Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. Quagga>
  3. Users
BGP flapping: BGP type 2 length 3300 is too large, attribute total length is 2309.
zdenek.janda at cloudevelops
Sep 30, 2017, 11:14 AM
Post #1 of 9 (1781 views)
Permalink
Hi,
after 3 years of operating quagga bgpd, i did have suddenly hit error
between two Quagga BGPD routers:

2017/09/30 20:05:47 BGP: 185.120.68.25: BGP type 2 length 3300 is too
large, attribute total length is 2309. attr_endp is 0x55b24ff1f323.
endp is 0x55b24ff1ef3c

Routers do exchange these and flap indefinitely. Other peers than quagga
seem to be ok.

I encountered the error on 0.99.24.1-2 from Ubuntu, but it persists
after upgrading both nodes to 1.1.1-3

Do you have any idea why this happened after years of issue-less
operation and what can i do about it ? I am out of options here.

Bellow are both sides configs.

Thanks for any suggestions
Zdenek Janda




Config of router #1:




!
! quagga common template
!
hostname r2
password quagga
enable password quagga
!
!
! bgpd base template
!
log file /var/log/quagga/bgpd.log
!
! bgpd config of r2
!
router bgp 65200
bgp router-id 185.120.68.3
bgp confederation identifier 8646
bgp confederation peers 65100
network 185.120.68.0/22
no synchronization
no bgp enforce-first-as
bgp always-compare-med
! bgp scan-time 15
!
neighbor INT65100 peer-group
neighbor INT65100 description CZ1 internal peering
neighbor INT65100 timers 10 30
neighbor INT65100 next-hop-self
neighbor INT65100 send-community both
neighbor INT65100 soft-reconfiguration inbound
!
neighbor 185.120.68.25 remote-as 65100
neighbor 185.120.68.25 peer-group INT65100
neighbor 185.120.68.25 description r1
!
neighbor INT65200 peer-group
neighbor INT65200 description CZ2 internal peering
neighbor INT65200 timers 10 30
neighbor INT65200 next-hop-self
neighbor INT65200 send-community both
neighbor INT65200 soft-reconfiguration inbound
!
neighbor 185.120.68.30 remote-as 65200
neighbor 185.120.68.30 peer-group INT65200
neighbor 185.120.68.30 description r4
!
neighbor NIX peer-group
neighbor NIX description NIX public route-servers
neighbor NIX timers 10 30
neighbor NIX next-hop-self
neighbor NIX send-community both
neighbor NIX soft-reconfiguration inbound
neighbor NIX prefix-list GENOUT out
neighbor NIX prefix-list NIXIN in
!
neighbor 91.210.16.246 remote-as 6881
neighbor 91.210.16.246 peer-group NIX
neighbor 91.210.16.246 description nix1
!
neighbor 91.210.16.245 remote-as 6881
neighbor 91.210.16.245 peer-group NIX
neighbor 91.210.16.245 description nix2
!
neighbor 91.210.16.1 remote-as 47200
neighbor 91.210.16.1 peer-group NIX
neighbor 91.210.16.1 description nix3
!
neighbor 91.210.16.2 remote-as 47200
neighbor 91.210.16.2 peer-group NIX
neighbor 91.210.16.2 description nix4
!
neighbor NIXCIS peer-group
neighbor NIXCIS description Cloudinfrastack generic peer group
neighbor NIXCIS timers 10 30
neighbor NIXCIS next-hop-self
neighbor NIXCIS send-community both
neighbor NIXCIS soft-reconfiguration inbound
neighbor NIXCIS prefix-list GENOUT out
!
neighbor 91.210.16.201 remote-as 6939
neighbor 91.210.16.201 peer-group NIXCIS
neighbor 91.210.16.201 description as-hurricane
!
neighbor NET3 peer-group
neighbor NET3 description Net3 generic peer group
neighbor NET3 timers 10 30
neighbor NET3 next-hop-self
neighbor NET3 send-community both
neighbor NET3 soft-reconfiguration inbound
!
neighbor 185.120.69.195 remote-as 50980
neighbor 185.120.69.195 peer-group NET3
neighbor 185.120.69.195 description as-net3
!
ip prefix-list NIXIN description NIX ip prefixes in
ip prefix-list NIXIN seq 99 permit any
!
ip prefix-list GENOUT description Cloudinfrastack ip prefixes out
ip prefix-list GENOUT seq 10 permit 185.120.68.0/22 le 24
ip prefix-list GENOUT seq 10 permit 185.133.196.0/22 le 24
ip prefix-list GENOUT seq 99 deny any
!





