IETF Logo Mail Archive

Re: [Idr] FW: Large BGP Communities beacon in the wild

Job Snijders <job@ntt.net> Thu, 13 October 2016 10:08 UTC

Return-Path: <job@ntt.net>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 33ED212972B for <idr@ietfa.amsl.com>; Thu, 13 Oct 2016 03:08:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.931
X-Spam-Level:
X-Spam-Status: No, score=-4.931 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, RP_MATCHES_RCVD=-2.996, SPF_SOFTFAIL=0.665] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yvCeoJ2nDizk for <idr@ietfa.amsl.com>; Thu, 13 Oct 2016 03:08:29 -0700 (PDT)
Received: from mail3.dllstx09.us.to.gin.ntt.net (mail3.dllstx09.us.to.gin.ntt.net [IPv6:2001:418:3ff:5::26]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E6714129727 for <idr@ietf.org>; Thu, 13 Oct 2016 03:08:28 -0700 (PDT)
Received: by mail3.dllstx09.us.to.gin.ntt.net with esmtpsa (TLSv1.2:DHE-RSA-AES256-GCM-SHA384:256) (Exim 4.84_2) (envelope-from <job@ntt.net>) id 1bucw5-0000NL-Fq (job@us.ntt.net); Thu, 13 Oct 2016 10:08:28 +0000
Date: Thu, 13 Oct 2016 12:08:22 +0200
From: Job Snijders <job@ntt.net>
To: idr@ietf.org
Message-ID: <20161013100822.GD57491@Vurt.local>
References: <20161011152950.GY57491@Vurt.local>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <20161011152950.GY57491@Vurt.local>
X-Clacks-Overhead: GNU Terry Pratchett
User-Agent: Mutt/1.7.0 (2016-08-17)
Archived-At: <https://mailarchive.ietf.org/arch/msg/idr/aLnjhPEJGmf6LDJtVpPAM80T6xM>
Subject: Re: [Idr] FW: Large BGP Communities beacon in the wild
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 13 Oct 2016 10:08:32 -0000

Hi all,

Can anyone from Huawei help debug an issue?

It appears that some Huawei routers (at least NE40E with VRP 8.100) are
entirely ignoring route announcements which have a Large BGP Community
path attribute attached.

For testing, pingable beacon IPs: 192.147.168.255 / 2001:67c:208c::1

Not propagating an unknown optional transitive path attribute is one
thing, but outright dropping the entire route is a whole other level :)

Kind regards,

Job


On Tue, Oct 11, 2016 at 05:29:50PM +0200, Job Snijders wrote:
> This message was posted to various operational mailing lists.
> 
> TL;DR - there are now two beacons carrying a Large BGP Community in the
> DFZ. On IPv4 we observe full coverage from the NLNOG RING LG - on IPv6
> not so much.
> 
> Kind regards,
> 
> Job
> 
> ----- Forwarded message from Job Snijders <job@ntt.net> -----
> 
> Date: Tue, 11 Oct 2016 17:01:56 +0200
> From: Job Snijders <job@ntt.net>
> To: nanog@nanog.org, routing-wg@ripe.net, Jared Mauch <jmauch@us.ntt.net>
> Subject: [routing-wg] Large BGP Communities beacon in the wild
> 
> Dear all,
> 
> Large BGP Communities are a novel way to signal information between
> networks. An example of a Large BGP Communities is: 2914:4056024901:80.
> 
> Large BGP Communities are composed of three 4-octet integers, separated
> by something like a colon. This is easy to remember and accommodates
> advanced routing policies in relation to 4-Byte ASNs. It is the tool that has
> been missing since 4-octet ASNs were introduced.
> 
> IANA has made an Early Allocation of the value 30 (LARGE_COMMUNITY) in
> the "BGP Path Attributes" registry under the "Border Gateway Protocol
> (BGP) Parameters" group.
> 
> The draft can be read here: https://tools.ietf.org/html/draft-ietf-idr-large-community
> 
> Additional information about Large BGP Communities can be found here:
> http://largebgpcommunities.net/
> 
> Starting today (2016.10.11), the following two BGP beacons are available
> to the general public, with AS_PATH 2914_15562$
> 
>     Both these prefixes have a Large BGP Community attached:
> 
>     2001:67c:208c::/48
>     192.147.168.0/24
> 
>     Large BGP Community - 15562:1:1
> 
> The NLNOG RING BGP Looking Glass is running the latest version of BIRD
> which understands the Large BGP Community Path Attribute.
> 
> IPv4 LG: http://lg.ring.nlnog.net/prefix_detail/lg01/ipv4?q=192.147.168.0/24
> IPv6 LG: http://lg.ring.nlnog.net/prefix_detail/lg01/ipv6?q=2001:67c:208c::/48
> 
> In theory, since this is an optional transitive BGP Path Attribute, all
> the Looking Glass' peers should boomerang the Large Community back to
> the LG.  However we currently observe that 50 out of 75 peers propagate
> the Large BGP Community to the LG.
> 
> Relevant Router commands to see if you receive the attribute, or whether
> one of intermediate networks has stripped the attribute from the route:
>     
>     IOS: show ip bgp path-attribute unknown 
>         shows all prefixes with unknown path attributes.
> 
> 	IOS #2 - like on route views:
> 		route-views>sh ip bgp 192.147.168.0
> 		 BGP routing table entry for 192.147.168.0/24, version 98399100
> 		 Paths: (39 available, best #30, table default)
> 		   Not advertised to any peer
> 		   Refresh Epoch 1
> 		   701 2914 15562
> 			 137.39.3.55 from 137.39.3.55 (137.39.3.55)
> 			   Origin IGP, localpref 100, valid, external
> 			   unknown transitive attribute: flag 0xE0 type 0x1E length 0xC
> 				 value 0000 3CCA 0000 0001 0000 0001
> 			   rx pathid: 0, tx pathid: 0
> 		 
>     IOS-XR: (you must look at specific prefixes)
>         RP/0/RSP0/CPU0:Router#show bgp  ipv6 unicast 2001:67c:208c::/48 unknown-attributes 
>         BGP routing table entry for 2001:67c:208c::/48
>         Community: 2914:370 2914:1206 2914:2203 2914:3200
>         Unknown attributes have size 15
>         Raw value:
>         e0 1e 0c 00 00 3c ca 00 00 00 01 00 00 00 01 
>         ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>         
>     JunOS:
>         user@JunOS-re6> show route 2001:67c:208c::/48 detail 
>         2001:67c:208c::/48 (1 entry, 1 announced)
>             AS path: 15562 I
>             Unrecognized Attributes: 15 bytes
>             Attr flags e0 code 1e: 00 00 3c ca 00 00 00 01 00 00 00 01
>                                    ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> 
> A note about router Configurations:
>     
> Ensure you are not fitlering the path attributes, eg:
> 
> JunOS:
>     [edit protocols bgp]
>     user@junos# delete drop-path-attributes 30
> 
> XR:
>     configure
>     router bgp YourASN
>         attribute-filter group ReallyBadIdea ! avoid creating bogons
>         no attribute 30 
>       !
>     !
> 
> Contact persons: myself or Jared Mauch or NTT NOC. BGP Session
> identifier 83.231.213.230 / 2001:728:0:5000::a92 AS 15562.
> 
> Kind regards,
> 
> Job
> 
> 
> ----- End forwarded message -----
> 
> _______________________________________________
> Idr mailing list
> Idr@ietf.org
> https://www.ietf.org/mailman/listinfo/idr

v2.23.0 | Report a Bug | By Email