bird bgp protocol and fib

B

benoitc

I'm trying to setup bgp on a machineand would like to have all connections in fib1. All ip it will connect to are on fib1 too; But it seems that bird can only connect to a peer using an IP set in fib0. Any idea what's wrong?

I have set th efollowing in peer configuration:

Code: 
protocol bgp transit_ipv4_1 {
    local A.B.C.1 as XXXX;
    neighbor A.B.C.0 as XXXX;
    default bgp_med 0;
    default bgp_local_pref 50;
    password "somepass";
    ipv4 {
        import keep filtered;
        import filter ebgp_import;
        export filter ebgp_export;
          igp table enki_tabv4;
            next hop self;
    };
};

Table should be popupaled with:

Code: 
protocol kernel enkiv4 {
        learn;
        kernel table 1;
        ipv4 {
                table enki_tabv4;
                import all;
                export filter export_kernel;
        };
}

But I noticed the following errors:

Code: 
2023-06-06 02:05:58.571 <TRACE> enkiv4.ipv4 > added [best] A.B.C.D/32 0L 4G unicast
2023-06-06 02:05:58.571 <TRACE> enkiv4.ipv4 < rejected by protocol A.B.C.D/32 0L 4G unicast

or

Code: 
2023-06-06 02:05:58.571 <TRACE> enkiv4: A.B.C.D/24: ignored
2023-06-06 02:05:58.571 <TRACE> enkiv4: A.B.C.D/32: [alien] created
 
Before I bombard you with solutions that don't fit your problem, let me first ask what your physical connections are like.
And what does oare mean?

But it seems that bird can only connect to a peer using an IP set in fib0.
Click to expand...
This is not entirely true, but I do understand what you experience.
 
dns.company said:
Before I bombard you with solutions that don't fit your problem, let me first ask what your physical connections are like.
And what does oare mean?


This is not entirely true, but I do understand what you experience.
Click to expand...
sorry I edited, it was "are" ...
To answer to your question, I have two nics. The connection used for bgp arrived on a vlan 20 on nic2 which I setup on fib1, while the management interface is on another nic (bge0) and get its IP using DHCP:

Code: 
bge0 ---> fib 0 (used for management) DHCP
vlan20 -> fib 1 (connect to remote BGP peer) , static /31 IPV4

More details below. What I am trying to achieve is to connect to remote peers using information found in fib1 routing table and export / import routing information in this table using BGP. Hope this helps :)

ifconfig results:

Code: 
# ifconfig bge0
bge0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
    options=c019b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,TSO4,VLAN_HWTSO,LINKSTATE>
    ether 94:18:82:7b:88:20
    inet6 fe80::9618:82ff:fe7b:8820%bge0 prefixlen 64 scopeid 0x3
    inet 192.168.88.249 netmask 0xffffff00 broadcast 192.168.88.255
    media: Ethernet autoselect (1000baseT <full-duplex>)
    status: active
    nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>


# ifconfig vlan20
vlan2021: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
    options=680703<RXCSUM,TXCSUM,TSO4,TSO6,LRO,LINKSTATE,RXCSUM_IPV6,TXCSUM_IPV6>
    ether 50:65:f3:8b:98:71
    inet A.B.C.1 netmask 0xfffffffe broadcast 255.255.255.255
    inet6 fe80::5265:f3ff:fe8b:9871%vlan2021 prefixlen 64 scopeid 0xb
    groups: vlan
    vlan: 20 vlanproto: 802.1q vlanpcp: 0 parent interface: mlxen0
    fib: 1
    media: Ethernet autoselect (40Gbase-CR4 <full-duplex,rxpause,txpause>)
    status: active
    nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>

relevant line in rc.conf:

Code: 
vlans_mlxen0="vlan20"
create_args_vlan20="vlan 20"
ifconfig_vlan20="A.B.C.1/31 mtu 1500 fib 1"

Note : I edited public ip and replace first parts by letters. I am able to connect to remote IP.
 
benoitc said:
sorry I edited, it was "are" ...
Click to expand...
LOL, I thought it was an English word, term or name I didn't know.

benoitc said:
To answer to your question, I have two nics. The connection used for bgp arrived on a vlan 20 on nic2 which I setup on fib1, while the management interface is on another nic (bge0) and get its IP using DHCP
Click to expand...
Perfect, than I can assure you -by own experience- that what you wish to accomplish is possible and not too hard.

