Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

OpenBGPD: next-hop rewriting for IPv6 blackhole filtering requests #3

pierky opened this issue Mar 16, 2017 · 2 comments


None yet
1 participant
Copy link

commented Mar 16, 2017

When using blackhole_filtering.policy_ipv6 = rewrite-next-hop, the IPv6 address configured in rewrite_next_hop_ipv6 seems to be set correctly in the route that leaves the route server but actually it is not included into the BGP UPDATE and instead it is replaced with the route server's address.

After REUSE_INSTANCES=1 nosetests -vs tests/live_tests/scenarios/global/ -m test_071_blackholed_prefixes_as_seen_by_enabled_clients_BLACKHOLE:

bgpctl -n show rib detail out neighbor 2001:db8:1:1::11 2a02:0:3::1/128

BGP routing table entry for 2a02:0:3::1/128
    Nexthop 2001:db8:1:1::66 (via 2001:db8:1:1::66) from
2001:db8:1:1::21 (
    Origin IGP, metric 0, localpref 100, weight 0, external, valid, best
    Last update: 00:00:27 ago
    Communities: NO_EXPORT BLACKHOLE

From the output of tcpdump on AS1_1:

 Multi-Protocol Reach NLRI (14), length: 55, Flags [O]:
     AFI: IPv6 (2), SAFI: Unicast (1)
     nexthop: 2001:db8:1:1::2, nh-length: 16, no SNPA


@pierky pierky added the bug label Mar 16, 2017


This comment has been minimized.

Copy link
Owner Author

commented Mar 28, 2017

It seems that this issue is due to a bug in OpenBGPD:
I'll update this as soon as I have tested the patch.

@pierky pierky removed the bug label Apr 18, 2017


This comment has been minimized.

Copy link
Owner Author

commented Apr 18, 2017

The problem herein reported was due to a bug in OpenBGP < OpenBSD 6.1, fixed with openbsd/src@f1385c8
OpenBSD 6.1 works fine.
ARouteServer handles this case by producing a compatibility error when the target version is 6.0.

@pierky pierky closed this in 864b018 Apr 21, 2017

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.