BGP export connected or static prefixes
Dear BIRD users, I'm setting up BIRD 1.4.5 as a router for an AS112 anycast instance. I've got the router running and creating peering sessions with peers, and also importing prefixes from them into the kernel. However, it's not exporting my prefix, and I'm afraid I don't understand why. I'm quite new to BIRD, so please bear with me if my question looks naive. I would appreciate any clues. My configuration looks like this: list bgp address <myaddr>; router id <myaddr>; tabe anycast; filter as112 { if net = 192.75.48.0/24 then accept; reject; } protocol direct { interface "dummy0*"; } protocol device { } protocol kernel { export all; kernel table 10; table anycast; } protocol bgp { export filter as112; local <myaddr> as 112; neighbor <peeraddr> as <peeras>; table anycast; }
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 6.3.2015 17:53, Anand Buddhdev wrote:
Dear BIRD users,
I'm setting up BIRD 1.4.5 as a router for an AS112 anycast instance. I've got the router running and creating peering sessions with peers, and also importing prefixes from them into the kernel.
However, it's not exporting my prefix, and I'm afraid I don't understand why. I'm quite new to BIRD, so please bear with me if my question looks naive. I would appreciate any clues.
Dear Anand, the problem is caused by the fact that device routes are handled differently than the others. Protocol 'kernel' ignores those routes and they are generated by protocol 'direct'. And this routing protocol is connected to routing table 'master' in you example. So this route is not in routing table 'anycast'. You should see it byt 'show route table master' and not 'show route table anycast'. There are more ways how to fix this: 1) Use only routing table 'master'. Is there a reason for using special routing table in this case? 2) Generate this routing in routing table 'anycast' a) You can either attach protocol 'direct' to table 'anycast': protocol direct { interface "dummy0*"; table anycast; } b) Or you can export this route using protocol 'pipe' protocol pipe { # The Pipe table master; peer table anycast; export filter as112; }; c) Or you can generate it using protocol 'static': protocol static { route 192.75.48.0/24 via "dummy0"; table anycast; }; There is even more ways of course. But I hope this is gonna help you. Ondrej
My configuration looks like this:
list bgp address <myaddr>; router id <myaddr>; tabe anycast;
filter as112 { if net = 192.75.48.0/24 then accept; reject; }
protocol direct { interface "dummy0*"; }
protocol device { }
protocol kernel { export all; kernel table 10; table anycast; }
protocol bgp { export filter as112; local <myaddr> as 112; neighbor <peeraddr> as <peeras>; table anycast; }
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBAgAGBQJU+iC9AAoJED82D4RIDoWPZeYP/3HycrXu8r4d5tZwzrEkALny tgaW+UNstO65q4RK5h1kvZBFJDKSnE7VttCTxYh5HWCZNeSPHXAev92ZTOaR2e6H W7ByF+ANsyOHRi7yB9zs7tyiNjonlSX+snM9fG0nJDbXdlnNK5iu8RF67CBphf8V 6QkLPIwvY3C4yAvy1UDdUXwBoTiaz2tmsbmeYQduDbehcGcl8yRlkKAa9mcgeN1i cZsZjaG39OoZ/oYt1yKdAAH6gXSF83wl0bNeFgxCzcxoONJSRb2pu7O/z3s3ZC0m Jtz6BWYoqNqXSu1brj7/GfJic00SLGHf36XuUun6zHJyqmDFrTyUcUmT3YZCvbJU Hj/ljR8Xhsp/7wOIsmh2oMVm5N4yqcXv1aXSTCzDwi3HBZaaG3UmySVIQzskyxj8 SR4E/qnOVFcJjGv+cnBt2CqC7ayurrMsppDTNSWCPS3l0xoShCRytR0OVGWNr6fZ YfOALj04Xk8VVveiBmHdjWNJJYCIGi9oQIJU7ITWyQVX74syPDFuGMQ9m3yxkqKr XFo2N2eLpTW4EJHdGfXKtkf/GoQ31VjrCvpznjmyf0XITX2k5ASfcWefnRhW2+Vg 5/U1NjIy2nOsbw+P/+zeCvgUP9lzyZyBckVKBnEQ6oINzRw+ORAEOvHNbxQCxTOn wrbUk+o0SSjfWuLN1+qH =Yuin -----END PGP SIGNATURE-----
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 06/03/15 22:48, Ondrej Filip wrote: Hi Ondrej,
the problem is caused by the fact that device routes are handled differently than the others. Protocol 'kernel' ignores those routes and they are generated by protocol 'direct'. And this routing protocol is connected to routing table 'master' in you example. So this route is not in routing table 'anycast'. You should see it byt 'show route table master' and not 'show route table anycast'. There are more ways how to fix this:
Thank you for your responses. Actually I had just figured all this out, before I saw your reply :)
1) Use only routing table 'master'. Is there a reason for using special routing table in this case?