Below is copied 1:1 (but anonymized) from what I have myself,
except for defaultrouter_fib1, which I (still) do using static routes; I doubt it existed when I fabricated this.

rc.conf
Code: 
hostname="a.example"
#
#gateway_enable="YES"                   # If desired, maybe required
#ipv6_gateway_enable="YES"              # If desired, maybe required
#
vlans_mlxen0="vlan20"
create_args_vlan20="vlan 20 fib 1"      # I removed mtu, place it here if needed
ifconfig_vlan20="inet A.B.C.1/31"
#defaultrouter_fib1="A.B.C.0"           # I assume this is superfluous, but maybe needed.
#
ifconfig_bge0="DHCP"
ifconfig_mlxen0="up"                    # In case vlandev has no IP of it's own, then start it explicitly
#
# BGP
bird_enable="YES"

bird.conf
Code: 
ipv4 table t4 sorted;

log syslog { debug, info, remote, warning, error, auth, fatal, bug };

protocol device {
        scan time 10;
        }

protocol static stat_BLA { disabled; ipv4 { table t4; }; route 172.16.1.0/24 via "vlan20"; }       

protocol bgp bgp_BLA {
        local    A.B.C.1 as 64497;
        neighbor A.B.C.0 as 64496;
        strict bind yes;
        router id A.B.C.1;
        ipv4 { table t4; import none; where proto = "stat_BLA"; };
        }
Probably the only relevant thing is the "vlan20" on announcements, and maybe the "strict bind".

benoitc said:
what is feasible? i am not sure how to let bird use the fib 1 instead of the fib 0
Click to expand...
Bird should not even have to deal with that.
In my case (running 5 ASN's - each on a seperate fib) I still have no fib defined inside bird.conf, but -for your usecase- mind that is possible.
 
dns.company are you setting static routes manually? Or have a default route that allows bird to connect? I don't have any success yet , it is still not finding the routes.
 
benoitc said:
dns.company are you setting static routes manually? Or have a default route that allows bird to connect?
Click to expand...
In fact I happen to have both; announcing my prefixes using static, and have a default route for each vlan.
That should be irrelevant, but looks like this:
Code: 
static_routes="gw18v4 gw18v6"
route_gw198v4="-4 default 1.2.3.18   -fib 3"
route_gw198v6="-6 default 2000:18::1 -fib 3"
And per FreeBSD 13.2 above is simplefied to:
Code: 
defaultrouter_fib3="1.2.3.18"
ipv6_defaultrouter_fib3="2000:18::1"

benoitc said:
I don't have any success yet , it is still not finding the routes.
Click to expand...
fib 0 knows to find the other end of Bird's peer(s)?
In my experience it seem fib 0 contains all fibs combined, and the other fib's are a portion of that
(but others here may be able to describe that more accurate).
 
If you aren't strictly bound to bird, you might want to have a look at net/openbgpd, which has a "rtable" option to operate on different routing tables:

bgpd.conf(5)
Code: 
     rtable number
             Work with the given kernel routing table instead of the default
             table, 0.  Note that table 0 is used for nexthop verification.
             Routes in the specified table will not be considered for nexthop
             verification.  This is the same as using the following syntax:

                   rde rib Loc-RIB rtable number


Sadly OpenBGPd in ports often lags behind a few versions, but if you are also free to use OpenBSD on those routers you'd get the latest version AND the benefit of routing domains, which make it really easy to completely segregate routing and management by moving interfaces and services into separate rdomains.
 
benoitc said:
shouldn't it be `table 3` in your example above?
Click to expand...
Yes and no; they were separate examples.
But indeed would/could be "table 3" in my example.

However I don't need it, since -in my case- each of my tables is bound to the interface already using ifconfig ...inet etc... fib 3, each has it's defaultroute, and only has static announcements.
 
You must log in or register to reply here.
Back
Top