[Babel-users] filtering harder?

Dave Taht dave.taht at gmail.com
Wed Nov 19 22:40:39 UTC 2014 

On Wed, Nov 19, 2014 at 2:19 PM, Juliusz Chroboczek
<jch at pps.univ-paris-diderot.fr> wrote:
>> So given that I was exporting a x.y.128.0/20
>> I had wondered how to filter out the 128.1, 130.1, 129.1
>> on the 3 interfaces from the rangeley.
>
> I'm still not clear about what you're doing, but if it's a simple matter
> of not redistributing these routes, you can simply say:
>
>   redistribute local ip x.y.128.1/32 deny

Thank you, that did the trick. I was kind of looking for a
generic syntax for matching all 3. (0.0.0.0/32 eq 32?).
(the situation is that I would like babel to monitoring IFF_RUNNING
 but dont need the .1s as I have the covering route)

Looking 5 hops further into my network and waiting for a while
showed this:

root at lounge:~# ip route | grep 172.21

172.21.2.21 via 172.20.2.4 dev se00  proto babel onlink
172.21.128.0/20 via 172.20.2.4 dev se00  proto babel onlink
unreachable 172.21.128.1  proto babel  metric 4294967295 onlink
172.21.128.10 via 172.20.2.4 dev se00  proto babel onlink
unreachable 172.21.130.1  proto babel  metric 4294967295 onlink

Which then cleared a few seconds later

172.21.2.0/24 via 172.20.2.4 dev se00  proto babel onlink
172.21.2.21 via 172.20.2.4 dev se00  proto babel onlink
172.21.128.0/20 via 172.20.2.4 dev se00  proto babel onlink
172.21.128.10 via 172.20.2.4 dev se00  proto babel onlink

1) Am I saving any on packet size by doing this much filtering?

2) (note that this is a very simplified example, I presently have 48
(used to 90) routes for ipv4 and am about to add 5 source specific
ipv6 gateways and that related potential explosion of routes
scares me)

3) As for the last, 10 entry, this is basically a stubby box,
(network monitor) and  guess I could also tell it to not redistribute
its ip the same way, but either need to hook it into dhcp to get its
address, or
redistribute local ip deny?

>
> If you want to avoid redistributing them over just some interfaces, you
> need to hook your filter at a different place:
>
>   out ip x.y.128.1 if wlan42 deny

heh. Well, ages ago I had got this working right with nat in the way
for ipv4 but allowing ipv6.

Thankfully now the network is thoroughly de-natted and uniquely numbered.

>
> -- Juliusz
>



-- 
Dave Täht

thttp://www.bufferbloat.net/projects/bloat/wiki/Upcoming_Talks

More information about the Babel-users mailing list