ICVPN: Misconfigured IPv6 BGP peers
Sven Eckelmann
sven at narfation.org
So Sep 10 10:02:03 CEST 2017
Hi,
I've looked through my logs and noticed that a get a lot of messages related
to "Received: Required capability missing: 0104000200014600" from bird6
* aachen1 (ok, actually Leo Krueger saw that in his logs)
* augsburg1 (not in my logs but from lg.ff3l.net)
* franken_fff_icvpn
* innsbruck_ffibk1
010400020001 is the multiprotocol extension which selects IPv6. This has to be
set for IPv6 peers to IPv6. An example BGP packet which incorrectly sets it to IPv4
in his OPEN message can be seen here:
Frame 4349: 139 bytes on wire (1112 bits), 139 bytes captured (1112 bits)
Ethernet II, Src: 4a:2a:22:45:37:c9 (4a:2a:22:45:37:c9), Dst: e6:f8:0c:30:51:dc (e6:f8:0c:30:51:dc)
Internet Protocol Version 6, Src: fec0::a:cf:0:43, Dst: fec0::a:cf:0:25
Transmission Control Protocol, Src Port: 38956, Dst Port: 179, Seq: 1, Ack: 1, Len: 53
Border Gateway Protocol - OPEN Message
Marker: ffffffffffffffffffffffffffffffff
Length: 53
Type: OPEN Message (1)
Version: 4
My AS: 65052
Hold Time: 180
BGP Identifier: 10.207.0.67
Optional Parameters Length: 24
Optional Parameters
Optional Parameter: Capability
Parameter Type: Capability (2)
Parameter Length: 6
Capability: Multiprotocol extensions capability
Type: Multiprotocol extensions capability (1)
Length: 4
AFI: IPv4 (1)
Reserved: 00
SAFI: Unicast (1)
Optional Parameter: Capability
Parameter Type: Capability (2)
Parameter Length: 2
Capability: Route refresh capability (Cisco)
Type: Route refresh capability (Cisco) (128)
Length: 0
Optional Parameter: Capability
Parameter Type: Capability (2)
Parameter Length: 2
Capability: Route refresh capability
Type: Route refresh capability (2)
Length: 0
Optional Parameter: Capability
Parameter Type: Capability (2)
Parameter Length: 6
Capability: Support for 4-octet AS number capability
Type: Support for 4-octet AS number capability (65)
Length: 4
AS Number: 65052
Please check why you have added an IPv6 peer to your IPv4 BGP configuration.
This currently breaks some of the BGP session for IPv6.
Kind regards,
Sven
-------------- nächster Teil --------------
Ein Dateianhang mit Binärdaten wurde abgetrennt...
Dateiname : signature.asc
Dateityp : application/pgp-signature
Dateigröße : 833 bytes
Beschreibung: This is a digitally signed message part.
URL : <http://lists.freifunk.net/pipermail/franken-dev-freifunk.net/attachments/20170910/061b388b/attachment.sig>
Mehr Informationen über die Mailingliste franken-dev