.local_pref: 100
192.168.2.0/24     via 10.72.1.1 on eth0 [AS65003_1 13:01:11] * (100)
[AS65001i]
    Type: BGP unicast univ
    BGP.origin: IGP
    BGP.as_path: 65001
    BGP.next_hop: 10.72.1.1
    BGP.local_pref: 100
192.168.3.0/24     via 10.72.1.1 on eth0 [AS65003_1 13:01:11] * (100)
[AS65001i]
    Type: BGP unicast univ
    BGP.origin: IGP
    BGP.as_path: 65001
    BGP.next_hop: 10.72.1.1
    BGP.local_pref: 100
192.168.18.0/24    dev breth1 [kernel1 13:01:08] * (10)
    Type: inherit unicast univ
    Kernel.source: 3
    Kernel.metric: 0
    Kernel.prefsrc: 192.168.18.253
192.168.19.0/24    dev eth2 [kernel1 13:01:08] * (10)
    Type: inherit unicast univ
    Kernel.source: 3
    Kernel.metric: 0
    Kernel.prefsrc: 192.168.19.253
192.168.254.0/24   via 10.72.1.1 on eth0 [AS65003_1 13:01:11] * (100)
[AS65001i]
    Type: BGP unicast univ
    BGP.origin: IGP
    BGP.as_path: 65001
    BGP.next_hop: 10.72.1.1
    BGP.local_pref: 100
172.16.0.0/12      via 10.72.1.1 on eth0 [AS65003_1 13:01:11] * (100)
[AS65001i]
    Type: BGP unicast univ
    BGP.origin: IGP
    BGP.as_path: 65001
    BGP.next_hop: 10.72.1.1
    BGP.local_pref: 100
### I restart bird on .2
Jan 16 13:02:42 lanrouter daemon.debug bird: AS65003_2: Connecting to
10.72.1.2 from local address 10.72.1.254
Jan 16 13:02:42 lanrouter daemon.debug bird: AS65003_2: Connected
Jan 16 13:02:42 lanrouter daemon.debug bird: AS65003_2: Sending
OPEN(ver=4,as=65003,hold=240,id=0a4801fe)
Jan 16 13:02:42 lanrouter daemon.debug bird: AS65003_2: Got
OPEN(as=65002,hold=240,id=0a480102)
Jan 16 13:02:42 lanrouter daemon.debug bird: AS65003_2: Sending KEEPALIVE
Jan 16 13:02:42 lanrouter daemon.debug bird: AS65003_2: Got KEEPALIVE
Jan 16 13:02:42 lanrouter daemon.debug bird: AS65003_2: BGP session
established
Jan 16 13:02:42 lanrouter daemon.debug bird: AS65003_2: Connected to table
master
Jan 16 13:02:42 lanrouter daemon.debug bird: AS65003_2: State changed to
feed
Jan 16 13:02:42 lanrouter daemon.debug bird: AS65003_2 < filtered out
0.0.0.0/0 via 10.72.1.1 on eth0
Jan 16 13:02:42 lanrouter daemon.debug bird: AS65003_2 < filtered out
10.0.0.0/8 via 10.72.1.1 on eth0
Jan 16 13:02:42 lanrouter daemon.debug bird: AS65003_2 < filtered out
10.10.10.0/29 via 10.72.1.1 on eth0
Jan 16 13:02:43 lanrouter daemon.debug bird: AS65003_2: Got UPDATE
Jan 16 13:02:43 lanrouter daemon.debug bird: AS65003_2 > added 10.0.0.0/8
via 10.72.1.2 on eth0
Jan 16 13:02:43 lanrouter daemon.debug bird: AS65003_2 > added
192.168.0.0/16 via 10.72.1.2 on eth0
Jan 16 13:02:43 lanrouter daemon.debug bird: AS65003_2 > added
192.168.2.0/24 via 10.72.1.2 on eth0
Jan 16 13:02:43 lanrouter daemon.debug bird: AS65003_2 > added
192.168.3.0/24 via 10.72.1.2 on eth0
Jan 16 13:02:43 lanrouter daemon.debug bird: AS65003_2 > added
192.168.254.0/24 via 10.72.1.2 on eth0
Jan 16 13:02:43 lanrouter daemon.debug bird: AS65003_2 > added
172.16.0.0/12 via 10.72.1.2 on eth0
Jan 16 13:02:43 lanrouter daemon.debug bird: AS65003_2: Got UPDATE
Jan 16 13:02:43 lanrouter daemon.debug bird: AS65003_2: Got End-of-RIB
Jan 16 13:02:44 lanrouter daemon.debug bird: AS65003_1: Got UPDATE
Jan 16 13:02:44 lanrouter daemon.debug bird: AS65003_1 > removed
[replaced] 10.0.0.0/8 via 10.72.1.1 on eth0
Jan 16 13:02:44 lanrouter daemon.debug bird: AS65003_1 < filtered out
10.0.0.0/8 via 10.72.1.2 on eth0
Jan 16 13:02:44 lanrouter daemon.debug bird: AS65003_2 < rejected by
