Hi, I'm testing bird, using RIP, and I've stumbled on a problem. It seems that it wants to export every route that comes via RIP, while I only want to export one. I'll explain. We've got two boxes: box A is a firewall, and gives Internet access to a LAN behind it (directly attached to a box's ethernet) that we'll call network 1; bird is installed here. Box B is also a firewall, but gives Internet access to several networks; let's call them networks 2, 3 and 4; we're using Quagga in this one. They are connected via IPSec in transport mode, and the real communication goes through a GRE tunnel. Bird is set to use this tunnel to propagate routes between the two points. The aim of this is to have a failsafe link: both extremes have a static route with lower priority defined in bird's configuration, so if Internet connectivity is lost they rely on a point-to-point link (more expensive). But when there is normal connectivity, box A will transmit the route to network 1 via RIP, and box B will transmit the routes to networks 2, 3 and 4 via RIP too. This is also done to ease maintenance: when there is another network behind box B, we just have to add it to RIP and it propagates to box A, connecting all networks. There are other circumstances that motivate this use of RIP, but they don't matter right now :-) So, the ideal situation would be that bird on box A transmitted the route to network 1 via RIP, and that it imported the routes to network 2, 3 and 4 via RIP too. But what happens is that it exports the route to network 1 ... and to whatever route it receives via RIP. This means that box A is exporting via RIP the routes to networks 1, 2, 3 and 4, while only network 1 is its "own" route (because it has a IP in that network). This is the configuration that I have in RIP: protocol rip { preference 200; interface "tun00rg" { mode multicast; }; authentication none; import where source = RTS_RIP; export filter { if net ~ 172.16.10.0/24 then accept; else reject; }; period 10; garbage time 45; timeout time 15; } Network 1 is 172.16.10.0/24. I think that maybe I'm missing something in how filters work, or what's the behaviour of "import" and "export", but I've tried all combinations and I'm a bit lost :-) Am I doing something wrong? Is this some bug/feature of bird that I'm not aware of? Am I just not using the right filters? I've put just the configuration of RIP, but I can put the rest of the configuration file, and even tcpdump captures of the RIP transmissions. Ask freely. Thanks in advance :-) -- Roberto Suarez Soto Allenta Consulting robe@allenta.com www.allenta.com