Hi,
I have the following setup and am not seeing what I expect. I had this
working before, so I am sure it is something I have changed in the
configurations when automating them. I just can't see what it is.
Situation is that that have a bunch of host aliases (/32) defined on the
lo interface. For each of these, I create a static in bird so there is a
route. Then I filter and forward those via BGP to the edge routers that
talk to ISPs. A single machine is presenting a number of addresses in
different routing blocks and addresses.
I have attached the bird config for this machine.
here is the list of loopback aliases
[root@pnpborder1 bird]# ip addr show lo
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet 198.49.100.18/32 brd 198.49.100.18 scope global lo
valid_lft forever preferred_lft forever
inet 8.25.217.45/32 brd 8.25.217.45 scope global lo
valid_lft forever preferred_lft forever
inet 8.6.161.18/32 brd 8.6.161.18 scope global lo
valid_lft forever preferred_lft forever
inet 8.5.161.45/32 brd 8.5.161.45 scope global lo
valid_lft forever preferred_lft forever
inet 198.49.100.45/32 brd 198.49.100.45 scope global lo
valid_lft forever preferred_lft forever
inet 8.25.217.18/32 brd 8.25.217.18 scope global lo
valid_lft forever preferred_lft forever
inet 4.7.20.4/32 brd 4.7.20.4 scope global lo
valid_lft forever preferred_lft forever
inet 4.7.20.5/32 brd 4.7.20.5 scope global lo
valid_lft forever preferred_lft forever
inet 173.1.2.36/32 brd 173.1.2.36 scope global lo
valid_lft forever preferred_lft forever
inet 173.1.2.37/32 brd 173.1.2.37 scope global lo
valid_lft forever preferred_lft forever
inet6 dead:beef::1/32 scope global
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
the routing table doesn't show the routes and the neighbors don't get
them (did a tcpdump to make sure it wasn't filtering on the far side.)
[root@pnpborder1 bird]# netstat -nr
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt
Iface
0.0.0.0 - 0.0.0.0 ! - - - -
4.7.20.0 0.0.0.0 255.255.255.240 U 0 0 0
edge10Bvl801
4.7.20.0 0.0.0.0 255.255.255.240 U 0 0 0
edge10Avl801
10.100.16.0 0.0.0.0 255.255.240.0 U 0 0 0
eth4
10.100.32.0 0.0.0.0 255.255.240.0 U 0 0 0
eth5
10.201.0.0 0.0.0.0 255.255.240.0 U 0 0 0
eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0
eth0
172.18.10.0 0.0.0.0 255.255.255.0 U 0 0 0
edge10Bvl800
172.18.10.0 0.0.0.0 255.255.255.0 U 0 0 0
edge10Avl800
173.1.2.32 0.0.0.0 255.255.255.240 U 0 0 0
edge10Bvl803
173.1.2.32 0.0.0.0 255.255.255.240 U 0 0 0
edge10Avl803
can anyone spot what I did wrong?
thanks,
jerry
--
Jerry Scharf, Soundhound DevOps
"What could possibly go wrong?"
# this is automatically generated from borderbird4.j2, version 0.3
protocol kernel {
# learn; # Learn all alien routes from the kernel
persist; # Don't remove routes on bird shutdown
scan time 20; # Scan kernel routing table every 20 seconds
# import none; # Default is import all
export all; # Default is export none
# kernel table 5; # Kernel table to synchronize with (default:
main)
}
protocol direct {
interface "lo", "*";
preference 32000; # make sure bgp routes don't overwrite direct
}
log "/var/log/birdlog" all;
router id 10.100.16.10;
protocol static {
preference 16000;
route 198.49.100.45/32 via "lo";
route 8.25.217.18/32 via "lo";
route 198.49.100.18/32 via "lo";
route 8.25.217.45/32 via "lo";
route 8.6.161.18/32 via "lo";
route 8.5.161.45/32 via "lo";
}
function issecondary() {
return net ~
[198.49.100.45,8.25.217.18,198.49.100.18,8.25.217.45,8.6.161.18,8.5.161.45];
}
function isprimary() {
return net ~ [0.0.0.4/30];
}
function net_outside() {
return net ~ [172.18.10.0/24+,8.5.161.0/24+,198.49.100.0/24+];
}
function is_internal_local() {
return net ~
[10.100.32.10/32,10.100.32.0/20,10.100.16.10/32,10.100.16.0/20];
}
filter inside_export {
if ((net = 0.0.0.0/0) || (net ~ 10.0.0.0/8)) then accept;
else reject;
}
filter inside_import {
if is_internal_local() then reject;
if net ~ [10.0.0.0/8+, 172.16.0.0/12+] then accept;
else reject;
}
filter load_default {
if net = 0.0.0.0/0 then accept;
else reject;
}
filter outside_only {
if isprimary() then bgp_local_pref=100;
else if issecondary() then bgp_local_pref=80;
else if net_outside() then bgp_local_pref=25;
if net_outside() then accept;
else reject;
}
template bgp tocore {
description "bgp to data center as";
local as 65302;
direct;
export filter inside_export;
import filter inside_import;
bfd on;
}
protocol bgp inside_netA from tocore {
neighbor 10.100.16.3 as 65302;
source address 10.100.16.10;
}
protocol bgp inside_netB from tocore {
neighbor 10.100.32.3 as 65302;
source address 10.100.32.10;
}
template bgp toedge {
description "bgp to edge/ISP as";
local as 18741;
# direct;
export filter outside_only;
import filter load_default;
allow local as;
bfd on;
}
protocol bgp outside_edge_A from toedge {
neighbor 172.18.10.1 as 18741;
source address 172.18.10.4;
}
protocol bgp outside_edge_B from toedge {
neighbor 172.18.10.2 as 18741;
source address 172.18.10.5;
}
protocol bfd {
interface "eth*" {
interval 300 ms;
multiplier 3;
};
}
include "/soundhound/etc/bird/*4.part.cfg";
