Yay!
Claudio Jeker wrote:
On Wed, Sep 24, 2008 at 08:50:47PM +0200, Claudio Jeker wrote:
...
So the problems I see are the following:
1) the "(inet|inet6)" parameter either doesn't work, doesn't work
consistently, or at the very least doesn't work as described in the man
page for bgpd.conf(5) IMHO.
2) the parser for the filter section in bgpd.conf doesn't detect an IPv4
prefix versus an IPv6 prefix. (Why else would 0.0.0.0/0 match
_anything_ in IPv6 land?)
3) it doesn't appear (though I haven't tested this theory much) that
bgpd will default the prefixlen to equal the CIDR mask.
I would say that's a bug. Your first version should just work.
I'll have a look at it.
Here we go. Try this diff, untested but compiles :)
The problem was that for IPv6 prefixes
deny from any prefix 0.0.0.0/0
was essentially
deny from any
And so everything IPv6 related was dropped :(
Claudio, I just got a chance to test your patch, and everything works great!
Just to be explicitly clear, your patch solved both problems 1 and 2
that I outlined above:
(1) The rule "deny from any prefix 0.0.0.0/0" is correctly parsed as
being a rule that only applies to IPv4 prefixes, and doesn't
wildcard-match IPv6 prefixes.
(2) Temporary testing with "deny from any inet prefixlen = 32" or "deny
from any inet6 prefixlen = 32" (which are nonsensical rules) apply
*only* to their specified address families.
Thanks for the quick fix! If anyone is interested, I've got a looking
glass up at http://208.86.95.250/cgi-bin/bgplg and the IPv6 address (not
running the v6-enabled Apache at the moment) is 2607:f618:1::1
Cheers!
Tico