Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Repo info
Activity
  • Jan 24 13:06
    thomas-mangin commented #950
  • Jan 24 13:06
    thomas-mangin commented #950
  • Jan 24 00:17
    thomas-mangin commented #950
  • Jan 23 22:34
    cooperlees commented #950
  • Jan 23 22:33
    cooperlees commented #950
  • Jan 23 22:30
    adrian62 commented #950
  • Jan 23 22:19
    thomas-mangin commented #950
  • Jan 23 22:19
    thomas-mangin commented #950
  • Jan 23 22:11
    thomas-mangin commented #950
  • Jan 23 22:02
    thomas-mangin assigned #950
  • Jan 23 21:45
    adrian62 edited #950
  • Jan 23 21:39
    adrian62 commented #950
  • Jan 23 21:32
    cooperlees commented #950
  • Jan 23 21:25
    adrian62 opened #950
  • Jan 23 19:00

    vincentbernat on sid

    Merge tag '4.2.4' into debian/s… New upstream release d/patches: remove patch applied… and 4 more (compare)

  • Jan 23 18:37

    vincentbernat on sid

    d/lintian: ask lintian-brush to… (compare)

  • Jan 21 08:14
    topranks commented on 6e24499
  • Jan 21 01:25
    thomas-mangin commented on 6e24499
  • Jan 21 01:19

    thomas-mangin on master

    updating version to 4.2.4 (compare)

  • Jan 21 01:19

    thomas-mangin on 4.2.4

    updating version to 4.2.4 (compare)

sanjmonkey
@sanjmonkey
oooh
Thomas Mangin
@thomas-mangin
“listen <port>;"
like you would do for passive
or hold-time
MD5 is a per peer setting
previously the only way to listen was via the global option exabgp.tcp.bind
it is not the case anymore
hence why the patch took a few hours
sanjmonkey
@sanjmonkey

i see new reactor message: Listening for BGP session(s) on <y.y.y.y>:179 with MD5

but no ack to this syn:
22:12:52.454633 IP <x.x.x.x>.33553 > <y.y.y.y>.179: Flags [S], seq 2573773506, win 29200, options [nop,nop,md5valid,mss 1460,nop,nop,sackOK,nop,wscale 7], length 0

passive side is listening as it should
Thomas Mangin
@thomas-mangin
passive : do not establish outgoing connection
so without using the global listening option a passive neighbour is as good as unconfigured
listen <port> accept incoming connection
so both options are orthogonals
you can have passive, passive + listen, listen
hum .. not sure why it does not work for you ...
I need to add an “active” or “port” option to set out on what port the peer will connect out ..
when I tried I only tested 1790 ( to not have to use root )
but it should make no difference
(and I am lying I did test 179 .. ) - tired
sanjmonkey
@sanjmonkey
ok, and 179 works for you?
Thomas Mangin
@thomas-mangin
yes
sanjmonkey
@sanjmonkey
me too (tired). let me look at it with a fresh pair of eyes tomorrow, perhaps I’ve missed something obvious!
Thomas Mangin
@thomas-mangin
ok - I should be online in the afternoon
sanjmonkey
@sanjmonkey
dont want to waste your time
Thomas Mangin
@thomas-mangin
feel free to grab me here
no issue
sanjmonkey
@sanjmonkey
1000x thankyous again
Thomas Mangin
@thomas-mangin
you are welcome :smile:
Thomas Mangin
@thomas-mangin
@sanjmonkey where is the code located ?
and good morning
Thomas Mangin
@thomas-mangin
sorry I am blind
Thomas Mangin
@thomas-mangin
will look later on - can not find anything obviously wrong
it would like the socket is not setup correctly for MD5 and therefore the kernel is not matching the incoming packet to the socket but AFAICS all was setup fine .
sanjmonkey
@sanjmonkey
ok thomas thanks for checking. enjoy your day!
Thomas Mangin
@thomas-mangin
going to Jitsu - will be mid aft. I have an idea.
Thomas Mangin
@thomas-mangin
There is a connect.conf file with the test.conf ..
using it works …
the connection is not accepted as the source IP is not right but it establishes
could you let me know what is at the other end of the session ?
I will be back later on today - ttfn
sanjmonkey
@sanjmonkey
hi @thomas-mangin. seen your findings. I agree - if it stays local it binds, and capture shows the sending and receiving of TCP MD5. In this case the other end is an identical 14.04 / exa3.4.8. Trying with a Cisco router (IOS 15 something) shows the same, with MD5 on it never makes it to exa.
Thomas Mangin
@thomas-mangin
hum ...
sanjmonkey
@sanjmonkey
I’m going to investigate other OS’ and hypervisors vs physical (in case it is some offloading in vswitch perhaps)
Thomas Mangin
@thomas-mangin
can you try master on the other node .. in case there is an issue..
yes - it could be .. I will try to test between two host later on ( currently working on some other code )
sanjmonkey
@sanjmonkey
other node is 3.4.8 master (not from your tree)
I’ll let you know how it goes
Thomas Mangin
@thomas-mangin
thanks
Thomas Mangin
@thomas-mangin
@sanjmonkey did you find what the problem was - I am waiting to make sure the issue is not with my code before releasing 3.4.9