I'm hoping someone who uses OpenBGPD can help me with this problem.
I have a FreeBSD server running 11.1-RELEASE and I have the openbgpd-5.2.20121209_2 pkg installed and running.
This is the bgpd.conf:
At the neighbor 192.168.11.1 (pfSense) this is the config:
These bgpd.conf files are pulled together from an example I found and some statements may be superfluous but it all works as intended.
pfSense is receiving updates and logs them. It is also running the same pkg version. For various reasons, I would prefer to log directly from the FreeBSD system to my syslog server.
The problem is that "log updates" doesn't work on the FreeBSD system.
I've tried placing the "log updates" statement elsewhere in the conf file but get syntax errors when using "bgpctl reload".
I have tried modifying syslog.conf to to log everything as per the example in the FreeBSD manual and do get some BGP-related messsages - just not updates.
EDIT: Same with adding
to syslog.conf. Starting to wonder if only received updates are logged.
Any help or suggestions would be very much appreciated.
Thanks
I have a FreeBSD server running 11.1-RELEASE and I have the openbgpd-5.2.20121209_2 pkg installed and running.
This is the bgpd.conf:
Code:
AS 65000
router-id 192.168.11.19
log updates
fib-update no
nexthop qualify via default
group f2b{
announce all
set nexthop no-modify
enforce neighbor-as no
multihop 64
ttl-security no
holdtime min 60
softreconfig in no
remote-as 65001
neighbor 192.168.11.1{
passive
}
}
deny from any
allow to any
At the neighbor 192.168.11.1 (pfSense) this is the config:
Code:
AS 65001
fib-update no
listen on 192.168.11.1
log updates
group "f2b" {
remote-as 65000
multihop 64
announce none
neighbor 192.168.11.19 {
descr "postfix"
}
}
match from group f2b community 65000:1 set pftable "fail2ban"
These bgpd.conf files are pulled together from an example I found and some statements may be superfluous but it all works as intended.
pfSense is receiving updates and logs them. It is also running the same pkg version. For various reasons, I would prefer to log directly from the FreeBSD system to my syslog server.
The problem is that "log updates" doesn't work on the FreeBSD system.
I've tried placing the "log updates" statement elsewhere in the conf file but get syntax errors when using "bgpctl reload".
I have tried modifying syslog.conf to to log everything as per the example in the FreeBSD manual and do get some BGP-related messsages - just not updates.
EDIT: Same with adding
Code:
!bgpd @syslogsvr.mydomain.tld
Any help or suggestions would be very much appreciated.
Thanks
Last edited: