On Mon, Apr 07, 2014 at 05:28:24PM +0200, Thomas Goldberg wrote:
Hello,
can yomeone please explain me the following behaviour: There's one eBGP session (b_dtag1) and one iBGP session with one of our RR Servers (b_rr1). The RR redistributes the blackhole prefixes learned from the Spamhouse BGP Feed (BGPf).
The prefix 64.112.128.0/18 is supposed to be blackholed.
These are the two routes learned from the two peers: bird> show route all 64.112.128.0/18 64.112.128.0/18 via X.X.X.X on eth0 [b_dtag1 Apr06] * (100) [AS3320i] ... blackhole [b_rr1 15:36 from Y.Y.Y.Y] (100/-) [AS65535i] ...
As you can see the (older) regular eBGP route is picked over the blackhole route:
Based on the Route selection rules from http://bird.network.cz/?get_doc&f=bird-6.html#ss6.2 I expected that the first (Prefer route with the highest Local Preference attribute) and the second (Prefer route with the shortest AS path) rule would result in the blackhole route being picked.
Hello That is because only resolvable routes are considered (RFC 4271 9.1.2.1), main reason for that condition is to eliminate routes whose bgp_next_hop cannot be resolved using IGP, it also affects routes whose bgp_next_hop is resolved to a unreachable/blackhole/prohibit route. In your case, it could be fixed by adding higher protocol preference (different attribute than bgp_local_pref, currently 100) to b_rr1. -- Elen sila lumenn' omentielvo Ondrej 'SanTiago' Zajicek (email: santiago@crfreenet.org) OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net) "To err is human -- to blame it on a computer is even more so."