It looks like working. It accepts the default route while refusing to export it back which is expected to happen.


Maria

I added that and it listens now!

 

I’m not sure what to make of the log notices, though.

 

2024-08-01 12:43:15.036 <TRACE> isp2: Started

2024-08-01 12:43:15.036 <TRACE> isp2: Connect delayed by 5 seconds

2024-08-01 12:43:15.036 <TRACE> isp1: Started

2024-08-01 12:43:15.036 <TRACE> isp1: Connect delayed by 5 seconds

2024-08-01 12:43:19.073 <TRACE> isp1: Connecting to <redacted> from local address <redacted>

2024-08-01 12:43:19.074 <TRACE> isp1: Connected

2024-08-01 12:43:19.074 <TRACE> isp1: Sending OPEN(ver=4,as=65526,hold=240,id=d8735c8c)

2024-08-01 12:43:19.078 <TRACE> isp1: Connection lost (Connection reset by peer)

2024-08-01 12:43:19.078 <TRACE> isp1: Connect delayed by 5 seconds

2024-08-01 12:43:19.287 <TRACE> isp2: Connecting to <redacted>from local address <redacted>

2024-08-01 12:43:19.288 <TRACE> isp2: Connected

2024-08-01 12:43:19.288 <TRACE> isp2: Sending OPEN(ver=4,as=65526,hold=240,id=d8735c8c)

2024-08-01 12:43:19.494 <TRACE> isp2: Got OPEN(as=23005,hold=180,id=<redacted>)

2024-08-01 12:43:19.494 <TRACE> isp2: Sending KEEPALIVE

2024-08-01 12:43:19.495 <TRACE> isp2: Got KEEPALIVE

2024-08-01 12:43:19.495 <TRACE> isp2: BGP session established

2024-08-01 12:43:19.495 <TRACE> isp2: State changed to up

2024-08-01 12:43:19.495 <TRACE> isp2: Sending END-OF-RIB

2024-08-01 12:43:19.536 <TRACE> isp2: Got UPDATE

2024-08-01 12:43:19.536 <TRACE> isp2.ipv4 > added [best] 0.0.0.0/0 0L 2G unicast

2024-08-01 12:43:19.536 <TRACE> isp2.ipv4 < rejected by protocol 0.0.0.0/0 0L 2G unicast

2024-08-01 12:43:23.578 <TRACE> isp1: Connecting to <redacted> local address <redacted>

2024-08-01 12:43:23.578 <TRACE> isp1: Connected

2024-08-01 12:43:23.578 <TRACE> isp1: Sending OPEN(ver=4,as=65526,hold=240,id=d8735c8c)

2024-08-01 12:43:23.782 <TRACE> isp1: Got OPEN(as=23005,hold=180,id=<redacted>)

2024-08-01 12:43:23.782 <TRACE> isp1: Sending KEEPALIVE

2024-08-01 12:43:23.783 <TRACE> isp1: Got KEEPALIVE

2024-08-01 12:43:23.783 <TRACE> isp1: BGP session established

2024-08-01 12:43:23.783 <TRACE> isp1: State changed to up

2024-08-01 12:43:23.783 <TRACE> isp1.ipv4 < filtered out 0.0.0.0/0 0L 2G unicast

2024-08-01 12:43:23.783 <TRACE> isp1: Sending END-OF-RIB

2024-08-01 12:43:23.788 <TRACE> isp1: Got UPDATE

2024-08-01 12:43:23.788 <TRACE> isp1.ipv4 > added [best] 0.0.0.0/0 0L 3G unicast

2024-08-01 12:43:23.788 <TRACE> isp2.ipv4 < filtered out 0.0.0.0/0 0L 3G unicast

2024-08-01 12:43:23.788 <TRACE> isp1.ipv4 < rejected by protocol 0.0.0.0/0 0L 3G unicast

2024-08-01 12:43:29.463 <TRACE> isp2: Got UPDATE

2024-08-01 12:43:29.463 <TRACE> isp2: Got END-OF-RIB

2024-08-01 12:43:33.765 <TRACE> isp1: Got UPDATE

2024-08-01 12:43:33.765 <TRACE> isp1: Got END-OF-RIB

2024-08-01 12:44:09.966 <TRACE> isp2: Sending KEEPALIVE

2024-08-01 12:44:18.548 <TRACE> isp1: Sending KEEPALIVE

2024-08-01 12:44:29.465 <TRACE> isp2: Got KEEPALIVE

2024-08-01 12:44:33.766 <TRACE> isp1: Got KEEPALIVE

2024-08-01 12:44:57.910 <TRACE> isp2: Sending KEEPALIVE

 

It seems to add the default route, then reject it?