protocol 10.0.0.0/8 via 10.72.1.2 on eth0
Jan 16 13:02:44 lanrouter daemon.debug bird: AS65003_1 > removed
[replaced] 192.168.0.0/16 via 10.72.1.1 on eth0
Jan 16 13:02:44 lanrouter daemon.debug bird: AS65003_1 < filtered out
192.168.0.0/16 via 10.72.1.2 on eth0
Jan 16 13:02:44 lanrouter daemon.debug bird: AS65003_2 < rejected by
protocol 192.168.0.0/16 via 10.72.1.2 on eth0
Jan 16 13:02:44 lanrouter daemon.debug bird: AS65003_1 > removed
[replaced] 192.168.2.0/24 via 10.72.1.1 on eth0
Jan 16 13:02:44 lanrouter daemon.debug bird: AS65003_1 < filtered out
192.168.2.0/24 via 10.72.1.2 on eth0
Jan 16 13:02:44 lanrouter daemon.debug bird: AS65003_2 < rejected by
protocol 192.168.2.0/24 via 10.72.1.2 on eth0
Jan 16 13:02:44 lanrouter daemon.debug bird: AS65003_1 > removed
[replaced] 192.168.3.0/24 via 10.72.1.1 on eth0
### Bird internally now lost all routes it used to know about on .1, and
hasn’t picked up any routes from .2
### Except for the one route that .1 & .2 don’t have in common (
10.10.10.0/29).
# birdcl show route all
BIRD 1.4.5 ready.
0.0.0.0/0          via 10.72.1.1 on eth0 [kernel1 13:01:09] * (10)
    Type: inherit unicast univ
    Kernel.source: 3
    Kernel.metric: 0
    Kernel.prefsrc: 10.72.1.254
10.10.10.0/29      via 10.72.1.1 on eth0 [AS65003_1 13:01:12] * (100)
[AS65001i]
    Type: BGP unicast univ
    BGP.origin: IGP
    BGP.as_path: 65001
    BGP.next_hop: 10.72.1.1
    BGP.local_pref: 100
10.72.1.0/24       dev eth0 [kernel1 13:01:09] * (10)
    Type: inherit unicast univ
    Kernel.source: 3
    Kernel.metric: 0
    Kernel.prefsrc: 10.72.1.254
192.168.18.0/24    dev breth1 [kernel1 13:01:09] * (10)
    Type: inherit unicast univ
    Kernel.source: 3
    Kernel.metric: 0
    Kernel.prefsrc: 192.168.18.253
192.168.19.0/24    dev eth2 [kernel1 13:01:09] * (10)
    Type: inherit unicast univ
    Kernel.source: 3
    Kernel.metric: 0
    Kernel.prefsrc: 192.168.19.253
# ip route list proto bird
10.10.10.0/29 via 10.72.1.1 dev eth0
### Config on .1 (AS 65001):
filter kernel_import1 {
    accept;
}
filter kernel_export1 {
    accept;
}
filter export_AS65001_1 {
    if ifname ~ "ipsec0" then {
        bgp_local_pref=1000-krt_metric;
        accept;
    }
    if krt_source = ipp_vpn then {
        bgp_local_pref=1000-krt_metric;
        accept;
    }
    reject;
}
filter export_AS65001_2 {
    if ifname ~ "ipsec0" then {
        bgp_local_pref=1000-krt_metric;
        accept;
    }
    if krt_source = ipp_vpn then {
        bgp_local_pref=1000-krt_metric;
        accept;
    }
    reject;
}
protocol kernel kernel1 {
    persist;
    scan time 20;
    export filter kernel_export1;
    import filter kernel_import1;
    learn;
}
protocol device device1 {
    scan time 10;
}
protocol bgp AS65001_1 {
    local as 65001;
    neighbor 10.72.1.254 as 65003;
    import all;
    export filter export_AS65001_1;
}
protocol bgp AS65001_2 {
    local as 65001;
    neighbor 10.72.1.2 as 65002;
    import all;
    export filter export_AS65001_2;
}
### Config on .2 (AS 65002):
filter kernel_import1 {
    accept;
}
filter kernel_export1 {
    accept;
}
filter export_AS65002_1 {
    if ifname ~ "ipsec0" then {
        bgp_local_pref=1000-krt_metric;
        accept;
    }
    if krt_source = ipp_vpn then {
        bgp_local_pref=1000-krt_metric;
        accept;
    }
    reject;
}
filter export_AS65002_2 {
    if ifname ~ "ipsec0" then {
        bgp_local_pref=1000-krt_metric;