No, there isn't. I was confusing bird's tables with the linux kernel's tables. I then realised that I don't need a special table in bird. I can just use the default one, but connect it to a linux kernel table named "anycast" in the "protocol kernel" section.
2) Generate this routing in routing table 'anycast' a) You can either attach protocol 'direct' to table 'anycast': protocol direct { interface "dummy0*"; table anycast; }
I'm using this now, but without a special table.
b) Or you can export this route using protocol 'pipe' protocol pipe { # The Pipe table master; peer table anycast; export filter as112; };
This is interesting, but not necessary in my case now.
c) Or you can generate it using protocol 'static': protocol static { route 192.75.48.0/24 via "dummy0"; table anycast; };
I also found out that this works, but I'm preferring to use the "protocol direct" method. So my final config now looks like this, and it works. Of course, I'm open to any more improvements. - --- bird.conf --- listen bgp address <myaddr>; router id <myaddr>; filter as112 { if net = 192.175.48.0/24 then accept; } protocol device { } protocol direct { interface "dummy0*"; } protocol kernel { export all; kernel table 10; } protocol bgp { export filter as112; local <myaddr> as 112; neighbor <peeraddr1> as <peeras1>; } protocol bgp { export filter as112; local <myaddr> as 112; neighbor <peeraddr2> as <peeras2>; } - --- end --- -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.22 (Darwin) Comment: GPGTools - http://gpgtools.org iEYEARECAAYFAlT6JMIACgkQi+U8Q0SwlCulogCcDaxyd3jT95bhkfRuVC6zjm69 tYkAoItVc93pLuiZqnilR03ZMvxpsPyA =eYnA -----END PGP SIGNATURE-----
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 6.3.2015 23:05, Anand Buddhdev wrote:
So my final config now looks like this, and it works. Of course, I'm open to any more improvements.
I think, this looks good. I have a very similar config on my AS112 in NIX.CZ. You may consider to use templates, to make it shorter. But that's no necessary. template bgp PEERS { local as 112; import all; export filter as112; route limit 10000; } protocol bgp from PEERS { neighbor <peeraddr1> as <peeras1>; } protocol bgp from PEERS { neighbor <peeraddr2> as <peeras2>; } [...] Ondrej
--- bird.conf --- listen bgp address <myaddr>; router id <myaddr>;
filter as112 { if net = 192.175.48.0/24 then accept; }
protocol device { }
protocol direct { interface "dummy0*"; }
protocol kernel { export all; kernel table 10; }
protocol bgp { export filter as112; local <myaddr> as 112; neighbor <peeraddr1> as <peeras1>; } protocol bgp { export filter as112; local <myaddr> as 112; neighbor <peeraddr2> as <peeras2>; } --- end ---
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBAgAGBQJU+jnaAAoJED82D4RIDoWPe2IP/iX4d26LJkYwli2Q2eugLZIR yDZOH8u+w0cUJ8H/DbGGVoB22LUNx198479++My4tSKaWontHVAVOrQjGqoBS+0a gLxo59Xz6lrAcR7Z7Girbmj8uNDFzolrNrlqa1vvVfNYZnEfEO0TzkOXc3zPVyIR HEsA6XmHACX+5CPtnCNNThL9oY2A4Wjm6HMDKUHRB8kfVNdzzVFFH5Zp6L2ga+Uj Pz+v5m/Cz1yqu9Ce8QSa1EzSyXolIINOjSiHzYIT1D5vy6vFFMruPu7omHCFYLZ8 QTdrz7pJCzxC5WqU2KLIgUzquNHv4h9YgfKlh2EuW4Ccr0ZOShwpBCY2RW+NFilP ou/kC4mdSuWOuE8UxF9OnUFVC0aX62nRsQ0PjPX5sRNYDEWM9y6tkkfrisW0t5D6 oxr08bI9HIA/qAzHfJR8nfxFF1s5U5i1JLHcUduK+L18Yg5M6AmNYOtuivM4j53D xZKrrHU3kmKciIXrQz9jV6qY/0xgJFA17yB0rS6zAXm9a1QNjRiDhtON1bQmnZuh wJU60xjvs2j+pL5h4POoIakABv1qkwQDQLgR9iW8Ukg1591ZdtXyLhkTSdYSilez QBJk8TVZ0GGzBQ+dXqrcpnm1Jnc4kXvMYbITzpDgJUz0sy5ir2pTIGdTWe0Q3Owi Xsjxj1l3pw5JjGU5xuK4 =j3fO -----END PGP SIGNATURE-----
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 07/03/15 00:35, Ondrej Filip wrote: Hi Ondrej,
I think, this looks good. I have a very similar config on my AS112 in NIX.CZ. You may consider to use templates, to make it shorter. But that's no necessary.