Config of router #2:

!
! quagga common template
!
hostname r2
password quagga
enable password quagga
!
!
! bgpd base template
!
log file /var/log/quagga/bgpd.log
!
! bgpd config of r2
!
router bgp 65100
bgp router-id 185.120.68.2
bgp confederation identifier 8646
bgp confederation peers 65200
network 185.120.68.0/22
no synchronization
no bgp enforce-first-as
bgp always-compare-med
! bgp scan-time 15
!
neighbor INT65100 peer-group
neighbor INT65100 description CZ1 internal peering
neighbor INT65100 timers 10 30
neighbor INT65100 next-hop-self
neighbor INT65100 send-community both
neighbor INT65100 soft-reconfiguration inbound
!
neighbor 185.120.68.17 remote-as 65100
neighbor 185.120.68.17 peer-group INT65100
neighbor 185.120.68.17 description r1
!
neighbor INT65200 peer-group
neighbor INT65200 description CZ2 internal peering
neighbor INT65200 timers 10 30
neighbor INT65200 next-hop-self
neighbor INT65200 send-community both
neighbor INT65200 soft-reconfiguration inbound
!
neighbor 185.120.68.26 remote-as 65200
neighbor 185.120.68.26 peer-group INT65200
neighbor 185.120.68.26 description r3
!
neighbor OFX peer-group
neighbor OFX description OFX public route-servers
neighbor OFX timers 10 30
neighbor OFX next-hop-self
neighbor OFX send-community both
neighbor OFX soft-reconfiguration inbound
neighbor OFX route-map OFX-RM-OUT out
neighbor OFX prefix-list OFX-PF-IN in
!
neighbor 185.99.116.1 remote-as 33877
neighbor 185.99.116.1 peer-group OFX
neighbor 185.99.116.1 description ofx1
!
neighbor 185.99.116.2 remote-as 33877
neighbor 185.99.116.2 peer-group OFX
neighbor 185.99.116.2 description ofx2
!
neighbor PEERINGCZ peer-group
neighbor PEERINGCZ description Cloudinfrastack Peering.cz peer group
neighbor PEERINGCZ timers 10 30
neighbor PEERINGCZ next-hop-self
neighbor PEERINGCZ send-community both
neighbor PEERINGCZ soft-reconfiguration inbound
neighbor PEERINGCZ route-map PEERINGCZ-RM-OUT out
neighbor PEERINGCZ prefix-list PEERINGCZ-PF-IN in
!
neighbor 91.213.211.1 remote-as 61195
neighbor 91.213.211.1 peer-group PEERINGCZ
neighbor 91.213.211.1 description as-peeringcz1
!
neighbor 91.213.211.2 remote-as 61195
neighbor 91.213.211.2 peer-group PEERINGCZ
neighbor 91.213.211.2 description as-peeringcz2
!
neighbor 91.213.211.100 remote-as 39392
neighbor 91.213.211.100 peer-group PEERINGCZ
neighbor 91.213.211.100 description as-supernetworkpr1
!
neighbor 91.213.211.101 remote-as 39392
neighbor 91.213.211.101 peer-group PEERINGCZ
neighbor 91.213.211.101 description as-supernetworkpr2
!
neighbor SUPERNETWORK peer-group
neighbor SUPERNETWORK description Supernetwork peer group
neighbor SUPERNETWORK timers 10 30
neighbor SUPERNETWORK next-hop-self
neighbor SUPERNETWORK send-community both
neighbor SUPERNETWORK soft-reconfiguration inbound
neighbor SUPERNETWORK route-map SUPERNETWORK-RM-OUT out
neighbor SUPERNETWORK prefix-list SUPERNETWORK-PF-IN in
!
neighbor 88.86.99.193 remote-as 39392
neighbor 88.86.99.193 peer-group SUPERNETWORK
neighbor 88.86.99.193 description as-supernetworktr1
!
neighbor HURRICANE peer-group
neighbor HURRICANE description Cloudinfrastack generic peer group
neighbor HURRICANE timers 10 30
neighbor HURRICANE next-hop-self
neighbor HURRICANE send-community both
neighbor HURRICANE soft-reconfiguration inbound
neighbor HURRICANE route-map HURRICANE-RM-OUT out
neighbor HURRICANE prefix-list HURRICANE-PF-IN in
!
neighbor 91.213.211.118 remote-as 6939
neighbor 91.213.211.118 peer-group HURRICANE