        accept;
    }
    if krt_source = ipp_vpn then {
        bgp_local_pref=1000-krt_metric;
        accept;
    }
    reject;
}
protocol kernel kernel1 {
    persist;
    scan time 20;
    export filter kernel_export1;
    import filter kernel_import1;
    learn;
}
protocol device device1 {
    scan time 10;
}
protocol bgp AS65002_1 {
    local as 65002;
    neighbor 10.72.1.254 as 65003;
    import all;
    export filter export_AS65002_1;
}
protocol bgp AS65002_2 {
    local as 65002;
    neighbor 10.72.1.1 as 65001;
    import all;
    export filter export_AS65002_2;
}
### Config on .254 (AS 65003):
filter kernel_import1 {
    accept;
}
filter kernel_export1 {
    accept;
}
filter lans {
    if ifname ~ "breth1" then {
        accept;
    }
    reject;
}
protocol kernel kernel1 {
    persist;
    scan time 20;
    export filter kernel_export1;
    import filter kernel_import1;
    learn;
}
protocol device device1 {
    scan time 10;
}
protocol bgp AS65003_1 {
    debug all;
    local as 65003;
    neighbor 10.72.1.1 as 65001;
    import all;
    export filter lans;
}
protocol bgp AS65003_2 {
    debug all;
    local as 65003;
    neighbor 10.72.1.2 as 65002;
    import all;
    export filter lans;
}
#### #### #### Where .1 and .2 do not import each others routes ### ### ###
### Start bird
Jan 16 13:11:40 lanrouter daemon.debug bird: AS65003_1: Initializing
Jan 16 13:11:40 lanrouter daemon.debug bird: AS65003_2: Initializing
Jan 16 13:11:40 lanrouter daemon.info bird: Chosen router ID 10.72.1.254
according to interface eth0
Jan 16 13:11:40 lanrouter daemon.debug bird: AS65003_1: Starting
Jan 16 13:11:40 lanrouter daemon.debug bird: AS65003_1: State changed to
start
Jan 16 13:11:40 lanrouter daemon.debug bird: AS65003_2: Starting
Jan 16 13:11:40 lanrouter daemon.debug bird: AS65003_2: State changed to
start
Jan 16 13:11:40 lanrouter daemon.info bird: Started
Jan 16 13:11:40 lanrouter daemon.debug bird: AS65003_2: Started
Jan 16 13:11:40 lanrouter daemon.debug bird: AS65003_2: Connect delayed by
5 seconds
Jan 16 13:11:40 lanrouter daemon.debug bird: AS65003_1: Started
Jan 16 13:11:40 lanrouter daemon.debug bird: AS65003_1: Connect delayed by
5 seconds
Jan 16 13:11:42 lanrouter daemon.debug bird: AS65003_2: Incoming
connection from 10.72.1.2 (port 41464) accepted
Jan 16 13:11:42 lanrouter daemon.debug bird: AS65003_2: Sending
OPEN(ver=4,as=65003,hold=240,id=0a4801fe)
Jan 16 13:11:42 lanrouter daemon.debug bird: AS65003_2: Got
OPEN(as=65002,hold=240,id=0a480102)
Jan 16 13:11:42 lanrouter daemon.debug bird: AS65003_2: Sending KEEPALIVE
Jan 16 13:11:42 lanrouter daemon.debug bird: AS65003_2: Got KEEPALIVE
Jan 16 13:11:42 lanrouter daemon.debug bird: AS65003_2: BGP session
established
Jan 16 13:11:42 lanrouter daemon.debug bird: AS65003_2: Connected to table
master
Jan 16 13:11:42 lanrouter daemon.debug bird: AS65003_2: State changed to
feed
Jan 16 13:11:42 lanrouter daemon.debug bird: AS65003_2 < filtered out
0.0.0.0/0 via 10.72.1.1 on eth0
Jan 16 13:11:42 lanrouter daemon.debug bird: AS65003_2 < filtered out
10.72.1.0/24 dev eth0
Jan 16 13:11:42 lanrouter daemon.debug bird: AS65003_2 < added
192.168.18.0/24 dev breth1
Jan 16 13:11:44 lanrouter daemon.debug bird: AS65003_1: Incoming
connection from 10.72.1.1 (port 44841) accepted
Jan 16 13:11:44 lanrouter daemon.debug bird: AS65003_1: Sending
OPEN(ver=4,as=65003,hold=240,id=0a4801fe)
