It looks like working. It accepts the default route while refusing to export it back which is expected to happen.
Maria On 1 August 2024 21:48:36 CEST, Eric Robinson <[email protected]> wrote: >I added that and it listens now! > >I’m not sure what to make of the log notices, though. > >2024-08-01 12:43:15.036 <TRACE> isp2: Started >2024-08-01 12:43:15.036 <TRACE> isp2: Connect delayed by 5 seconds >2024-08-01 12:43:15.036 <TRACE> isp1: Started >2024-08-01 12:43:15.036 <TRACE> isp1: Connect delayed by 5 seconds >2024-08-01 12:43:19.073 <TRACE> isp1: Connecting to <redacted> from local >address <redacted> >2024-08-01 12:43:19.074 <TRACE> isp1: Connected >2024-08-01 12:43:19.074 <TRACE> isp1: Sending >OPEN(ver=4,as=65526,hold=240,id=d8735c8c) >2024-08-01 12:43:19.078 <TRACE> isp1: Connection lost (Connection reset by >peer) >2024-08-01 12:43:19.078 <TRACE> isp1: Connect delayed by 5 seconds >2024-08-01 12:43:19.287 <TRACE> isp2: Connecting to <redacted>from local >address <redacted> >2024-08-01 12:43:19.288 <TRACE> isp2: Connected >2024-08-01 12:43:19.288 <TRACE> isp2: Sending >OPEN(ver=4,as=65526,hold=240,id=d8735c8c) >2024-08-01 12:43:19.494 <TRACE> isp2: Got OPEN(as=23005,hold=180,id=<redacted>) >2024-08-01 12:43:19.494 <TRACE> isp2: Sending KEEPALIVE >2024-08-01 12:43:19.495 <TRACE> isp2: Got KEEPALIVE >2024-08-01 12:43:19.495 <TRACE> isp2: BGP session established >2024-08-01 12:43:19.495 <TRACE> isp2: State changed to up >2024-08-01 12:43:19.495 <TRACE> isp2: Sending END-OF-RIB >2024-08-01 12:43:19.536 <TRACE> isp2: Got UPDATE >2024-08-01 12:43:19.536 <TRACE> isp2.ipv4 > added [best] 0.0.0.0/0 0L 2G >unicast >2024-08-01 12:43:19.536 <TRACE> isp2.ipv4 < rejected by protocol 0.0.0.0/0 0L >2G unicast >2024-08-01 12:43:23.578 <TRACE> isp1: Connecting to <redacted> local address ><redacted> >2024-08-01 12:43:23.578 <TRACE> isp1: Connected >2024-08-01 12:43:23.578 <TRACE> isp1: Sending >OPEN(ver=4,as=65526,hold=240,id=d8735c8c) >2024-08-01 12:43:23.782 <TRACE> isp1: Got OPEN(as=23005,hold=180,id=<redacted>) >2024-08-01 12:43:23.782 <TRACE> isp1: Sending KEEPALIVE >2024-08-01 12:43:23.783 <TRACE> isp1: Got KEEPALIVE >2024-08-01 12:43:23.783 <TRACE> isp1: BGP session established >2024-08-01 12:43:23.783 <TRACE> isp1: State changed to up >2024-08-01 12:43:23.783 <TRACE> isp1.ipv4 < filtered out 0.0.0.0/0 0L 2G >unicast >2024-08-01 12:43:23.783 <TRACE> isp1: Sending END-OF-RIB >2024-08-01 12:43:23.788 <TRACE> isp1: Got UPDATE >2024-08-01 12:43:23.788 <TRACE> isp1.ipv4 > added [best] 0.0.0.0/0 0L 3G >unicast >2024-08-01 12:43:23.788 <TRACE> isp2.ipv4 < filtered out 0.0.0.0/0 0L 3G >unicast >2024-08-01 12:43:23.788 <TRACE> isp1.ipv4 < rejected by protocol 0.0.0.0/0 0L >3G unicast >2024-08-01 12:43:29.463 <TRACE> isp2: Got UPDATE >2024-08-01 12:43:29.463 <TRACE> isp2: Got END-OF-RIB >2024-08-01 12:43:33.765 <TRACE> isp1: Got UPDATE >2024-08-01 12:43:33.765 <TRACE> isp1: Got END-OF-RIB >2024-08-01 12:44:09.966 <TRACE> isp2: Sending KEEPALIVE >2024-08-01 12:44:18.548 <TRACE> isp1: Sending KEEPALIVE >2024-08-01 12:44:29.465 <TRACE> isp2: Got KEEPALIVE >2024-08-01 12:44:33.766 <TRACE> isp1: Got KEEPALIVE >2024-08-01 12:44:57.910 <TRACE> isp2: Sending KEEPALIVE > >It seems to add the default route, then reject it? > >-Eric > >From: Eric Robinson >Sent: Thursday, August 1, 2024 2:26 PM >To: Maria Matejka <[email protected]>; [email protected]; >[email protected] >Subject: RE: Bird 2.14 Starts but Won't Bind to Port 179 > >I do not. Following is the whole config. (The IPs and ASNs are bogus.) > >Our need is simple. We don’t need to advertise any routes. We just need to get >the default route from the ISP and ignore everything else. > >[root@fw9b etc]# cat bird.conf >log "/var/log/bird.log" all; > >router id 4.4.92.140; > >protocol bgp isp1 { > description "BGP with ISP Router 1"; > local as 65111; > neighbor 4.4.92.130%red0 as 23222; > debug all; > ipv4 { > import filter { > if