On Sat, Feb 17, 2007 at 04:02:22PM +0100, Falk Brockerhoff - smartTERRA GmbH
wrote:
> Hello,
>
> I just set up two identical machines to make some tests with vlan, carp
> and openbgpd to replace my cisco routers in the next couple of months.
> VLAN- and carp-configuratin is quite easy, it works out of the box and
> without any problems. OpenBGPd runs fine, too. Err, nearly fine.
>
> I named my two boxes Pinky and Brain :) On both I configured the same
> VLAN and CARP - this should be the local gateways for the other boxes
> connected using a normale cisco switch. I pasted the output of the
> ifconfig command to the bottom of this mail.
>
> To reach some kind of redundancy I set up an iBGP-Session between Pinky
> and Brain. It is a very simple configuration and has only minor
> differences - you can find the complete configuration file at the bottom
> of the mail:
>
> < router-id 194.9.86.1
> > router-id 194.9.86.2
>
> < neighbor 194.9.86.2 {
> > neighbor 194.9.86.1 {
>
> < local-address 194.9.86.1
> > local-address 194.9.86.2
>
> I expect to receive the specifed network-prefix from Pinky on Brain via
> iBGP and vice versa. But on Brain I can't find any advertised prefix
> from Pinky:
>
> Pinky# bgpctl sh
>
>
> Neighbor AS MsgRcvd MsgSent OutQ Up/Down
> State/PrefixRcvd
> Brain 35548 8 7 0 00:04:23 0
>
> The other side works fine, Brain is receiving the prefix from Pinky.
> Brain# bgpctl sh
>
>
> Neighbor AS MsgRcvd MsgSent OutQ Up/Down
> State/PrefixRcvd
> Pinky 35548 6 7 0 00:03:11 1
>
> Both sides advertises the prefix, I can't find any misconfiguration on
> this. Brain advertises the prefix as you can see here:
>
> Brain# bgpctl sh rib
>
>
> flags: * = Valid, > = Selected, I = via IBGP, A = Announced
> origin: i = IGP, e = EGP, ? = Incomplete
>
> flags destination gateway lpref med aspath origin
> I*> 195.140.212.0/23 194.9.86.1 100 0 i
> AI* 195.140.212.0/23 0.0.0.0 100 0 i
>
>
> But I don't received it on Pinky (as you can see above):
>
> Pinky# bgpctl sh rib
> flags: * = Valid, > = Selected, I = via IBGP, A = Announced
> origin: i = IGP, e = EGP, ? = Incomplete
>
> flags destination gateway lpref med aspath origin
> AI*> 195.140.212.0/23 0.0.0.0 100 0 i
>
>
> Does anybody has an explanation for this behaviour? I tried without any
> vlan and carp interface only with "normal" configured interfaces - the
> same. I'm at a loss. You are my last hope :-))
>
>
bgpd only sends the selected routes to the neighbors and the announced
network from 194.9.86.1 has higher precedence and so only 194.9.86.2 has
both networks in the table. If you remove the network on 194.9.86.1,
194.9.86.2 would announce the network to 194.9.86.1.
You can play with "network 195.140.212.0/23 set localpref x" to see this
effect in both directions.
> Regards,
>
> Falk
>
> --snipp--
> Output of the ifconfig command:
>
> ##Pinky:
> vlan212: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500
> lladdr 00:06:5b:ec:48:c5
> vlan: 212 priority: 0 parent interface: em1
> groups: vlan
> inet6 fe80::206:5bff:feec:48c5%vlan212 prefixlen 64 scopeid 0x9
> inet 195.140.212.2 netmask 0xffffffff broadcast 195.140.212.2
> carp212: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
> lladdr 00:00:5e:00:01:d4
> carp: MASTER carpdev vlan212 vhid 212 advbase 1 advskew 0
> groups: carp
> inet6 fe80::200:5eff:fe00:1d4%carp212 prefixlen 64 scopeid 0xe
> inet 195.140.212.1 netmask 0xffffff00 broadcast 195.140.212.255
>
> ##Brain:
> vlan212: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500
> lladdr 00:0f:1f:66:3f:d3
> vlan: 212 priority: 0 parent interface: em1
> groups: vlan
> inet6 fe80::20f:1fff:fe66:3fd3%vlan212 prefixlen 64 scopeid 0x9
> inet 195.140.212.3 netmask 0xffffffff broadcast 195.140.212.3
> carp212: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
> lladdr 00:00:5e:00:01:d4
> carp: BACKUP carpdev vlan212 vhid 212 advbase 1 advskew 0
> groups: carp
> inet6 fe80::200:5eff:fe00:1d4%carp212 prefixlen 64 scopeid 0xf
> inet 195.140.212.1 netmask 0xffffff00 broadcast 195.140.212.255
>
>
> --snipp--
> The complete configuration file:
>
> ##Pinky:
> # global configuration
> AS 35548
> router-id 194.9.86.1
> network 195.140.212.0/23
>
> holdtime 180
> holdtime min 3
>
> neighbor 194.9.86.2 {
> remote-as 35548
> descr Brain
> local-address 194.9.86.1
> announce all
> tcp md5sig key foobar
> }
>
> # filter out prefixes longer than 24 or shorter than 8 bits
> deny from any
> allow from any prefixlen 8 - 24
>
> # do not accept a default route
> deny from any prefix 0.0.0.0/0
>
> # filter bogus networks
> deny from any prefix 10.0.0.0/8 prefixlen >= 8
> deny from any prefix 172.16.0.0/12 prefixlen >= 12
> deny from any prefix 192.168.0.0/16 prefixlen >= 16
> deny from any prefix 169.254.0.0/16 prefixlen >= 16
> deny from any prefix 192.0.2.0/24 prefixlen >= 24
> deny from any prefix 224.0.0.0/4 prefixlen >= 4
> deny from any prefix 240.0.0.0/4 prefixlen >= 4
>
> ##Brain:
> # global configuration
> AS 35548
> router-id 194.9.86.2
> network 195.140.212.0/23
>
> holdtime 180
> holdtime min 3
>
> neighbor 194.9.86.1 {
> remote-as 35548
> descr Pinky
> local-address 194.9.86.2
> announce all
> tcp md5sig key foobar
> }
>
> # filter out prefixes longer than 24 or shorter than 8 bits
> deny from any
> allow from any prefixlen 8 - 24
>
> # do not accept a default route
> deny from any prefix 0.0.0.0/0
>
> # filter bogus networks
> deny from any prefix 10.0.0.0/8 prefixlen >= 8
> deny from any prefix 172.16.0.0/12 prefixlen >= 12
> deny from any prefix 192.168.0.0/16 prefixlen >= 16
> deny from any prefix 169.254.0.0/16 prefixlen >= 16
> deny from any prefix 192.0.2.0/24 prefixlen >= 24
> deny from any prefix 224.0.0.0/4 prefixlen >= 4
> deny from any prefix 240.0.0.0/4 prefixlen >= 4
>
--
:wq Claudio
