Re: Error: Hold timer expired
Hello! You probably hit the architectural limits of single thread routing. Try BIRD 3 (alpha). Also with this load, it's very much recommended to have a BIRD Support package to have us booked for resolving high load problems. It's a time-consuming and very fiddly job for experienced developers. Please see https://bird.nic.cz/en/commercial-services/ for more details, and/or contact me off-list for a customized quote. Happy routing! Maria On 29 February 2024 10:08:56 CET, "mx.avanttel.ru via Bird-users" wrote: >hello my friend, all the peers lose their connection at once, at different >times, the server of 1500,000 networks and 300 routes, where to look for >what to adjust, I ask for help, the server itself does not fall, the service >does not fall either > > > >] >Feb 27 05:02:45 bgp-01 bird: bgpMSKIX: Error: Hold timer expired >Feb 27 05:03:29 bgp-01 bird: bgpRFET2: Error: Hold timer expired >Feb 27 05:03:36 bgp-01 bird: bgpGLFW: Error: Hold timer expired >Feb 27 05:03:40 bgp-01 bird: Kernel dropped some netlink messages, will resync >on next scan. >Feb 27 05:03:45 bgp-01 bird: bgpKOMP: Error: Hold timer expired >Feb 27 05:03:58 bgp-01 bird: I/O loop cycle took 5094 ms for 6 events >Feb 27 05:04:29 bgp-01 bird: bgpZap: Error: Hold timer expired >Feb 27 05:04:44 bgp-01 bird: bgpSAL: Received: Hold timer expired >Feb 27 05:04:56 bgp-01 bird: bgpRKN2: Received: Hold timer expired >Feb 27 05:04:56 bgp-01 bird: bgpFIT: Error: Hold timer expired >Feb 27 05:05:02 bgp-01 bird: bgpGLIX1: Error: Hold timer expired >Feb 27 05:05:05 bgp-01 bird: Kernel dropped some netlink messages, will resync >on next scan. >Feb 27 05:05:16 bgp-01 bird: bgpRFET1: Received: Hold timer expired >Feb 27 05:05:19 bgp-01 bird: bgpRKN1: Received: Hold timer expired -- Maria Matejka (she/her) | BIRD Team Leader | CZ.NIC, z.s.p.o.
Error: Hold timer expired
hello my friend, all the peers lose their connection at once, at different times, the server of 1500,000 networks and 300 routes, where to look for what to adjust, I ask for help, the server itself does not fall, the service does not fall either ] Feb 27 05:02:45 bgp-01 bird: bgpMSKIX: Error: Hold timer expired Feb 27 05:03:29 bgp-01 bird: bgpRFET2: Error: Hold timer expired Feb 27 05:03:36 bgp-01 bird: bgpGLFW: Error: Hold timer expired Feb 27 05:03:40 bgp-01 bird: Kernel dropped some netlink messages, will resync on next scan. Feb 27 05:03:45 bgp-01 bird: bgpKOMP: Error: Hold timer expired Feb 27 05:03:58 bgp-01 bird: I/O loop cycle took 5094 ms for 6 events Feb 27 05:04:29 bgp-01 bird: bgpZap: Error: Hold timer expired Feb 27 05:04:44 bgp-01 bird: bgpSAL: Received: Hold timer expired Feb 27 05:04:56 bgp-01 bird: bgpRKN2: Received: Hold timer expired Feb 27 05:04:56 bgp-01 bird: bgpFIT: Error: Hold timer expired Feb 27 05:05:02 bgp-01 bird: bgpGLIX1: Error: Hold timer expired Feb 27 05:05:05 bgp-01 bird: Kernel dropped some netlink messages, will resync on next scan. Feb 27 05:05:16 bgp-01 bird: bgpRFET1: Received: Hold timer expired Feb 27 05:05:19 bgp-01 bird: bgpRKN1: Received: Hold timer expired
Re: Error: Hold timer expired
Hi Try set „multihop 10” for example. > Wiadomość napisana przez Marek Królikowski w dniu > 08.08.2017, o godz. 17:57: > > Hello guys, > I buy VPS with BGP and try setup BGP session but got strange problem. > VPS support send me this information to setup session: > "Please peer with 185.144.XXX.YYY, you will need to enable eBGP multihop. > Our ASN is . > The IPv6 peer address is 2a04:9dc0:XX:YYY::1" > > My bird configuration looks like this: > --- > router id 85.204.XXX.YYY; > # debug protocols all; > protocol device { > scan time 10; > } > > protocol static { >route 2a04:9dc0:XX:YYY::1/128 via "eth0"; > } > > protocol kernel { >device routes; >import none; >scan time 15; >export filter { >if net = 2a04:9dc0:XX:YYY::1/128 then reject; >if source = 2a04:9dc0:XX:YYY::1/128 then reject; >accept; >}; > } > > protocol