net = 0.0.0.0/0 then accept; > reject; > }; > export none; # Do not export any routes to ISP > next hop self; > }; >} > >protocol bgp isp2 { > description "BGP with ISP Router 2"; > local as 65111; > neighbor 4.4.92.131%red0 as 23222; > debug all; > ipv4 { > import filter { > if net = 0.0.0.0/0 then accept; > reject; > }; > export none; # Do not export any routes to ISP > next hop self; > }; >} > >From: Maria Matejka <[email protected]<mailto:[email protected]>> >Sent: Thursday, August 1, 2024 2:18 PM >To: [email protected]<mailto:[email protected]>; Eric Robinson ><[email protected]<mailto:[email protected]>>; >[email protected]<mailto:[email protected]> >Subject: Re: Bird 2.14 Starts but Won't Bind to Port 179 > >Hello, > >do you have >protocol device {} >in your config? > >Maria > >On 1 August 2024 20:41:23 CEST, Eric Robinson ><[email protected]<mailto:[email protected]>> wrote: > >Bird starts, and claims that it is waiting for the upstream routers to become >neighbors… > >2024-07-31 06:25:25.774 isp1: Initializing >2024-07-31 06:25:25.774 isp2: Initializing >2024-07-31 06:25:25.774 isp1: Starting >2024-07-31 06:25:25.774 isp1: State changed to start >2024-07-31 06:25:25.774 isp2: Starting >2024-07-31 06:25:25.774 isp2: State changed to start >2024-07-31 06:25:25.774 Started >2024-07-31 06:25:25.775 isp2: Waiting for 4.4.92.131 to become my neighbor >2024-07-31 06:25:25.775 isp1: Waiting for 4.4.92.130 to become my neighbor > >…however, I can see in tcpdump that bird is refusing BGP connections… > >08:50:31.055601 IP 4.4.92.130.34302 > 4.4.92.140.179: Flags [S], seq >733565924, win 16384, options [mss 1424,wscale 0,nop,sackOK,eol], length 0 >08:50:31.056685 IP 4.4.92.140.179 > 4.4.92.130.34302: Flags [R.], seq 0, ack >733565925, win 0, length 0 > >…and that’s because bird is not listening… > >[root@fw9b log]# netstat -ant >Active Internet connections (servers and established) >Proto Recv-Q Send-Q Local Address Foreign Address State >tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN >tcp 0 0 0.0.0.0:53 0.0.0.0:* LISTEN >tcp 0 0 127.0.0.1:8953 0.0.0.0:* LISTEN >tcp6 0 0 :::1013 :::* LISTEN >tcp6 0 0 :::444 :::* LISTEN >tcp6 0 0 :::81 :::* LISTEN > >Bird is running... > >[root@fw9b log]# ps ax|grep bird >20738 pts/0 S+ 0:00 grep bird >29732 ? Ss 0:00 /usr/sbin/bird >Strace shows that it is not binding to the port. > >I read a full thread about this exact symptom here: >https://bird.network.cz/pipermail/bird-users/2020-September/014824.html > >Unfortunately, I’m brand new to bird and I was unable to follow some of it. > >-Eric > > >Disclaimer : This email and any files transmitted with it are confidential and >intended solely for intended recipients. If you are not the named addressee >you should not disseminate, distribute, copy or alter this email. Any views or >opinions presented in this email are solely those of the author and might not >represent those of Physician Select Management. Warning: Although Physician >Select Management has taken reasonable precautions to ensure no viruses are >present in this email, the company cannot accept responsibility for any loss >or damage arising from the use of this email or attachments. >-- >Maria Matejka (she/her) | BIRD Team Leader | CZ.NIC, z.s.p.o. >Disclaimer : This email and any files transmitted with it are confidential and >intended solely for intended recipients. If you are not the named addressee >you should not disseminate, distribute, copy or alter this email. Any views or >opinions presented in this email are solely those of the author and might not >represent those of Physician Select Management. Warning: Although Physician >Select Management has taken reasonable precautions to ensure no viruses are >present in this email, the company cannot accept responsibility for any loss >or damage arising from the use of this email or attachments. -- Maria Matejka (she/her) | BIRD Team Leader | CZ.NIC, z.s.p.o.
