Hi, FreeBSD 8.2 and Bird 1.3.3. I do my internal peering between routes on loopback interfaces. All the loopback interfaces is announced over ospf. To be able to get an bgp session the 'multi hop 4;' is needed. The question I have is what value should the 'next hop' be? I would like to have it to the neighbour address of the peering session but it seems it always the nearest physical network interface address (to the neighbour) that's 'next hop'. I did even try with setting bgp_next_hop=10.10.10.11; within the filter of the bgp protocol but that did not work. -- //fredan
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 fredrik danerklint wrote:
Hi,
FreeBSD 8.2 and Bird 1.3.3.
I do my internal peering between routes on loopback interfaces. All the loopback interfaces is announced over ospf.
To be able to get an bgp session the 'multi hop 4;' is needed.
The question I have is what value should the 'next hop' be? I would like to have it to the neighbour address of the peering session but it seems it always the nearest physical network interface address (to the neighbour) that's 'next hop'. RFC recommendation for IBGP session tells us:
When sending a message to an internal peer, if the route is not locally originated, the BGP speaker SHOULD NOT modify the NEXT_HOP attribute unless it has been explicitly configured to announce its own IP address as the NEXT_HOP (RFC 4271 clause 5.1.3) You can alter next hop via 'next hop self' config option. It will set next hop address to whatever you configure in 'source address' option.
I did even try with setting bgp_next_hop=10.10.10.11; within the filter of the bgp protocol but that did not work.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.14 (FreeBSD) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEUEARECAAYFAk6GOCAACgkQwcJ4iSZ1q2m57ACgpv1gl0VSUgCixURRqgvmlXFt oXYAmM+rgixhVANtjO4YTXkidjp+FmE= =ZXQz -----END PGP SIGNATURE-----
I already have the 'next hop self;' set in both of the routers. still no luck.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
fredrik danerklint wrote:
Hi,
FreeBSD 8.2 and Bird 1.3.3.
I do my internal peering between routes on loopback interfaces. All the loopback interfaces is announced over ospf.
To be able to get an bgp session the 'multi hop 4;' is needed.
The question I have is what value should the 'next hop' be? I would like to have it to the neighbour address of the peering session but it seems it always the nearest physical network interface address (to the neighbour) that's 'next hop'.
RFC recommendation for IBGP session tells us:
When sending a message to an internal peer, if the route is not locally originated, the BGP speaker SHOULD NOT modify the NEXT_HOP attribute unless it has been explicitly configured to announce its own IP address as the NEXT_HOP (RFC 4271 clause 5.1.3)
You can alter next hop via 'next hop self' config option. It will set next hop address to whatever you configure in 'source address' option.
I did even try with setting bgp_next_hop=10.10.10.11; within the filter of the bgp protocol but that did not work.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.14 (FreeBSD) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEUEARECAAYFAk6GOCAACgkQwcJ4iSZ1q2m57ACgpv1gl0VSUgCixURRqgvmlXFt oXYAmM+rgixhVANtjO4YTXkidjp+FmE= =ZXQz -----END PGP SIGNATURE-----
-- //fredan
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 fredrik danerklint wrote:
I already have the 'next hop self;' set in both of the routers. still no luck.
Can you show BGP configuration block on both routers? It would be great to see 'show route [table XXX] for some_prefix_advertised_by_router1 all' on both routers, too
fredrik danerklint wrote:
Hi,
FreeBSD 8.2 and Bird 1.3.3.
I do my internal peering between routes on loopback interfaces. All the loopback interfaces is announced over ospf.
To be able to get an bgp session the 'multi hop 4;' is needed.
The question I have is what value should the 'next hop' be? I would like to have it to the neighbour address of the peering session but it seems it always the nearest physical network interface address (to the neighbour) that's 'next hop'. RFC recommendation for IBGP session tells us:
When sending a message to an internal peer, if the route is not locally originated, the BGP speaker SHOULD NOT modify the NEXT_HOP attribute unless it has been explicitly configured to announce its own IP address as the NEXT_HOP (RFC 4271 clause 5.1.3)
You can alter next hop via 'next hop self' config option. It will set next hop address to whatever you configure in 'source address' option.
