Hi! I'm trying configure BIRD 1.3.6 on Centos 5.8. I have 2 routing tables. In default table I've routes imported from kernel, static and direct protocols: root@tomasz:~# ip ro s 10.110.10.5 dev eth0 proto bird 192.168.100.0/24 dev virbr1 proto kernel scope link src 192.168.100.1 10.110.10.0/24 dev eth0 proto kernel scope link src 10.110.10.27 192.168.122.0/24 dev virbr0 proto kernel scope link src 192.168.122.1 169.254.0.0/16 dev eth0 scope link metric 1000 default via 10.110.10.1 dev eth0 metric 100 root@tomasz:~# birdc BIRD 1.3.6 ready. bird> show route 0.0.0.0/0 via 10.110.10.1 on eth0 [kernel1 12:55] * (10) 192.168.100.0/24 dev virbr1 [direct1 12:55] * (240) 192.168.122.0/24 dev virbr0 [direct1 12:55] * (240) 10.110.10.5/32 dev eth0 [static1 12:55] * (200) 10.110.10.0/24 dev eth0 [direct1 12:55] * (240) Now, I would like to copy them to table 'testable'. Pipe protocol is configured with import all and export all filters. Bird's table testable includes all routes according to filters, but only static routes are exported to kernel2 table testable: bird> show route table testable 0.0.0.0/0 via 10.110.10.1 on eth0 [kernel1 12:55] * (10) 192.168.100.0/24 dev virbr1 [direct1 12:55] * (240) 192.168.122.0/24 dev virbr0 [direct1 12:55] * (240) 10.110.10.5/32 dev eth0 [static1 12:55] * (200) 10.110.10.0/24 dev eth0 [direct1 12:55] * (240) bird> q root@tomasz:~# ip ro s table testable 10.110.10.5 dev eth0 proto bird default via 10.110.10.1 dev eth0 proto bird In debug logs I spotted lines: Mar 15 12:55:53 tomasz bird: pipe1 < added 192.168.100.0/24 dev virbr1 Mar 15 12:55:53 tomasz bird: pipe1 < rejected by protocol 192.168.100.0/24 dev virbr1 It seems to be filtered out by krt_import_control() in krt.c. I prepare dirty hack as below and routes are propagated as I want. diff --git a/sysdep/unix/krt.c b/sysdep/unix/krt.c index 0fb8c4f..55a1a0a 100644 --- a/sysdep/unix/krt.c +++ b/sysdep/unix/krt.c @@ -770,7 +770,7 @@ krt_import_control(struct proto *P, rte **new, ea_list **attrs, struct linpool * if (!KRT_CF->devroutes && (e->attrs->dest == RTD_DEVICE) && - (e->attrs->source != RTS_STATIC_DEVICE)) + (!(e->attrs->source == RTS_STATIC_DEVICE || e->attrs->source == RTS_DEVICE))) return -1; if (!krt_capable(e)) Is there any reason to not accept routes other than RTS_STATIC_DEVICE, assuming that possible loops are filtered out? Is other approach for this issue? The same problem occurs when routes origin from OSPF. Minimal config which problem occurs on: router id 10.110.10.27; table testable; debug protocols all; protocol direct { interface "*"; export all; } protocol kernel { learn; # Learn all alien routes from the kernel persist; # Don't remove routes on bird shutdown scan time 20; # Scan kernel routing table every 20 seconds export all; # Default is export none } protocol kernel { table testable; persist; # Don't remove routes on bird shutdown scan time 20; # Scan kernel routing table every 20 seconds export all; # Default is export none kernel table 252; # Kernel table to synchronize with (default: main) } protocol device { scan time 10; # Scan interfaces every 10 seconds } protocol static { route 10.110.10.5/32 via "eth0"; } protocol pipe { peer table testable; import all; # default is all export all; # default is none } -- Best Regards, Tomasz Głuch groups @ tomaszgluch.pl
Hi Thomasz, Le jeudi 15 mars 2012 à 15:14 +0100, Tomasz Głuch a écrit :
Is there any reason to not accept routes other than RTS_STATIC_DEVICE, assuming that possible loops are filtered out? Is other approach for this issue? The same problem occurs when routes origin from OSPF.