neighbor 91.213.211.118 description as-hurricanepr2
!
neighbor COGENT peer-group
neighbor COGENT description Cogent peer group
neighbor COGENT timers 10 30
neighbor COGENT next-hop-self
neighbor COGENT send-community both
neighbor COGENT soft-reconfiguration inbound
neighbor COGENT route-map COGENT-RM-OUT out
neighbor COGENT prefix-list COGENT-PF-IN in
!
neighbor 149.6.25.89 remote-as 174
neighbor 149.6.25.89 peer-group COGENT
neighbor 149.6.25.89 description as-cogent
!
neighbor LEVEL3 peer-group
neighbor LEVEL3 description Cloudinfrastack Level3 peer group
neighbor LEVEL3 timers 10 30
neighbor LEVEL3 next-hop-self
neighbor LEVEL3 send-community both
neighbor LEVEL3 soft-reconfiguration inbound
neighbor LEVEL3 route-map LEVEL3-RM-OUT out
neighbor LEVEL3 prefix-list LEVEL3-PF-IN in
!
neighbor 212.162.8.177 remote-as 3356
neighbor 212.162.8.177 peer-group LEVEL3
neighbor 212.162.8.177 description as-level3
!
neighbor TELIA peer-group
neighbor TELIA description Cloudinfrastack Telia peer group
neighbor TELIA timers 10 30
neighbor TELIA next-hop-self
neighbor TELIA send-community both
neighbor TELIA soft-reconfiguration inbound
neighbor TELIA route-map TELIA-RM-OUT out
neighbor TELIA prefix-list TELIA-PF-IN in
!
neighbor 213.248.77.138 remote-as 1299
neighbor 213.248.77.138 peer-group TELIA
neighbor 213.248.77.138 description as-telia
!
ip prefix-list OFX-PF-IN description OFX ip prefixes in
ip prefix-list OFX-PF-IN seq 99 permit any
!
ip prefix-list PEERINGCZ-PF-IN description PEERINGCZ ip prefixes in
ip prefix-list PEERINGCZ-PF-IN seq 99 permit any
!
ip prefix-list SUPERNETWORK-PF-IN description SUPERNETWORK ip prefixes in
ip prefix-list SUPERNETWORK-PF-IN seq 99 permit any
!
ip prefix-list HURRICANE-PF-IN description HURRICANE ip prefixes in
ip prefix-list HURRICANE-PF-IN seq 99 permit any
!
ip prefix-list COGENT-PF-IN description COGENT ip prefixes in
ip prefix-list COGENT-PF-IN seq 99 permit any
!
ip prefix-list LEVEL3-PF-IN description LEVEL3 ip prefixes in
ip prefix-list LEVEL3-PF-IN seq 99 permit any
!
ip prefix-list TELIA-PF-IN description TELIA ip prefixes in
ip prefix-list TELIA-PF-IN seq 99 permit any
!
ip prefix-list GEN-PF-OUT description Generic ip prefixes out
ip prefix-list GEN-PF-OUT seq 10 permit 185.133.196.0/22
ip prefix-list GEN-PF-OUT seq 20 permit 185.120.68.0/22
ip prefix-list GEN-PF-OUT seq 99 deny any
!
route-map OFX-RM-OUT permit 10
match ip address prefix-list GEN-PF-OUT
set weight 0
set local-preference 100
!
route-map PEERINGCZ-RM-OUT permit 10
match ip address prefix-list GEN-PF-OUT
set weight 0
set local-preference 100
!
route-map SUPERNETWORK-RM-OUT permit 10
match ip address prefix-list GEN-PF-OUT
set weight 0
set local-preference 100
!
route-map HURRICANE-RM-OUT permit 10
match ip address prefix-list GEN-PF-OUT
set weight 0
set local-preference 100
!
route-map COGENT-RM-OUT permit 10
match ip address prefix-list GEN-PF-OUT
set weight 0
set local-preference 100
!
route-map LEVEL3-RM-OUT permit 10
match ip address prefix-list GEN-PF-OUT
set weight 0
set local-preference 100
!
route-map TELIA-RM-OUT permit 10
match ip address prefix-list GEN-PF-OUT
set weight 0
set local-preference 100
!
_______________________________________________
Quagga-users mailing list
Quagga-users@lists.quagga.net
https://lists.quagga.net/mailman/listinfo/quagga-users
Re: BGP flapping: BGP type 2 length 3300 is too large, attribute total length is 2309. [ In reply to ]
q-u at opsec
Sep 30, 2017, 11:49 AM
Post #2 of 9 (1781 views)
Permalink
HI!

