OpenBGPD OPEN Error
Hi, I've just upgraded a box to the 3.9 Snapshot from 30th January and now whenever bgpd tries to open a session with a Extreme BlackDiamond it reports the following: received notification: error in OPEN message, optional parameter error This was all working fine with a 3.8 snapshot before. Anyone else had similar issue, a Google and Newsnet didn't turn up anything and I don't recall seeing anything on-list either. I'm aware that the BD is probably doing something it shouldn't be in terms of sticking to the RFCs, but non-the-less, it did work before. Thanks, Karl
Re: OpenBGPD OPEN Error
* Karl Austin [EMAIL PROTECTED] [2006-02-06 11:39]: Hi, I've just upgraded a box to the 3.9 Snapshot from 30th January and now whenever bgpd tries to open a session with a Extreme BlackDiamond it reports the following: received notification: error in OPEN message, optional parameter error This was all working fine with a 3.8 snapshot before. Anyone else had similar issue, a Google and Newsnet didn't turn up anything and I don't recall seeing anything on-list either. I'm aware that the BD is probably doing something it shouldn't be in terms of sticking to the RFCs, but non-the-less, it did work before. we are announcing something to the BD it does not like. a tcpdump (increase snaplen, like, tcpdump -vvv -n -s 1500 port 179) would help, and you can play with announce IPv6/IPv6 in the config, and, as last resort, announce capabilities no. But I'd really prefer to debug this properly, maybe we need to change something in he way we announce capabilites by default. also, check logs on the other side. -- BS Web Services, http://www.bsws.de/ OpenBSD-based Webhosting, Mail Services, Managed Servers, ... Unix is very simple, but it takes a genius to understand the simplicity. (Dennis Ritchie)
Re: OpenBGPD OPEN Error
Henning Brauer wrote: * Karl Austin [EMAIL PROTECTED] [2006-02-06 11:39]: Hi, I've just upgraded a box to the 3.9 Snapshot from 30th January and now whenever bgpd tries to open a session with a Extreme BlackDiamond it reports the following: received notification: error in OPEN message, optional parameter error This was all working fine with a 3.8 snapshot before. Anyone else had similar issue, a Google and Newsnet didn't turn up anything and I don't recall seeing anything on-list either. I'm aware that the BD is probably doing something it shouldn't be in terms of sticking to the RFCs, but non-the-less, it did work before. we are announcing something to the BD it does not like. a tcpdump (increase snaplen, like, tcpdump -vvv -n -s 1500 port 179) would help, and you can play with announce IPv6/IPv6 in the config, and, as last resort, announce capabilities no. But I'd really prefer to debug this properly, maybe we need to change something in he way we announce capabilites by default. also, check logs on the other side. Just trying to get the BD to give me something remotely useful about it. Reading back what I typed, wasn't all that clear in my first message, it's OpenBGPD giving the error, not the BD. tcpdump: # tcpdump -i ti1 -vvv -n -s 1500 port 179 and host 192.168.1.5 tcpdump: listening on ti1, link-type EN10MB 11:09:46.794102 192.168.1.5.1381 192.168.1.6.179: S [tcp sum ok] 3055653480:3055653480(0) win 3600 mss 1460 [tos 0xc0] (ttl 30, id 43716, len 44) 11:09:46.794121 192.168.1.6.179 192.168.1.5.1381: S [tcp sum ok] 2689756459:2689756459(0) ack 3055653481 win 16384 mss 1460 (DF) (ttl 64, id 15313, len 44) 11:09:46.795217 192.168.1.5.1381 192.168.1.6.179: . [tcp sum ok] 1:1(0) ack 1 win 3600 [tos 0xc0] (ttl 30, id 43717, len 40) 11:09:46.795340 192.168.1.6.179 192.168.1.5.1381: F [tcp sum ok] 1:1(0) ack 1 win 17520 (DF) (ttl 64, id 18823, len 40) 11:09:46.795747 192.168.1.5.1381 192.168.1.6.179: . [tcp sum ok] 1:1(0) ack 2 win 3600 [tos 0xc0] (ttl 30, id 43718, len 40) 11:09:47.087864 192.168.1.5.1381 192.168.1.6.179: P [tcp sum ok] 1:30(29) ack 2 win 3600: BGP (OPEN: Version 4, AS #65535, Holdtime 180, ID 192.168.1.1, Option length 0) [tos 0xc0] (ttl 30, id 43720, len 69) 11:09:47.087877 192.168.1.6.179 192.168.1.5.1381: R [tcp sum ok] 2689756461:2689756461(0) win 0 (DF) (ttl 64, id 22030, len 40) 11:09:47.088335 192.168.1.5.1381 192.168.1.6.179: F [tcp sum ok] 30:30(0) ack 2 win 3600 [tos 0xc0] (ttl 30, id 43721, len 40) 11:09:47.088342 192.168.1.6.179 192.168.1.5.1381: R [tcp sum ok] 2689756461:2689756461(0) win 0 (DF) (ttl 64, id 25445, len 40) Tried with: announce IPv6 none and: announce capabilities no but neither make any difference. Thanks, Karl
Re: OpenBGPD OPEN Error
Karl Austin wrote: Tried with: announce IPv6 none and: announce capabilities no but neither make any difference. Thanks, Karl Just tried again, shut the session down at both sides for a few minutes and waited, then brought them back up, and it seems that announce capabilities no did the trick in establishing the session again - But like yourself, I'd rather get to the bottom of it. Thanks, Karl
