Hi Ashe
Sorry about that, I forgot a part of the config file.
You'll need to add "nexthop qualify via default" to the global part of
the configuration. Since the routers sending you the information are
not on your local link, there isn't a valid nexthop so the routes are
not selected. Once the nexthops are accepted, the prefixes will be
processed and will be used.
-peter
On 2018 Oct 29 (Mon) at 03:37:23 +0000 (+0000), Ashe Connor wrote:
:Hi all,
:
:I’ve set up bgpd for use with bgp-spamd.net’s servers. As far as I can tell,
the BGP connection and transfer is working fine:
:
:------8<------
:elisheva:~$ cat /etc/bgpd.conf
:spam_rs1="64.142.121.62"
:spam_rs2="217.31.80.170"
:spam_asn="65066"
:
:AS 65500
:fib-update no
:
:group "spam-bgp" {
: remote-as $spam_asn
: multihop 64
: export none
: neighbor $spam_rs1
: neighbor $spam_rs2
:}
:
:match from group "spam-bgp" community $spam_asn:42 set pftable
"bgp_spamd_bypass"
:match from group "spam-bgp" community $spam_asn:666 set pftable "bgp_spamd"
:elisheva:~$ bgpctl show
:Neighbor AS MsgRcvd MsgSent OutQ Up/Down
State/PrfRcvd
:217.31.80.170 65066 410 322 0 02:39:41 37096
:64.142.121.62 65066 460 318 0 01:25:30 37096
:elisheva:~$ bgpctl show rib memory
:RDE memory statistics
: 37096 IPv4 unicast network entries using 1.4M of memory
: 37096 rib entries using 2.3M of memory
: 74192 prefix entries using 6.8M of memory
: 10 BGP path attribute entries using 1.1K of memory
: 2 BGP AS-PATH attribute entries using 82B of memory,
: and holding 10 references
: 7 BGP attributes entries using 280B of memory
: and holding 10 references
: 7 BGP attributes using 48B of memory
:RIB using 10.5M of memory
:
:RDE hash statistics
: path hash: size 131072, 10 entires
: min 0 max 2 avg/std-dev = 0.000/0.000
: aspath hash: size 131072, 2 entires
: min 0 max 1 avg/std-dev = 0.000/0.000
: attr hash: size 16384, 7 entires
: min 0 max 1 avg/std-dev = 0.000/0.000
:------8<------
:
:However, despite the entry counts being shown by `bgpctl show rib memory`, no
other command lists entries as one might expect, and the pf tables are empty:
:
:------8<------
:elisheva:~$ bgpctl show rib
:flags: * = Valid, > = Selected, I = via IBGP, A = Announced,
: S = Stale, E = Error
:origin validation state: N = not-found, V = valid, ! = invalid
:origin: i = IGP, e = EGP, ? = Incomplete
:
:flags ovs destination gateway lpref med aspath origin
:elisheva:~$ bgpctl show rib community 65066:42
:flags: * = Valid, > = Selected, I = via IBGP, A = Announced,
: S = Stale, E = Error
:origin validation state: N = not-found, V = valid, ! = invalid
:origin: i = IGP, e = EGP, ? = Incomplete
:
:flags ovs destination gateway lpref med aspath origin
:elisheva:~$ doas pfctl -Ts -t bgp_spamd
:elisheva:~$ doas pfctl -Ts -t bgp_spamd_bypass
:elisheva:~$
:------8<------
:
:Any hints as to how to further diagnose? I’ve tried most conceivable
additional arguments to `bgpctl show rib` and I haven’t found a way to list
entries yet. Log entries are benign ((re)configuration success messages).
:
:Thanks,
:
:Ashe
:
--
For those who like this sort of thing, this is the sort of thing they like.
-- Abraham Lincoln