bgp Romania > { >description "Romania link local"; >local as Y; >source address 2a04:9dc0:X:YY::f0; >graceful restart on; >default bgp_local_pref 200; >multihop 2; >neighbor 2a04:9dc0:XX:YYY::1 as ; >import filter { >if net = 2a04:9dc0:XX:YYY::1/128 then reject; >if source = 2a04:9dc0:XX:YYY::1/128 then reject; >if bgp_path.len > 49 then reject; >accept; >}; >export filter { > if net = 2a07:1c44:3511::/48 then accept; >reject; > }; > } > --- > > In logs got it: > Aug 8 16:21:41 ro-bgp bird6: Romania: Error: Hold timer expired > Aug 8 16:24:02 ro-bgp bird6: Romania: Error: Hold timer expired > Aug 8 16:27:07 ro-bgp bird6: Romania: Error: Hold timer expired > Aug 8 16:35:58 ro-bgp bird6: Romania: Error: Hold timer expired > Aug 8 16:37:25 ro-bgp bird6: Romania: Error: Hold timer expired > Aug 8 16:39:27 ro-bgp bird6: Romania: Error: Hold timer expired > Aug 8 16:41:57 ro-bgp bird6: Romania: Error: Hold timer expired > Aug 8 16:56:19 ro-bgp bird6: Romania: Error: Hold timer expired > Aug 8 17:00:29 ro-bgp bird6: Romania: Error: Hold timer expired > Aug 8 17:06:10 ro-bgp bird6: Romania: Error: Hold timer expired > Aug 8 17:09:58 ro-bgp bird6: Romania: Error: Hold timer expired > Aug 8 17:13:01 ro-bgp bird6: Romania: Error: Hold timer expired > Aug 8 17:15:08 ro-bgp bird6: Romania: Error: Hold timer expired > Aug 8 17:18:15 ro-bgp bird6: Romania: Error: Hold timer expired > Aug 8 17:22:58 ro-bgp bird6: Romania: Error: Hold timer expired > Aug 8 17:29:17 ro-bgp bird6: Romania: Error: Hold timer expired > Aug 8 17:31:49 ro-bgp bird6: Romania: Error: Hold timer expired > Aug 8 17:35:17 ro-bgp bird6: Romania: Error: Hold timer expired > Aug 8 17:40:08 ro-bgp bird6: Romania: Error: Hold timer expired > > > root@bgp:~# birdc6 show protocols all Romania > BIRD 1.6.3 ready. > name prototablestate since info > Romania BGP master up 16:22:37Established > Description:Romania link local > Preference: 100 > Input filter: (unnamed) > Output filter: (unnamed) > Routes: 11560 imported, 5 exported, 11560 preferred > Route change stats: received rejected filteredignored > accepted >Import updates: 11560 0 0 0 > 11560 >Import withdraws:0 0--- 0 > 0 >Export updates: 11586 11560 21--- > 5 >Export withdraws:0--------- > 0 > BGP state: Established >Neighbor address: 2a04:9dc0:XX:YYY::1 >Neighbor AS: >Neighbor ID: 185.144. >Neighbor caps:refresh restart-aware AS4 > Session: external multihop AS4 >Source address: 2a04:9dc0:X:YY::f0; >Hold timer: 27/90 >Keepalive timer: 23/30 > > root@bgp:~# birdc6 show protocols all Romania > BIRD 1.6.3 ready. > name prototablestate since info > Romania BGP master start 16:24:05Idle BGP Error: Hold > timer expired > Description:Romania link local > Preference: 100 > Input filter: (unnamed) > Output filter: (unnamed) > Routes: 0 imported, 0 exported, 0 preferred > Route change stats: received rejected filteredignored > accepted >Import updates: 0 0 0 0 > 0 > Import withdraws:0 0--- 0 > 0 >Export updates: 0 0 0--- > 0 >Export withdraws:0--------- > 0 > BGP state: Idle >Neighbor address: 2a04:9dc0:XX:YYY::1 >Neighbor AS: >Error wait: 57/120 >Last error: BGP Error: Hold timer expired > > > Best Regards > Marek Krolikowski > >
Error: Hold timer expired
Hello guys, I buy VPS with BGP and try setup BGP session but got strange problem. VPS support send me this information to setup session: "Please peer with 185.144.XXX.YYY, you will need to enable eBGP multihop. Our ASN is . The IPv6 peer address is 2a04:9dc0:XX:YYY::1" My bird configuration looks like this: --- router id 85.204.XXX.YYY; # debug protocols all; protocol device { scan time 10; } protocol static { route 2a04:9dc0:XX:YYY::1/128 via "eth0"; } protocol kernel { device routes; import none; scan time 15; export filter { if net = 2a04:9dc0:XX:YYY::1/128 then reject; if source = 2a04:9dc0:XX:YYY::1/128 then reject; accept; }; } protocol bgp Romania { description "Romania link local"; local as Y; source address 2a04:9dc0:X:YY::f0; graceful