I tried using a template, exactly as you have described, but bird now complains: Mar 7 23:11:12 ns1 bird: Reconfiguration requested by SIGHUP Mar 7 23:11:12 ns1 bird: /etc/bird.conf, line 25: syntax error The template is: template bgp peers { export filter as112; local 80.249.208.39 as 112; } And line 25 is: protocol bgp from peers { Just FYI, I'm on version 1.4.5. Has there been a syntax change somewhere? - -- Anand -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.22 (Darwin) Comment: GPGTools - http://gpgtools.org iEYEARECAAYFAlT7htAACgkQi+U8Q0SwlCtqOgCgkQEOQGeStzRz60PBL2AyZr+h GesAn0clRAiIcWDNQlby2QNsYYlMh0+/ =a+fF -----END PGP SIGNATURE-----
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 8.3.2015 00:16, Anand Buddhdev wrote:
On 07/03/15 00:35, Ondrej Filip wrote:
Hi Ondrej,
Hi Anand! Your problem is cause by the fact that definition of unnamed protocol from template is not supported. I added this option to the git repository today. To solve this on 1.4.5 please use: protocol bgp bgp_1 from peers { ... Ondrej
I think, this looks good. I have a very similar config on my AS112 in NIX.CZ. You may consider to use templates, to make it shorter. But that's no necessary.
I tried using a template, exactly as you have described, but bird now complains:
Mar 7 23:11:12 ns1 bird: Reconfiguration requested by SIGHUP Mar 7 23:11:12 ns1 bird: /etc/bird.conf, line 25: syntax error
The template is:
template bgp peers { export filter as112; local 80.249.208.39 as 112; }
And line 25 is:
protocol bgp from peers {
Just FYI, I'm on version 1.4.5. Has there been a syntax change somewhere?
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBAgAGBQJU/iZ4AAoJED82D4RIDoWPE28QAINl6mUH5dnFvnjZrmFDakIU SK2GNO+44Noh/puh19hBqz3Ri6Y3pz/9aPodOdyU8/rtVtA6XrxPuxXnBDH0T4su 8fULsyOtDyTdHiGASy5Fmb5tgPmKEnoE3BVSB9LHTHceC361SLE5SlKmyqLHfax7 FOE6AuVY7s9+jo5y1+CNWMZJcaiFqVnrwnTtUQX0U+gYwivTAqMAo/YtcU2eQtK3 g9jULTMANguVCL8Uh4SA88m42f7JIyGOy5PY85W1PhDDFzIXy0hU/a/hykWjgK4f hNnylKioKd5VRW1Va7CrkKMsw5bvYTrEgALTgtElqWVyU12vCwGkSBjMwHo82+qx MkJhMwwV0U6RCQNkL/3q9cOJPsUOPrj1XJPVg8op29RLSDda+fT2H6BQe8X2f4Go b2yHAVESh9btrj6mIpM20qo9HR09pra8n0bCu7dDaTlqhdQ3dA+iA/iPTMkN6dN7 hnD6wA7uJTZ5FMRNcfE60vfNkcR901rXKlspzXeidI4k1gKDcbUMscJPXRFsVuqL nFZm1Gqkkig9DxeuQ+Z6BI0HHXtBFN6o3Vp3DWEK5xwEFN3GmiqrwmyV9tYNC+y0 tTrTjKP+AL5sKcJKM0n3yP1rEm+Cx2p3pNTRt5hsesJli+9WLzySmd6dI/5mPa1W ms1LlrEjJX4Lg7BlE9+O =MpIk -----END PGP SIGNATURE-----
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 10/03/15 00:02, Ondrej Filip wrote:
Your problem is cause by the fact that definition of unnamed protocol from template is not supported. I added this option to the git repository today. To solve this on 1.4.5 please use:
protocol bgp bgp_1 from peers {
Hi Ondrej, I figured that out too :) I'm generating my config from a template, so I just made the template generate names like bgp1, bgp2 ... However, when looking at the output of "birdcl show protocols", I just see "bgp1", "bgp2" and so on. So I then edited my template to generate config like this: protocol bgp '<peeraddr>/AS<peerasn>' from mytemplate { ... } Now when I run "birdcl show protocols" I can see which peer is connected, and so on. By the way, the documentation about using single quotes shows an example using triple quotes. So I first used triple quotes, and it failed with a syntax error. Perhaps you should change the example and only use single quotes. Regards, Anand -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.22 (Darwin) Comment: GPGTools - http://gpgtools.org iEYEARECAAYFAlT+L5MACgkQi+U8Q0SwlCtwRgCghTm0toM4m7P4/4lbYJdwdq8N daIAoIcvrQjDWTdbtDJ4lWTrGbAh3LKG =nN9f -----END PGP SIGNATURE-----
participants (2)
-
Anand Buddhdev -
Ondrej Filip