Binding two IP addresses to bgpd
Apologies if I’m missing something easy here — I think I’ve looked at this for too long. I want my bgpd process to listen to 2 IP addresses — one IPv4 and one IPv6. I cannot find a syntax that allows this to happen. I can listen to one or the other. I really don’t want to run two bgpd processes to accomplish it. (I could let it bind to the default 0.0.0.0 / :: and use a firewall, but, again, I’d rather just bind to the two addresses I need it on, if possible.) Thanks, -Matt
I don't believe this is possible. Can you elaborate a bit on your use case so we can understand what the goal is? Quentin On Thu, Nov 19, 2020 at 11:47 AM Matt Riffle <matt@pair.com> wrote:
Apologies if I’m missing something easy here — I think I’ve looked at this for too long.
I want my bgpd process to listen to 2 IP addresses — one IPv4 and one IPv6. I cannot find a syntax that allows this to happen. I can listen to one or the other. I really don’t want to run two bgpd processes to accomplish it. (I could let it bind to the default 0.0.0.0 / :: and use a firewall, but, again, I’d rather just bind to the two addresses I need it on, if possible.)
Thanks,
-Matt
_______________________________________________ frog mailing list frog@lists.frrouting.org https://lists.frrouting.org/listinfo/frog
Hi, This is just from an user point/config view. I haven’t tried with FRR but other network Oss allow simultaneous BGP sessions with IPv4/IPv6 addresses For its sessions. The use case would be an ordinary dual stack router or sometimes transporting IPv6 AF across IPv4 session and vice versa ?? Jan From: frog <frog-bounces@lists.frrouting.org> On Behalf Of Quentin Young Sent: 01 December 2020 20:27 To: Matt Riffle <matt@pair.com> Cc: frog <frog@lists.frrouting.org> Subject: Re: [FROG] Binding two IP addresses to bgpd I don't believe this is possible. Can you elaborate a bit on your use case so we can understand what the goal is? Quentin On Thu, Nov 19, 2020 at 11:47 AM Matt Riffle <matt@pair.com<mailto:matt@pair.com>> wrote: Apologies if I’m missing something easy here — I think I’ve looked at this for too long. I want my bgpd process to listen to 2 IP addresses — one IPv4 and one IPv6. I cannot find a syntax that allows this to happen. I can listen to one or the other. I really don’t want to run two bgpd processes to accomplish it. (I could let it bind to the default 0.0.0.0 / :: and use a firewall, but, again, I’d rather just bind to the two addresses I need it on, if possible.) Thanks, -Matt _______________________________________________ frog mailing list frog@lists.frrouting.org<mailto:frog@lists.frrouting.org> https://lists.frrouting.org/listinfo/frog<https://urldefense.com/v3/__https:/lists.frrouting.org/listinfo/frog__;!!BhdT!0aI1JLviqBnpOJ4Jx6aKfmVNFPcHlZ3LyDgtxAC6s_lnJT508hZNXvsnKBAPQw$>
Hello, This is a feature that I'd dearly like to have also. In my setup, we run two routing agents, bird and frr. Bird is used by Calico to form an overlay on its own. frr provides actual routing for the host. Since frr's bgpd binds to 0.0.0.0:179, bird isn't able to run even if it's set to listen on a specific interface. The workaround I used is to change the listen port on one of them, which isn't the most ideal. Regards, Derrick On Thu, Feb 4, 2021 at 4:45 AM Novak, Jan <jan.novak@intl.att.com> wrote:
Hi,
This is just from an user point/config view. I haven’t tried with FRR but other network Oss allow simultaneous BGP sessions with IPv4/IPv6 addresses
For its sessions. The use case would be an ordinary dual stack router or sometimes transporting IPv6
AF across IPv4 session and vice versa ??
Jan
From: frog <frog-bounces@lists.frrouting.org> On Behalf Of Quentin Young Sent: 01 December 2020 20:27 To: Matt Riffle <matt@pair.com> Cc: frog <frog@lists.frrouting.org> Subject: Re: [FROG] Binding two IP addresses to bgpd
I don't believe this is possible. Can you elaborate a bit on your use case so we can understand what the goal is?
Quentin
On Thu, Nov 19, 2020 at 11:47 AM Matt Riffle <matt@pair.com> wrote:
Apologies if I’m missing something easy here — I think I’ve looked at this for too long.
I want my bgpd process to listen to 2 IP addresses — one IPv4 and one IPv6. I cannot find a syntax that allows this to happen. I can listen to one or the other. I really don’t want to run two bgpd processes to accomplish it. (I could let it bind to the default 0.0.0.0 / :: and use a firewall, but, again, I’d rather just bind to the two addresses I need it on, if possible.)
