Hi, I'm setting up bird6 as core IPv6 BGP router and in order to annunce my subnet aggregated i used the blackhole method: protocol static { route 2a01:9c01::/32 drop; } but when i started bird i keep getting this error: bird6: device1: Scanning interfaces bird6: kernel1: Scanning routing table bird6: kernel1: Pruning table master bird6: kernel1: 2a01:9c01::/32: reinstalling bird6: Netlink: No such device bird6: kernel1: Pruning inherited routes it seems that linux doesn't allow to set blackhole ipv6 routes without specifing the device: root@:~# ip -f inet6 route add blackhole 2a01:9c01::/32 RTNETLINK answers: No such device if I append dev lo the route inserts without problems. This error does not happen with reject and so protocol static { route 2a01:9c01::/32 reject; } works like a charm. There is a way to solve this issue? Or maybe you can consider allowing to specify device in route drop command. Regards. G.Ravasio
On Wed, Feb 23, 2011 at 11:35:20AM +0100, Giuseppe Ravasio wrote:
it seems that linux doesn't allow to set blackhole ipv6 routes without specifing the device: root@:~# ip -f inet6 route add blackhole 2a01:9c01::/32 RTNETLINK answers: No such device
if I append dev lo the route inserts without problems.
This error does not happen with reject and so
protocol static { route 2a01:9c01::/32 reject; }
works like a charm.
I checked that (but on older kernel, 2.6.23.16) and it seems that blackhole and prohibit targets are not implemented for IPv6. They requires a device, but when the loop device is specified, the same unreachable route is created. I will check that on a newer kernel. What results did you have when you created blackhole route with a device? If it is not really working, the easiest workaround would be to just use reject route. -- Elen sila lumenn' omentielvo Ondrej 'SanTiago' Zajicek (email: santiago@crfreenet.org) OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net) "To err is human -- to blame it on a computer is even more so."
On 02/24/2011 12:22 PM, Ondrej Zajicek wrote:
On Wed, Feb 23, 2011 at 11:35:20AM +0100, Giuseppe Ravasio wrote:
it seems that linux doesn't allow to set blackhole ipv6 routes without specifing the device: root@:~# ip -f inet6 route add blackhole 2a01:9c01::/32 RTNETLINK answers: No such device
if I append dev lo the route inserts without problems.
This error does not happen with reject and so
protocol static { route 2a01:9c01::/32 reject; }
works like a charm.
I checked that (but on older kernel, 2.6.23.16) and it seems that blackhole and prohibit targets are not implemented for IPv6. They requires a device, but when the loop device is specified, the same unreachable route is created.
On Ubuntu 10.04LTS: root@pacman:~# uname -a Linux pacman 2.6.32-25-generic #45-Ubuntu SMP Sat Oct 16 19:52:42 UTC 2010 x86_64 GNU/Linux 1) Setup blackhole without device: root@pacman:~# ip -6 route add blackhole 2a01:9c11::/32 RTNETLINK answers: No such device 2) Setup blackhole with loopback device: root@pacman:~# ip -6 route add blackhole 2a01:9c11::/32 dev lo root@pacman:~# ip -6 route unreachable 2a01:9c11::/32 dev lo metric 1024 error -101 mtu 16436 advmss 16376 hoplimit 4294967295 3) Setup unreachable works in both ways The intresting thing is that in test 2 the route is set as unreachable even if i set it to blaskhole...
If it is not really working, the easiest workaround would be to just use reject route.
It's exactly what I made and it seems to work well. Bye Beppe
participants (2)
-
Giuseppe Ravasio -
Ondrej Zajicek