On Thu, May 09, 2019 at 10:58:54AM -0500, Adam Thompson wrote:
> I've upgraded my looking glass from 6.4 to 6.5, and an experiencing an
> unexpected problem - routes learned from one (iBGP) peer are not being
> automatically exported to other (eBGP) peers.
>
> I did not change /etc/bgpd.conf, but behaviour seems to have changed
> nonetheless. The upgrade from 6.4 to 6.5 appeared smooth otherwise, nothing
> to suggest subtle breakage under the hood.
>
> As you can see below, this bgpd.conf is almost so simple it *can't* have
> problems. Apparently "almost" being the operative word.
>
> Under 6.4, this behaved as though "export none" only applied to the first
> group. Under 6.5, it behaves as though "export none" is a global setting.
>
> Under 6.5, bgpctl show produces:
> root@bgpmirror:~# bgpctl sh
> Neighbor AS MsgRcvd MsgSent OutQ Up/Down
> State/PrfRcvd
> Hermes IPv4 16796 128773 85 0 00:41:40
> 753748
> Hermes IPv6 16796 29727 85 0 00:41:40
> 68228
> MBNOG IPv4 65204 97 85 0 00:41:40
> 0
> MBNOG IPv6 65204 97 85 0 00:41:40
> 0
> BGPMon.io IPv4 6447 0 21 0 Never
> Active
> isolario.it IPv4 65517 86 85 0 00:41:39
> 0
> isolario.it IPv6 65517 86 85 0 00:41:39
> 0
> and the operator of the MBNOG route collector confirms that I stopped
> sending him a full routing table at the same time I did the OS upgrade.
>
> Any ideas? What other information would help diagnose this problem?
>
> Thanks,
> -Adam
>
>
>
> Dmesg & bgpd.conf:
> https://gist.github.com/athompso/e334d8621ce458925e25bb44b8068341
>
>
> bgpd.conf, duplicated here for convenience:
>
> ===BOF===
> route-collector yes
You have route-collector turned on and so you disable the decision process
and so no prefix will be selected and sent out. This is the way it is
supposed to work. Your setup is not a route-collector.
In 6.4 route-collector mode was broken (as in you could not turn it on)
and I fixed this. That is why your noticed the behaviour change.
> socket "/var/www/run/bgpd.rsock" restricted # for bgplg
>
> # settings
> nexthop qualify via default
> fib-update no
> dump table-v2 "/var/www/htdocs/bgplg/mrt/rib-dump.mrt" 3600
> dump updates in "/var/www/htdocs/bgplg/mrt/updates-in-%H%M" 300
> dump all in "/var/www/htdocs/bgplg/mrt/all-in-%H%M" 300
>
> # myself
> AS X
> router-id X.X.X.X
>
> # neighbors
>
> group hermes {
> enforce local-as no
> enforce neighbor-as no
> export none
>
> neighbor X.X.X.X {
> remote-as X
> descr "Hermes IPv4"
> }
> neighbor X:X:X:X::X {
> remote-as X
> descr "Hermes IPv6"
> }
> }
>
> group bgpresearch {
> multihop 32
> enforce local-as no
> enforce neighbor-as no
>
> neighbor 192.160.102.196 {
> remote-as 65204
> descr "MBNOG IPv4"
> }
> neighbor 2620:132:3003:300::196 {
> remote-as 65204
> descr "MBNOG IPv6"
> }
> neighbor 129.82.138.6 {
> remote-as 6447
> descr "BGPMon.io IPv4"
> }
> neighbor 146.48.78.12 {
> remote-as 65517
> descr "isolario.it IPv4"
> }
> neighbor 2a00:1620:c0:4e:146:48:78:12 {
> remote-as 65517
> descr "isolario.it IPv6"
> }
> }
>
> # policies
> allow quick from group hermes
> allow quick to group bgpresearch
> ===EOF===
>
> (if you want to see the unredacted version of bgpd.conf, ask and I'll email
> it directly to you, I just don't want internal addresses in the public
> archive.)
>
--
:wq Claudio
