No, this is not the only session. Here is the full config, I hope it helps:
Things start going wrong when I add the following to a v6 session:
tcp md5sig password hondjes
--
AS 6777
router-id 195.69.145.245
fib-update no
log updates
listen on 195.69.145.245
listen on 2001:7F8:1::A500:6777:4
nexthop qualify via bgp
transparent-as yes
dump all in "/tmp/all-in-dump-%H%M" 300
dump all out "/tmp/all-out-dump-%H%M" 300
group "peers-rs-v6" {
announce IPv6 unicast
announce IPv4 none
softreconfig in yes
enforce neighbor-as yes
set nexthop no-modify
local-address 2001:7F8:1::A500:6777:4
neighbor 2001:7f8:1::A500:1200:1 {
descr "AS1200-v6-01"
remote-as 1200
announce all
passive
tcp md5sig password hondjes
}
neighbor 2001:7f8:1::A500:1200:2 {
descr "AS1200-v6-02"
remote-as 1200
announce all
passive
}
neighbor 2001:7f8:1::a504:8345:1 {
descr "XSNEWS-v6-01"
remote-as 48345
announce all
passive
max-prefix 5
}
neighbor 2001:7f8:1::a504:8345:2 {
descr "XSNEWS-v6-02"
remote-as 48345
announce all
passive
max-prefix 5
}
neighbor 2001:7F8:1::A503:4763:1 {
descr "ABSOLUTE-v6-01"
remote-as 34763
announce all
passive
max-prefix 350
}
neighbor 2001:7F8:1::A501:6265:1 {
descr "LEASEWEB-v6-01"
remote-as 16265
announce all
passive
max-prefix 115
}
neighbor 2001:7F8:1::A501:6265:2 {
descr "LEASEWEB-v6-02"
remote-as 16265
announce all
passive
max-prefix 115
}
neighbor 2001:7F8:1::A504:1692:1 {
descr "OPENCARRIER-v6-01"
remote-as 41692
announce all
passive
max-prefix 5
}
neighbor 2001:7f8:1::a500:559:1 {
descr "SWITCH-v6-01"
remote-as 559
announce all
passive
max-prefix 252
}
}
group "peers-rs-v4" {
announce IPv6 none
announce IPv4 unicast
softreconfig in yes
enforce neighbor-as yes
set nexthop no-modify
neighbor 195.69.144.1 {
descr "AS1200-rtr-eun-01"
remote-as 1200
announce all
passive
max-prefix 5
tcp md5sig password hondjes
}
neighbor 195.69.145.1 {
descr "AS1200-rtr-glo-02"
remote-as 1200
announce all
passive
max-prefix 5
}
neighbor 195.69.144.229 {
descr "XSNEWS-01"
remote-as 48345
announce all
passive
max-prefix 5
}
neighbor 195.69.145.229 {
descr "XSNEWS-02"
remote-as 48345
announce all
passive
max-prefix 5
}
neighbor 195.69.144.168 {
descr "AKAMAI-01"
remote-as 20940
announce all
passive
max-prefix 152
}
neighbor 195.69.145.208 {
descr "AKAMAI-02"
remote-as 20940
announce all
passive
max-prefix 152
}
neighbor 195.69.144.33 {
descr "SWITCH-01"
remote-as 559
announce all
passive
max-prefix 252
}
neighbor 195.69.145.105 {
descr "ABSOLUTE-RADIO-01"
remote-as 34763
announce all
passive
max-prefix 350
}
neighbor 195.69.144.159 {
descr "CAMBRIUM-01"
remote-as 25596
announce all
passive
max-prefix 15
}
neighbor 195.69.145.169 {
descr "CAMBRIUM-02"
remote-as 25596
announce all
passive
max-prefix 15
}
neighbor 195.69.145.119 {
descr "TNG-01"
remote-as 13101
announce all
passive
max-prefix 150
}
neighbor 195.69.144.215 {
descr "LEASEWEB-01"
remote-as 16265
announce all
passive
max-prefix 115
}
neighbor 195.69.145.215 {
descr "LEASEWEB-02"
remote-as 16265
announce all
passive
max-prefix 115
}
neighbor 195.69.145.136 {
descr "IN2IP-01"
remote-as 34141
announce all
passive
max-prefix 8
}
neighbor 195.69.145.187 {
descr "VOXEL-01"
remote-as 29791
announce all
passive
max-prefix 20
}
neighbor 195.69.145.221 {
descr "OPENCARRIER-01"
remote-as 41692
announce all
passive
max-prefix 5
}
neighbor 195.69.144.101 {
