Op 8 mrt. 2019, om 13:31 heeft Marco van Tol <marco@tols.org> het volgende geschreven:
Op 8 mrt. 2019, om 13:04 heeft Ondrej Zajicek <santiago@crfreenet.org> het volgende geschreven:
On Fri, Mar 08, 2019 at 12:35:30PM +0100, Marco van Tol wrote:
Hi there,
I'm trying to setup iBGP peering with a cisco router which is giving me an "invalid open message" that I can't seem to fix.
- The same router is peering with Juniper and other bird 1.6.3 routers without issues.
Hi
You mean the same BIRD rotuer or the same Cisco router?
Hi,
Many thanks for your quick answer!
Good point, I meant the same BIRD router.
So we have a BIRD 2.0.4 router that is: - Having issues to peer with a Cisco ios xe 16.3.5 version router on both ipv4 and ipv6 in the exact same way - Is having no issues to peer with a Juniper and another BIRD 1.6.3 router, both ipv4 and ipv6.
- The router is also doing IPv6 based peering with all the other routers, which gives the exact same scenario as with IPv4. -----< cut here >-----
The debug messages I'm getting are these: -----< cut here >----- 2019-03-08 11:02:33.199 <TRACE> peer_type1a_v4: Incoming connection from 10.0.0.2 (port 18581) accepted 2019-03-08 11:02:33.199 <TRACE> peer_type1a_v4: Sending OPEN(ver=4,as=64512,hold=240,id=0a000001) 2019-03-08 11:02:33.200 <TRACE> peer_type1a_v4: Got OPEN(as=64512,hold=180,id=10.0.0.2) 2019-03-08 11:02:33.200 <TRACE> peer_type1a_v4: Sending KEEPALIVE 2019-03-08 11:02:33.201 <RMT> peer_type1a_v4: Received: Invalid OPEN message 2019-03-08 11:02:33.201 <TRACE> peer_type1a_v4: State changed to stop 2019-03-08 11:02:33.201 <TRACE> peer_type1a_v4: Down -----< cut here >-----
My suspicion is that the ipv6 like address representation in the sent open message router id might confuse the cisco. So the opening message we're sending seems to be having the router id represented in hex form, like 32 bits of an IPv6 address.
That is just a textual representation in logs, there is no difference in the packet. For some historical reasons there is a different formatting for 'Sending OPEN' and 'Got OPEN' log messages.
Okay that makes sense, thanks for confirming.
Could you try the 2.0.2 or 2.0.3 versions if they work with the Cisco router?
I will have a go at that and let you know.
Hi, So I replaced bird 2.0.4 for which I downloaded the rpm from your site with bird 2.0.2 which I installed using yum on a centos 7 system. I noticed 2 things: - The Centos 7 2.0.2 rpm makes the bird daemon drop privileges and resumes as user bird - The 2.0.4 package from your site, when started with the supplied .service file, remains as root, with the exact same bird.conf - Version 2.0.2 has no issues to peer with the cisco router, it peers fine. So now I'm curious how worried I should be about the "import bgp fixes" in the 2.0.4 release notes. :-) Many thanks! -- Marco van Tol