Community discussions

MikroTik App
 
tiernano
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 85
Joined: Fri Jul 20, 2012 1:51 pm

CYRMU BGP peer on Router OS 7

Tue Feb 15, 2022 10:39 pm

Morning all.

Trying to peer with the Team CYMRU lads for BOGON data, and i seem to be running into an issue... It doesnt want to connect. I have walked though their docs at https://team-cymru.com/community-servic ... rotik-full, and created as close to that as i could with ROS7:
add address-families=ip as=MYASN disabled=no hold-time=3m input.filter=bgp_in \
    local.address=MYIP .port=179 .role=ebgp .ttl=255 multihop=yes \
    name="TEAM-CYMRU BOGON Server #1" nexthop-choice=default \
    output.filter-chain=BGP_DROP .network=bgp-networks .redistribute=\
    connected,static remote.address=THEIRIP1/32 .as=THEIRASN router-id=\
    <MYIP> routing-table=MYASN templates=CYMRU vrf=main
add address-families=ip as=MYASN disabled=no hold-time=3m input.filter=bgp_in \
    local.address=<MYIP> .port=179 .role=ebgp .ttl=255 multihop=yes \
    name="TEAM-CYMRU BOGON Server #2" nexthop-choice=default \
    output.filter-chain=BGP_DROP .network=bgp-networks .redistribute=\
    connected,static remote.address=THEIRIP2/32 .as=THEIRASN router-id=\
    MYIP1 routing-table=MYASN templates=CYMRU vrf=main
the template is:
add address-families=ip as=MYANS disabled=no hold-time=3m input.filter=bgp_in multihop=yes name=CYMRU nexthop-choice=default \
    output.filter-chain=BGP_DROP router-id=MYIP routing-table=as204994
and under router ID I have:
add disabled=no id=MYIP name=id-1 select-dynamic-id=only-vrf \
    select-from-vrf=main
When checking the logs, i can see the following messages:
Feb/09/2022 20:37:08 route,bgp,debug,packet BGP:: OPEN Message capabilities optionLenght=6
Feb/09/2022 20:37:08 route,bgp,debug,packet BGP:: OPEN Message capabilityCode=multiprotocol capabilityLenght=4
Feb/09/2022 20:37:08 route,bgp,debug,packet BGP:: OPEN Message capabilities optionLenght=6
Feb/09/2022 20:37:08 route,bgp,debug,packet BGP:: OPEN Message capabilityCode=128Lenght=0
Feb/09/2022 20:37:08 route,bgp,debug BGP:: Unsupported capability received, code: 128BgpStarter{ c=Connection{ ConnId{ xx.xx.xx.xx:179 -> xx.xx.xx.xx:23527 } Socket{ 12[
Feb/09/2022 20:37:08 route,bgp,debug,packet BGP:: OPEN Message capabilities optionLenght=6
Feb/09/2022 20:37:08 route,bgp,debug,packet BGP:: OPEN Message capabilityCode=route refresh capabilityLenght=0
Feb/09/2022 20:37:08 route,bgp,debug,packet BGP:: OPEN Message capabilities optionLenght=6
Feb/09/2022 20:37:08 route,bgp,debug,packet BGP:: OPEN Message capabilityCode=130Lenght=7
Feb/09/2022 20:37:08 route,bgp,debug BGP:: Unsupported capability received, code: 130BgpStarter{ c=Connection{ ConnId{ xx.xx.xx.xx:179 -> xx.xx.xx.xx:23527 } Socket{ 12[
Feb/09/2022 20:37:08 route,bgp,debug,packet BGP:: OPEN Message capabilities optionLenght=6
Feb/09/2022 20:37:08 route,bgp,debug,packet BGP:: OPEN Message capabilityCode=70Lenght=0
Feb/09/2022 20:37:08 route,bgp,debug BGP:: Unsupported capability received, code: 70BgpStarter{ c=Connection{ ConnId{ xx.xx.xx.xx:179 -> xx.xx.xx.xx:23527 } Socket{ 12[
Feb/09/2022 20:37:08 route,bgp,debug,packet BGP:: OPEN Message capabilities optionLenght=6
Feb/09/2022 20:37:08 route,bgp,debug,packet BGP:: OPEN Message capabilityCode=AS 4-octet capabilityLenght=4
Feb/09/2022 20:37:08 route,bgp,debug,state BGP:: Entering OpenConfirm state BgpStarter{ c=Connection{ ConnId{ xx.xx.xx.xx:179 -> xx.xx.xx.xx:23527 } Socket{ 12[
and they are getting the following on their end (not sure the OS):
Feb  9 22:27:23 XX.XX.XX.XX XX.XX.XX.XX: *Feb  9
22:34:00.080: BGP: ses global YY.YY.YY.YY (0x7F551E4A4D40:0) act Remote close.
Feb  9 22:27:23 XX.XX.XX.XX XX.XX.XX.XX: *Feb  9
22:34:00.080: BGP: nbr_topo global YY.YY.YY.YY IPv4 Unicast:base (0x7F551E4A4D40:0) Not scheduling for GR processing [Peer did not advertise GR cap] Feb  9 22:27:23 XX.XX.XX.XX XX.XX.XX.XX: *Feb  9
22:34:00.080: BGP: ses global YY.YY.YY.YY (0x7F551E4A4D40:0) act Reset (Peer closed the session).
Feb  9 22:27:23 XX.XX.XX.XX XX.XX.XX.XX: *Feb  9
22:34:00.081: BGP: nbr_topo global YY.YY.YY.YY IPv4 Unicast:base (0x7F551E4A4D40:0) NSF delete stale NSF not active Feb  9 22:27:23 XX.XX.XX.XX XX.XX.XX.XX: *Feb  9
22:34:00.081: BGP: nbr_topo global YY.YY.YY.YY IPv4 Unicast:base (0x7F551E4A4D40:0) NSF no stale paths state is NSF not active Feb  9 22:27:23 XX.XX.XX.XX XX.XX.XX.XX: *Feb  9
22:34:00.081: BGP: nbr_topo global YY.YY.YY.YY IPv4 Unicast:base (0x7F551E4A4D40:0) Resetting ALL counters.
Feb  9 22:27:23 XX.XX.XX.XX XX.XX.XX.XX: *Feb  9
22:34:00.081: BGP: YY.YY.YY.YY active closing Feb  9 22:27:23 XX.XX.XX.XX XX.XX.XX.XX: *Feb  9
22:34:00.082: BGP: ses global YY.YY.YY.YY (0x7F551E4A4D40:0) act Feb  9 22:27:23 XX.XX.XX.XX XX.XX.XX.XX: Session close and reset neighbor YY.YY.YY.YY topostate ]
They usually use MD5 for the passwords, but asked me to turn that off, and they also asked me to turn off Graceful Restart, but i cant see where that is set... Anyone have any ideas what i am doing wrong? Thanks.
 