I did even try with setting bgp_next_hop=10.10.10.11; within the filter of the bgp protocol but that did not work.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.14 (FreeBSD) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk6GPCYACgkQwcJ4iSZ1q2lIRQCgjFZRx+z5RxgbUQr6ukrIMyh1 EYkAoKe5FnZ4nTf9zRwCzMirpNb0cmS0 =UA3u -----END PGP SIGNATURE-----
Setup: Transit <-> CR2 <-> ER2 Loopback addressess: CR2 has the ip adress of xx.xx.xx.2/32. ER2 has the ip adress of xx.xx.xx.4/32. Network link: CR2 has the ip address xx.xx.xx.201/30 ER2 has the ip address xx.xx.xx.202/30 All announced via ospf so ping and traceroute does work between each other. bird> show route for 77.73.232.6 all 77.73.232.0/21 via xx.xx.xx.201 on igb2 [b4_sekkaa_1_cr2 2011-09-30 22:18:34 from xx.xx.xx.2] * (100/6) [AS42678i] Type: BGP unicast univ BGP.origin: IGP BGP.as_path: 35706 8359 25513 42678 BGP.next_hop: xx.xx.xx.2 BGP.med: 0 BGP.local_pref: 100 $netstat -rn | grep 77.73.232.0/21 77.73.232.0/21 xx.xx.xx.201 UG1 0 0 igb2 protocol bgp b4_sekkaa_1_cr2 { description "sekkaa-1-cr2"; import filter { accept; }; export filter { accept; }; interpret communities off; local as my_as; default bgp_med 0; default bgp_local_pref 200; neighbor xx.xx.xx.2 as 52011; source address xx.xx.xx.4; start delay time 30; next hop self; multihop 4; } This is from the internal router ER2.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
fredrik danerklint wrote:
I already have the 'next hop self;' set in both of the routers. still no luck.
Can you show BGP configuration block on both routers?
It would be great to see 'show route [table XXX] for some_prefix_advertised_by_router1 all' on both routers, too
fredrik danerklint wrote:
Hi,
FreeBSD 8.2 and Bird 1.3.3.
I do my internal peering between routes on loopback interfaces. All the loopback interfaces is announced over ospf.
To be able to get an bgp session the 'multi hop 4;' is needed.
The question I have is what value should the 'next hop' be? I would like to have it to the neighbour address of the peering session but it seems it always the nearest physical network interface address (to the neighbour) that's 'next hop'.
RFC recommendation for IBGP session tells us:
When sending a message to an internal peer, if the route is not
locally originated, the BGP speaker SHOULD NOT modify the NEXT_HOP attribute unless it has been explicitly configured to announce its own IP address as the NEXT_HOP
(RFC 4271 clause 5.1.3)
You can alter next hop via 'next hop self' config option. It will set next hop address to whatever you configure in 'source address' option.
I did even try with setting bgp_next_hop=10.10.10.11; within the filter of the bgp protocol but that did not work.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.14 (FreeBSD) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAk6GPCYACgkQwcJ4iSZ1q2lIRQCgjFZRx+z5RxgbUQr6ukrIMyh1 EYkAoKe5FnZ4nTf9zRwCzMirpNb0cmS0 =UA3u -----END PGP SIGNATURE-----
-- //fredan
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 fredrik danerklint wrote:
Setup:
Transit <-> CR2 <-> ER2
Loopback addressess: CR2 has the ip adress of xx.xx.xx.2/32. ER2 has the ip adress of xx.xx.xx.4/32.
