That did it, thank you! -Eric
From: Maria Matejka <[email protected]> Sent: Thursday, August 1, 2024 3:55 PM To: Eric Robinson <[email protected]>; [email protected] Subject: RE: Bird 2.14 Starts but Won't Bind to Port 179 You are missing the protocol kernel { ipv6 { export all; }; } bit to actually do the synchronization with the kernel. On 1 August 2024 22:35:14 CEST, Eric Robinson <[email protected]<mailto:[email protected]>> wrote: It’s not quite working yet. The bird console shows the default route… [root@fw9b ~]# birdc BIRD 2.14 ready. bird> show route Table master4: 0.0.0.0/0 unicast [isp1 13:29:52.523] * (100) [AS23222i] via 4.4.92.130 on red0 unicast [isp2 13:29:52.491] (100) [AS23222i] via 4.4.92.131 on red0 bird> …but it does not show up to the OS, and the outside world is not pingable. [root@fw9b ~]# ip route 192.168.5.0/24 dev green0 proto kernel scope link src 192.168.5.10 4.4.92.128/28 dev red0 proto kernel scope link src 4.4.92.140 From: Maria Matejka <[email protected]<mailto:[email protected]>> Sent: Thursday, August 1, 2024 3:23 PM To: Eric Robinson <[email protected]<mailto:[email protected]>>; [email protected]<mailto:[email protected]> Subject: RE: Bird 2.14 Starts but Won't Bind to Port 179 It looks like working. It accepts the default route while refusing to export it back which is expected to happen. Maria On 1 August 2024 21:48:36 CEST, Eric Robinson <[email protected]<mailto:[email protected]>> wrote: I added that and it listens now! I’m not sure what to make of the log notices, though. 2024-08-01 12:43:15.036 <TRACE> isp2: Started 2024-08-01 12:43:15.036 <TRACE> isp2: Connect delayed by 5 seconds 2024-08-01 12:43:15.036 <TRACE> isp1: Started 2024-08-01 12:43:15.036 <TRACE> isp1: Connect delayed by 5 seconds 2024-08-01 12:43:19.073 <TRACE> isp1: Connecting to <redacted> from local address <redacted> 2024-08-01 12:43:19.074 <TRACE> isp1: Connected 2024-08-01 12:43:19.074 <TRACE> isp1: Sending OPEN(ver=4,as=65526,hold=240,id=d8735c8c) 2024-08-01 12:43:19.078 <TRACE> isp1: Connection lost (Connection reset by peer) 2024-08-01 12:43:19.078 <TRACE> isp1: Connect delayed by 5 seconds 2024-08-01 12:43:19.287 <TRACE> isp2: Connecting to <redacted>from local address <redacted> 2024-08-01 12:43:19.288 <TRACE> isp2: Connected 2024-08-01 12:43:19.288 <TRACE> isp2: Sending OPEN(ver=4,as=65526,hold=240,id=d8735c8c) 2024-08-01 12:43:19.494 <TRACE> isp2: Got OPEN(as=23005,hold=180,id=<redacted>) 2024-08-01 12:43:19.494 <TRACE> isp2: Sending KEEPALIVE 2024-08-01 12:43:19.495 <TRACE> isp2: Got KEEPALIVE 2024-08-01 12:43:19.495 <TRACE> isp2: BGP session established 2024-08-01 12:43:19.495 <TRACE> isp2: State changed to up 2024-08-01 12:43:19.495 <TRACE> isp2: Sending END-OF-RIB 2024-08-01 12:43:19.536 <TRACE> isp2: Got UPDATE 2024-08-01 12:43:19.536 <TRACE> isp2.ipv4 > added [best] 0.0.0.0/0 0L 2G unicast 2024-08-01 12:43:19.536 <TRACE> isp2.ipv4 < rejected by protocol 0.0.0.0/0 0L 2G unicast 2024-08-01 12:43:23.578 <TRACE> isp1: Connecting to <redacted> local address <redacted> 2024-08-01 12:43:23.578 <TRACE> isp1: Connected 2024-08-01 12:43:23.578 <TRACE> isp1: Sending OPEN(ver=4,as=65526,hold=240,id=d8735c8c) 2024-08-01 12:43:23.782 <TRACE> isp1: Got OPEN(as=23005,hold=180,id=<redacted>) 2024-08-01 12:43:23.782 <TRACE> isp1: Sending KEEPALIVE 2024-08-01 12:43:23.783 <TRACE> isp1: Got KEEPALIVE 2024-08-01 12:43:23.783 <TRACE> isp1: BGP session established 2024-08-01 12:43:23.783 <TRACE> isp1: State changed to up 2024-08-01 12:43:23.783 <TRACE> isp1.ipv4 < filtered out 0.0.0.0/0 0L 2G unicast 2024-08-01 12:43:23.783 <TRACE> isp1: Sending END-OF-RIB 2024-08-01 12:43:23.788 <TRACE> isp1: Got UPDATE 2024-08-01 12:43:23.788 <TRACE> isp1.ipv4 > added [best] 0.0.0.0/0 0L 3G unicast 2024-08-01 12:43:23.788 <TRACE> isp2.ipv4 < filtered out 0.0.0.0/0 0L 3G unicast 2024-08-01 12:43:23.788 <TRACE> isp1.ipv4 < rejected by protocol 0.0.0.0/0 0L 3G unicast 2024-08-01 12:43:29.463 <TRACE> isp2: Got UPDATE 2024-08-01 12:43:29.463 <TRACE> isp2: Got END-OF-RIB 2024-08-01 12:43:33.765 <TRACE> isp1: Got UPDATE 2024-08-01 12:43:33.765 <TRACE> isp1: Got END-OF-RIB 2024-08-01 12:44:09.966 <TRACE> isp2: Sending KEEPALIVE 2024-08-01 12:44:18.548 <TRACE> isp1: Sending KEEPALIVE 2024-08-01 12:44:29.465 <TRACE> isp2: Got KEEPALIVE 2024-08-01 12:44:33.766 <TRACE> isp1: Got KEEPALIVE 2024-08-01 12:44:57.910 <TRACE> isp2: Sending KEEPALIVE It seems to add the default route, then reject it? -Eric From: Eric Robinson Sent: Thursday, August 1, 2024 2:26 PM To: Maria Matejka <[email protected]<mailto:[email protected]>>; [email protected]<mailto:[email protected]>; [email protected]<mailto:[email protected]> Subject: RE: Bird 2.14 Starts but Won't Bind to Port 179 I do not. Following is the whole config. (The IPs and ASNs are bogus.) Our need is simple. We don’t need to advertise any routes. We just need to get the default route from the ISP and ignore everything else. [root@fw9b etc]# cat bird.conf log "/var/log/bird.log" all; router id 4.4.92.140; protocol bgp isp1 { description "BGP with ISP Router 1"; local as 65111; neighbor 4.4.92.130%red0 as 23222; debug all; ipv4 { import filter { if net = 0.0.0.0/0 then accept; reject; }; export none; # Do not export any routes to ISP next hop self; }; } protocol bgp isp2 { description "BGP with ISP Router 2"; local as 65111; neighbor 4.4.92.131%red0 as 23222; debug all; ipv4 { import filter { if net = 0.0.0.0/0 then accept; reject; }; export none; # Do not export any routes to ISP next hop self; }; } From: Maria Matejka <[email protected]<mailto:[email protected]>> Sent: Thursday, August 1, 2024 2:18 PM To: [email protected]<mailto:[email protected]>; Eric Robinson <[email protected]<mailto:[email protected]>>; [email protected]<mailto:[email protected]> Subject: Re: Bird 2.14 Starts but Won't Bind to Port 179 Hello, do you have protocol device {} in your config? Maria On 1 August 2024 20:41:23 CEST, Eric Robinson <[email protected]<mailto:[email protected]>> wrote: Bird starts, and claims that it is waiting for the upstream routers to become neighbors… 2024-07-31 06:25:25.774 isp1: Initializing 2024-07-31 06:25:25.774 isp2: Initializing 2024-07-31 06:25:25.774 isp1: Starting 2024-07-31 06:25:25.774 isp1: State changed to start 2024-07-31 06:25:25.774 isp2: Starting 2024-07-31 06:25:25.774 isp2: State changed to start 2024-07-31 06:25:25.774 Started 2024-07-31 06:25:25.775 isp2: Waiting for 4.4.92.131 to become my neighbor 2024-07-31 06:25:25.775 isp1: Waiting for 4.4.92.130 to become my neighbor …however, I can see in tcpdump that bird is refusing BGP connections… 08:50:31.055601 IP 4.4.92.130.34302 > 4.4.92.140.179: Flags [S], seq 733565924, win 16384, options [mss 1424,wscale 0,nop,sackOK,eol], length 0 08:50:31.056685 IP 4.4.92.140.179 > 4.4.92.130.34302: Flags [R.], seq 0, ack 733565925, win 0, length 0 …and that’s because bird is not listening… [root@fw9b log]# netstat -ant Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:53 0.0.0.0:* LISTEN tcp 0 0 127.0.0.1:8953 0.0.0.0:* LISTEN tcp6 0 0 :::1013 :::* LISTEN tcp6 0 0 :::444 :::* LISTEN tcp6 0 0 :::81 :::* LISTEN Bird is running... [root@fw9b log]# ps ax|grep bird 20738 pts/0 S+ 0:00 grep bird 29732 ? Ss 0:00 /usr/sbin/bird Strace shows that it is not binding to the port. I read a full thread about this exact symptom here: https://bird.network.cz/pipermail/bird-users/2020-September/014824.html Unfortunately, I’m brand new to bird and I was unable to follow some of it. -Eric Disclaimer : This email and any files transmitted with it are confidential and intended solely for intended recipients. If you are not the named addressee you should not disseminate, distribute, copy or alter this email. Any views or opinions presented in this email are solely those of the author and might not represent those of Physician Select Management. Warning: Although Physician Select Management has taken reasonable precautions to ensure no viruses are present in this email, the company cannot accept responsibility for any loss or damage arising from the use of this email or attachments. Disclaimer : This email and any files transmitted with it are confidential and intended solely for intended recipients. If you are not the named addressee you should not disseminate, distribute, copy or alter this email. Any views or opinions presented in this email are solely those of the author and might not represent those of Physician Select Management. Warning: Although Physician Select Management has taken reasonable precautions to ensure no viruses are present in this email, the company cannot accept responsibility for any loss or damage arising from the use of this email or attachments. Disclaimer : This email and any files transmitted with it are confidential and intended solely for intended recipients. If you are not the named addressee you should not disseminate, distribute, copy or alter this email. Any views or opinions presented in this email are solely those of the author and might not represent those of Physician Select Management. Warning: Although Physician Select Management has taken reasonable precautions to ensure no viruses are present in this email, the company cannot accept responsibility for any loss or damage arising from the use of this email or attachments. -- Maria Matejka (she/her) | BIRD Team Leader | CZ.NIC, z.s.p.o. Disclaimer : This email and any files transmitted with it are confidential and intended solely for intended recipients. If you are not the named addressee you should not disseminate, distribute, copy or alter this email. Any views or opinions presented in this email are solely those of the author and might not represent those of Physician Select Management. Warning: Although Physician Select Management has taken reasonable precautions to ensure no viruses are present in this email, the company cannot accept responsibility for any loss or damage arising from the use of this email or attachments.
