Ouch ... forgot a filter: ... access-list filter1 permit 10.2.4.0/24 access-list filter1 deny 0.0.0.0/0 ! access-list filter2 deny 0.0.0.0/0 ! interface eth0 interface eth1 ! router rip network eth0 distribute-list filter1 out eth0 network eth1 distribute-list filter2 out eth1 redistribute connected ...
On Mon, Jul 4, 2016 at 3:49 PM, Alexander Velkov <[email protected]> wrote: > Hello, > > I would like to configure RIP with different ACLs set on different RIP > interfaces. For this purpose I thought I could use the '*ifname*' route > attribute in bird filters. The problem I am facing is that when I use it, > no RIP routes are announced at all, so maybe I am using a wrong syntax. > > If I don't use the *ifname = "eth0" *I see the following sent from the > bird's RIP instance (10.0.4.1 is configured on eth1 and 172.16.0.4 on > eth0). I would like the 10.2.4.1/32 route to be announced through eth0 > only. I have also tried to use the *ifname ~ "eth0" *syntax with no luck. > > > > > *tcpdump:* > # tcpdump -i any -vvnn port 520 > tcpdump: listening on any, link-type LINUX_SLL (Linux cooked), capture > size 65535 bytes > 13:02:58.664760 IP (tos 0xc0, ttl 1, id 27713, offset 0, flags [none], > proto UDP (17), length 52) > *10.0.4.1.520* > 224.0.0.9.520: [udp sum ok] > RIPv2, Response, length: 24, routes: 1 or less > AFI IPv4, *10.2.4.1/32 <http://10.2.4.1/32>*, tag > 0x0000, metric: 1, next-hop: self > 0x0000: 0202 0000 0002 0000 0a02 0401 ffff ffff > 0x0010: 0000 0000 0000 0001 > 13:03:14.686163 IP (tos 0xc0, ttl 1, id 27714, offset 0, flags [none], > proto UDP (17), length 52) > *172.16.0.4.520* > 224.0.0.9.520: [udp sum ok] > RIPv2, Response, length: 24, routes: 1 or less > AFI IPv4, *10.2.4.1/32 <http://10.2.4.1/32>*, tag > 0x0000, metric: 1, next-hop: self > 0x0000: 0202 0000 0002 0000 0a02 0401 ffff ffff > 0x0010: 0000 0000 0000 0001 > > *bird config:* > > protocol kernel { > # persist; # Don't remove routes on BIRD shutdown > scan time 20; # Scan kernel routing table every 20 seconds > export all; # Default is export none > learn; > device routes; > } > > protocol device { > scan time 10; # Scan interfaces every 10 seconds > } > > protocol direct { > interface "*"; > } > > filter rip_export { > # redistribute connected + RIP + ACL > if ( ( source = RTS_DEVICE || source = RTS_RIP ) && > ( net ~ 10.2.4.0/24 && *ifname = "eth0"* ) ) then { > print "net export accepted: ", net; > accept; > } > > reject; > } > > protocol rip RIP { > debug all; > > interface "eth0" {mode multicast; split horizon yes; poison reverse no; > }; > interface "eth1" {mode multicast; split horizon yes; poison reverse no; > }; > > import all; > export filter rip_export; > } > > Any help would be appreciated, thank you. > > Alex >