Network link: CR2 has the ip address xx.xx.xx.201/30 ER2 has the ip address xx.xx.xx.202/30
All announced via ospf so ping and traceroute does work between each other.
bird> show route for 77.73.232.6 all 77.73.232.0/21 via xx.xx.xx.201 on igb2 [b4_sekkaa_1_cr2 2011-09-30 Real (announced to kernel) nexthop is xx.xx.xx.201 22:18:34 from xx.xx.xx.2] * (100/6) [AS42678i] Type: BGP unicast univ BGP.origin: IGP BGP.as_path: 35706 8359 25513 42678 BGP.next_hop: xx.xx.xx.2 CR2 announces you its source (loopback) address which is OK BGP.med: 0 BGP.local_pref: 100
Since your session is multihop and (at least FreeBSD) kernel can't resolve recursive routes this is done by bird (gateway recursive is set in this case). It changes received gateway with gateway via which xx.xx.xx.2 is directly reachable. This is xx.xx.xx.201. I can't see any problem here. Please correct me if I'm wrong.
$netstat -rn | grep 77.73.232.0/21 77.73.232.0/21 xx.xx.xx.201 UG1 0 0 igb2
protocol bgp b4_sekkaa_1_cr2 { description "sekkaa-1-cr2"; import filter { accept; }; export filter { accept; };
interpret communities off; local as my_as; default bgp_med 0; default bgp_local_pref 200; neighbor xx.xx.xx.2 as 52011; source address xx.xx.xx.4; start delay time 30; next hop self; multihop 4; }
This is from the internal router ER2.
fredrik danerklint wrote:
I already have the 'next hop self;' set in both of the routers. still no luck. Can you show BGP configuration block on both routers?
It would be great to see 'show route [table XXX] for some_prefix_advertised_by_router1 all' on both routers, too
fredrik danerklint wrote:
> Hi, > > FreeBSD 8.2 and Bird 1.3.3. > > I do my internal peering between routes on loopback interfaces. > All the loopback interfaces is announced over ospf. > > To be able to get an bgp session the 'multi hop 4;' is needed. > > The question I have is what value should the 'next hop' be? I would > like to have it to the neighbour address of the peering session but > it seems it always the nearest physical network interface address (to > the neighbour) that's 'next hop'. RFC recommendation for IBGP session tells us:
When sending a message to an internal peer, if the route is not
locally originated, the BGP speaker SHOULD NOT modify the NEXT_HOP attribute unless it has been explicitly configured to announce its own IP address as the NEXT_HOP
(RFC 4271 clause 5.1.3)
You can alter next hop via 'next hop self' config option. It will set next hop address to whatever you configure in 'source address' option.
> I did even try with setting bgp_next_hop=10.10.10.11; within the > filter of the bgp protocol but that did not work.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.14 (FreeBSD) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk6GR2kACgkQwcJ4iSZ1q2lDXQCfQLuz4UEQWdr8AOnGKjJVlewD 6P4AnR9mPE06cgvTKDFWmamAxECHjYh0 =KNFI -----END PGP SIGNATURE-----
Since your session is multihop and (at least FreeBSD) kernel can't resolve recursive routes this is done by bird (gateway recursive is set in this case). It changes received gateway with gateway via which xx.xx.xx.2 is directly reachable. This is xx.xx.xx.201.
I can't see any problem here. Please correct me if I'm wrong.
No, I don't think you're wrong. All I would like to know that this is the correct behaviour. -- //fredan
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 fredrik danerklint wrote:
Since your session is multihop and (at least FreeBSD) kernel can't resolve recursive routes this is done by bird (gateway recursive is set in this case). It changes received gateway with gateway via which xx.xx.xx.2 is directly reachable. This is xx.xx.xx.201.
I can't see any problem here. Please correct me if I'm wrong.
No, I don't think you're wrong.
All I would like to know that this is the correct behaviour. Yes, this is correct bird behavior :)
-----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.14 (FreeBSD) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk6GTYMACgkQwcJ4iSZ1q2kUNACgo5RiRt8+I7591eKBM4z6WL/e gEcAoI+QO2au2dEFIUj82Vr3B3pfXKOq =vGPj -----END PGP SIGNATURE-----
participants (2)
-
Alexander V. Chernikov -
fredrik danerklint