[prev in list] [next in list] [prev in thread] [next in thread]
List: bird-users
Subject: Re: ifname in filters
From: Alexander Velkov <alvel85 () googlemail ! com>
Date: 2016-07-04 16:40:16
Message-ID: CAHMGNnHocTi6x9mqv8cC8ca-HFy3dqbyV2YTArgLzzWUeTn3HA () mail ! gmail ! com
[Download RAW message or body]
Hi Ondrej,
thanks for the Info!
> 'ifname' represents an interface associated with the route (i.e. one to
> which the route aims), not the iface to which the route is announced by
> RIP. When route is accepted for protocol, it is accepted for all
> interfaces of the protocol (unless split horizon applies).
yes, I saw that while debugging and that explains why the filter did not
get activated.
I also checked if the 'gw' and 'from' attributes could be used in some way,
but the values were empty IPs.
> If you want better control, you could configure two protocol instances,
> one for each interface. Such setup has some limitations and may require
> some tweaking, but should work.
I will try to configure it. Could you please elaborate what limitations you
see in this approach ?
Thanks,
Alex
On Mon, Jul 4, 2016 at 6:00 PM, Ondrej Zajicek <santiago@crfreenet.org>
wrote:
> On Mon, Jul 04, 2016 at 03:49:06PM +0200, Alexander Velkov wrote:
> > Hello,
> >
> > I would like to configure RIP with different ACLs set on different RIP
> > interfaces. For this purpose I thought I could use the '*ifname*' route
> > attribute in bird filters. The problem I am facing is that when I use it,
> > no RIP routes are announced at all, so maybe I am using a wrong syntax.
>
> Hi
>
> 'ifname' represents an interface associated with the route (i.e. one to
> which the route aims), not the iface to which the route is announced by
> RIP. When route is accepted for protocol, it is accepted for all
> interfaces of the protocol (unless split horizon applies).
>
> It would be a good idea to have separate import/export filters per
> interface, but that is not supported now.
>
> If you want better control, you could configure two protocol instances,
> one for each interface. Such setup has some limitations and may require
> some tweaking, but should work.
>
> --
> Elen sila lumenn' omentielvo
>
> Ondrej 'Santiago' Zajicek (email: santiago@crfreenet.org)
> OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net)
> "To err is human -- to blame it on a computer is even more so."
>
[Attachment #3 (text/html)]
<div dir="ltr"><div><div><div>Hi Ondrej,<br><br>thanks for the Info!<br><br>> \
'ifname' represents an interface associated with the route (i.e. one to<br> \
> which the route aims), not the iface to which the route is announced by<br> > \
RIP. When route is accepted for protocol, it is accepted for all<br> > interfaces \
of the protocol (unless split horizon applies).<br><br></div>yes, I saw that while \
debugging and that explains why the filter did not get activated.<br></div>I also \
checked if the 'gw' and 'from' attributes could be used in some way, \
but the values were empty IPs.<br><br>> If you want better control, you could \
configure two protocol instances,<br> > one for each interface. Such setup has \
some limitations and may require<br>> some tweaking, but should \
work.<br><br></div><div><div>I will try to configure it. Could you please elaborate \
what limitations you see in this approach \
?<br><br></div><div>Thanks,<br></div><div>Alex \
<br></div><div><br></div></div></div><div class="gmail_extra"><br><div \
class="gmail_quote">On Mon, Jul 4, 2016 at 6:00 PM, Ondrej Zajicek <span \
dir="ltr"><<a href="mailto:santiago@crfreenet.org" \
target="_blank">santiago@crfreenet.org</a>></span> wrote:<br><blockquote \
class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc \
solid;padding-left:1ex"><span class="">On Mon, Jul 04, 2016 at 03:49:06PM +0200, \
Alexander Velkov wrote:<br> > Hello,<br>
><br>
> I would like to configure RIP with different ACLs set on different RIP<br>
</span>> interfaces. For this purpose I thought I could use the '*ifname*' \
route<br> <span class="">> attribute in bird filters. The problem I am facing is \
that when I use it,<br> > no RIP routes are announced at all, so maybe I am using \
a wrong syntax.<br> <br>
</span>Hi<br>
<br>
'ifname' represents an interface associated with the route (i.e. one to<br>
which the route aims), not the iface to which the route is announced by<br>
RIP. When route is accepted for protocol, it is accepted for all<br>
interfaces of the protocol (unless split horizon applies).<br>
<br>
It would be a good idea to have separate import/export filters per<br>
interface, but that is not supported now.<br>
<br>
If you want better control, you could configure two protocol instances,<br>
one for each interface. Such setup has some limitations and may require<br>
some tweaking, but should work.<br>
<span class="HOEnZb"><font color="#888888"><br>
--<br>
Elen sila lumenn' omentielvo<br>
<br>
Ondrej 'Santiago' Zajicek (email: <a \
href="mailto:santiago@crfreenet.org">santiago@crfreenet.org</a>)<br> OpenPGP \
encrypted e-mails preferred (KeyID 0x11DEADC3, <a href="http://wwwkeys.pgp.net" \
rel="noreferrer" target="_blank">wwwkeys.pgp.net</a>)<br> "To err is human -- to \
blame it on a computer is even more so."<br> \
</font></span></blockquote></div><br></div>
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic