Hi Guys/Gals I have a stock install of OpenBSD/BGP 3.8 and I'm finding some weird happenings. I'm part of the Virt-IX project (http://www.virt-ix.net/), which is a training ground for learning BGP.
The Setup is an OpenVPN connection to a peering LAN (194.126.235.0/24_ where other participants host there routers. Below is my 'bgpctl sh' # bgpctl sh Neighbor AS MsgRcvd MsgSent OutQ Up/Down State/PrefixRcvd New-V-IX 65438 1750 1749 0 1d05h06m 1 New-V-IX 64542 1221 1223 0 12:08:02 1 New-V-IX 65213 1752 1751 0 1d05h08m 1 cymrubogon-p2 65333 1751 1750 0 18:34:29 63/1000 cymrubogon-p1 65333 1753 1750 0 1d05h08m 63/1000 New-V-IX 0 0 0 0 Never Active Melchior 65101 115012 3503 0 1d04h13m 183805 default virt-ix 31064 147297 3506 0 1d04h07m 183799 tvk 65126 1753 1751 0 1d05h08m 2 Lex van Roon (r3boot 65342 3497 3505 0 15:59:06 1 daviper 64662 1753 1754 0 10:02:14 2 lotjuh 65188 1752 1751 0 1d05h08m 1 mszabo 65302 1752 1751 0 1d05h08m 1 # bgpctl -n sh Neighbor AS MsgRcvd MsgSent OutQ Up/Down State/PrefixRcvd 194.126.235.89 65438 1750 1749 0 1d05h06m 1 194.126.235.49 64542 1221 1224 0 12:08:06 1 194.126.235.51 65213 1752 1751 0 1d05h08m 1 38.229.0.5 65333 1751 1750 0 18:34:33 63/1000 206.71.160.162 65333 1753 1750 0 1d05h08m 63/1000 194.126.235.0/24 0 0 0 0 Never Active 194.126.235.7 65101 115012 3503 0 1d04h13m 183805 194.126.235.1 31064 147297 3507 0 1d04h07m 183799 194.126.235.29 65126 1753 1751 0 1d05h08m 2 194.126.235.111 65342 3497 3506 0 15:59:10 1 194.126.235.43 64662 1753 1754 0 10:02:18 2 194.126.235.3 65188 1752 1751 0 1d05h08m 1 194.126.235.47 65302 1752 1751 0 1d05h08m 1 (My bgpd.conf is at the bottom) I've done some traffic engineering and selected some non optimal routing; As you can see, I'm looking at the AS path to www.openbgpd.com (81.209.180.64) bgpctl bgpd # bgpctl sh ip bgp 81.209.180.64 flags: * = Valid, > = Selected, I = via IBGP, A = Announced origin: i = IGP, e = EGP, ? = Incomplete flags destination gateway lpref med aspath origin *> 81.209.180.0/22 194.126.235.1 150 15 65101 31064 15703 13237 24640 i * 81.209.180.0/22 194.126.235.1 100 15 31064 31064 15703 13237 24640 i # The selected path to 81.209.180.64 is thru:- 65101 31064 15703 13237 24640 As you can see, AS65101 (194.126.235.7) is the preferred route, but has the same gateway as AS31064 (the optimal route) just to double check that its not a glitch, I do a traceroute to www.openbgpd.com # traceroute www.openbgpd.com traceroute to www.openbgpd.com (81.209.180.64), 64 hops max, 40 byte packets 1 rtr-1.peering.virt-ix.net (194.126.235.1) 10.360 ms 10.277 ms 10.197 ms 2 c1201-gateway.trueserver.nl (213.193.208.73) 16.562 ms 17.771 ms 17.921 ms 3 AMS-IX.AMS-1-eth010-101.nl.lambdanet.net (195.69.144.212) 11.199 ms 11.106 ms 10.990 ms 4 DUS-2-pos700.de.lambdanet.net (82.197.128.29) 17.578 ms 17.549 ms 18.49 ms 5 HAN-7-pos600.de.lambdanet.net (217.71.105.125) 22.427 ms 21.874 ms 22.775 ms 6 HAM-4-pos010.de.lambdanet.net (217.71.105.34) 28.18 ms 27.124 ms 27.191 ms 7 ge2.cr10.ham.bsws.de (80.86.162.34) 26.241 ms 26.597 ms 26.375 ms 8 ge0.cr20.ham.bsws.de (80.86.183.4) 26.954 ms 26.806 ms 27.17 ms 9 064.n30.ham.bsws.de (81.209.180.64) 27.87 ms 27.357 ms 27.180 ms I would expect the first two hops to be:- 1 virtix-gw.melchioraelmans.nl (194.126.235.7) 2 rtr-1.peering.virt-ix.net (194.126.235.1) 3 .. 