user/6628: BGP capabiliies unsupported for IPv6 - Cisco

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

user/6628: BGP capabiliies unsupported for IPv6 - Cisco

Hans Duedal
>Number:         6628
>Category:       user
>Synopsis:       bgpd is not able to negotiate IPv6 capabilities with cisco
>Confidential:   yes
>Severity:       serious
>Priority:       medium
>Responsible:    bugs
>State:          open
>Quarter:        
>Keywords:      
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   unknown
>Arrival-Date:   Tue Jun 07 15:20:01 GMT 2011
>Closed-Date:
>Last-Modified:
>Originator:    
>Release:        
>Organization:
>Environment:
        System      : OpenBSD 4.9
        Details     : OpenBSD 4.9 (GENERIC.MP) #819: Wed Mar  2 06:57:49 MST 2011
                         [hidden email]:/usr/src/sys/arch/amd64/compile/GENERIC.MP

        Architecture: OpenBSD.amd64
        Machine     : amd64
>Description:
No matter what combination of configuration options I try, I can't get OpenBGPd to correctly announce IPv6 capabilities (from RFC5492) to our ISPs Cisco hardware.

I tried to disable IPv4 unicast annoncement, as well as 4byte-as, but they all fail.

IPv4 routes works fine. And BGP connects successfully after automatically disabling capability announcements, but that leaves me without IPv6.

Output from bgpd -v d:
# bgpd -v -d          
startup
peer1 = "X:X:2::22"
peer2 = "X:X:2::23"
new ktable rdomain_0 for rtableid 0
route decision engine ready
session engine ready
RDE reconfigured
listening on X:X:2::1
SE reconfigured
neighbor X:X:2::23 (NG Peer 2): state change None -> Idle, reason: None
neighbor X:X:2::22 (NG Peer 1): state change None -> Idle, reason: None
neighbor X:X:2::23 (NG Peer 2): state change Idle -> Connect, reason: Start
neighbor X:X:2::22 (NG Peer 1): state change Idle -> Connect, reason: Start
neighbor X:X:2::23 (NG Peer 2): state change Connect -> OpenSent, reason: Connection opened
neighbor X:X:2::22 (NG Peer 1): state change Connect -> OpenSent, reason: Connection opened
neighbor X:X:2::23 (NG Peer 2): received notification: error in OPEN message, unsupported capability
neighbor X:X:2::23 (NG Peer 2): received "unsupported capability" notification without data part, disabling capability announcements altogether
neighbor X:X:2::23 (NG Peer 2): state change OpenSent -> Idle, reason: NOTIFICATION received
neighbor X:X:2::23 (NG Peer 2): state change Idle -> Connect, reason: Start
neighbor X:X:2::22 (NG Peer 1): received notification: error in OPEN message, unsupported capability
neighbor X:X:2::22 (NG Peer 1): received "unsupported capability" notification without data part, disabling capability announcements altogether
neighbor X:X:2::22 (NG Peer 1): state change OpenSent -> Idle, reason: NOTIFICATION received
neighbor X:X:2::22 (NG Peer 1): state change Idle -> Connect, reason: Start
neighbor X:X:2::23 (NG Peer 2): socket error: Connection refused
neighbor X:X:2::23 (NG Peer 2): state change Connect -> Active, reason: Connection open failed
neighbor X:X:2::22 (NG Peer 1): socket error: Connection refused
neighbor X:X:2::22 (NG Peer 1): state change Connect -> Active, reason: Connection open failed
neighbor X:X:2::23 (NG Peer 2): state change Active -> OpenSent, reason: Connection opened
neighbor X:X:2::23 (NG Peer 2): state change OpenSent -> OpenConfirm, reason: OPEN message received
neighbor X:X:2::23 (NG Peer 2): state change OpenConfirm -> Established, reason: KEEPALIVE message received

>How-To-Repeat:

My config:
# macros
peer1="X:X:2::22"
peer2="X:X:2::23"

# global configuration
AS 1
router-id X.X.X.5
fib-update yes
log updates
network X:X:1::/48
listen on X:X:2::1

# neighbors and peers
group "NG" {
        remote-as 1
        neighbor $peer1 {
                descr   "NG Peer 1"
                announce self
                announce IPv4 none
                announce IPv6 unicast
                tcp md5sig password XXXX
                softreconfig in yes
                softreconfig out yes
        }
        neighbor $peer2 {
                descr   "NG Peer 2"
                announce self
                announce IPv4 none
                announce IPv6 unicast
                tcp md5sig password XXXX
                softreconfig in yes
                softreconfig out yes
        }
}

allow from group "NG" inet6

>Fix:
Don't know, but "announce IPv4 none" worked for some other users (perhaps non-cisco neighbors)


>Release-Note:
>Audit-Trail:
>Unformatted:

Reply | Threaded
Open this post in threaded view
|

Re: user/6628: BGP capabiliies unsupported for IPv6 - Cisco

Hans Duedal
The following reply was made to PR user/6628; it has been noted by GNATS.

From: Hans Duedal <[hidden email]>
To: [hidden email]
Cc:  
Subject: Re: user/6628: BGP capabiliies unsupported for IPv6 - Cisco
Date: Tue, 7 Jun 2011 17:43:59 +0200

 Turned out to be an issue with our ISP. They fixed it on their end. I'm sorry.
 
 Also I entered the same AS number in both my end (global -> as) and
 neighbor end (group -> remote-as), due to my lack of experience with
 BGP. That should be unrelated to the issue I was experiencing though.
 
 I did try "announce refresh no" before I created the bug report, yes.
 I notice it one of the default enabled ones from parse.y's
 alloc_peer().