> after 3 years of operating quagga bgpd, i did have suddenly hit error
> between two Quagga BGPD routers:
>
> 2017/09/30 20:05:47 BGP: 185.120.68.25: BGP type 2 length 3300 is too
> large, attribute total length is 2309. attr_endp is 0x55b24ff1f323.
> endp is 0x55b24ff1ef3c

Yes, we had the same problem this morning.

See the discussion around this mailthread

https://lists.quagga.net/pipermail/quagga-users/2017-September/014836.html

for some hints.

--
pi@opsec.eu +49 171 3101372 3 years to go !
_______________________________________________
Quagga-users mailing list
Quagga-users@lists.quagga.net
https://lists.quagga.net/mailman/listinfo/quagga-users
Re: BGP flapping: BGP type 2 length 3300 is too large, attribute total length is 2309. [ In reply to ]
mf at 14v
Oct 2, 2017, 8:24 AM
Post #3 of 9 (1777 views)
Permalink
> Message: 2
> Date: Sat, 30 Sep 2017 20:49:57 +0200
> From: Kurt Jaeger <q-u@opsec.eu>
> To: Zdenek Janda <zdenek.janda@cloudevelops.com>
> Cc: quagga-users@lists.quagga.net
> Subject: [quagga-users 14814] Re: BGP flapping: BGP type 2 length 3300
> is too large, attribute total length is 2309.
> Message-ID: <20170930184957.GG86601@home.opsec.eu>
> Content-Type: text/plain; charset=us-ascii
>
> HI!
>
> > after 3 years of operating quagga bgpd, i did have suddenly hit error
> > between two Quagga BGPD routers:
> >
> > 2017/09/30 20:05:47 BGP: 185.120.68.25: BGP type 2 length 3300 is too
> > large, attribute total length is 2309. attr_endp is 0x55b24ff1f323.
> > endp is 0x55b24ff1ef3c
>
> Yes, we had the same problem this morning.
>
> See the discussion around this mailthread
>
> https://lists.quagga.net/pipermail/quagga-users/2017-September/014836.html

please take a look at the following patch by Andreas Jaggi:

https://lists.quagga.net/pipermail/quagga-dev/2017-September/033284.html

Since applying it, our routers have not been hit with this problem
again. If you must rely on distro packages, you may want to draw the
distro package maintainer's attention to this patch.

The workaround with as-path access-list restricting the number of as path
components as noted in
https://lists.quagga.net/pipermail/quagga-users/2017-September/014839.html
will only help the routers _behind_ the one applying this access-list.
A router receiving such a malformed AS path from outside will still show
this problem.

Regards
Matthias Ferdinand
_______________________________________________
Quagga-users mailing list
Quagga-users@lists.quagga.net
https://lists.quagga.net/mailman/listinfo/quagga-users
Re: BGP flapping: BGP type 2 length 3300 is too large, attribute total length is 2309. [ In reply to ]
q-u at opsec
Oct 2, 2017, 9:56 AM
Post #4 of 9 (1777 views)
Permalink
Hi!