4 ... For another example, I have a Neighbour of AS65438 at 194.126.235.89, announcing 195.16.86.208/29. Now when I look at the AS Path to 195.16.86.208/29 I get:- # bgpctl sh ip bgp 195.16.86.208 flags: * = Valid, > = Selected, I = via IBGP, A = Announced origin: i = IGP, e = EGP, ? = Incomplete flags destination gateway lpref med aspath origin *> 195.16.86.208/29 194.126.235.89 150 15 65101 65438 i * 195.16.86.208/29 194.126.235.89 100 0 65438 i * 195.16.86.208/29 194.126.235.89 100 15 31064 31064 65438 i # You see, I get the same thing:- *> 195.16.86.208/29 194.126.235.89 150 15 65101 65438 i Out of the three valid routes, AS65101 should be my route and have the gateway of 194.126.235.7, but the gateway's addresses are all the same for the optimal AS Path and not the engineered AS Path. There are no other routing protocols running, my only guess is that's because the peering LAN is on a /24, something else is caching the routes. Please help. Now that's out of the way, I have a general question that has been bugging me for ages is, how do you get to see the traffic transferred on a OpenBSD box, on Linux boxes you can find that information on the interfaces when running 'ifconfig' # cat /etc/bgpd.conf # bgpd.conf,v 0.4 19/04/2006 21:22:16 ben ashton # virt-ix bgpd configuration file # global configuration AS 65103 router-id 194.126.235.13 holdtime 180 holdtime min 3 fib-update yes rde med compare always #log updates listen on 194.126.235.13 network 195.16.84.8/29 group "virt-ix announce self" { announce self neighbor 194.126.235.47 { descr "mszabo" remote-as 65302 } neighbor 194.126.235.3 { descr "lotjuh" remote-as 65188 } neighbor 194.126.235.43 { descr "daviper" remote-as 64662 } neighbor 194.126.235.111 { descr "Lex van Roon (r3boot)" remote-as 65342 } neighbor 194.126.235.29 { descr "tvk" remote-as 65126 } } group "virt-ix announce all" { announce self neighbor 194.126.235.1 { descr "default virt-ix" remote-as 31064 } neighbor 194.126.235.7 { descr "Melchior" remote-as 65101 } } group "New-V-IX" { neighbor 194.126.235.0/24 { descr "New-V-IX" passive announce self } } group "cymru peering bogon" { neighbor x.x.x.x { descr "cymrubogon-p1" remote-as 65333 multihop 64 local-address 194.126.235.13 max-prefix 1000 announce none tcp md5sig password Monkeys } neighbor x.x.x.x { descr "cymrubogon-p2" remote-as 65333 multihop 64 local-address 194.126.235.13 max-prefix 1000 announce none tcp md5sig password Monkeys } } match from any community *:* set metric 10 match from group "virt-ix announce all" set metric 15 match from 194.126.235.1 set prepend-neighbor 1 match from 194.126.235.7 set localpref 150 allow from any community 31064:4000 set pftable "VIX-True" allow from any community 31064:1000 set pftable "VIX-User" allow from any community 31064:500 set pftable "VIX-Orig" allow from any community 65333:888 set pftable "bogons" allow from any community 65333:888 set nexthop blackhole #allow from any community 31064:4000 set rtlabel "VIX-True" #allow from any community 31064:1000 set rtlabel "VIX-User" #allow from any community 31064:500 set rtlabel "VIX-Orig" #allow from any community 65333:888 set rtlabel "bogons" deny from any prefix 0.0.0.0/0 deny from any prefix 10.0.0.0/8 prefixlen >= 8 deny from any prefix 172.16.0.0/12 prefixlen >= 12 deny from any prefix 192.168.0.0/16 prefixlen >= 16 deny from any prefix 169.254.0.0/16 prefixlen >= 16 deny from any prefix 192.0.2.0/24 prefixlen >= 24 deny from any prefix 224.0.0.0/4 prefixlen >= 4 deny from any prefix 240.0.0.0/4 prefixlen >= 4 #