[2.16.1 on FreeBSD] Automatic RPKI reload not active...
Hi folks, again, In my logs, I'm seeing a lot of <peer>: Automatic RPKI reload not active for import I could not find any explanation what that would mean, or whether it is a problem... Can somebody help? Thanks, Elmar.
Hi Elmar, On Wed, May 21, 2025 at 09:49:30AM +0100, Elmar K. Bins wrote:
Hi folks, again,
In my logs, I'm seeing a lot of
<peer>: Automatic RPKI reload not active for import
I could not find any explanation what that would mean, or whether it is a problem...
Can somebody help?
I believe this message relates to "rpki reload _switch_" documented here: https://bird.network.cz/?get_doc&v=20&f=bird-3.html#proto-rpki-reload Kind regards, Job
Hi Job, job@sobornost.net (Job Snijders) wrote:
<peer>: Automatic RPKI reload not active for import
I believe this message relates to "rpki reload _switch_" documented here: https://bird.network.cz/?get_doc&v=20&f=bird-3.html#proto-rpki-reload
Thanks for the pointer! I see that this defaults to "On", so the message should not appear; but then the docs mention that it also "requires import table or export table". That formulation is unclear to me; does this mean I have to implement a separate table for every peer (which I, of course, don't)? nobody has that kind of time)? I'm taking all prefixes into the master4/master6 tables, and atm I'm just tagging, not filtering upon import. Am I thinking wrong? Elmar.
Dear Elmar, import or export table is a command to note, that the routes will be locally stored in a table for import or export. So you do not need to write it down, it's just a switch. Check the documentation for BGP https://bird.nic.cz/doc/bird-2.16.2.html#bgp and tag "import table switch". I hope this helps. Kind regards, Jana Jana Babovakova (she/her) | BIRD Tech Support | CZ.NIC, z.s.p.o. On 21. 05. 25 12:29, Elmar K. Bins wrote:
Hi Job,
job@sobornost.net (Job Snijders) wrote:
<peer>: Automatic RPKI reload not active for import
I believe this message relates to "rpki reload _switch_" documented here:https://bird.network.cz/?get_doc&v=20&f=bird-3.html#proto-rpki-reload Thanks for the pointer! I see that this defaults to "On", so the message should not appear; but then the docs mention that it also "requires import table or export table". That formulation is unclear to me; does this mean I have to implement a separate table for every peer (which I, of course, don't)? nobody has that kind of time)?
I'm taking all prefixes into the master4/master6 tables, and atm I'm just tagging, not filtering upon import.
Am I thinking wrong?
Elmar.
On Wed, May 21, 2025 at 01:48:20PM +0200, Jana Babovakova via Bird-users wrote:
import or export table is a command to note, that the routes will be locally stored in a table for import or export. So you do not need to write it down, it's just a switch.
Check the documentation for BGP > https://bird.nic.cz/doc/bird-2.16.2.html#bgp and tag "import table switch".
Of note - it is good practise to keep the table: it's 'more neighborly'! Keeping the import table can help reduce the sending of BGP ROUTE-REFRESH messages (which are costly for your peers). Some commercial BGP vendors refer to this concept as "soft-reconfiguration inbound always". Kind regards, Job
job@sobornost.net (Job Snijders) wrote:
Of note - it is good practise to keep the table: it's 'more neighborly'!
Keeping the import table can help reduce the sending of BGP ROUTE-REFRESH messages (which are costly for your peers).
Oh yeah, I'd never not do it on "real routers", but these are anycast nodes advertising two prefixes that never change (only might go away or reappear), so I'm not concerned. CPU churn at these nodes is minimal anyway, but hey, what's two more tables, right? ;-) Thanks for your kind help folks! El Mar.
On Wed, May 21, 2025 at 12:32:21PM +0000, Elmar K. Bins wrote:
job@sobornost.net (Job Snijders) wrote:
Of note - it is good practise to keep the table: it's 'more neighborly'!
Keeping the import table can help reduce the sending of BGP ROUTE-REFRESH messages (which are costly for your peers).
