Hello, I'm trying to advertise bgpflowspec route from sflow-rt to bird. I have only "Import withdraws" although I send updates routes. Can you help me please ? bird> show protocol all sflow Name Proto Table State Since Info sflow BGP --- up 15:33:04.256 Established BGP state: Established Neighbor address: 192.168.10.3 Neighbor AS: 65000 Local AS: 65000 Neighbor ID: 192.168.10.3 Local capabilities Multiprotocol AF announced: ipv4 flow4 Route refresh Graceful restart 4-octet AS numbers Enhanced refresh Long-lived graceful restart Neighbor capabilities Multiprotocol AF announced: ipv4 ipv6 flow4 flow6 4-octet AS numbers Session: internal multihop AS4 Source address: 192.168.10.2 Hold timer: 122.161/180 Keepalive timer: 33.965/60 Channel flow4 State: UP Table: flowtab4 Preference: 100 Input filter: ACCEPT Output filter: ACCEPT Routes: 0 imported, 0 exported, 0 preferred Route change stats: received rejected filtered ignored accepted Import updates: 0 0 0 0 0 Import withdraws: 4 0 --- 4 0 Export updates: 0 0 0 --- 0 Export withdraws: 0 --- --- --- 0 BGP Next hop: 192.168.10.2 Channel ipv4 State: UP Table: master4 Preference: 100 Input filter: ACCEPT Output filter: ACCEPT Routes: 0 imported, 0 exported, 0 preferred Route change stats: received rejected filtered ignored accepted Import updates: 0 0 0 0 0 Import withdraws: 1 0 --- 1 0 Export updates: 0 0 0 --- 0 Export withdraws: 0 --- --- --- 0 BGP Next hop: 192.168.10.2 IGP IPv4 table: master4 ---- bird.conf : router id 192.168.10.2; flow4 table flowtab4; protocol bgp client1 { debug all; local 192.168.10.2 as 65000; neighbor 192.168.10.1 as 65000; flow4 { import all; export all; }; ipv4 { import all; export all; }; } protocol bgp sflow { debug all; local 192.168.10.2 as 65000; neighbor 192.168.10.3 port 1179 as 65000; flow4 { import all; export all; }; ipv4 { import all; export all; }; }
On Wed, Mar 25, 2020 at 04:30:33PM +0100, vincent.ma@gmx.fr wrote:
Hello,
I'm trying to advertise bgpflowspec route from sflow-rt to bird.
I have only "Import withdraws" although I send updates routes.
Hello This should work without issues. Is there any error message in logs? What is on the other side? -- Elen sila lumenn' omentielvo Ondrej 'Santiago' Zajicek (email: santiago@crfreenet.org) OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net) "To err is human -- to blame it on a computer is even more so."
No error message in log Mar 26 22:15:07 ubuntu bird: sflow: Sending KEEPALIVE Mar 26 22:15:12 ubuntu bird: sflow: Got UPDATE Mar 26 22:15:18 ubuntu bird: sflow: Got KEEPALIVE Mar 26 22:15:29 ubuntu bird: client1: Got KEEPALIVE No error with sFlow-RT I tried directly with a Cisco router the route is well learned. ---- BGP Flowspec route from sFlow-RT to Bird : Frame 3: 144 bytes on wire (1152 bits), 144 bytes captured (1152 bits) Linux cooked capture Internet Protocol Version 4, Src: 192.168.10.3, Dst: 192.168.10.2 Transmission Control Protocol, Src Port: 1179, Dst Port: 40745, Seq: 1, Ack: 20, Len: 76 Border Gateway Protocol - UPDATE Message Marker: ffffffffffffffffffffffffffffffff Length: 76 Type: UPDATE Message (2) Withdrawn Routes Length: 0 Total Path Attribute Length: 53 Path attributes Path Attribute - MP_REACH_NLRI Flags: 0x80, Optional, Non-transitive, Complete 1... .... = Optional: Set .0.. .... = Transitive: Not set ..0. .... = Partial: Not set ...0 .... = Extended-Length: Not set .... 0000 = Unused: 0x0 Type Code: MP_REACH_NLRI (14) Length: 19 Address family identifier (AFI): IPv4 (1) Subsequent address family identifier (SAFI): Flow Spec Filter (133) Next hop network address (0 bytes) Number of Subnetwork points of attachment (SNPA): 0 Network layer reachability information (14 bytes) FLOW_SPEC_NLRI (14 bytes) NRLI length: 13 Filter: Destination prefix filter (10.10.10.10/32) Filter type: Destination prefix filter (1) 10.10.10.10/32 Destination IP filter prefix length: 32 Destination IP filter: 10.10.10.10 Filter: Protocol / Next Header filter (=17) Filter type: Protocol / Next Header filter (3) Operator flags: 0x81, end-of-list, Value length: 1 byte: 1 <<, equal 1... .... = end-of-list: Set .0.. .... = and: Not set ..00 .... = Value length: 1 byte: 1 << (0) .... 0... = Reserved: Not set .... .0.. = less than: Not set .... ..0. = greater than: Not set .... ...1 = equal: Set Decimal value: 17 Filter: Destination port filter (=1004) Filter type: Destination port filter (5) Operator flags: 0x91, end-of-list, Value length: 2 bytes: 1 <<, equal 1... .... = end-of-list: Set .0.. .... = and: Not set ..01 .... = Value length: 2 bytes: 1 << (1) .... 0... = Reserved: Not set .... .0.. = less than: Not set .... ..0. = greater than: Not set .... ...1 = equal: Set Decimal value: 1004 Path Attribute - ORIGIN: IGP Flags: 0x40, Transitive, Well-known, Complete 0... .... = Optional: Not set .1.. .... = Transitive: Set ..0. .... = Partial: Not set ...0 .... = Extended-Length: Not set .... 0000 = Unused: 0x0 Type Code: ORIGIN (1) Length: 1 Origin: IGP (0) Path Attribute - AS_PATH: 65000 Flags: 0x40, Transitive, Well-known, Complete 0... .... = Optional: Not set .1.. .... = Transitive: Set ..0. .... = Partial: Not set ...0 .... = Extended-Length: Not set .... 0000 = Unused: 0x0 Type Code: AS_PATH (2) Length: 6 AS Path segment: 65000 Segment type: AS_SEQUENCE (2) Segment length (number of ASN): 1 AS4: 65000 Path Attribute - LOCAL_PREF: 100 Flags: 0x40, Transitive, Well-known, Complete 0... .... = Optional: Not set .1.. .... = Transitive: Set ..0. .... = Partial: Not set ...0 .... = Extended-Length: Not set .... 0000 = Unused: 0x0 Type Code: LOCAL_PREF (5) Length: 4 Local preference: 100 Path Attribute - EXTENDED_COMMUNITIES Flags: 0xc0, Optional, Transitive, Complete 1... .... = Optional: Set .1.. .... = Transitive: Set ..0. .... = Partial: Not set ...0 .... = Extended-Length: Not set .... 0000 = Unused: 0x0 Type Code: EXTENDED_COMMUNITIES (16) Length: 8 Carried extended communities: (1 community) Flow spec traffic-rate: ASN 0, 0,000 Mbps [Transitive Experimental] Type: Transitive Experimental (0x80) 1... .... = IANA Authority: Allocated on First Come First Serve Basis .0.. .... = Transitive across AS: Transitive Subtype (Experimental): Flow spec traffic-rate (0x06) 2-Octet AS: 0 Rate shaper: 0 Envoyé: jeudi 26 mars 2020 à 12:28 De: "Ondrej Zajicek" <santiago@crfreenet.org> À: vincent.ma@gmx.fr Cc: bird-users@network.cz Objet: Re: BGP FlowSpec Route-reflector On Wed, Mar 25, 2020 at 04:30:33PM +0100, vincent.ma@gmx.fr wrote:
Hello,
I'm trying to advertise bgpflowspec route from sflow-rt to bird.