> > Yes, we had the same problem this morning.
> >
> > See the discussion around this mailthread
> >
> > https://lists.quagga.net/pipermail/quagga-users/2017-September/014836.html
>
> please take a look at the following patch by Andreas Jaggi:
>
> https://lists.quagga.net/pipermail/quagga-dev/2017-September/033284.html

Yes, I added it to the FreeBSD quagga port.

> Since applying it, our routers have not been hit with this problem
> again. If you must rely on distro packages, you may want to draw the
> distro package maintainer's attention to this patch.

For FreeBSD, that's me 8-}

--
pi@opsec.eu +49 171 3101372 3 years to go !
_______________________________________________
Quagga-users mailing list
Quagga-users@lists.quagga.net
https://lists.quagga.net/mailman/listinfo/quagga-users
Re: BGP flapping: BGP type 2 length 3300 is too large, attribute total length is 2309. [ In reply to ]
edinilson at atinet
Oct 2, 2017, 10:19 AM
Post #5 of 9 (1775 views)
Permalink
So, FreeBSD users that have installed Quagga from ports doesn?t need to
apply this patch?

Regards

Edinilson
------------------------------------------
ATINET
Tel Voz: (0xx11) 4412-0876
http://www.atinet.com.br


----- Original Message -----
From: "Kurt Jaeger" <q-u@opsec.eu>
To: "Matthias Ferdinand" <mf@14v.de>
Cc: <quagga-users@lists.quagga.net>
Sent: Monday, October 02, 2017 1:56 PM
Subject: [quagga-users 14829] Re: BGP flapping: BGP type 2 length 3300 is
too large, attribute total length is 2309.


> Hi!
>
>> > Yes, we had the same problem this morning.
>> >
>> > See the discussion around this mailthread
>> >
>> >
>> > https://lists.quagga.net/pipermail/quagga-users/2017-September/014836.html
>>
>> please take a look at the following patch by Andreas Jaggi:
>>
>>
>> https://lists.quagga.net/pipermail/quagga-dev/2017-September/033284.html
>
> Yes, I added it to the FreeBSD quagga port.
>
>> Since applying it, our routers have not been hit with this problem
>> again. If you must rely on distro packages, you may want to draw the
>> distro package maintainer's attention to this patch.
>
> For FreeBSD, that's me 8-}
>
> --
> pi@opsec.eu +49 171 3101372 3 years to
> go !
> _______________________________________________
> Quagga-users mailing list
> Quagga-users@lists.quagga.net
> https://lists.quagga.net/mailman/listinfo/quagga-users
>

_______________________________________________
Quagga-users mailing list
Quagga-users@lists.quagga.net
https://lists.quagga.net/mailman/listinfo/quagga-users
Re: BGP flapping: BGP type 2 length 3300 is too large, attribute total length is 2309. [ In reply to ]
balajig81 at gmail
Oct 2, 2017, 10:30 AM
Post #6 of 9 (1775 views)
Permalink
The fix for this problem is available in master and would obviously be in
the next release which would happen in a day or two

Thanks
Balaji

On Mon, 2 Oct 2017 at 22:54, Edinilson - ATINET <edinilson@atinet.com.br>
wrote:

