On Mon, Feb 28, 2011 at 07:37:08PM +0100, Christian Riede wrote:
Hello,
On Mon, Feb 28, 2011 at 03:56:24PM +0100, Ondrej Zajicek wrote:
Why should I not use private ASNs?
You can use private ASNs 64512-65534 (or some other in 32bit space). 65535 (and 0) is not a private ASN, but a reserved ASN.
I took http://www.apnic.net/services/services-apnic-provides/helpdesk/faqs/asn-faqs... as reference. It states that 65535 actually is one.
See this: http://www.iana.org/assignments/as-numbers/as-numbers.xml
But anyway - the behavior ist the same with ASN 65534: The BGP closes immediately.
exacom-kap-gw01:/etc/bird # telnet 2001:67c:39c:8000::8000:a 179 Trying 2001:67c:39c:8000::8000:a... Connected to 2001:67c:39c:8000::8000:a. Escape character is '^]'. Connection closed by foreign host. exacom-kap-gw01:/etc/bird #
exacom-kap-gw02:~ # tcpdump host 2001:67c:39c:8000::8000:9 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes 19:32:33.263290 IP6 2001:67c:39c:8000::8000:9.53942 > 2001:67c:39c:8000::8000:a.bgp: Flags [S], seq 3322719686, win 5760, options [mss 1440,sackOK,TS val 68713170 ecr 0,nop,wscale 6], length 0 19:32:33.263340 IP6 2001:67c:39c:8000::8000:a.bgp > 2001:67c:39c:8000::8000:9.53942: Flags [S.], seq 3336922287, ack 3322719687, win 5712, options [mss 1440,sackOK,TS val 70286778 ecr 68713170,nop,wscale 6], length 0 19:32:33.263571 IP6 2001:67c:39c:8000::8000:9.53942 > 2001:67c:39c:8000::8000:a.bgp: Flags [.], ack 1, win 90, options [nop,nop,TS val 68713170 ecr 70286778], length 0 19:32:33.264142 IP6 2001:67c:39c:8000::8000:a.bgp > 2001:67c:39c:8000::8000:9.53942: Flags [F.], seq 1, ack 1, win 90, options [nop,nop,TS val 70286779 ecr 68713170], length 0 19:32:33.264621 IP6 2001:67c:39c:8000::8000:9.53942 > 2001:67c:39c:8000::8000:a.bgp: Flags [F.], seq 1, ack 2, win 90, options [nop,nop,TS val 68713171 ecr 70286779], length 0 19:32:33.264645 IP6 2001:67c:39c:8000::8000:a.bgp > 2001:67c:39c:8000::8000:9.53942: Flags [.], ack 2, win 90, options [nop,nop,TS val 70286779 ecr 68713171], length 0
As already stated - I did some debugging with the previous configuration that showed the same error and found that in bgp.c:bgp_incoming_connection the value of p->start_state is zero (should be >=BSS_CONNECT).
That indicates that you have a typo in IP address - the IP address is not local and BGP waits for such prefix to appear. In your config you have: neighbor 2001:67c:39c:8001::8000:a as 65535; But you try connect from: 2001:67c:39c:8000::8000:a which is in a different network. -- Elen sila lumenn' omentielvo Ondrej 'SanTiago' Zajicek (email: santiago@crfreenet.org) OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net) "To err is human -- to blame it on a computer is even more so."