Jan 16 13:11:44 lanrouter daemon.debug bird: AS65003_1: Got
OPEN(as=65001,hold=240,id=027e8ddb)
Jan 16 13:11:44 lanrouter daemon.debug bird: AS65003_1: Sending KEEPALIVE
Jan 16 13:11:44 lanrouter daemon.debug bird: AS65003_1: Got KEEPALIVE
Jan 16 13:11:44 lanrouter daemon.debug bird: AS65003_1: BGP session
established
Jan 16 13:11:44 lanrouter daemon.debug bird: AS65003_1: Connected to table
master
Jan 16 13:11:44 lanrouter daemon.debug bird: AS65003_1: State changed to
feed
Jan 16 13:11:44 lanrouter daemon.debug bird: AS65003_1 < filtered out
0.0.0.0/0 via 10.72.1.1 on eth0
Jan 16 13:11:44 lanrouter daemon.debug bird: AS65003_1 < filtered out
10.0.0.0/8 via 10.72.1.2 on eth0
Jan 16 13:11:44 lanrouter daemon.debug bird: AS65003_1 < filtered out
10.72.1.0/24 dev eth0
Jan 16 13:11:44 lanrouter daemon.debug bird: AS65003_1 < filtered out
192.168.0.0/16 via 10.72.1.2 on eth0
Jan 16 13:11:44 lanrouter daemon.debug bird: AS65003_1 < filtered out
192.168.2.0/24 via 10.72.1.2 on eth0
Jan 16 13:11:44 lanrouter daemon.debug bird: AS65003_1 < filtered out
192.168.3.0/24 via 10.72.1.2 on eth0
Jan 16 13:11:44 lanrouter daemon.debug bird: AS65003_1 < added
192.168.18.0/24 dev breth1
Jan 16 13:11:44 lanrouter daemon.debug bird: AS65003_1 < filtered out
192.168.19.0/24 dev eth2
Jan 16 13:11:44 lanrouter daemon.debug bird: AS65003_1 < filtered out
192.168.254.0/24 via 10.72.1.2 on eth0
Jan 16 13:11:44 lanrouter daemon.debug bird: AS65003_1 < filtered out
172.16.0.0/12 via 10.72.1.2 on eth0
Jan 16 13:11:44 lanrouter daemon.debug bird: AS65003_1: State changed to up
Jan 16 13:11:44 lanrouter daemon.debug bird: AS65003_1: Sending UPDATE
Jan 16 13:11:44 lanrouter daemon.debug bird: AS65003_1: Sending End-of-RIB
Jan 16 13:11:44 lanrouter daemon.debug bird: AS65003_1: Got UPDATE
### .1 and .2 connected. bird knows about both. Correct linux routes
installed:
# ip route list proto bird
10.10.10.0/29 via 10.72.1.1 dev eth0
192.168.3.0/24 via 10.72.1.1 dev eth0
192.168.2.0/24 via 10.72.1.1 dev eth0
192.168.254.0/24 via 10.72.1.1 dev eth0
192.168.0.0/16 via 10.72.1.1 dev eth0
172.16.0.0/12 via 10.72.1.1 dev eth0
10.0.0.0/8 via 10.72.1.1 dev eth0
# birdcl show route all
BIRD 1.4.5 ready.
0.0.0.0/0          via 10.72.1.1 on eth0 [kernel1 13:11:40] * (10)
    Type: inherit unicast univ
    Kernel.source: 3
    Kernel.metric: 0
    Kernel.prefsrc: 10.72.1.254
10.0.0.0/8         via 10.72.1.1 on eth0 [AS65003_1 13:11:44] * (100)
[AS65001i]
    Type: BGP unicast univ
    BGP.origin: IGP
    BGP.as_path: 65001
    BGP.next_hop: 10.72.1.1
    BGP.local_pref: 100
                   via 10.72.1.2 on eth0 [AS65003_2 13:11:42] (100)
[AS65002i]
    Type: BGP unicast univ
    BGP.origin: IGP
    BGP.as_path: 65002
    BGP.next_hop: 10.72.1.2
    BGP.local_pref: 100
10.10.10.0/29      via 10.72.1.1 on eth0 [AS65003_1 13:11:44] * (100)
[AS65001i]
    Type: BGP unicast univ
    BGP.origin: IGP
    BGP.as_path: 65001
    BGP.next_hop: 10.72.1.1
    BGP.local_pref: 100
10.72.1.0/24       dev eth0 [kernel1 13:11:40] * (10)
    Type: inherit unicast univ
    Kernel.source: 3
    Kernel.metric: 0
    Kernel.prefsrc: 10.72.1.254
192.168.0.0/16     via 10.72.1.1 on eth0 [AS65003_1 13:11:44] * (100)
[AS65001i]
    Type: BGP unicast univ
    BGP.origin: IGP
    BGP.as_path: 65001
    BGP.next_hop: 10.72.1.1
    BGP.local_pref: 100
                   via 10.72.1.2 on eth0 [AS65003_2 13:11:42] (100)
[AS65002i]
    Type: BGP unicast univ