> So, FreeBSD users that have installed Quagga from ports doesn´t need to
> apply this patch?
>
> Regards
>
> Edinilson
> ------------------------------------------
> ATINET
> Tel Voz: (0xx11) 4412-0876
> http://www.atinet.com.br
>
>
> ----- Original Message -----
> From: "Kurt Jaeger" <q-u@opsec.eu>
> To: "Matthias Ferdinand" <mf@14v.de>
> Cc: <quagga-users@lists.quagga.net>
> Sent: Monday, October 02, 2017 1:56 PM
> Subject: [quagga-users 14829] Re: BGP flapping: BGP type 2 length 3300 is
> too large, attribute total length is 2309.
>
>
> > Hi!
> >
> >> > Yes, we had the same problem this morning.
> >> >
> >> > See the discussion around this mailthread
> >> >
> >> >
> >> >
> https://lists.quagga.net/pipermail/quagga-users/2017-September/014836.html
> >>
> >> please take a look at the following patch by Andreas Jaggi:
> >>
> >>
> >>
> https://lists.quagga.net/pipermail/quagga-dev/2017-September/033284.html
> >
> > Yes, I added it to the FreeBSD quagga port.
> >
> >> Since applying it, our routers have not been hit with this problem
> >> again. If you must rely on distro packages, you may want to draw the
> >> distro package maintainer's attention to this patch.
> >
> > For FreeBSD, that's me 8-}
> >
> > --
> > pi@opsec.eu +49 171 3101372 3 years
> to
> > go !
> > _______________________________________________
> > Quagga-users mailing list
> > Quagga-users@lists.quagga.net
> > https://lists.quagga.net/mailman/listinfo/quagga-users
> >
>
> _______________________________________________
> Quagga-users mailing list
> Quagga-users@lists.quagga.net
> https://lists.quagga.net/mailman/listinfo/quagga-users
>
Re: BGP flapping: BGP type 2 length 3300 is too large, attribute total length is 2309. [ In reply to ]
q-u at opsec
Oct 2, 2017, 10:49 AM
Post #7 of 9 (1775 views)
Permalink
Hi!

> So, FreeBSD users that have installed Quagga from ports don't need to
> apply this patch?

Only if you build from a ports tree after the commit r451045.

And currently, I'd suggest to use the just-committed net/quagga-esr,
which is based on 0.99.24.1, which does not seem to have the issue
described in

https://bugzilla.quagga.net/show_bug.cgi?id=870

--
pi@opsec.eu +49 171 3101372 3 years to go !
_______________________________________________
Quagga-users mailing list
Quagga-users@lists.quagga.net
https://lists.quagga.net/mailman/listinfo/quagga-users
Re: BGP flapping: BGP type 2 length 3300 is too large, attribute total length is 2309. [ In reply to ]
q-u at opsec
Oct 2, 2017, 10:50 AM
Post #8 of 9 (1775 views)
Permalink
Hi!

> The fix for this problem is available in master and would obviously be in
> the next release which would happen in a day or two

Will that new release also fix

https://bugzilla.quagga.net/show_bug.cgi?id=870

?

--
pi@opsec.eu +49 171 3101372 3 years to go !
_______________________________________________
Quagga-users mailing list
Quagga-users@lists.quagga.net
https://lists.quagga.net/mailman/listinfo/quagga-users
Re: BGP flapping: BGP type 2 length 3300 is too large, attribute total length is 2309. [ In reply to ]
edinilson at atinet
Oct 27, 2017, 6:36 AM
Post #9 of 9 (1729 views)
Permalink
Kurt, I?m trying to use net/quagga-esr (bgpd version 0.99.24.1) on a Freebsd
11.1 but the following error is being raised:

*** Error reading config: There is no such command.
ipv6 nd suppress-ra


Regards


Edinilson
------------------------------------------
ATINET
Tel Voz: (0xx11) 4412-0876
http://www.atinet.com.br


----- Original Message -----
From: "Kurt Jaeger" <q-u@opsec.eu>
To: "Edinilson - ATINET" <edinilson@atinet.com.br>
Cc: <quagga-users@lists.quagga.net>
Sent: Monday, October 02, 2017 3:49 PM
Subject: [quagga-users 14832] Re: BGP flapping: BGP type 2 length 3300 is
too large, attribute total length is 2309.


> Hi!
>
>> So, FreeBSD users that have installed Quagga from ports don't need to
>> apply this patch?
>
> Only if you build from a ports tree after the commit r451045.
>
> And currently, I'd suggest to use the just-committed net/quagga-esr,
> which is based on 0.99.24.1, which does not seem to have the issue
> described in
>
> https://bugzilla.quagga.net/show_bug.cgi?id=870
>
> --
> pi@opsec.eu +49 171 3101372 3 years to
> go !
> _______________________________________________
> Quagga-users mailing list
> Quagga-users@lists.quagga.net
> https://lists.quagga.net/mailman/listinfo/quagga-users
>

_______________________________________________
Quagga-users mailing list
Quagga-users@lists.quagga.net
https://lists.quagga.net/mailman/listinfo/quagga-users

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal