Sample Header Ad - 728x90

(I)BGP Asymmetric Routing problem

1 vote
0 answers
158 views
debian networking routing bird
I have a really strange problem with (I)BGP and asymmetric routing and maybe you can help me. # My setup is as follows: # 
Router A (running with bird on Linux) ← Internet / eBGP → upstream A / upstream B
↑
|
| VPN / IBGP
|
↓
Router B (running with bird on Linux) ← Internet / eBGP → upstream C / upstream D
The routers are connected over VPN. The routes are shared with IBGP between the two nodes and are chosen by the shorted AS path in general. Firewalls between the nodes are still off. So, connection tracking should not be an issue. Forwarding (
.ipv6.conf.all.forwarding=1
) is also activated. --- # And now to my problem: # The outgoing traffic (ICMP ping, traceroute ...) works without problems on both routers. **for example a traceroute, from Router A** 
traceroute to 31173.se (2a03:1b20:1:f104::1:109), 30 hops max, 80 byte packets
 1  RouterB (*************)  4.464 ms  4.408 ms  4.384 ms
 2  * * upstreamC (*************)  5.522 ms
 3  * * *
 4  fra-eq5-cr1.ipv6.31173.se (2001:7f8::99b7:0:1)  13.002 ms  12.983 ms  12.928 ms
 5  cph-ix1-cr2-et-0-0-2-v2043.ipv6.31173.se (2a03:1b20:8:fe06::1)  21.167 ms  21.107 ms  21.083 ms
 6  mlm-vg4-cr2-et-0-0-3-v2029.ipv6.31173.se (2a03:1b20:8:fe00::2)  21.484 ms  21.229 ms  21.230 ms
 7  mlm-sp-cr1-ae0.ipv6.31173.se (2a03:1b20:1:fe36::1)  22.516 ms  22.520 ms  22.492 ms
 8  mlm-sg-dr1-ae2.ipv6.31173.se (2a03:1b20:1:fe12::2)  56.773 ms  56.750 ms  41.987 ms
 9  31173.se (2a03:1b20:1:f104::1:109)  21.872 ms  21.801 ms  21.775 ms
**But the incoming traffic (from 2a03:1b20:1:f104::1:109) fails partially in case the route back goes asymmetrical over the other router (here, the traceroute should arrive on Router A first, because it comes from upstreamA):** 
traceroute to RouterA (*************), 30 hops max, 80 byte packets
 1  mlm-sg-dr1-v104.ipv6.31173.se (2a03:1b20:1:f104::1)  4.306 ms  4.185 ms  4.072 ms
 2  mlm-sp-cr1-ae1.ipv6.31173.se (2a03:1b20:1:fe12::1)  22.329 ms  22.232 ms  22.080 ms
 3  ams-eq6-cr1-et-0-0-2-v2037.ipv6.31173.se (2a03:1b20:3:fe02::1)  11.838 ms  12.009 ms  11.909 ms
 4  upstreamA (*************)  12.860 ms  12.732 ms  12.672 ms
 5  upstreamA (*************)  20.225 ms  20.345 ms  20.289 ms
 6  * * *
 7  * * *
-- Traceroute timed out --
Doing a tcpdump it actually shows the incoming packet on Router A and the outgoing reply packet on Router B, but it seems the reply never reaches the originating destination (2a03:1b20:1:f104::1:109). Do you have any ideas how I can solve the problem?
Asked by waldy327 (11 rep)
Aug 25, 2023, 11:22 PM
Sidebar Ad - 300x250
Related Questions

Browse more questions from Unix & Linux Stack Exchange

More questions tagged "debian"
More questions tagged "networking"
More questions tagged "routing"
Footer Ad - 728x90