Enhanced Route Refresh Capability (rfc7313)
Hello, We updated one of our Route-server and noticed that a few number of our peers could not establish IPv6 sessions with us. The reason in the logs was "Received: Required capability missing”. After some tcpdump and investigation we found that Enhanced Route Refresh Capability was newly advertised (as explained in the bird release notes). Sadly Juniper boxes do think that this capability is mandatory (only) in IPv6. We have disabled route refresh (enhanced and regular), as a work-around, for these peers. enable route refresh off; Would it be possible to only disable enhanced route refresh in the configuration file for a next release of bird? Cheers, -- Arnaud Fenioux Network Engineer - FranceIX
On Tue, Jun 23, 2015 at 01:47:41PM +0200, Arnaud Fenioux wrote:
Hello,
We updated one of our Route-server and noticed that a few number of our peers could not establish IPv6 sessions with us. The reason in the logs was "Received: Required capability missing???.
After some tcpdump and investigation we found that Enhanced Route Refresh Capability was newly advertised (as explained in the bird release notes). Sadly Juniper boxes do think that this capability is mandatory (only) in IPv6.
Well, they should ignore it if they don't know/like it. The problem is specific to IPv6 sessions, IPv4 sessions works fine? Or perhaps the problem is triggered on both, but as a fallback, the capability negotiation was disabled on second try, which works for IPv4, but not for IPv6 (as multiprotocol cap. must be here)?
We have disabled route refresh (enhanced and regular), as a work-around, for these peers. enable route refresh off;
Would it be possible to only disable enhanced route refresh in the configuration file for a next release of bird?
I considered such option for 1.5.0 but thought it would be unnecessary. I will probably reconsider that. -- Elen sila lumenn' omentielvo Ondrej 'Santiago' Zajicek (email: santiago@crfreenet.org) OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net) "To err is human -- to blame it on a computer is even more so."
Greetings, If this is truly a bug in Juniper, I'd be happy to log the bug with them. We'd just need to supply them the tcpdump and reference the RFC where it says this isn't mandatory. Kind regards, Dave Seddon On Tue, Jun 23, 2015 at 5:37 AM, Raphael Mazelier <raph@futomaki.net> wrote:
Le 23/06/15 15:29, Ondrej Zajicek a écrit :
I considered such option for 1.5.0 but thought it would be unnecessary. I will probably reconsider that.
It seems that juniper router misbehave on this. So it could be a good one.
-- Raphael Mazelier
On 23 Jun 2015, at 15:29, Ondrej Zajicek <santiago@crfreenet.org> wrote:
Well, they should ignore it if they don't know/like it.
Yes, for sure!
The problem is specific to IPv6 sessions, IPv4 sessions works fine? Well... actually no, I had to "enable route refresh off;” on the same peers in IPv4 and IPv6 : IPv4 sessions were established without any capability while route refresh was enable.
Or perhaps the problem is triggered on both, but as a fallback, the capability negotiation was disabled on second try, which works for IPv4, but not for IPv6 (as multiprotocol cap. must be here)?
Multiprotocol cap was advertised on both side, but I don’t think it is related to this. on IPv4 with route-refresh enable I can see : BGP state: Established Neighbor caps: Session: external route-server on IPv4 with route-refresh disable I can see : BGP state: Established Neighbor caps: refresh restart-aware AS4 Session: external route-server AS4 As far as I understand from the traces I took, when I disable route-refresh capabilities, bird stops advertising enhanced (70) and “regular” (2) route refresh, but when the neighbour sends the regular route-refresh capability, bird enables it. Which is explained in http://bird.network.cz/?get_doc&f=bird-6.html#ss6.2 but not very up to date compared to https://gitlab.labs.nic.cz/labs/bird/commit/9aed29e605334d34d0e6a90fc172ee83... Can you confirm, if I understand correctly : "That even when disabled, BIRD can send route refresh requests [and accept the capability]” ? Thank you Arnaud
Hello bird members, Just a quick follow up, regarding the parsing of some BGP attributes on Juniper platforms. Juniper has fixed this bug in PR 1016736 since : 12.3R9 13.2R6 13.3R4 13.3R5 14.1R3 14.2R1 15.1R1 Regards, -- Arnaud Fenioux Network Engineer - FranceIX
On Mon, Jul 27, 2015 at 11:40:49AM +0200, Arnaud Fenioux wrote:
Hello bird members,
Just a quick follow up, regarding the parsing of some BGP attributes on Juniper platforms.
Juniper has fixed this bug in PR 1016736 since : 12.3R9 13.2R6 13.3R4 13.3R5 14.1R3 14.2R1 15.1R1
Hello Thanks for the info. -- Elen sila lumenn' omentielvo Ondrej 'Santiago' Zajicek (email: santiago@crfreenet.org) OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net) "To err is human -- to blame it on a computer is even more so."
participants (4)
-
Arnaud Fenioux -
dave seddon -
Ondrej Zajicek -
Raphael Mazelier