Oh yeah, I'd never not do it on "real routers", but these are anycast nodes advertising two prefixes that never change (only might go away or reappear), so I'm not concerned. CPU churn at these nodes is minimal anyway, but hey, what's two more tables, right? ;-)
Thanks for your kind help folks!
To clarify, the suggestion is about reducing the burden on the peers of your anycast nodes :-) And as bonus - it probably resolves your logging issue! Win/win TWO BIRDS WITH ONE STONE *flies away* Kind regards, Job
Hi Jana, bird-users@network.cz (Jana Babovakova via Bird-users) wrote:
import or export table is a command to note, that the routes will be locally stored in a table for import or export. So you do not need to write it down, it's just a switch.
Check the documentation for BGP https://bird.nic.cz/doc/bird-2.16.2.html#bgp and tag "import table switch".
Thanks - that makes it clearer. I'll have to live with the log entries for the near future and might look at implementing received-tables. Btw, as came up yesterday - I'd like to emphasize the necessity of being able to configure log output on a more granular level. Perhaps there's something in the works already? Yours, Elmar.
On Wed, May 21, 2025 at 12:24:48PM +0000, Elmar K. Bins wrote:
Hi Jana,
bird-users@network.cz (Jana Babovakova via Bird-users) wrote:
import or export table is a command to note, that the routes will be locally stored in a table for import or export. So you do not need to write it down, it's just a switch.
Check the documentation for BGP https://bird.nic.cz/doc/bird-2.16.2.html#bgp and tag "import table switch".
Thanks - that makes it clearer. I'll have to live with the log entries for the near future and might look at implementing received-tables.
Btw, as came up yesterday - I'd like to emphasize the necessity of being able to configure log output on a more granular level. Perhaps there's something in the works already?
I think you just need to add 2 lines / 4 words to your configuration: See slide 18 https://ripe87.ripe.net/presentations/25-2023_11_27_ripe_bird_tutorial.pdf protocol bgp { ipv6 { table master6; import table; /* keep received routes */ export table; ... }; ipv4 { table master4; import table; /* keep received routes */ export table; ... }; ... } Kind regards, Job
Dear El Mar. I'm glad it makes sense now. To the logging issue. We have an option how to add more messages using the 'debug' in the conf file :). Otherwise, any functionality to reduce the number of messages in a log file is not available now. There are some plans about that for the future, but not a priority now. Happy routing, Jana Jana Babovakova (she/her) | BIRD Tech Support | CZ.NIC, z.s.p.o. On 21. 05. 25 14:24, Elmar K. Bins wrote:
Hi Jana,
bird-users@network.cz (Jana Babovakova via Bird-users) wrote:
import or export table is a command to note, that the routes will be locally stored in a table for import or export. So you do not need to write it down, it's just a switch.
Check the documentation for BGPhttps://bird.nic.cz/doc/bird-2.16.2.html#bgp and tag "import table switch". Thanks - that makes it clearer. I'll have to live with the log entries for the near future and might look at implementing received-tables.
Btw, as came up yesterday - I'd like to emphasize the necessity of being able to configure log output on a more granular level. Perhaps there's something in the works already?
Yours, Elmar.
Dear Elmar, it seems you have missing an "import table on" here. Please see the documentation https://bird.nic.cz/doc/bird-2.16.2.html#rpki, "rpki reload switch": ... "Note that for BGP channels, automatic reload requires import table <https://bird.nic.cz/doc/bird-2.16.2.html#bgp-import-table> or export table <https://bird.nic.cz/doc/bird-2.16.2.html#bgp-export-table> (for respective direction)." I hope this helps. Please let me know if you need anything more. Kind regards, Jana Jana Babovakova (she/her) | BIRD Tech Support | CZ.NIC, z.s.p.o. On 21. 05. 25 10:49, Elmar K. Bins wrote:
Hi folks, again,
In my logs, I'm seeing a lot of
<peer>: Automatic RPKI reload not active for import
I could not find any explanation what that would mean, or whether it is a problem...
Can somebody help?
Thanks, Elmar.
participants (3)
-
Elmar K. Bins -
Jana Babovakova -
Job Snijders