    BGP.origin: IGP
    BGP.as_path: 65002
    BGP.next_hop: 10.72.1.2
    BGP.local_pref: 100
192.168.2.0/24     via 10.72.1.1 on eth0 [AS65003_1 13:11:44] * (100)
[AS65001i]
    Type: BGP unicast univ
    BGP.origin: IGP
    BGP.as_path: 65001
    BGP.next_hop: 10.72.1.1
    BGP.local_pref: 100
                   via 10.72.1.2 on eth0 [AS65003_2 13:11:42] (100)
[AS65002i]
    Type: BGP unicast univ
    BGP.origin: IGP
    BGP.as_path: 65002
    BGP.next_hop: 10.72.1.2
    BGP.local_pref: 100
192.168.3.0/24     via 10.72.1.1 on eth0 [AS65003_1 13:11:44] * (100)
[AS65001i]
    Type: BGP unicast univ
    BGP.origin: IGP
    BGP.as_path: 65001
    BGP.next_hop: 10.72.1.1
    BGP.local_pref: 100
                   via 10.72.1.2 on eth0 [AS65003_2 13:11:42] (100)
[AS65002i]
    Type: BGP unicast univ
    BGP.origin: IGP
    BGP.as_path: 65002
    BGP.next_hop: 10.72.1.2
    BGP.local_pref: 100
192.168.18.0/24    dev breth1 [kernel1 13:11:40] * (10)
    Type: inherit unicast univ
    Kernel.source: 3
    Kernel.metric: 0
    Kernel.prefsrc: 192.168.18.253
192.168.19.0/24    dev eth2 [kernel1 13:11:40] * (10)
    Type: inherit unicast univ
    Kernel.source: 3
    Kernel.metric: 0
    Kernel.prefsrc: 192.168.19.253
192.168.254.0/24   via 10.72.1.1 on eth0 [AS65003_1 13:11:44] * (100)
[AS65001i]
    Type: BGP unicast univ
    BGP.origin: IGP
    BGP.as_path: 65001
    BGP.next_hop: 10.72.1.1
    BGP.local_pref: 100
                   via 10.72.1.2 on eth0 [AS65003_2 13:11:42] (100)
[AS65002i]
    Type: BGP unicast univ
    BGP.origin: IGP
    BGP.as_path: 65002
    BGP.next_hop: 10.72.1.2
    BGP.local_pref: 100
172.16.0.0/12      via 10.72.1.1 on eth0 [AS65003_1 13:11:44] * (100)
[AS65001i]
    Type: BGP unicast univ
    BGP.origin: IGP
    BGP.as_path: 65001
    BGP.next_hop: 10.72.1.1
    BGP.local_pref: 100
                   via 10.72.1.2 on eth0 [AS65003_2 13:11:42] (100)
[AS65002i]
    Type: BGP unicast univ
    BGP.origin: IGP
    BGP.as_path: 65002
    BGP.next_hop: 10.72.1.2
    BGP.local_pref: 100
Jan 16 13:12:44 lanrouter daemon.debug bird: AS65003_2: Got KEEPALIVE
Jan 16 13:12:49 lanrouter daemon.debug bird: AS65003_2: Sending KEEPALIVE
Jan 16 13:12:49 lanrouter daemon.debug bird: AS65003_1: Sending KEEPALIVE
Jan 16 13:12:50 lanrouter daemon.debug bird: AS65003_1: Got KEEPALIVE
### I kill -9 bird on .2
Jan 16 13:13:06 lanrouter daemon.debug bird: AS65003_2: Connection closed
Jan 16 13:13:06 lanrouter daemon.debug bird: AS65003_2: BGP session closed
Jan 16 13:13:06 lanrouter daemon.debug bird: AS65003_2: State changed to
stop
Jan 16 13:13:06 lanrouter daemon.debug bird: AS65003_2 > removed
10.0.0.0/8 via 10.72.1.2 on eth0
Jan 16 13:13:06 lanrouter daemon.debug bird: AS65003_2 > removed
192.168.0.0/16 via 10.72.1.2 on eth0
Jan 16 13:13:06 lanrouter daemon.debug bird: AS65003_2 > removed
192.168.2.0/24 via 10.72.1.2 on eth0
Jan 16 13:13:06 lanrouter daemon.debug bird: AS65003_2 > removed
192.168.3.0/24 via 10.72.1.2 on eth0
Jan 16 13:13:06 lanrouter daemon.debug bird: AS65003_2 > removed
192.168.254.0/24 via 10.72.1.2 on eth0
Jan 16 13:13:06 lanrouter daemon.debug bird: AS65003_2 > removed
172.16.0.0/12 via 10.72.1.2 on eth0
Jan 16 13:13:06 lanrouter daemon.debug bird: AS65003_2: Down
Jan 16 13:13:06 lanrouter daemon.debug bird: AS65003_2: State changed to
down
### bird internally still knows about the routes on .1
# birdcl show route all
BIRD 1.4.5 ready.