It's not that bird only allow static protocols, it's just that bird won't export device routes to kernel tables by default. See the “device routes” switch here http://bird.network.cz/?get_doc&f=bird-6.html#ss6.4 You're not the first one to stumble on this; could a clearer message be emitted when such situation occurs? Still, I don't understand why it even allows the static device route. Maybe because it's a host address? Regards, Benjamin
On czw, mar 15, 2012 at 05:33:19 +0100, Benjamin Cama wrote:
Hi Thomasz,
Le jeudi 15 mars 2012 à 15:14 +0100, Tomasz Głuch a écrit :
Is there any reason to not accept routes other than RTS_STATIC_DEVICE, assuming that possible loops are filtered out? Is other approach for this issue? The same problem occurs when routes origin from OSPF.
It's not that bird only allow static protocols, it's just that bird won't export device routes to kernel tables by default. See the “device routes” switch here http://bird.network.cz/?get_doc&f=bird-6.html#ss6.4 Thank you for help. Actually, enabling 'device routes' solved problem. I came across this term before, but I've change to many parameters at once to notice the difference.
You're not the first one to stumble on this; could a clearer message be emitted when such situation occurs? It's my first attempt to use Bird. Added and successive 'rejected by protocol' routes was confusing me and redirect my attention to incorrect way. It seems to be clear now after careful reading paragraph from link above. I hadn't associate 'device routes' option with routes from 'direct' protocol. Some short information in chapter about Direct protocol could be sufficient.
Still, I don't understand why it even allows the static device route. Maybe because it's a host address?
According to argumentation from linked paragraph, static routes are not managed by kernel, so there is no reason to exclude them, but I could be wrong.
Regards, Benjamin
-- Best regards, Tomasz Głuch
On Thu, Mar 15, 2012 at 08:56:49PM +0100, Tomasz Głuch wrote:
On czw, mar 15, 2012 at 05:33:19 +0100, Benjamin Cama wrote:
Hi Thomasz,
Le jeudi 15 mars 2012 ?? 15:14 +0100, Tomasz Głuch a écrit :
Is there any reason to not accept routes other than RTS_STATIC_DEVICE, assuming that possible loops are filtered out? Is other approach for this issue? The same problem occurs when routes origin from OSPF.
It's not that bird only allow static protocols, it's just that bird won't export device routes to kernel tables by default. See the ???device routes??? switch here http://bird.network.cz/?get_doc&f=bird-6.html#ss6.4 Thank you for help. Actually, enabling 'device routes' solved problem. I came across this term before, but I've change to many parameters at once to notice the difference.
Still, I don't understand why it even allows the static device route. Maybe because it's a host address?
According to argumentation from linked paragraph, static routes are not managed by kernel, so there is no reason to exclude them, but I could be wrong.
They are allowed because there is a no big risk of inadvertently mangling with kernel device routes if an user have to explicitly configure that device route in the static protocol. -- Elen sila lumenn' omentielvo Ondrej 'SanTiago' Zajicek (email: santiago@crfreenet.org) OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net) "To err is human -- to blame it on a computer is even more so."
On Thu, Mar 15, 2012 at 03:14:31PM +0100, Tomasz Głuch wrote:
Is there any reason to not accept routes other than RTS_STATIC_DEVICE, assuming that possible loops are filtered out? Is other approach for this issue? The same problem occurs when routes origin from OSPF.
This is here mainly to prevent people from inadvertently overwriting kernel supplied device routes (which could be easily done if you just export all routes to kernel and have device routes from direct or OSPF in the table). When BIRD goes down, it cleans up its routes so it would left the system in not really working state. You could use 'device routes' kernel option (which is the KRT_CF->devroutes condition) to disable it. Perhaps we should add some warning here. Or we should apply that only for main kernel table, where kernel device routes are. -- Elen sila lumenn' omentielvo Ondrej 'SanTiago' Zajicek (email: santiago@crfreenet.org) OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net) "To err is human -- to blame it on a computer is even more so."
participants (3)
-
Benjamin Cama -
Ondrej Zajicek -
Tomasz Głuch