Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    OpenBGPD Config Help

    Scheduled Pinned Locked Moved Routing and Multi WAN
    2 Posts 2 Posters 3.9k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A Offline
      acherman
      last edited by

      Hey everyone, I have been working on getting an OpenBGP + CARP config working, but have been unable to get any input on a config issue, so I have resorted to a work around, but now I'm having another issue.  I'm running the latest release, 2.0.2-Release, with the OpenBGPD package installed.  I have my config all done (I believe), but it contains to deny rules by default.  I thought I would start the service and see if those go away thinking maybe they are there while the service isn't running.  Anyway, when I start the service, the GUI flashes the message saying it has been started, but the status never changes.  In the system logs I get see this:

      Jan 15 10:35:02	bgpd[33739]: Terminating
Jan 15 10:35:02	bgpd[33969]: session engine exiting
Jan 15 10:35:02	bgpd[33920]: route decision engine exiting
Jan 15 10:35:02	bgpd[33739]: config file /var/etc/openbgpd/bgpd.conf has errors, not reloading
Jan 15 10:35:02	bgpd[33739]: config file /var/etc/openbgpd/bgpd.conf has errors, not reloading
Jan 15 10:35:02	bgpd[33739]: /var/etc/openbgpd/bgpd.conf:18: syntax error
Jan 15 10:35:02	bgpd[33739]: /var/etc/openbgpd/bgpd.conf:18: syntax error
Jan 15 10:35:02	bgpd[33739]: /var/etc/openbgpd/bgpd.conf:10: syntax error
Jan 15 10:35:02	bgpd[33739]: /var/etc/openbgpd/bgpd.conf:10: syntax error
Jan 15 10:35:02	bgpd[33969]: session engine ready
Jan 15 10:35:02	bgpd[33920]: route decision engine ready
Jan 15 10:35:02	bgpd[33969]: no kernel support for PF_KEY
Jan 15 10:35:02	bgpd[33969]: no kernel support for PF_KEY
Jan 15 10:35:02	bgpd[33739]: startup

      My config looks like this:

      # This file was created by the package manager.  Do not edit!

AS ABCD
fib-update yes
network aa.bb.125.0/24
group "Telus" {
	remote-as XXX
		neighbor xx.xx.241.3 {
    	 descr "Telus BGP"
		tcp md5sig password xxxxx
		announce all  
}
}
group "Shaw" {
	remote-as YYY
		neighbor yy.yy.127.249 {
    	 descr "Shaw BGP"
		tcp md5sig password xxxxx
		announce all  
}
}
deny from any
deny to any
allow from xx.xx.241.3
allow to xx.xx.241.3
allow from yy.yy.127.249
allow to yy.yy.127.249

      Any help is appreciated.  If someone knows if this is not the best place for help, please point me in the right direction.  At this point I am willing to ask for some budget to pay for someones time that can help get this working.

      Thanks.

      Aaron

      1 Reply Last reply Reply Quote 0
      • C Offline
        cmb
        last edited by

        tcp md5sig support isn't available at this time, that's why it fails on those config lines.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.