0.0.0.0/0          via 10.72.1.1 on eth0 [kernel1 13:11:40] * (10)
    Type: inherit unicast univ
    Kernel.source: 3
    Kernel.metric: 0
    Kernel.prefsrc: 10.72.1.254
10.0.0.0/8         via 10.72.1.1 on eth0 [AS65003_1 13:11:44] * (100)
[AS65001i]
    Type: BGP unicast univ
    BGP.origin: IGP
    BGP.as_path: 65001
    BGP.next_hop: 10.72.1.1
    BGP.local_pref: 100
10.10.10.0/29      via 10.72.1.1 on eth0 [AS65003_1 13:11:44] * (100)
[AS65001i]
    Type: BGP unicast univ
    BGP.origin: IGP
    BGP.as_path: 65001
    BGP.next_hop: 10.72.1.1
    BGP.local_pref: 100
10.72.1.0/24       dev eth0 [kernel1 13:11:40] * (10)
    Type: inherit unicast univ
    Kernel.source: 3
    Kernel.metric: 0
    Kernel.prefsrc: 10.72.1.254
192.168.0.0/16     via 10.72.1.1 on eth0 [AS65003_1 13:11:44] * (100)
[AS65001i]
    Type: BGP unicast univ
    BGP.origin: IGP
    BGP.as_path: 65001
    BGP.next_hop: 10.72.1.1
    BGP.local_pref: 100
192.168.2.0/24     via 10.72.1.1 on eth0 [AS65003_1 13:11:44] * (100)
[AS65001i]
    Type: BGP unicast univ
    BGP.origin: IGP
    BGP.as_path: 65001
    BGP.next_hop: 10.72.1.1
    BGP.local_pref: 100
192.168.3.0/24     via 10.72.1.1 on eth0 [AS65003_1 13:11:44] * (100)
[AS65001i]
    Type: BGP unicast univ
    BGP.origin: IGP
    BGP.as_path: 65001
    BGP.next_hop: 10.72.1.1
    BGP.local_pref: 100
192.168.18.0/24    dev breth1 [kernel1 13:11:40] * (10)
    Type: inherit unicast univ
    Kernel.source: 3
    Kernel.metric: 0
    Kernel.prefsrc: 192.168.18.253
192.168.19.0/24    dev eth2 [kernel1 13:11:40] * (10)
    Type: inherit unicast univ
    Kernel.source: 3
    Kernel.metric: 0
    Kernel.prefsrc: 192.168.19.253
192.168.254.0/24   via 10.72.1.1 on eth0 [AS65003_1 13:11:44] * (100)
[AS65001i]
    Type: BGP unicast univ
    BGP.origin: IGP
    BGP.as_path: 65001
    BGP.next_hop: 10.72.1.1
    BGP.local_pref: 100
172.16.0.0/12      via 10.72.1.1 on eth0 [AS65003_1 13:11:44] * (100)
[AS65001i]
    Type: BGP unicast univ
    BGP.origin: IGP
    BGP.as_path: 65001
    BGP.next_hop: 10.72.1.1
    BGP.local_pref: 100
### I restart bird on .2
Jan 16 13:13:31 lanrouter daemon.debug bird: AS65003_2: Connecting to
10.72.1.2 from local address 10.72.1.254
Jan 16 13:13:31 lanrouter daemon.debug bird: AS65003_2: Connected
Jan 16 13:13:31 lanrouter daemon.debug bird: AS65003_2: Sending
OPEN(ver=4,as=65003,hold=240,id=0a4801fe)
Jan 16 13:13:31 lanrouter daemon.debug bird: AS65003_2: Got
OPEN(as=65002,hold=240,id=0a480102)
Jan 16 13:13:31 lanrouter daemon.debug bird: AS65003_2: Sending KEEPALIVE
Jan 16 13:13:31 lanrouter daemon.debug bird: AS65003_2: Got KEEPALIVE
Jan 16 13:13:31 lanrouter daemon.debug bird: AS65003_2: BGP session
established
Jan 16 13:13:31 lanrouter daemon.debug bird: AS65003_2: Connected to table
master
Jan 16 13:13:31 lanrouter daemon.debug bird: AS65003_2: State changed to
feed
Jan 16 13:13:31 lanrouter daemon.debug bird: AS65003_2 < filtered out
0.0.0.0/0 via 10.72.1.1 on eth0
Jan 16 13:13:31 lanrouter daemon.debug bird: AS65003_2 < filtered out
10.0.0.0/8 via 10.72.1.1 on eth0
Jan 16 13:13:31 lanrouter daemon.debug bird: AS65003_2 < filtered out
10.10.10.0/29 via 10.72.1.1 on eth0
### Bird internally now lost all routes it used to know about on .1, and
hasn’t picked up any routes from .2
### Except for the one route that .1 & .2 don’t have in common (
10.10.10.0/29).