Re: OpenBGPD OPEN Error
* Karl Austin [EMAIL PROTECTED] [2006-02-06 12:33]: Henning Brauer wrote: * Karl Austin [EMAIL PROTECTED] [2006-02-06 11:39]: I've just upgraded a box to the 3.9 Snapshot from 30th January and now whenever bgpd tries to open a session with a Extreme BlackDiamond it reports the following: received notification: error in OPEN message, optional parameter error This was all working fine with a 3.8 snapshot before. Anyone else had similar issue, a Google and Newsnet didn't turn up anything and I don't recall seeing anything on-list either. I'm aware that the BD is probably doing something it shouldn't be in terms of sticking to the RFCs, but non-the-less, it did work before. we are announcing something to the BD it does not like. a tcpdump (increase snaplen, like, tcpdump -vvv -n -s 1500 port 179) would help, and you can play with announce IPv6/IPv6 in the config, and, as last resort, announce capabilities no. But I'd really prefer to debug this properly, maybe we need to change something in he way we announce capabilites by default. also, check logs on the other side. Just trying to get the BD to give me something remotely useful about it. Reading back what I typed, wasn't all that clear in my first message, it's OpenBGPD giving the error, not the BD. well, openbgpd logs that the BD sent us a notification, so the BD errors out and tells us so. 11:09:47.087864 192.168.1.5.1381 192.168.1.6.179: P [tcp sum ok] 1:30(29) ack 2 win 3600: BGP (OPEN: Version 4, AS #65535, Holdtime 180, ID 192.168.1.1, Option length 0) [tos 0xc0] (ttl 30, id 43720, len 69) 192.168.1.5 beeing the BD? hmm. announce capabilities no definately should get you going. if I guessworked correctly your tcpdump does not show the OPEN message from the OpenBGPD box. it should work with no capabilities. wait, I think I see a bug and announce capabilities no doesn't work :) please try this diff. Index: session.c === RCS file: /cvs/src/usr.sbin/bgpd/session.c,v retrieving revision 1.243 diff -u -p -r1.243 session.c --- session.c 24 Jan 2006 10:08:16 - 1.243 +++ session.c 6 Feb 2006 12:01:08 - @@ -1200,7 +1200,7 @@ session_open(struct peer *p) if (p-capa.ann.refresh) op_len += 2 + 0;/* 1 code + 1 len, no data */ - if (op_len 0) + if (p-conf.announce_capa op_len 0) optparamlen = sizeof(op_type) + sizeof(op_len) + op_len; len = MSGSIZE_OPEN_MIN + optparamlen; however, after receiving a Optional Parameter Error notofcation, OpenBGPD should quickly retry without any capabilites announced (and thus optional parameters) on its own. did you wait for the second trial? -- BS Web Services, http://www.bsws.de/ OpenBSD-based Webhosting, Mail Services, Managed Servers, ... Unix is very simple, but it takes a genius to understand the simplicity. (Dennis Ritchie)
Re: OpenBGPD OPEN Error
* Karl Austin [EMAIL PROTECTED] [2006-02-06 12:48]: Karl Austin wrote: Tried with: announce IPv6 none and: announce capabilities no but neither make any difference. Thanks, Karl Just tried again, shut the session down at both sides for a few minutes and waited, then brought them back up, and it seems that announce capabilities no did the trick in establishing the session again - But like yourself, I'd rather get to the bottom of it. you could try with announce IPv4 none announce IPv6 none then we do not announce any multiprotocol stuff at all but only route refresh. I am pretty sure tho that we announce route refresh and IPv4 unicast in 3.8 too... -- BS Web Services, http://www.bsws.de/ OpenBSD-based Webhosting, Mail Services, Managed Servers, ... Unix is very simple, but it takes a genius to understand the simplicity. (Dennis Ritchie)
Re: OpenBGPD OPEN Error
Henning Brauer wrote: wait, I think I see a bug and announce capabilities no doesn't work :) please try this diff. Index: session.c === RCS file: /cvs/src/usr.sbin/bgpd/session.c,v retrieving revision 1.243 diff -u -p -r1.243 session.c --- session.c 24 Jan 2006 10:08:16 - 1.243 +++ session.c 6 Feb 2006 12:01:08 - @@ -1200,7 +1200,7 @@ session_open(struct peer *p) if (p-capa.ann.refresh) op_len += 2 + 0;/* 1 code + 1 len, no data */ - if (op_len 0) + if (p-conf.announce_capa op_len 0) optparamlen = sizeof(op_type) + sizeof(op_len) + op_len; len = MSGSIZE_OPEN_MIN + optparamlen; however, after receiving a Optional Parameter Error notofcation, OpenBGPD should quickly retry without any capabilites announced (and thus optional parameters) on its own. did you wait for the second trial? Just tried from CVS with the patch applied and still the same :( I do have what I believe is the open packet as sent to the BD, unfortunately it's not top drawer at logging these things, logged in hex: 02/06/2006 15:06.21 DBUG:KERN 0x08815b0fd0: 00 * 02/06/2006 15:06.21 DBUG:KERN 0x08815b0fc0: 00 21 01 04 78 d5 00 5a c1 97 7c 06 04 02 02 02 *!**x**Z**|* 02/06/2006 15:06.21 DBUG:KERN 0x08815b0fb0: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff Thanks, Karl
