Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Repo info
Activity
  • Sep 20 10:20
    ykondratov edited #917
  • Sep 20 10:16
    ykondratov opened #917
  • Sep 19 10:23
    mattoddy commented #916
  • Sep 18 10:26
    thomas-mangin commented #916
  • Sep 18 08:27
    mattoddy opened #916
  • Sep 14 11:24
    pettai closed #912
  • Sep 14 11:24
    pettai commented #912
  • Sep 12 10:42
    thomas-mangin commented #915
  • Sep 12 09:15
    omkartikare closed #915
  • Sep 12 09:15
    omkartikare edited #915
  • Sep 12 07:53
    omkartikare edited #915
  • Sep 12 07:52
    omkartikare opened #915
  • Sep 11 15:30
    mattoddy commented #913
  • Sep 09 11:27
    thomas-mangin commented #912
  • Sep 08 08:12
    thomas-mangin commented #912
  • Sep 05 11:22
    pettai commented #912
  • Sep 05 10:37
    thomas-mangin commented #912
  • Sep 05 10:31
    thomas-mangin commented #912
  • Sep 05 10:07
    pettai commented #912
  • Sep 05 10:06
    pettai commented #912
Thomas Mangin
@thomas-mangin
sorry
sanjmonkey
@sanjmonkey
oooh
Thomas Mangin
@thomas-mangin
“listen <port>;"
like you would do for passive
or hold-time
MD5 is a per peer setting
previously the only way to listen was via the global option exabgp.tcp.bind
it is not the case anymore
hence why the patch took a few hours
sanjmonkey
@sanjmonkey

i see new reactor message: Listening for BGP session(s) on <y.y.y.y>:179 with MD5

but no ack to this syn:
22:12:52.454633 IP <x.x.x.x>.33553 > <y.y.y.y>.179: Flags [S], seq 2573773506, win 29200, options [nop,nop,md5valid,mss 1460,nop,nop,sackOK,nop,wscale 7], length 0

passive side is listening as it should
Thomas Mangin
@thomas-mangin
passive : do not establish outgoing connection
so without using the global listening option a passive neighbour is as good as unconfigured
listen <port> accept incoming connection
so both options are orthogonals
you can have passive, passive + listen, listen
hum .. not sure why it does not work for you ...
I need to add an “active” or “port” option to set out on what port the peer will connect out ..
when I tried I only tested 1790 ( to not have to use root )
but it should make no difference
(and I am lying I did test 179 .. ) - tired
sanjmonkey
@sanjmonkey
ok, and 179 works for you?
Thomas Mangin
@thomas-mangin
yes
sanjmonkey
@sanjmonkey
me too (tired). let me look at it with a fresh pair of eyes tomorrow, perhaps I’ve missed something obvious!
Thomas Mangin
@thomas-mangin
ok - I should be online in the afternoon
sanjmonkey
@sanjmonkey
dont want to waste your time
Thomas Mangin
@thomas-mangin
feel free to grab me here
no issue
sanjmonkey
@sanjmonkey
1000x thankyous again
Thomas Mangin
@thomas-mangin
you are welcome :smile:
Thomas Mangin
@thomas-mangin
@sanjmonkey where is the code located ?
and good morning
Thomas Mangin
@thomas-mangin
sorry I am blind
Thomas Mangin
@thomas-mangin
will look later on - can not find anything obviously wrong
it would like the socket is not setup correctly for MD5 and therefore the kernel is not matching the incoming packet to the socket but AFAICS all was setup fine .
sanjmonkey
@sanjmonkey
ok thomas thanks for checking. enjoy your day!
Thomas Mangin
@thomas-mangin
going to Jitsu - will be mid aft. I have an idea.
Thomas Mangin
@thomas-mangin
There is a connect.conf file with the test.conf ..
using it works …
the connection is not accepted as the source IP is not right but it establishes
could you let me know what is at the other end of the session ?
I will be back later on today - ttfn
sanjmonkey
@sanjmonkey
hi @thomas-mangin. seen your findings. I agree - if it stays local it binds, and capture shows the sending and receiving of TCP MD5. In this case the other end is an identical 14.04 / exa3.4.8. Trying with a Cisco router (IOS 15 something) shows the same, with MD5 on it never makes it to exa.
Thomas Mangin
@thomas-mangin
hum ...
sanjmonkey
@sanjmonkey
I’m going to investigate other OS’ and hypervisors vs physical (in case it is some offloading in vswitch perhaps)
Thomas Mangin
@thomas-mangin
can you try master on the other node .. in case there is an issue..
yes - it could be .. I will try to test between two host later on ( currently working on some other code )
sanjmonkey
@sanjmonkey
other node is 3.4.8 master (not from your tree)
I’ll let you know how it goes
Thomas Mangin
@thomas-mangin
thanks