Page 1 of 1

Mikrotik BGP + calico peer. whats wrong ?

Posted: Sun Jul 14, 2024 8:58 pm
by rj11
I'm getting this error again and I don't understand why.
I'm not much of an expert on microtics.
I'm trying to configure connectivity between microtik and calico BGP

ping redirect
PING 10.233.103.141 (10.233.103.141): 56 data bytes
92 bytes from router.lan (192.168.88.1): Redirect Host(New addr: 192.168.88.10)
Vr HL TOS Len ID Flg off TTL Pro cks Src Dst
4 5 00 0054 ec63 0 0000 3e 01 0429 192.168.88.254 10.233.103.141

92 bytes from router.lan (192.168.88.1): Redirect Host(New addr: 192.168.88.10)
Vr HL TOS Len ID Flg off TTL Pro cks Src Dst
4 5 00 0054 ec63 0 0000 3d 01 0529 192.168.88.254 10.233.103.141

92 bytes from router.lan (192.168.88.1): Redirect Host(New addr: 192.168.88.10)
Vr HL TOS Len ID Flg off TTL Pro cks Src Dst
4 5 00 0054 ec63 0 0000 3c 01 0629 192.168.88.254 10.233.103.141

92 bytes from router.lan (192.168.88.1): Redirect Host(New addr: 192.168.88.10)
Vr HL TOS Len ID Flg off TTL Pro cks Src Dst
4 5 00 0054 ec63 0 0000 3b 01 0729 192.168.88.254 10.233.103.141

92 bytes from router.lan (192.168.88.1): Redirect Host(New addr: 192.168.88.10)
Vr HL TOS Len ID Flg off TTL Pro cks Src Dst
4 5 00 0054 ec63 0 0000 3a 01 0829 192.168.88.254 10.233.103.141

92 bytes from router.lan (192.168.88.1): Redirect Host(New addr: 192.168.88.10)
Vr HL TOS Len ID Flg off TTL Pro cks Src Dst
4 5 00 0054 ec63 0 0000 39 01 0929 192.168.88.254 10.233.103.141

92 bytes from router.lan (192.168.88.1): Redirect Host(New addr: 192.168.88.10)
Vr HL TOS Len ID Flg off TTL Pro cks Src Dst
4 5 00 0054 ec63 0 0000 38 01 0a29 192.168.88.254 10.233.103.141

92 bytes from router.lan (192.168.88.1): Redirect Host(New addr: 192.168.88.10)
Vr HL TOS Len ID Flg off TTL Pro cks Src Dst
4 5 00 0054 ec63 0 0000 37 01 0b29 192.168.88.254 10.233.103.141

Request timeout for icmp_seq 0
92 bytes from router.lan (192.168.88.1): Time to live exceeded
Vr HL TOS Len ID Flg off TTL Pro cks Src Dst
4 5 00 5400 bdcf 0 0000 01 01 6fbd 192.168.88.254 10.233.103.141

Request timeout for icmp_seq 1
92 bytes from router.lan (192.168.88.1): Time to live exceeded
Vr HL TOS Len ID Flg off TTL Pro cks Src Dst
4 5 00 5400 9dcb 0 0000 01 01 8fc1 192.168.88.254 10.233.103.141

Request timeout for icmp_seq 2
Request timeout for icmp_seq 3
Request timeout for icmp_seq 4
Request timeout for icmp_seq 5

route on calico host:
ip route
default via 192.168.88.1 dev eth0 proto bird
default via 192.168.88.1 dev eth0 proto static metric 100
10.233.0.3 via 169.254.1.1 dev bpfin.cali
10.233.77.128/26 via 192.168.88.12 dev eth0 proto bird
10.233.87.0/26 via 192.168.88.10 dev eth0 proto bird
blackhole 10.233.103.128/26 proto bird
10.233.103.141 dev calie6451f39401 scope link
10.233.103.142 dev calie5e6e56b098 scope link
169.254.1.1 dev bpfin.cali scope link
192.168.88.0/24 dev eth0 proto kernel scope link src 192.168.88.11 metric 100

microtik routes
Flags: D - DYNAMIC; A - ACTIVE; c - CONNECT, s - STATIC, b - BGP
Columns: DST-ADDRESS, GATEWAY, DISTANCE
# DST-ADDRESS GATEWAY DISTANCE
0 As 0.0.0.0/0 192.168.55.33 1
DAb 10.233.77.128/26 192.168.88.10 20
D b 10.233.77.128/26 192.168.88.11 20
DAb 10.233.87.0/26 192.168.88.10 20
D b 10.233.87.0/26 192.168.88.11 20
DAb 10.233.103.128/26 192.168.88.10 20
D b 10.233.103.128/26 192.168.88.11 20
DAc 192.168.55.32/27 ether1 0
DAc 192.168.88.0/24 bridge 0

bgp session
Flags: E - established
0 name="bgp1_to_calico-1"
remote.address=192.168.88.12 .as=64512 .id=192.168.88.12 .capabilities=mp,rr,gr,as4,ap,err,llgr .afi=ip .hold-time=4m .gr-time=120 .gr-afi=ip
local.address=192.168.88.1 .as=64555 .id=192.168.88.1 .capabilities=mp,rr,gr,as4 .afi=ip
output.default-originate=always ebgp stopped
keepalive-time=1m last-started=2024-07-14 18:46:58 last-stopped=2024-07-14 18:47:04 prefix-count=0

1 E name="bgp_calico_global-2"
remote.address=192.168.88.11 .as=64512 .id=192.168.88.11 .capabilities=mp,rr,gr,as4,ap,err,llgr .afi=ip .hold-time=4m .messages=10 .bytes=233 .gr-time=120 .gr-afi=ip .eor=ip
local.address=192.168.88.1 .as=64555 .id=192.168.88.1 .capabilities=mp,rr,gr,as4 .afi=ip .messages=10 .bytes=260 .eor=""
output.procid=20 .default-originate=always
input.procid=20 ebgp
hold-time=3m keepalive-time=1m uptime=7m58s880ms last-started=2024-07-14 21:43:19 prefix-count=3

2 E name="bgp_calico_global-1"
remote.address=192.168.88.10 .as=64512 .id=192.168.88.10 .capabilities=mp,rr,gr,as4,ap,err,llgr .afi=ip .hold-time=4m .messages=11 .bytes=252 .gr-time=120 .gr-afi=ip .eor=ip
local.address=192.168.88.1 .as=64555 .id=192.168.88.1 .capabilities=mp,rr,gr,as4 .afi=ip .messages=11 .bytes=298 .eor=""
output.procid=21 .default-originate=always
input.procid=21 ebgp
hold-time=3m keepalive-time=1m uptime=7m58s560ms last-started=2024-07-14 21:43:19 prefix-count=3


calico config:

apiVersion: crd.projectcalico.org/v1
kind: BGPConfiguration
metadata:
name: default
spec:
listenPort: 179
asNumber: 64512
nodeToNodeMeshEnabled: yes


apiVersion: crd.projectcalico.org/v1
kind: BGPPeer
metadata:
name: bgppeer-external-microtik
spec:
peerIP: 192.168.88.1
asNumber: 64555


apiVersion: crd.projectcalico.org/v1
kind: IPPool
metadata:
generation: 1
name: default-pool
spec:
allowedUses:
- Workload
- Tunnel
blockSize: 26
cidr: 10.233.64.0/18
ipipMode: Never
natOutgoing: false
nodeSelector: all()
vxlanMode: Never


Can you please tell me what I'm doing wrong?