I have only "Import withdraws" although I send updates routes.
Hello This should work without issues. Is there any error message in logs? What is on the other side? -- Elen sila lumenn' omentielvo Ondrej 'Santiago' Zajicek (email: santiago@crfreenet.org) OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net) "To err is human -- to blame it on a computer is even more so."
On Thu, Mar 26, 2020 at 10:34:15PM +0100, vincent.ma@gmx.fr wrote:
No error message in log
Mar 26 22:15:07 ubuntu bird: sflow: Sending KEEPALIVE Mar 26 22:15:12 ubuntu bird: sflow: Got UPDATE Mar 26 22:15:18 ubuntu bird: sflow: Got KEEPALIVE Mar 26 22:15:29 ubuntu bird: client1: Got KEEPALIVE
No error with sFlow-RT I tried directly with a Cisco router the route is well learned.
Would it be acceptable for you to make multihop BGP connection from sFlow-RT to my IP address, so i could check BIRD behavior? -- Elen sila lumenn' omentielvo Ondrej 'Santiago' Zajicek (email: santiago@crfreenet.org) OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net) "To err is human -- to blame it on a computer is even more so."
On Thu, Mar 26, 2020 at 10:34:15PM +0100, vincent.ma@gmx.fr wrote:
No error message in log
Mar 26 22:15:07 ubuntu bird: sflow: Sending KEEPALIVE Mar 26 22:15:12 ubuntu bird: sflow: Got UPDATE Mar 26 22:15:18 ubuntu bird: sflow: Got KEEPALIVE Mar 26 22:15:29 ubuntu bird: client1: Got KEEPALIVE
No error with sFlow-RT I tried directly with a Cisco router the route is well learned.
Hi Seems like sFlow-RT tool sends flows with local AS (65000) in AS_PATH, although it is IBGP connection and it should just send empty AS_PATH for locally originated update. Such path is filtered-out by BIRD as loop prevention. It would be good to report that to sFlow-RT to fix that, but as a workaround, you can enable 'allow local as' option in BIRD.
Path Attribute - AS_PATH: 65000
-- Elen sila lumenn' omentielvo Ondrej 'Santiago' Zajicek (email: santiago@crfreenet.org) OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net) "To err is human -- to blame it on a computer is even more so."
Hi It works ! Thanks for your help ! Envoyé: lundi 30 mars 2020 à 14:25 De: "Ondrej Zajicek" <santiago@crfreenet.org> À: vincent.ma@gmx.fr Cc: bird-users@network.cz Objet: Re: Re: BGP FlowSpec Route-reflector On Thu, Mar 26, 2020 at 10:34:15PM +0100, vincent.ma@gmx.fr wrote:
No error message in log
Mar 26 22:15:07 ubuntu bird: sflow: Sending KEEPALIVE Mar 26 22:15:12 ubuntu bird: sflow: Got UPDATE Mar 26 22:15:18 ubuntu bird: sflow: Got KEEPALIVE Mar 26 22:15:29 ubuntu bird: client1: Got KEEPALIVE
No error with sFlow-RT I tried directly with a Cisco router the route is well learned.
Hi Seems like sFlow-RT tool sends flows with local AS (65000) in AS_PATH, although it is IBGP connection and it should just send empty AS_PATH for locally originated update. Such path is filtered-out by BIRD as loop prevention. It would be good to report that to sFlow-RT to fix that, but as a workaround, you can enable 'allow local as' option in BIRD.
Path Attribute - AS_PATH: 65000
-- Elen sila lumenn' omentielvo Ondrej 'Santiago' Zajicek (email: santiago@crfreenet.org) OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net) "To err is human -- to blame it on a computer is even more so."
participants (2)
-
Ondrej Zajicek -
vincent.ma@gmx.fr