Uau! patrick!Funcionou direitinho. Quase perfeito exceto que tive que reiniciar o servico, veja abaixo.Segundo patch seu que funciona muito bem no OpenBGP tomara que coloque logo no ports. Não entendi porém seu comentário no patch: " Cisco, Juniper and other BGP routing daemons do offer the samefeature, sometimes with explicit control of how many times the ASnumber is accepted in the as-path. It does not help, the wrong setupwill loop anyway, therefore we just allow it any number of times." Qual é a diferenca na implementacao?Outra coisa coloquei allowas-in no peer e dei reload, nao funcionou. Mas quando reiniciei o openbgpd funcionou, era isso mesmo esperado?
> From: eks...@freebsdbrasil.com.br > To: freebsd@fug.com.br > Date: Sat, 24 Jan 2015 02:47:00 -0200 > Subject: [FUG-BR] OpenBGP allowas-in > > Botei a feature no OpenBGP. O patch[1] funciona OK no OpenBSD tambem, > alem do FreeBSD claro (e ate aplicou na versão do Linux mas como n > uso, só vi que aplicou clean...). Se alguem preferir usar direto no > ports ao invés de aplicar o patch na mão o diff está pronto[2] pra > enviar um PR pro ports também, mas vou enviar depois de 1 semana de > testes. > Todo teste é bem-vindo. > > [1]http://main.bh.freebsdbrasil.com.br/~eksffa/l/local-patch-openbgpd-allowas-in.c> > > [2]http://main.bh.freebsdbrasil.com.br/~eksffa/l/ports_net_openbgpd-allowas-in.diff > > Allow the AS path of a received route to contain the recipient BGP > speaker's AS number any number of times, avoiding Route Decision > Engine loop prevention for this peer. This is a feature that should > rarely be needed. Usually the need for this feature suggests something > wrong on the current BGP setup. However in some particular setups it's > just needed, and can be used without breaking BGP or adding loops. > Cisco, Juniper and other BGP routing daemons do offer the same > feature, sometimes with explicit control of how many times the AS > number is accepted in the as-path. It does not help, the wrong setup > will loop anyway, therefore we just allow it any number of times. On > bgpd.conf(5), use it on a per neighbor/group basis: group "my_peers" { > allowas-in (...) neighbor $a_peer { (...) allowas-in } } Shamely, I > didn't patch bgpd.conf(5), therefore it's more than welcome. -- > Patrick Tracanelli ------------------------- Histórico: http://www.fug.com.br/historico/html/freebsd/ Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd
