BGP with BIRD2 and MikroTik CCR1072-1G-8S+
Hi list, I'm configuring a MikroTik CCR1072-1G-8S+ router (6.47.10) and BIRD2 (2.0.7) to do BGP. The initial configuration is was very simple:
protocol bgp downstream { local REDACTED as REDACTED; neighbor REDACTED as REDACTED;
hold time 30; keepalive time 60; }
And:
0 ;;; Upstream IPv4 transit name="bgp0" instance=default remote-address=REDACTED remote-as=REDACTED tcp-md5-key="" nexthop-choice=default multihop=no route-reflect=no hold-time=30s keepalive-time=1m ttl=255 in-filter="" out-filter="" address-families=ip update-source=REDACTED default-originate=never remove-private-as=no as-override=no passive=no use-bfd=no
I got messages such as *Error: Required capability missing* so enabled debugging on both ends. Debugging showed (MikroTik's end):
06:10:33 route,bgp,debug Unsupported capability received, code: 64 06:10:33 route,bgp,debug Unsupported capability received, code: 70 06:10:33 route,bgp,debug Unsupported capability received, code: 71
So I added to the configuration (hopefully the right switches):
graceful restart off; enable route refresh off; long lived graceful restart off;
Unfortunately it's still not working. Debugging (BIRD2's end) is showing:
Jun 18 09:51:16 router bird: downstream: Connected Jun 18 09:51:16 router bird: downstream: Sending OPEN(*ver=4*,as=REDACTED,hold=30,id=5914a2f9) Jun 18 09:51:16 router bird: downstream: Got OPEN(as=23456,hold=30,id=185.173.132.2) Jun 18 09:51:16 router bird: downstream: Error: Required capability missing Jun 18 09:51:16 router bird: downstream: State changed to stop Jun 18 09:51:16 router bird: downstream: Sending NOTIFICATION(code=2.7) Jun 18 09:51:16 router bird: downstream: Down
I suspected the ver=4 is the problem so I've added:
advertise ipv4 off;
But alas, BIRD2 is now complaining:
Reading configuration from /etc/bird/bird.conf /etc/bird/bird.conf:217:2 syntax error, unexpected ADVERTISE
Please advice what to do. I'm afraid I'm a little stuck. Thanks! Cheers, Kees -- https://nefos.nl/contact <https://nefos.nl/contact> Nefos IT bv Ambachtsweg 25 (industrienummer 4217) 5627 BZ Eindhoven Nederland KvK 66494931 /Bereikbaar op maandag, dinsdag, woensdag en vrijdag tussen 09:00u en 17:00u./
Hi list, Using tcpdump(8) I was able to pin point the issue. Please note the difference (BIRD):
Optional parameters, length: 8 Option Capabilities Advertisement (2), length: 6 32-Bit AS Number (65), length: 4 4 Byte AS REDACTED 0x0000: 0000 9b06
and the MikroTik:
Optional parameters, length: 16 Option Capabilities Advertisement (2), length: 14 Route Refresh (2), length: 0 32-Bit AS Number (65), length: 4 4 Byte AS REDACTED 0x0000: 0003 280d Multiprotocol Extensions (1), length: 4 AFI IPv4 (1), SAFI Unicast (1) 0x0000: 0001 0001
I can work around the problem by adding a IPv4 and IPv6 channel and enable IPv6 on the MikroTik as well. Then the messaging is as such:
Open Message (1), length: 49 Version 4, my AS REDACTED, Holdtime 240s, ID REDACTED Optional parameters, length: 20 Option Capabilities Advertisement (2), length: 18 Multiprotocol Extensions (1), length: 4 AFI IPv4 (1), SAFI Unicast (1) 0x0000: 0001 0001 Multiprotocol Extensions (1), length: 4 AFI IPv6 (2), SAFI Unicast (1) 0x0000: 0002 0001 32-Bit AS Number (65), length: 4 4 Byte AS REDACTED 0x0000: 0000 9b06
Is it possible to configure BIRD2 to enforce Multiprotocol Extensions when only IPv4 is in use? Cheers, Kees On 18-06-2021 09:57, Kees Meijs | Nefos wrote:
Please advice what to do. I'm afraid I'm a little stuck.
On Fri, Jun 18, 2021 at 11:12:39AM +0200, Kees Meijs | Nefos wrote:
Hi list,
Using tcpdump(8) I was able to pin point the issue.
Please note the difference (BIRD):
Optional parameters, length: 8 Option Capabilities Advertisement (2), length: 6 32-Bit AS Number (65), length: 4 4 Byte AS REDACTED 0x0000: 0000 9b06
and the MikroTik:
Optional parameters, length: 16 Option Capabilities Advertisement (2), length: 14 Route Refresh (2), length: 0 32-Bit AS Number (65), length: 4 4 Byte AS REDACTED 0x0000: 0003 280d Multiprotocol Extensions (1), length: 4 AFI IPv4 (1), SAFI Unicast (1) 0x0000: 0001 0001
I can work around the problem by adding a IPv4 and IPv6 channel and enable IPv6 on the MikroTik as well.
Is it possible to configure BIRD2 to enforce Multiprotocol Extensions when only IPv4 is in use?
Hi Perhaps you have no channel configured? AFAIK if there is only IPv4 channel, BIRD still announces multiprotocol capability with IPv4 AFI.
I suspected the ver=4 is the problem so I've added:
advertise ipv4 off;
But alas, BIRD2 is now complaining:
Seems like a bug in documentation, this option was removed during bird1 -> bird2 transition, but should not matter. -- Elen sila lumenn' omentielvo Ondrej 'Santiago' Zajicek (email: santiago@crfreenet.org) OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net) "To err is human -- to blame it on a computer is even more so."
Hi Ondrej, Thank you very much. For as test I removed the IPv6 channel and sniffed the packets again. As you expected IPv4 AFI was listed and (after fixing the MikroTik IPv6 AFI, obviously) stuff kept working. Very likely I didn't have channels, early in the process. Cheers, Kees On 18-06-2021 17:13, Ondrej Zajicek wrote:
On Fri, Jun 18, 2021 at 11:12:39AM +0200, Kees Meijs | Nefos wrote:
Hi list,
Using tcpdump(8) I was able to pin point the issue.
Please note the difference (BIRD):
Optional parameters, length: 8 Option Capabilities Advertisement (2), length: 6 32-Bit AS Number (65), length: 4 4 Byte AS REDACTED 0x0000: 0000 9b06
and the MikroTik:
Optional parameters, length: 16 Option Capabilities Advertisement (2), length: 14 Route Refresh (2), length: 0 32-Bit AS Number (65), length: 4 4 Byte AS REDACTED 0x0000: 0003 280d Multiprotocol Extensions (1), length: 4 AFI IPv4 (1), SAFI Unicast (1) 0x0000: 0001 0001 I can work around the problem by adding a IPv4 and IPv6 channel and enable IPv6 on the MikroTik as well.
Is it possible to configure BIRD2 to enforce Multiprotocol Extensions when only IPv4 is in use? Hi
Perhaps you have no channel configured? AFAIK if there is only IPv4 channel, BIRD still announces multiprotocol capability with IPv4 AFI.
I suspected the ver=4 is the problem so I've added:
advertise ipv4 off; But alas, BIRD2 is now complaining:
Seems like a bug in documentation, this option was removed during bird1 -> bird2 transition, but should not matter.
participants (2)
-
Kees Meijs | Nefos -
Ondrej Zajicek