restart on; default bgp_local_pref 200; multihop 2; neighbor 2a04:9dc0:XX:YYY::1 as ; import filter { if net = 2a04:9dc0:XX:YYY::1/128 then reject; if source = 2a04:9dc0:XX:YYY::1/128 then reject; if bgp_path.len > 49 then reject; accept; }; export filter { if net = 2a07:1c44:3511::/48 then accept; reject; }; } --- In logs got it: Aug 8 16:21:41 ro-bgp bird6: Romania: Error: Hold timer expired Aug 8 16:24:02 ro-bgp bird6: Romania: Error: Hold timer expired Aug 8 16:27:07 ro-bgp bird6: Romania: Error: Hold timer expired Aug 8 16:35:58 ro-bgp bird6: Romania: Error: Hold timer expired Aug 8 16:37:25 ro-bgp bird6: Romania: Error: Hold timer expired Aug 8 16:39:27 ro-bgp bird6: Romania: Error: Hold timer expired Aug 8 16:41:57 ro-bgp bird6: Romania: Error: Hold timer expired Aug 8 16:56:19 ro-bgp bird6: Romania: Error: Hold timer expired Aug 8 17:00:29 ro-bgp bird6: Romania: Error: Hold timer expired Aug 8 17:06:10 ro-bgp bird6: Romania: Error: Hold timer expired Aug 8 17:09:58 ro-bgp bird6: Romania: Error: Hold timer expired Aug 8 17:13:01 ro-bgp bird6: Romania: Error: Hold timer expired Aug 8 17:15:08 ro-bgp bird6: Romania: Error: Hold timer expired Aug 8 17:18:15 ro-bgp bird6: Romania: Error: Hold timer expired Aug 8 17:22:58 ro-bgp bird6: Romania: Error: Hold timer expired Aug 8 17:29:17 ro-bgp bird6: Romania: Error: Hold timer expired Aug 8 17:31:49 ro-bgp bird6: Romania: Error: Hold timer expired Aug 8 17:35:17 ro-bgp bird6: Romania: Error: Hold timer expired Aug 8 17:40:08 ro-bgp bird6: Romania: Error: Hold timer expired root@bgp:~# birdc6 show protocols all Romania BIRD 1.6.3 ready. name prototablestate since info Romania BGP master up 16:22:37Established Description:Romania link local Preference: 100 Input filter: (unnamed) Output filter: (unnamed) Routes: 11560 imported, 5 exported, 11560 preferred Route change stats: received rejected filteredignored accepted Import updates: 11560 0 0 0 11560 Import withdraws:0 0--- 0 0 Export updates: 11586 11560 21--- 5 Export withdraws:0--------- 0 BGP state: Established Neighbor address: 2a04:9dc0:XX:YYY::1 Neighbor AS: Neighbor ID: 185.144. Neighbor caps:refresh restart-aware AS4 Session: external multihop AS4 Source address: 2a04:9dc0:X:YY::f0; Hold timer: 27/90 Keepalive timer: 23/30 root@bgp:~# birdc6 show protocols all Romania BIRD 1.6.3 ready. name prototablestate since info Romania BGP master start 16:24:05 Idle BGP Error: Hold timer expired Description:Romania link local Preference: 100 Input filter: (unnamed) Output filter: (unnamed) Routes: 0 imported, 0 exported, 0 preferred Route change stats: received rejected filteredignored accepted Import updates: 0 0 0 0 0 Import withdraws:0 0--- 0 0 Export updates: 0 0 0--- 0 Export withdraws:0--------- 0 BGP state: Idle Neighbor address: 2a04:9dc0:XX:YYY::1 Neighbor AS: Error wait: 57/120 Last error: BGP Error: Hold timer expired Best Regards Marek Krolikowski
Re: Errors like "bgp1: Error: Hold timer expired"
On 2017 Jan 05 (Thu) at 18:15:00 +0100 (+0100), Ondrej Zajicek wrote: :On Thu, Jan 05, 2017 at 05:53:40PM +0100, Ondrej Zajicek wrote: :> On Thu, Jan 05, 2017 at 04:11:25PM +, Roger Whittaker wrote: :> > I'm trying to use bird to help prevent spam as described here: :> > :> > https://debian-administration.org/article/715/Preventing_SPAM_connections_with_bird :> > :> > I understand very little about BGP, so I'm really using that article :> > as a "recipe", and have used the config file there more or less as is, :> > except for changing the router id setting and enabling logging (and :> > I've increased scan time to 600). :> :> The reason for 'Hold timer expired' is funny. The IP address of eu.bgp-spamd.net :> is also on the blacklist: :> :> bird> show route 217.31.80.170/32 :> 217.31.80.170/32 blackhole [bgp1 17:36:37 from 217.31.80.170] * (100) [AS65055i] :> :> Not sure if that is intentional or not. : :OK, seems like the route server is sending not just black list entries, :but also other entries (white list?) mixed in, marked by BGP communities. : :So the original article is horribly mistaken. : :Blacklisted routes are only ones with (65066, 666) BGP community. So the :import filter should look more like: : :filter route_import { :if !( (65066, 666) ~ bgp_community ) then reject; : :dest = RTD_BLACKHOLE; :accept; :} : Hi, I'm the author of bgp-spamd. Yes, only the routes marked with *:666 communities are blacklist entries. I also include whitelist entries for servers I semi-trust, and those are marked with *:42 communities. The service itself uses 65066 as the AS number, and the upstream servers use their own ASNs. As a side note, it's strongly discouraged from nullrouting hosts that are blacklisted. As noticed, this prevents all communication with the IPs, including sending "451 you are a spammer" responses in the SMTP transaction. I've sent a note to the author of that page, and I added notes about these two issues to the website, http://bgp-spamd.net/client/index.html -- A formal parsing algorithm should not always be used. -- D. Gries
Re: Errors like "bgp1: Error: Hold timer expired"
On Thu, Jan 05, 2017 at 06:15:00PM +0100, Ondrej Zajicek wrote: > On Thu, Jan 05, 2017 at 05:53:40PM +0100, Ondrej Zajicek wrote: > > On Thu, Jan 05, 2017 at 04:11:25PM +, Roger Whittaker wrote: > > > I'm trying to use bird to help prevent spam as described here: > > > > > > https://debian-administration.org/article/715/Preventing_SPAM_connections_with_bird > > > > > > I understand very little about BGP, so I'm really using that article > > > as a "recipe", and have used the config file there more or less as is, > > > except for changing the router id setting and enabling logging (and > > > I've increased scan time to 600). > > > > The reason for 'Hold timer expired' is funny. The IP address of > > eu.bgp-spamd.net > > is also on the blacklist: > > > > bird> show route 217.31.80.170/32 > > 217.31.80.170/32 blackhole [bgp1 17:36:37 from 217.31.80.170] * (100) > > [AS65055i] > > > > Not sure if that is intentional or not. > > OK, seems like the route server is sending not just black list entries, > but also other entries (white list?) mixed in, marked by BGP communities. > > So the original article is horribly mistaken. > > Blacklisted routes are only ones with (65066, 666) BGP community. So the > import filter should look more like: > > filter route_import { > if !( (65066, 666) ~ bgp_community ) then reject; > > dest = RTD_BLACKHOLE; > accept; > } Thanks very much for this - I can now at least get started with this idea and see how it goes. -- Roger Whittaker ro...@disruptive.org.uk
Re: Errors like "bgp1: Error: Hold timer expired"
On Thu, Jan 05, 2017 at 05:53:40PM +0100, Ondrej Zajicek wrote: > On Thu, Jan 05, 2017 at 04:11:25PM +, Roger Whittaker wrote: > > I'm trying to use bird to help prevent spam as described here: > > > > https://debian-administration.org/article/715/Preventing_SPAM_connections_with_bird > > > > I understand very little about BGP, so I'm really using that article > > as a "recipe", and have used the config file there more or less as is, > > except for changing the router id setting and enabling logging (and > > I've increased scan time to 600). > > The reason for 'Hold timer expired' is funny. The IP address of > eu.bgp-spamd.net > is also on the blacklist: > > bird> show route 217.31.80.170/32 > 217.31.80.170/32 blackhole [bgp1 17:36:37 from 217.31.80.170] * (100) > [AS65055i] > > Not sure if that is intentional or not. OK, seems like the route server is sending not just black list entries, but also other entries (white list?) mixed in, marked by BGP communities. So the original article is horribly mistaken. Blacklisted routes are only ones with (65066, 666) BGP community. So the import filter should look more like: filter route_import { if !( (65066, 666) ~ bgp_community ) then reject; dest = RTD_BLACKHOLE; accept; } -- Elen sila lumenn' omentielvo Ondrej 'Santiago' Zajicek (email: santi...@crfreenet.org) OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net) "To err is human -- to blame it on a computer is even more so." signature.asc Description: Digital signature
