Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Repo info
Activity
  • Sep 14 11:24
    pettai closed #912
  • Sep 14 11:24
    pettai commented #912
  • Sep 12 10:42
    thomas-mangin commented #915
  • Sep 12 09:15
    omkartikare closed #915
  • Sep 12 09:15
    omkartikare edited #915
  • Sep 12 07:53
    omkartikare edited #915
  • Sep 12 07:52
    omkartikare opened #915
  • Sep 11 15:30
    mattoddy commented #913
  • Sep 09 11:27
    thomas-mangin commented #912
  • Sep 08 08:12
    thomas-mangin commented #912
  • Sep 05 11:22
    pettai commented #912
  • Sep 05 10:37
    thomas-mangin commented #912
  • Sep 05 10:31
    thomas-mangin commented #912
  • Sep 05 10:07
    pettai commented #912
  • Sep 05 10:06
    pettai commented #912
  • Sep 05 10:06
    pettai commented #912
  • Sep 04 19:31
    pettai commented #912
  • Sep 03 19:42
    thomas-mangin commented #912
  • Sep 03 19:22
    pettai commented #912
  • Sep 02 16:25
    thomas-mangin closed #913
Thomas Mangin
@thomas-mangin
or hold-time
MD5 is a per peer setting
previously the only way to listen was via the global option exabgp.tcp.bind
it is not the case anymore
hence why the patch took a few hours
sanjmonkey
@sanjmonkey

i see new reactor message: Listening for BGP session(s) on <y.y.y.y>:179 with MD5

but no ack to this syn:
22:12:52.454633 IP <x.x.x.x>.33553 > <y.y.y.y>.179: Flags [S], seq 2573773506, win 29200, options [nop,nop,md5valid,mss 1460,nop,nop,sackOK,nop,wscale 7], length 0

passive side is listening as it should
Thomas Mangin
@thomas-mangin
passive : do not establish outgoing connection
so without using the global listening option a passive neighbour is as good as unconfigured
listen <port> accept incoming connection
so both options are orthogonals
you can have passive, passive + listen, listen
hum .. not sure why it does not work for you ...
I need to add an “active” or “port” option to set out on what port the peer will connect out ..
when I tried I only tested 1790 ( to not have to use root )
but it should make no difference
(and I am lying I did test 179 .. ) - tired
sanjmonkey
@sanjmonkey
ok, and 179 works for you?
Thomas Mangin
@thomas-mangin
yes
sanjmonkey
@sanjmonkey
me too (tired). let me look at it with a fresh pair of eyes tomorrow, perhaps I’ve missed something obvious!
Thomas Mangin
@thomas-mangin
ok - I should be online in the afternoon
sanjmonkey
@sanjmonkey
dont want to waste your time
Thomas Mangin
@thomas-mangin
feel free to grab me here
no issue
sanjmonkey
@sanjmonkey
1000x thankyous again
Thomas Mangin
@thomas-mangin
you are welcome :smile:
Thomas Mangin
@thomas-mangin
@sanjmonkey where is the code located ?
and good morning
Thomas Mangin
@thomas-mangin
sorry I am blind
Thomas Mangin
@thomas-mangin
will look later on - can not find anything obviously wrong
it would like the socket is not setup correctly for MD5 and therefore the kernel is not matching the incoming packet to the socket but AFAICS all was setup fine .
sanjmonkey
@sanjmonkey
ok thomas thanks for checking. enjoy your day!
Thomas Mangin
@thomas-mangin
going to Jitsu - will be mid aft. I have an idea.
Thomas Mangin
@thomas-mangin
There is a connect.conf file with the test.conf ..
using it works …
the connection is not accepted as the source IP is not right but it establishes
could you let me know what is at the other end of the session ?
I will be back later on today - ttfn
sanjmonkey
@sanjmonkey
hi @thomas-mangin. seen your findings. I agree - if it stays local it binds, and capture shows the sending and receiving of TCP MD5. In this case the other end is an identical 14.04 / exa3.4.8. Trying with a Cisco router (IOS 15 something) shows the same, with MD5 on it never makes it to exa.
Thomas Mangin
@thomas-mangin
hum ...
sanjmonkey
@sanjmonkey
I’m going to investigate other OS’ and hypervisors vs physical (in case it is some offloading in vswitch perhaps)
Thomas Mangin
@thomas-mangin
can you try master on the other node .. in case there is an issue..
yes - it could be .. I will try to test between two host later on ( currently working on some other code )
sanjmonkey
@sanjmonkey
other node is 3.4.8 master (not from your tree)
I’ll let you know how it goes
Thomas Mangin
@thomas-mangin
thanks
Thomas Mangin
@thomas-mangin
@sanjmonkey did you find what the problem was - I am waiting to make sure the issue is not with my code before releasing 3.4.9
sanjmonkey
@sanjmonkey
@thomas-mangin nothing conclusive yet. can reproduce in every VM I’ve had access to, though not had time to test with anything physical yet. Have turned off tcp segment offload off in vm, doesn’t appear to make a difference
Thomas Mangin
@thomas-mangin
Thank you for the update
I will try to get it tested in a real machine tomorrow