[f-nsp] Netiron AS4 capabilities

Bogdan Rotariu bogdan at rotariu.ro
Thu Jun 29 17:03:57 EDT 2023 

The issue with the log pasted below is related to AS 44418, which aggregates at least one of their prefixes.

As there is no confidential informations, I can share a dump[1] for the session from the Mikrotik side, I am unable to mirror the CER2024 port, 10.11.1.4 is a Brocade CER2024 and 10.11.1.15 is a Mikrotik CCR2216. In Wireshark I cannot see anything wrong.

[1]  https://apackets.com/api/v1/pcaps/public/download/06dfb59469e9d97fb6429baa1f635f71.pcap/bgp-10.pcap


> On 29 Jun 2023, at 15:40, Tim Warnock <timoid at timoid.org> wrote:
> 
> From https://datatracker.ietf.org/doc/html/rfc4271#section-9.2.2.2
> 
>         g) AGGREGATOR (Type Code 7)
> 
>            AGGREGATOR is an optional transitive attribute of length 6.
>            The attribute contains the last AS number that formed the
>            aggregate route (encoded as 2 octets), followed by the IP
>            address of the BGP speaker that formed the aggregate route
>            (encoded as 4 octets).  This SHOULD be the same address as
>            the one used for the BGP Identifier of the speaker.
> 
>            Usage of this attribute is defined in 5.1.7.
> 
> I cant easily see anywhere where that definition was extended to support a length of 8 - so this kinda feels like a RouterOS issue rather than the CERs.
> 
> Hopefully I have this correct:
> 
> 0x0064d007 0x00080000
> 0xad825509 octets - 173 130 85 09 AS21769/AS2910999817 ?
> 0x1f8617c3  this should be the aggregator IP address 31 129 23 195 ?
> 
> 
> 
> -----Original Message-----
> From: foundry-nsp <foundry-nsp-bounces at puck.nether.net> On Behalf Of Bogdan-Stefan Rotariu
> Sent: Thursday, June 29, 2023 9:45 PM
> To: foundry-nsp at puck.nether.net
> Subject: [f-nsp] Netiron AS4 capabilities
> 
> Hi there,
> 
> We have some CER2024 in our network, and we are starting to encounter issues when receiving prefixes from Mikrotik CCR2216 that is running with ROSv7. Has anyone any ideea except replacing the CER’s?
> 
> The peer is has AS4 capability negociated:
> 
>   Neighbor AS4 Capability Negotiation:
>     Peer Negotiated AS4  capability
>     Peer configured for AS4  capability
> 
> We are running version 6.3.0.fT183:
> 
> IronWare : Version 6.3.0fT183 Copyright (c) 2017-2019 Extreme Networks, Inc.
> Compiled on Jul 14 2022 at 21:38:40 labeled as ce06300f
> (18589108 bytes) from Primary
> 
> last-packet-with-error decode shows :
> 
> Received Message Length: 94
> BGP Message:
> 0xffffffff  0xffffffff  0xffffffff  0xffffffff  0x005e0200
> 0x00004340  0x01010050  0x02001602  0x05000022  0x04000015
> 0xe60000ad  0x820000ad  0x820000ad  0x82400304  0x0a0b010f
> 0x40050400  0x00006440  0x0600d008  0x00042204  0x0064d007
> 0x00080000  0xad825509  0x1f8617c3  0xd204
> 
> BGP Header
> Marker:   0xffffffff  0xffffffff  0xffffffff  0xffffffff
> Message Length: (0x005e) 94
> Message Type: (0x02) UPDATE
> 
> UPDATE Message
> Unfeasible route length: (0x0000) 0
> Update path attributes
> Total Path Attribute length: (0x0043) 67
> Flags : (0x40) Well Known, Transitive, Complete
> Type  : (0x01) Origin
> Length: (0x01) 1
> Origin: (0x00) IGP
> 
> Flags : (0x50) Well Known, Transitive, Complete, Extended length
> Type  : (0x02) AS Path
> Length: (0x0016) 22
>  Segment Type  : (0x02) AS Sequence
>  Segment Length: (0x05) 5
>  AS Numbers    : (0x0000) 0, (0x2204) 8708, (0x0000) 0, (0x15e6) 5606, (0x0000) 0,
>  Segment Type  : (0xad) Unknown(173)
>  Segment Length: (0x82) 130
>  AS Numbers    : (0x0000) 0, (0xad82) 44418, (0x0000) 0, (0xad82) 44418,
> 
> Flags : (0x40) Well Known, Transitive, Complete
> Type  : (0x03) Next Hop
> Length: (0x04) 4
> Next Hop IP address: (0x0a0b010f) 10.11.1.15
> 
> Flags : (0x40) Well Known, Transitive, Complete
> Type  : (0x05) Local Preference
> Length: (0x04) 4
> Local Preference: (0x00000064) 100
> 
> Flags : (0x40) Well Known, Transitive, Complete
> Type  : (0x06) Atomic Aggregate
> Length: (0x00) 0
> 
> Flags : (0xd0) Optional, Transitive, Complete, Extended length
> Type  : (0x08) Community
> Length: (0x0004) 4
> Community List: (0x22040064) 8708:100
> 
> Flags : (0xd0) Optional, Transitive, Complete, Extended length
> Type  : (0x07) Aggregator
> Length: (0x0008) 8
> Error: Invalid AGGREGATOR attribute length 8
> _______________________________________________
> foundry-nsp mailing list
> foundry-nsp at puck.nether.net
> http://puck.nether.net/mailman/listinfo/foundry-nsp

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/foundry-nsp/attachments/20230630/541a755e/attachment.htm>

More information about the foundry-nsp mailing list