# birdcl show route all
BIRD 1.4.5 ready.
0.0.0.0/0          via 10.72.1.1 on eth0 [kernel1 13:11:40] * (10)
    Type: inherit unicast univ
    Kernel.source: 3
    Kernel.metric: 0
    Kernel.prefsrc: 10.72.1.254
10.0.0.0/8         via 10.72.1.1 on eth0 [AS65003_1 13:11:44] * (100)
[AS65001i]
    Type: BGP unicast univ
    BGP.origin: IGP
    BGP.as_path: 65001
    BGP.next_hop: 10.72.1.1
    BGP.local_pref: 100
                   via 10.72.1.2 on eth0 [AS65003_2 13:13:31] (100)
[AS65002i]
    Type: BGP unicast univ
    BGP.origin: IGP
    BGP.as_path: 65002
    BGP.next_hop: 10.72.1.2
    BGP.local_pref: 100
10.10.10.0/29      via 10.72.1.1 on eth0 [AS65003_1 13:11:44] * (100)
[AS65001i]
    Type: BGP unicast univ
    BGP.origin: IGP
    BGP.as_path: 65001
    BGP.next_hop: 10.72.1.1
    BGP.local_pref: 100
10.72.1.0/24       dev eth0 [kernel1 13:11:40] * (10)
    Type: inherit unicast univ
    Kernel.source: 3
    Kernel.metric: 0
    Kernel.prefsrc: 10.72.1.254
192.168.0.0/16     via 10.72.1.1 on eth0 [AS65003_1 13:11:44] * (100)
[AS65001i]
    Type: BGP unicast univ
    BGP.origin: IGP
    BGP.as_path: 65001
    BGP.next_hop: 10.72.1.1
    BGP.local_pref: 100
                   via 10.72.1.2 on eth0 [AS65003_2 13:13:31] (100)
[AS65002i]
    Type: BGP unicast univ
    BGP.origin: IGP
    BGP.as_path: 65002
    BGP.next_hop: 10.72.1.2
    BGP.local_pref: 100
192.168.2.0/24     via 10.72.1.1 on eth0 [AS65003_1 13:11:44] * (100)
[AS65001i]
    Type: BGP unicast univ
    BGP.origin: IGP
    BGP.as_path: 65001
    BGP.next_hop: 10.72.1.1
    BGP.local_pref: 100
                   via 10.72.1.2 on eth0 [AS65003_2 13:13:31] (100)
[AS65002i]
    Type: BGP unicast univ
    BGP.origin: IGP
    BGP.as_path: 65002
    BGP.next_hop: 10.72.1.2
    BGP.local_pref: 100
192.168.3.0/24     via 10.72.1.1 on eth0 [AS65003_1 13:11:44] * (100)
[AS65001i]
    Type: BGP unicast univ
    BGP.origin: IGP
    BGP.as_path: 65001
    BGP.next_hop: 10.72.1.1
    BGP.local_pref: 100
                   via 10.72.1.2 on eth0 [AS65003_2 13:13:31] (100)
[AS65002i]
    Type: BGP unicast univ
    BGP.origin: IGP
    BGP.as_path: 65002
    BGP.next_hop: 10.72.1.2
    BGP.local_pref: 100
192.168.18.0/24    dev breth1 [kernel1 13:11:40] * (10)
    Type: inherit unicast univ
    Kernel.source: 3
    Kernel.metric: 0
    Kernel.prefsrc: 192.168.18.253
192.168.19.0/24    dev eth2 [kernel1 13:11:40] * (10)
    Type: inherit unicast univ
    Kernel.source: 3
    Kernel.metric: 0
    Kernel.prefsrc: 192.168.19.253
192.168.254.0/24   via 10.72.1.1 on eth0 [AS65003_1 13:11:44] * (100)
[AS65001i]
    Type: BGP unicast univ
    BGP.origin: IGP
    BGP.as_path: 65001
    BGP.next_hop: 10.72.1.1
    BGP.local_pref: 100
                   via 10.72.1.2 on eth0 [AS65003_2 13:13:31] (100)
[AS65002i]
    Type: BGP unicast univ
    BGP.origin: IGP
    BGP.as_path: 65002
    BGP.next_hop: 10.72.1.2
    BGP.local_pref: 100
172.16.0.0/12      via 10.72.1.1 on eth0 [AS65003_1 13:11:44] * (100)
[AS65001i]
    Type: BGP unicast univ
    BGP.origin: IGP
    BGP.as_path: 65001
    BGP.next_hop: 10.72.1.1
    BGP.local_pref: 100
                   via 10.72.1.2 on eth0 [AS65003_2 13:13:31] (100)
