I was hoping to set up a dynamic BGP session at an IX to accept direct peering from other IX members, however, when I try to do this using the interface as the neighbor, I get the error of IPv4 interface address is not /30 or /31, v4 session not started. Is there a way around this or is this just flat out not acceptable?
Thanks!
Hi Antleo ,
what version do you use ? and you could share the following command:
show configuration commands | strip-private
Hey Fernando,
I set this up in GNS3 and stripped the config down to just the bgp sessions.
eth0 has a /24, eth1 has a /30. eth1 other than that bgp is identical
eth1 establishes, eth0 doesn’t
Router 1 (with interface based BGP)
set interfaces ethernet eth0 address 'xxx.xxx.10.1/24'
set interfaces ethernet eth0 hw-id 'XX:XX:XX:XX:XX:00'
set interfaces ethernet eth1 address 'xxx.xxx.20.1/30'
set interfaces ethernet eth1 hw-id 'XX:XX:XX:XX:XX:01'
set interfaces ethernet eth2 hw-id 'XX:XX:XX:XX:XX:02'
set interfaces loopback lo
set protocols bgp XXXXXX neighbor eth0 interface remote-as 'external'
set protocols bgp XXXXXX neighbor eth1 interface remote-as 'external'
set system config-management commit-revisions '100'
set system host-name xxxxxx
set system login user xxxxxx authentication encrypted-password xxxxxx
set system login user xxxxxx authentication plaintext-password xxxxxx
set system ntp server xxxxx.tld
set system ntp server xxxxx.tld
set system ntp server xxxxx.tld
set system syslog global facility all level 'notice'
set system syslog global facility protocols level 'all'
Router 2 (regular BGP)
set interfaces ethernet eth0 address 'xxx.xxx.10.2/24'
set interfaces ethernet eth0 hw-id 'XX:XX:XX:XX:XX:00'
set interfaces ethernet eth1 address 'xxx.xxx.20.2/30'
set interfaces ethernet eth1 hw-id 'XX:XX:XX:XX:XX:01'
set interfaces ethernet eth2 hw-id 'XX:XX:XX:XX:XX:02'
set interfaces loopback lo
set protocols bgp XXXXXX neighbor xxx.xxx.10.1 remote-as '222'
set protocols bgp XXXXXX neighbor xxx.xxx.20.1 remote-as '222'
set system config-management commit-revisions '100'
set system host-name xxxxxx
set system login user xxxxxx authentication encrypted-password xxxxxx
set system login user xxxxxx authentication plaintext-password xxxxxx
set system ntp server xxxxx.tld
set system ntp server xxxxx.tld
set system ntp server xxxxx.tld
set system syslog global facility all level 'notice'
set system syslog global facility protocols level 'debug'
Error on router 1
BGP: 10.10.10.2 connection rejected - not configured and not valid for dynamic
BGP: eth0: IPv4 interface address is not /30 or /31, v4 session not started
It appears that one can only use a /30 or /31 when using the interface command. Is that correct?
Seems logical. You don’t specify neighbor IP address in interface mode. And BGP has no clue to figure out what neighbor should be on /24 network
there are several things that are important to establish bgp with any neighbors (router id , update-source , networks ) and they are missing in your configuration. I don’t know which version you use , but we have some example in our web:
https://docs.vyos.io/en/equuleus/configuration/protocols/bgp.html
if you want use interface as a neighbor , it should do something like this :
set protocols bgp XXXXXX neighbor ethX remote-as '222'
Hey Fernando,
Sorry about that, I didnt mention in the last post, I’m using 1.3RC5.
The only difference in what I posted and what you suggest is I use external for the remote-as. This works if the interface is on a /30 instead of a /24. so it seems that there is no way to make this work on a /24.
Thanks!
thanks for you reply,
I add two comment more about this scenario :
neighbor PEER remote-as external
Create a peer as you would when you specify an ASN, except that if the peers ASN is the same as mine as specified under the router bgp ASN command the connection will be denie
and
neighbor PEER interface IFNAME
When you connect to a BGP peer over an IPv6 link-local address, you have to specify the IFNAME of the interface used for the connection. To specify IPv4 session addresses, see the neighbor PEER update-source command below.
This command is deprecated and may be removed in a future release. Its use should be avoided.
it is an advice the frr avoid using these settings, you may have problems in the future.
BGP — FRR latest documentation
best regards
Thanks Fernando, thats a big help! I should have checked FRR documents first.
Thanks again!