[f-nsp] FESX bgp 0.0.0.0/8 bug
Erich Hohermuth
eh at solnet.ch
Fri Jul 27 03:04:55 EDT 2007
Dear list,
I recently found a strange bgp behaviour on the fesx 424 Premium
(Version 03.2.00cT3e3) after I implemented some blackhole mechanism
according to the Team Cymru http://www.cymru.com/BGP/bogon-rs.html the
same configuration on a xmr is working very well.
If I send a route with the community 65000:666 the router should send
this route to null (drop).
Configuration:
ip as-path access-list 66 seq 5 permit ^$
ip community-list BLACKHOLE seq 5 permit 65000:666
ip route 10.10.10.10 255.255.255.255 null0
route-map BLACK_HOLE permit 10
match as-path 66
match community BLACKHOLE
set ip next-hop 10.10.10.10
set community no-advertise
This is working very well with all Networks except the 0.0.0.0/X. which
will be allways set to 0.0.0.0/0. By the way quagga/zebra seems to have
nearly the same bug, except that its below /8.
Example 1 NOT working ( 0.0.0.0/8 )
XMR:
sh ip bgp
*>i 0.0.0.0/8 10.10.10.10 300 0 i
sh ip route
1 0.0.0.0/0 172.16.1.1 ve 2 110/1 O2
2 0.0.0.0/7 DIRECT drop 200/0 B
FESX:
sh ip bgp
*>i 0.0.0.0/0 10.10.10.10 300 0 i
sh ip route
0.0.0.0 0.0.0.0 172.16.1.1 v2 1 O
Example 2 working ( 2.0.0.0/8 )
XMR:
sh ip bgp
*>i 2.0.0.0/8 10.10.10.10 300 0 i
sh ip route
4 2.0.0.0/8 DIRECT drop 200/0 B
FESX:
sh ip bgp
*>i 2.0.0.0/8 10.10.10.10 300 0 i
sh ip route
2 2.0.0.0 255.0.0.0 255.255.255.255 drop
B
Does anyone else see some similar problems ?
Regards
Erich
--
* Erich Hohermuth IP Engineer - SolNet (AS 9044) PGPKEY-46A08FCB *
* phone: +41 32 517 6220 / sip:9044*463 at inoc-dba.pch.net *
More information about the foundry-nsp
mailing list