Thanks,
-Matt
_______________________________________________ frog mailing list frog@lists.frrouting.org https://lists.frrouting.org/listinfo/frog
_______________________________________________ frog mailing list frog@lists.frrouting.org https://lists.frrouting.org/listinfo/frog
This was implemented recently: https://github.com/FRRouting/frr/pull/7748 It won't be in the next release (7.5.1) but ought to be in the following major release. ________________________________________ From: Derrick Lim <derrickltl@gmail.com> Sent: Thursday, February 25, 2021 11:59 PM To: Novak, Jan Cc: Quentin Young; Matt Riffle; frog Subject: Re: [FROG] Binding two IP addresses to bgpd External email: Use caution opening links or attachments Hello, This is a feature that I'd dearly like to have also. In my setup, we run two routing agents, bird and frr. Bird is used by Calico to form an overlay on its own. frr provides actual routing for the host. Since frr's bgpd binds to 0.0.0.0:179, bird isn't able to run even if it's set to listen on a specific interface. The workaround I used is to change the listen port on one of them, which isn't the most ideal. Regards, Derrick On Thu, Feb 4, 2021 at 4:45 AM Novak, Jan <jan.novak@intl.att.com> wrote:
Hi,
This is just from an user point/config view. I haven’t tried with FRR but other network Oss allow simultaneous BGP sessions with IPv4/IPv6 addresses
For its sessions. The use case would be an ordinary dual stack router or sometimes transporting IPv6
AF across IPv4 session and vice versa ??
Jan
From: frog <frog-bounces@lists.frrouting.org> On Behalf Of Quentin Young Sent: 01 December 2020 20:27 To: Matt Riffle <matt@pair.com> Cc: frog <frog@lists.frrouting.org> Subject: Re: [FROG] Binding two IP addresses to bgpd
I don't believe this is possible. Can you elaborate a bit on your use case so we can understand what the goal is?
Quentin
On Thu, Nov 19, 2020 at 11:47 AM Matt Riffle <matt@pair.com> wrote:
Apologies if I’m missing something easy here — I think I’ve looked at this for too long.
I want my bgpd process to listen to 2 IP addresses — one IPv4 and one IPv6. I cannot find a syntax that allows this to happen. I can listen to one or the other. I really don’t want to run two bgpd processes to accomplish it. (I could let it bind to the default 0.0.0.0 / :: and use a firewall, but, again, I’d rather just bind to the two addresses I need it on, if possible.)
Thanks,
-Matt
_______________________________________________ frog mailing list frog@lists.frrouting.org https://lists.frrouting.org/listinfo/frog
_______________________________________________ frog mailing list frog@lists.frrouting.org https://lists.frrouting.org/listinfo/frog
Thanks for responding; sorry for the belated reply. I have a machine with two different interfaces (one private, one public), each with an IPv4 and an IPv6 address. I want to listen only on the private interface. By default, it binds to * and listens on both interfaces. I can get it to listen to *just* the IPv4 on my private interface, or just the IPv6, but not both without it also listening on the public interface. Thanks, -Matt
On Dec 1, 2020, at 3:27 PM, Quentin Young <qlyoung@cumulusnetworks.com> wrote:
I don't believe this is possible. Can you elaborate a bit on your use case so we can understand what the goal is?
Quentin
On Thu, Nov 19, 2020 at 11:47 AM Matt Riffle <matt@pair.com <mailto:matt@pair.com>> wrote: Apologies if I’m missing something easy here — I think I’ve looked at this for too long.
I want my bgpd process to listen to 2 IP addresses — one IPv4 and one IPv6. I cannot find a syntax that allows this to happen. I can listen to one or the other. I really don’t want to run two bgpd processes to accomplish it. (I could let it bind to the default 0.0.0.0 / :: and use a firewall, but, again, I’d rather just bind to the two addresses I need it on, if possible.)
Thanks,
-Matt
_______________________________________________ frog mailing list frog@lists.frrouting.org <mailto:frog@lists.frrouting.org> https://lists.frrouting.org/listinfo/frog <https://lists.frrouting.org/listinfo/frog>
Hello, we would also like to configure bgpd to bind to some IPs only. We are migrating over from BIRD to FRR and would like to replicate the current BIRD binding configuration with FRR. Our BGP routers have multiple interfaces and IPs and only some of them are used for BGP sessions, so we would like to limit to which IP addresses FRR binds to, to limit unnecessary exposure. The documentation describes "--listenon" but that supports only a single IP address, is that correct? (and has the side effect that routes are not installed into the kernel) http://docs.frrouting.org/en/latest/bgp.html#cmdoption-bgpd-l I tried to use "-l" multiple times: -l 192.168.0.1 -l 192.168.123.123 but only the last address is taken into account, others are ignored. We would like to implement what BIRD calls "strict bind" https://bird.network.cz/?get_doc&v=20&f=bird-6.html#bgp-strict-bind
strict bind switch
Specify whether BGP listening socket should be bound to a specific local address (the same as the source address) and associated interface, or to all addresses.
It is not necessary that this is done as automatically as in BIRD but it would be great to have the possibility to configure FRR to use specific IPs in a future FRR releaese (if not possible yet). thanks, David
participants (6)
-
David Bader -
Derrick Lim -
Matt Riffle -
Novak, Jan -
Quentin Young -
Quentin Young