[AS65002i]
    Type: BGP unicast univ
    BGP.origin: IGP
    BGP.as_path: 65002
    BGP.next_hop: 10.72.1.2
    BGP.local_pref: 100
# ip route list proto bird
10.10.10.0/29 via 10.72.1.1 dev eth0
192.168.3.0/24 via 10.72.1.1 dev eth0
192.168.2.0/24 via 10.72.1.1 dev eth0
192.168.254.0/24 via 10.72.1.1 dev eth0
192.168.0.0/16 via 10.72.1.1 dev eth0
172.16.0.0/12 via 10.72.1.1 dev eth0
10.0.0.0/8 via 10.72.1.1 dev eth0
### Config on .1 (AS 65001):
filter kernel_import1 {
    accept;
}
filter kernel_export1 {
    accept;
}
filter export_AS65001_1 {
    if ifname ~ "ipsec0" then {
        bgp_local_pref=1000-krt_metric;
        accept;
    }
    if krt_source = ipp_vpn then {
        bgp_local_pref=1000-krt_metric;
        accept;
    }
    reject;
}
filter export_AS65001_2 {
    if ifname ~ "ipsec0" then {
        bgp_local_pref=1000-krt_metric;
        accept;
    }
    if krt_source = ipp_vpn then {
        bgp_local_pref=1000-krt_metric;
        accept;
    }
    reject;
}
protocol kernel kernel1 {
    persist;
    scan time 20;
    export filter kernel_export1;
    import filter kernel_import1;
    learn;
}
protocol device device1 {
    scan time 10;
}
protocol bgp AS65001_1 {
    local as 65001;
    neighbor 10.72.1.254 as 65003;
    import all;
    export filter export_AS65001_1;
}
protocol bgp AS65001_2 {
    local as 65001;
    neighbor 10.72.1.2 as 65002;
    import none;
    export filter export_AS65001_2;
}
### Config on .2 (AS 65002):
filter kernel_import1 {
    accept;
}
filter kernel_export1 {
    accept;
}
filter export_AS65002_1 {
    if ifname ~ "ipsec0" then {
        bgp_local_pref=1000-krt_metric;
        accept;
    }
    if krt_source = ipp_vpn then {
        bgp_local_pref=1000-krt_metric;
        accept;
    }
    reject;
}
filter export_AS65002_2 {
    if ifname ~ "ipsec0" then {
        bgp_local_pref=1000-krt_metric;
        accept;
    }
    if krt_source = ipp_vpn then {
        bgp_local_pref=1000-krt_metric;
        accept;
    }
    reject;
}
protocol kernel kernel1 {
    persist;
    scan time 20;
    export filter kernel_export1;
    import filter kernel_import1;
    learn;
}
protocol device device1 {
    scan time 10;
}
protocol bgp AS65002_1 {
    local as 65002;
    neighbor 10.72.1.254 as 65003;
    import all;
    export filter export_AS65002_1;
}
protocol bgp AS65002_2 {
    local as 65002;
    neighbor 10.72.1.1 as 65001;
    import none;
    export filter export_AS65002_2;
}
### Config on .254 (AS 65003):
filter kernel_import1 {
    accept;
}
filter kernel_export1 {
    accept;
}
filter lans {
    if ifname ~ "breth1" then {
        accept;
    }
    reject;
}
protocol kernel kernel1 {
    persist;
    scan time 20;
    export filter kernel_export1;
    import filter kernel_import1;
    learn;
}
protocol device device1 {
    scan time 10;
}
protocol bgp AS65003_1 {
    debug all;
    local as 65003;
    neighbor 10.72.1.1 as 65001;
    import all;
    export filter lans;
}
protocol bgp AS65003_2 {
    debug all;
    local as 65003;
    neighbor 10.72.1.2 as 65002;
    import all;
    export filter lans;
}
Is this a bug? Is it intentional and I need to be using a different
approach?
Kind Regards,
Mike