bgpd "export default-route" [Re: CVS: cvs.openbsd.org: src]

Tue, 28 May 2019 18:54:18 -0700 

On 2019/05/13 07:47, Denis Fondras wrote:
> CVSROOT:      /cvs
> Module name:  src
> Changes by:   [email protected]   2019/05/13 07:47:36
> 
> Modified files:
>       usr.sbin/bgpd  : rde_update.c 
> 
> Log message:
> fix export default-route.
> 
> OK claudio@
> 

I've just been updating some remaining 6.3-ish boxes and running into
problems with this.. Does anyone have a config with "export default-route"
that works OK on -current that I could take a look at and see if I can
figure out what I've missed?

I started with a working 6.3 config that has several peer groups (all
ibgp in this case). For one group it passes a full table, for another
(a couple of firewalls/VPN boxes etc) it uses "announce default-route"
to just feed a default route.

In preparation for the update I made sure I have explicit default "deny
from/to any" rules at the top of the ruleset, "allow to group XX" for
that peer group, and no other rules that should deny the default route
being sent to them.

After updating to 6.5, 0 routes are received at the peer.

After spotting the above commit I updated bgpd to -current, same
again - no routes received at the peer.

-current$ bgpctl sh rib out
flags: * = Valid, > = Selected, I = via IBGP, A = Announced,
       S = Stale, E = Error
origin validation state: N = not-found, V = valid, ! = invalid
origin: i = IGP, e = EGP, ? = Incomplete

flags ovs destination          gateway          lpref   med aspath origin
I*      N 0.0.0.0/0            0.0.0.0            100     0 i
*       N 0.0.0.0/0            0.0.0.0            100     0 i
*       N 0.0.0.0/0            0.0.0.0            100     0 i
I*      N 0.0.0.0/0            0.0.0.0            100     0 i
I*      N 0.0.0.0/0            0.0.0.0            100     0 i
I*      N 0.0.0.0/0            0.0.0.0            100     0 i
I*      N 0.0.0.0/0            0.0.0.0            100     0 i
I*      N 0.0.0.0/0            0.0.0.0            100     0 i
I*      N ::/0                 ::                 100     0 i

-current$ bgpctl sh rib out nei somepeer
flags: * = Valid, > = Selected, I = via IBGP, A = Announced,
       S = Stale, E = Error
origin validation state: N = not-found, V = valid, ! = invalid
origin: i = IGP, e = EGP, ? = Incomplete

flags ovs destination          gateway          lpref   med aspath origin
I*      N 0.0.0.0/0            0.0.0.0            100     0 i

... I'm not sure about the 0.0.0.0 for gateway, it doesn't feel right,
but I can't compare with 6.3 because I don't see anything from "sh rib out nei 
XX"
and a plain "sh rib out" isn't available there.

somepeer$ bgpctl sh
Neighbor                   AS    MsgRcvd    MsgSent  OutQ Up/Down  State/PrfRcvd
(-current)              xxxxx     386398     386395     0 00:53:13      0
(6.3)                   xxxxx     386382     386368     0 00:00:02      1

..

I've backed out to 2018/06/12 so I can remove my hastily-added static
defaults ;) but would be grateful for any clues ..

Reply via email to