plugins icon indicating copy to clipboard operation
plugins copied to clipboard

Published 20 hours ago verified publisher icon opnsense

net/frr: set no bgp default ipv4-unicast in bgpd.conf

Open vnxme opened this issue 3 years ago • 2 comments
trafficstars

By default any BGP neighbor has IPv4-unicast address family enabled. This leads to a number of IPv6 neighbors listed under the IPv4-unicast summary in Routing -> Diagnostics -> BGP ->Summary with NoNeg status (unless it is OpnSense on the other side as well). With no bgp default ipv4-unicast option we will have only IPv4 neighbors under the IPv4-unicast address family summary and only IPv6 neighbors under the IPv6-unicast address family summary.

Please, refer to the docs for details.

vnxme avatar Aug 04 '22 12:08 vnxme

Whats happens when you have online v4 neighbors with this patch?

mimugmail avatar Aug 04 '22 16:08 mimugmail

Both v4 and v6 neighbors successfully establish BGP sessions with this patch. Tested myself by changing /usr/local/etc/frr/bgpd.conf and restarting the service from the web interface.

In config we explicitly activate an address family for each listed neighbor based on its address. So this patch just disables IPv4-unicast for IPv6 neighbors.

vnxme avatar Aug 04 '22 17:08 vnxme

@mimugmail @fichtner So what do you think about this PR?

vnxme avatar Sep 08 '22 07:09 vnxme

I don't mind but I'm not able to speak from a technical/implementational standpoint here. That's up to @mimugmail

fichtner avatar Sep 08 '22 07:09 fichtner

Sorry for being late, my spare time is quite limited :(

mimugmail avatar Sep 08 '22 07:09 mimugmail

Merged, thanks!

fichtner avatar Sep 08 '22 07:09 fichtner