On 29 Oct 2018, at 20:17, Claudio Jeker <[email protected]> wrote:
> On Mon, Oct 29, 2018 at 09:30:44AM +0100, Peter Hessler wrote:
>> Hi Ashe
>>
>> Sorry about that, I forgot a part of the config file.
>>
>> You'll need to add "nexthop qualify via default" to the global part of
>> the configuration. Since the routers sending you the information are
>> not on your local link, there isn't a valid nexthop so the routes are
>> not selected. Once the nexthops are accepted, the prefixes will be
>> processed and will be used.
>
> Also don't forget the default deny policy of 6.4. Looking at the config it
> seems there is no 'allow from group "spam-bgp"' and so nothing is put into
> the RIB.
And just like that:
------8<------
elisheva:~$ cat /etc/bgpd.conf
spam_rs1="64.142.121.62"
spam_rs2="217.31.80.170"
spam_asn="65066"
AS 65500
fib-update no
nexthop qualify via default
group "spam-bgp" {
remote-as $spam_asn
multihop 64
export none
neighbor $spam_rs1
neighbor $spam_rs2
}
match from group "spam-bgp" community $spam_asn:42 set pftable
"bgp_spamd_bypass"
match from group "spam-bgp" community $spam_asn:666 set pftable "bgp_spamd"
allow from group "spam-bgp"
elisheva:~$ bgpctl show
Neighbor AS MsgRcvd MsgSent OutQ Up/Down State/PrfRcvd
217.31.80.170 65066 222 103 0 00:49:51 37172
64.142.121.62 65066 226 103 0 00:49:52 37172
elisheva:~$ bgpctl show rib | wc -l
74350
elisheva:~$
------8<------
Thank you so much, both!
Ashe