TheRealJLH
newbie
Posts: 30
Joined: Wed Feb 20, 2013 2:23 am

Re: CYRMU BGP peer on Router OS 7

Wed Feb 16, 2022 7:14 am

it would seem that the no-llgr option is located in the community-set filters as to it's proper use I have not a clue.

like so many things in v7 documentation on its correct use is lacking.
 
mafiosa
Member Candidate
Member Candidate
Posts: 266
Joined: Fri Dec 09, 2016 8:10 pm
Location: Kolkata, India
Contact:

Re: CYRMU BGP peer on Router OS 7

Thu Feb 17, 2022 7:11 pm

it would seem that the no-llgr option is located in the community-set filters as to it's proper use I have not a clue.

like so many things in v7 documentation on its correct use is lacking.
Are you using MD5 password? try to have a clear session as many QoS used by ISPs corrupt the MD5 password.
 
tiernano
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 85
Joined: Fri Jul 20, 2012 1:51 pm

Re: CYRMU BGP peer on Router OS 7

Thu Feb 17, 2022 7:12 pm

it would seem that the no-llgr option is located in the community-set filters as to it's proper use I have not a clue.

like so many things in v7 documentation on its correct use is lacking.
Are you using MD5 password? try to have a clear session as many QoS used by ISPs corrupt the MD5 password.
I was, but that was the first thing they asked me to remove...

Who is online

Users browsing this forum: Bing [Bot] and 11 guests