descr "HYVES-01"
remote-as 47344
announce all
passive
max-prefix 10
}
neighbor 195.69.145.185 {
descr "GTS-CE-01"
remote-as 5588
announce all
passive
max-prefix 7
}
}
# filter out prefixes longer than 24 or shorter than 8 bits
deny from any
allow from any inet prefixlen 8 - 24
allow from any inet6 prefixlen 16 - 48
# do not accept a default route
deny from any inet prefix 0.0.0.0/0
deny from any inet6 prefix ::/0
deny from any inet6 prefix 2000::/3
# filter bogus networks
deny from any inet prefix 10.0.0.0/8 prefixlen >= 8
deny from any inet prefix 172.16.0.0/12 prefixlen >= 12
deny from any inet prefix 192.168.0.0/16 prefixlen >= 16
deny from any inet prefix 169.254.0.0/16 prefixlen >= 16
deny from any inet prefix 192.0.2.0/24 prefixlen >= 24
deny from any inet prefix 224.0.0.0/4 prefixlen >= 4
deny from any inet prefix 240.0.0.0/4 prefixlen >= 4
deny from any inet6 prefix 3ffe::/16
deny from any inet6 prefix 2001:db8::/32 prefixlen >= 32
deny from any inet6 prefix ::/8
deny from any inet6 prefix fe00::/9
deny from any inet6 prefix ff00::/8
On 3/8/09 9:18 PM, Henning Brauer wrote:
> * Arnoud Vermeer<[email protected]> [2009-03-08 21:06]:
>
>> I didn't modify the source code in any way. I'm running the latest
>> version from CVS on an amd64 machine and an i386 machine.
>>
>> I have the following configuration:
>>
>> AS 6777
>> router-id 195.69.145.245
>> fib-update no
>> log updates
>> listen on 195.69.145.245
>> listen on 2001:7F8:1::A500:6777:4
>>
>> nexthop qualify via bgp
>> transparent-as yes
>>
>> dump all in "/tmp/all-in-dump-%H%M" 300
>> dump all out "/tmp/all-out-dump-%H%M" 300
>>
>> group "peers-rs-v6" {
>> announce IPv6 unicast
>> announce IPv4 none
>> softreconfig in yes
>> enforce neighbor-as yes
>> set nexthop no-modify
>> local-address 2001:7F8:1::A500:6777:4
>>
>> neighbor 2001:7f8:1::A500:1200:1 {
>> descr "AS1200-v6-01"
>> remote-as 1200
>> announce all
>> passive
>> }
>> }
>>
>
> so you only have that one neighbor, right?
>
>
>> The comment about the gracefull restart lead me to think about the
>> following setting:
>>
>> announce capabilities (yes|no)
>> If set to no, capability negotiation is disabled during
>> the es-
>> tablishment of the session. This can be helpful to connect to
>> old or broken BGP implementations. The default is yes.
>>
>> Doesn't this troggle the graceful update? While reading the announce
>>
>
> no. you can't turn it on, yet. which reminds me that I wanted to add
> buttons for specific capabilities...
>
>
>> part of the manual, I noticed the following:
>> announce (all|none|self|default-route)
>> If set to none, no UPDATE messages will be sent to the
>> neighbor.
>> If set to default-route, only the default route will be
>> announced
>> to the neighbor. If set to all, all generated UPDATE messages
>> will be sent to the neighbor. This is usually used for
>> transit
>> AS's and IBGP peers. The default value for EBGP peers is
>> self,
>> which limits the sent UPDATE messages to announcements of
>> the lo-
>> cal AS. The default for IBGP peers is all.
>>
>> I also have announce all, in my configuration, because it is a route
>> server I'm working on. Could this be the setting that is responsible for
>> the UPDATE?
>>
>
> sure. but the root issue here is that we're apparently sending out
> bullshit in this case for yet unknown reasons.
