Syntax error with brackets in bgpd.conf

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

Syntax error with brackets in bgpd.conf

Tristan Pilat-2
Hi OpenBSD team,

I'm facing an odd syntax error in bgpd.conf.

# sysctl -n kern.version  
OpenBSD 6.1 (GENERIC.MP) #4: Sat May  6 09:33:37 CEST 2017
    [hidden email]:/usr/src/sys/arch/amd64/compile/GENERIC.MP

# bgpd -vnf /etc/bgpd.conf
/etc/bgpd.conf:251: syntax error

# cat -n /etc/bgpd.conf
[…]
250  deny to 192.0.2.1                            
251  allow to 192.0.2.1 prefix { 203.0.113.0/24, 198.51.100.0/24 } prefixlen <= 24
[…]

But if I substitute the line containing brackets for two lines, it's alright.

deny to 192.0.2.1
allow to 192.0.2.1 prefix 198.51.100.0/24 prefixlen <= 24
allow to 192.0.2.1 prefix 203.0.113.0/24 prefixlen <= 24

The man page however specifies :

prefix address/len or-longer
    This rule applies only to UPDATES for the specified prefix.

    Multiple entries may be specified, separated by commas or
    whitespace, if enclosed in curly brackets:

        deny from any prefix { 192.168.0.0/16, 10.0.0.0/8 or-longer }

Am I missing something here?

Regards,
--
Tristan

Reply | Threaded
Open this post in threaded view
|

Re: Syntax error with brackets in bgpd.conf

Peter Hessler
Hi Tristan

This is documented in the man page.

     prefix address/len
     prefix address/len prefixlen range
     prefix address/len or-longer

Currently, you cannot remove "prefixlen" from the specific attached
"prefix".  The way that '{}' is implemented cannot split full
parameters, even if the results would be syntactically correct.

I do agree this isn't very intuitive.  We'll be looking at the syntax in
the near future.

-peter


On 2017 May 10 (Wed) at 19:00:50 +0200 (+0200), Tristan Pilat wrote:
:Hi OpenBSD team,
:
:I'm facing an odd syntax error in bgpd.conf.
:
:# sysctl -n kern.version  
:OpenBSD 6.1 (GENERIC.MP) #4: Sat May  6 09:33:37 CEST 2017
:    [hidden email]:/usr/src/sys/arch/amd64/compile/GENERIC.MP
:
:# bgpd -vnf /etc/bgpd.conf
:/etc/bgpd.conf:251: syntax error
:
:# cat -n /etc/bgpd.conf
:[…]
:250  deny to 192.0.2.1                            
:251  allow to 192.0.2.1 prefix { 203.0.113.0/24, 198.51.100.0/24 } prefixlen <= 24
:[…]
:
:But if I substitute the line containing brackets for two lines, it's alright.
:
:deny to 192.0.2.1
:allow to 192.0.2.1 prefix 198.51.100.0/24 prefixlen <= 24
:allow to 192.0.2.1 prefix 203.0.113.0/24 prefixlen <= 24
:
:The man page however specifies :
:
:prefix address/len or-longer
:    This rule applies only to UPDATES for the specified prefix.
:
:    Multiple entries may be specified, separated by commas or
:    whitespace, if enclosed in curly brackets:
:
:        deny from any prefix { 192.168.0.0/16, 10.0.0.0/8 or-longer }
:
:Am I missing something here?
:
:Regards,
:--
:Tristan
:

--
The right to revolt has sources deep in our history.
                -- Supreme Court Justice William O. Douglas

Reply | Threaded
Open this post in threaded view
|

Re: Syntax error with brackets in bgpd.conf

Tristan Pilat-2
Hi Peter,

Thursday 11 May 2017 11:11:14 (+0200), Peter Hessler a écrit :

> Hi Tristan
>
> This is documented in the man page.
>
>      prefix address/len
>      prefix address/len prefixlen range
>      prefix address/len or-longer
>
> Currently, you cannot remove "prefixlen" from the specific attached
> "prefix".  The way that '{}' is implemented cannot split full
> parameters, even if the results would be syntactically correct.
>
> I do agree this isn't very intuitive.  We'll be looking at the syntax in
> the near future.

Thanks for your insight. Actually what misled me is that I was
using that syntax in the past (with OpenBSD 5.2 it seems to
work). Maybe I missed a syntax change warning somewhere.

Sorry for the noise.

Regards,
--
Tristan