Re: Errors like "bgp1: Error: Hold timer expired"
On Thu, Jan 05, 2017 at 04:11:25PM +, Roger Whittaker wrote: > I'm trying to use bird to help prevent spam as described here: > > https://debian-administration.org/article/715/Preventing_SPAM_connections_with_bird > > I understand very little about BGP, so I'm really using that article > as a "recipe", and have used the config file there more or less as is, > except for changing the router id setting and enabling logging (and > I've increased scan time to 600). First, the config from the recipe is missing an important part, the device protocol section: protocol device { } That is responsible for these messages: 2017-01-05 15:24:21 KRT: Received route 0.0.0.0/0 with unknown ifindex 2 > First question: is trying to use bird in this way in any case this a > sensible thing to do? Well, BIRD is a good tool for this task. The real question is whether using a public blacklist for hard SMTP blocking is a reasonable approach to fight spam. At least, it would be a good idea to add some filters, e.g. to ensure that all prefix lengths are /32, that IP ranges are not parts of your infrastructure. Also, i would suggest to use separate routing table for that and then ensure by netfilter and ip rules that it is applied just on SMTP traffic. > If so: second question - I'm seeing the following behaviour: > > 2017-01-05 15:24:21 Started > 2017-01-05 15:24:21 KRT: Received route 0.0.0.0/0 with unknown ifindex 2 > 2017-01-05 15:27:59 bgp1: Error: Hold timer expired The reason for 'Hold timer expired' is funny. The IP address of eu.bgp-spamd.net is also on the blacklist: bird> show route 217.31.80.170/32 217.31.80.170/32 blackhole [bgp1 17:36:37 from 217.31.80.170] * (100) [AS65055i] Not sure if that is intentional or not. By exporting that route to the kernel, you cut off from the BGP neighbor and the session fails. After that, blackhole routes are removed and the session may be reestablished. -- Elen sila lumenn' omentielvo Ondrej 'Santiago' Zajicek (email: santi...@crfreenet.org) OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net) "To err is human -- to blame it on a computer is even more so." signature.asc Description: Digital signature
Errors like "bgp1: Error: Hold timer expired"
I'm trying to use bird to help prevent spam as described here: https://debian-administration.org/article/715/Preventing_SPAM_connections_with_bird I understand very little about BGP, so I'm really using that article as a "recipe", and have used the config file there more or less as is, except for changing the router id setting and enabling logging (and I've increased scan time to 600). First question: is trying to use bird in this way in any case this a sensible thing to do? If so: second question - I'm seeing the following behaviour: 2017-01-05 15:24:21 Started 2017-01-05 15:24:21 KRT: Received route 0.0.0.0/0 with unknown ifindex 2 2017-01-05 15:27:59 bgp1: Error: Hold timer expired 2017-01-05 15:34:01 bgp1: Error: Hold timer expired 2017-01-05 15:34:21 KRT: Received route 0.0.0.0/0 with unknown ifindex 2 2017-01-05 15:40:11 bgp1: Error: Hold timer expired 2017-01-05 15:44:21 KRT: Received route 0.0.0.0/0 with unknown ifindex 2 2017-01-05 15:46:16 bgp1: Error: Hold timer expired 2017-01-05 15:52:20 bgp1: Error: Hold timer expired 2017-01-05 15:54:21 KRT: Received route 0.0.0.0/0 with unknown ifindex 2 2017-01-05 15:58:35 bgp1: Error: Hold timer expired I can't find much reference to these errors in the mailing list archives. But it seems that when the "Hold timer expired" errors happen, the blackhole entries in the routing table disappear for a while. It would be great if someone could comment on this. Roger -- Roger Whittaker ro...@disruptive.org.uk