 

-Eric

 

From: Eric Robinson
Sent: Thursday, August 1, 2024 2:26 PM
To: Maria Matejka <maria.matejka@nic.cz>; bird-users@network.cz; bird-users@network.cz
Subject: RE: Bird 2.14 Starts but Won't Bind to Port 179

 

I do not. Following is the whole config. (The IPs and ASNs are bogus.)

 

Our need is simple. We don’t need to advertise any routes. We just need to get the default route from the ISP and ignore everything else.

 

[root@fw9b etc]# cat bird.conf

log "/var/log/bird.log" all;

 

router id 4.4.92.140;

 

protocol bgp isp1 {

        description "BGP with ISP Router 1";

        local as 65111;

        neighbor 4.4.92.130%red0 as 23222;

        debug all;

        ipv4 {

                import filter {

                        if net = 0.0.0.0/0 then accept;

                        reject;

                };

                export none; # Do not export any routes to ISP

                next hop self;

        };

}

 

protocol bgp isp2 {

        description "BGP with ISP Router 2";

        local as 65111;

        neighbor 4.4.92.131%red0 as 23222;

        debug all;

        ipv4 {

                import filter {

                        if net = 0.0.0.0/0 then accept;

                        reject;

                };

                export none; # Do not export any routes to ISP

                next hop self;

        };

}

 

From: Maria Matejka <maria.matejka@nic.cz>
Sent: Thursday, August 1, 2024 2:18 PM
To: bird-users@network.cz; Eric Robinson <eric.robinson@psmnv.com>; bird-users@network.cz
Subject: Re: Bird 2.14 Starts but Won't Bind to Port 179

 

Hello,

do you have
protocol device {}
in your config?

Maria

 

On 1 August 2024 20:41:23 CEST, Eric Robinson <eric.robinson@psmnv.com> wrote:

Bird starts, and claims that it is waiting for the upstream routers to become neighbors…

2024-07-31 06:25:25.774 isp1: Initializing
2024-07-31 06:25:25.774 isp2: Initializing
2024-07-31 06:25:25.774 isp1: Starting
2024-07-31 06:25:25.774 isp1: State changed to start
2024-07-31 06:25:25.774 isp2: Starting
2024-07-31 06:25:25.774 isp2: State changed to start
2024-07-31 06:25:25.774 Started
2024-07-31 06:25:25.775 isp2: Waiting for 4.4.92.131 to become my neighbor
2024-07-31 06:25:25.775 isp1: Waiting for 4.4.92.130 to become my neighbor

…however, I can see in tcpdump that bird is refusing BGP connections…

08:50:31.055601 IP 4.4.92.130.34302 > 4.4.92.140.179: Flags [S], seq 733565924, win 16384, options [mss 1424,wscale 0,nop,sackOK,eol], length 0
08:50:31.056685 IP 4.4.92.140.179 > 4.4.92.130.34302: Flags [R.], seq 0, ack 733565925, win 0, length 0

…and that’s because bird is not listening…

[root@fw9b log]# netstat -ant
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:53 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:8953 0.0.0.0:* LISTEN
tcp6 0 0 :::1013 :::* LISTEN
tcp6 0 0 :::444 :::* LISTEN
tcp6 0 0 :::81 :::* LISTEN

Bird is running...

[root@fw9b log]# ps ax|grep bird
20738 pts/0 S+ 0:00 grep bird
29732 ? Ss 0:00 /usr/sbin/bird

Strace shows that it is not binding to the port.

 

I read a full thread about this exact symptom here: https://bird.network.cz/pipermail/bird-users/2020-September/014824.html

Unfortunately, I’m brand new to bird and I was unable to follow some of it.

 

-Eric

 

 

Disclaimer : This email and any files transmitted with it are confidential and intended solely for intended recipients. If you are not the named addressee you should not disseminate, distribute, copy or alter this email. Any views or opinions presented in this email are solely those of the author and might not represent those of Physician Select Management. Warning: Although Physician Select Management has taken reasonable precautions to ensure no viruses are present in this email, the company cannot accept responsibility for any loss or damage arising from the use of this email or attachments.

Disclaimer : This email and any files transmitted with it are confidential and intended solely for intended recipients. If you are not the named addressee you should not disseminate, distribute, copy or alter this email. Any views or opinions presented in this email are solely those of the author and might not represent those of Physician Select Management. Warning: Although Physician Select Management has taken reasonable precautions to ensure no viruses are present in this email, the company cannot accept responsibility for any loss or damage arising from the use of this email or attachments.