Thanks Claudio for answering
I added the option "nexthop qualify via bgp" and now, route are now valid.
I found this option from a post from you on this old thread:
http://openbsd-archive.7691.n7.nabble.com/what-s-makes-a-route-not-valid-in-o
penbgpd-td51614.html
# bgpctl show fib YYY.YYY.143.199
flags: * = valid, B = BGP, C = Connected, S = Static
N = BGP Nexthop reachable via this route
r = reject route, b = blackhole route
flags prio destination gateway
*BN 48 YYY.YYY.128.0/20 XXX.XXX.111.29
XXX.XXX.111.29 is the gateway of AS5769.
# bgpctl show rib YYY.YYY.128.0/20
flags: * = Valid, > = Selected, I = via IBGP, A = Announced, S = Stale
origin: i = IGP, e = EGP, ? = Incomplete
flags destination gateway lpref med aspath origin
*> YYY.YYY.128.0/20 YYY.YYY.143.199 100 0 22652 i
* YYY.YYY.128.0/20 XXX.XXX.111.29 100 0 5769 6453 22652 i
No default route on the system. If I understand well, the problem would be
that route to reach AS22652 neighbor pass through AS5769 ? Should I filter
this subnet for AS5769 instead of using option "next hop qualify via BGP" ?
I presume this option is unsecure.
---
Cordialement,
Michel Blais
Administrateur réseau
Targo communications
2015-05-14 14:44 GMT-04:00 Claudio Jeker <[email protected]>:
> On Thu, May 14, 2015 at 02:21:41PM -0400, Michel Blais wrote:
> > Thanks Henning for answering,
> >
> > While using nexthop, I see $peerfibn1 as the variable ip address in the
> > "nexthop" colomn but route, prio gateway or Iface are empty for this hop.
> >
> > With show rib, I see both in gateway and aspath but AS22652 don't have
> the
> > valid and selected flag. Is the're something else or it seem like a
> problem
> > on the carrier side ?
> >
>
> Most probably not. Since your nexthop is not valid the routes are not
> valid. Next step is 'bgpctl show fib $peerfibn1' and make sure it returns
> a valid and hopefully the correct route. I have the feeling that
> $peerfibn1 is resolved via the default route and therefor not considered
> for validating the neighbor.
>
> Also do a 'route -nv get $peerfibn1' and compare with the fib output.
>
> --
> :wq Claudio
>
> > 2015-05-10 14:37 GMT-04:00 Henning Brauer <[email protected]>:
> >
> > > * Michel Blais <[email protected]> [2015-05-07 17:59]:
> > > > I have 2 BGP peer from different provider (AS5769 and AS22652). It's
> > > happen
> > > > 2 times that I was not able to ping my neighbor ($peervid1) at AS5769
> > > > connected to em1 but still able to ping AS22652 neighbor on em1
> > > > ($peerfibn1). The bug is that when it's happen, I don't have any
> external
> > > > routes in the RIB. If I check neighbors via "bgpclt show", I see that
> > > > AS22652 is connected since last collomn show a number while last
> collone
> > > of
> > > > AS5769 will show in alternace "active" or "connecting".
> > >
> > > sounds like your routes from AS22652 aren't considered valid, could be
> > > due to the nexthop. bgpctl show rib & show nexthops should give clues.
> > >
> > > --
> > > Henning Brauer, [email protected], [email protected]
> > > BS Web Services GmbH, http://bsws.de, Full-Service ISP
> > > Secure Hosting, Mail and DNS. Virtual & Dedicated Servers, Root to
> Fully
> > > Managed
> > > Henning Brauer Consulting, http://henningbrauer.com/
