Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[RPKI] Pretag map filtering not working for ROA status #769

Open
SanderDelden opened this issue Mar 14, 2024 · 4 comments
Open

[RPKI] Pretag map filtering not working for ROA status #769

SanderDelden opened this issue Mar 14, 2024 · 4 comments

Comments

@SanderDelden
Copy link

Description
I'm attempting to only print information pertaining to RPKI invalid prefixes, to achieve this I'm making use of the pretag map to filter based on ROA status. Unfortunately this does not seem to work, no data is printed. To verify this isn't being caused by simply having no traffic to invalid prefixes I adjusted the filter to set_tag=1 dst_roa=v but the problem remains.

Example nfacctd configuration:

plugins: print[ROA]

# Global config

bgp_daemon: true
bgp_daemon_port: 179
nfacctd_as: bgp
bgp_peer_src_as_type: bgp
bgp_daemon_max_peers: 1
bgp_agent_map: /etc/pmacct/mappings/bgp.map
nfacctd_port: 5009
nfacctd_renormalize: true
nfacctd_time_new: true
rpki_rtr_cache: 127.0.0.1:3323
rpki_rtr_cache_version: 1

# Plugin information config

pre_tag_filter[ROA]: 1
pre_tag_map[ROA]: /etc/pmacct/mappings/roa_pretag.map
aggregate[ROA]: dst_as, dst_roa, peer_dst_as, dst_net, dst_mask
print_output_file[ROA]: /tmp/pmacct/1m_ROA.json
print_output[ROA]: json
print_history[ROA]: 1m
print_history_roundoff[ROA]: m
print_refresh_time[ROA]: 60
print_output_file_append[ROA]: true

Example pretag map:

set_tag=1 dst_roa=i

Version
We are running 1.7.8, unfortunately I have not been able to test against bleeding-edge due to #768

Appreciation
Please consider starring this project to boost our reach on github!

If any additional information is required, please let me know.
@paololucente paololucente mentioned this issue Mar 19, 2024
Open
@paololucente
Copy link
Member

Hi Sander ( @SanderDelden ),

Great meeting you. Can you check if commit 6640470 does resolve your issue?

Paolo

@SanderDelden
Copy link
Author

Hi Paolo,

Likewise! I'm trying to test this, but due to the CI failing (https://github.com/pmacct/pmacct/actions/runs/9345167670/job/25717551719#step:3:5316) I'm unable to grab the latest Docker image. Compiling the source manually naturally leads to the same error.

Any suggestions on how to get this commit running?

@paololucente
Copy link
Member

Hi Sander,

It was a mistake of mine. Can you retry with latest code in master?

Paolo

@SanderDelden
Copy link
Author

Hi Paolo,

I'm having some issues with nfacctd so I switched to sfacctd for testing this. It seems like the issue is still present as no data is being printed.

sfacctd.conf:

plugins: print[TEST]

bgp_daemon: true
bgp_daemon_max_peers: 2
bgp_daemon_port: 180
bgp_agent_map: /etc/pmacct/mappings/bgp.map
sfacctd_as: bgp
sfacctd_net: bgp
bgp_peer_src_as_type: bgp
sfacctd_port: 5008
sfacctd_renormalize: true
rpki_rtr_cache: 0.0.0.0:3323
rpki_rtr_cache_version: 1

pre_tag_filter[TEST]: 1
pre_tag_map[TEST]: /etc/pmacct/mappings/roa_pretag.map
aggregate[TEST]: dst_as, dst_net, dst_host, dst_mask, dst_roa
print_output_file[TEST]: /tmp/pmacct/1m_sfacctd.json
print_output[TEST]: json
print_history[TEST]: 1m
print_history_roundoff[TEST]: m
print_refresh_time[TEST]: 60
print_output_file_append[TEST]: true

roa_pretag.map:

set_tag=1 dst_roa=v

Logs:

sfacctd-1  | INFO ( default/core ): sFlow Accounting Daemon, sfacctd 1.7.10-git (20240603-2 (f424904c))
sfacctd-1  | INFO ( default/core ):  '--enable-mysql' '--enable-pgsql' '--enable-sqlite3' '--enable-kafka' '--enable-geoipv2' '--enable-jansson' '--enable-rabbitmq' '--enable-nflog' '--enable-ndpi' '--enable-zmq' '--enable-avro' '--enable-serdes' '--enable-redis' '--enable-gnutls' 'AVRO_CFLAGS=-I/usr/local/avro/include' 'AVRO_LIBS=-L/usr/local/avro/lib -lavro' '--enable-l2' '--enable-traffic-bins' '--enable-bgp-bins' '--enable-bmp-bins' '--enable-st-bins'
sfacctd-1  | INFO ( default/core ): Reading configuration file '/etc/pmacct/sfacctd.conf'.
sfacctd-1  | INFO ( default/core ): [/etc/pmacct/mappings/bgp.map] (re)loading map.
sfacctd-1  | INFO ( default/core ): [/etc/pmacct/mappings/bgp.map] map successfully (re)loaded.
sfacctd-1  | INFO ( default/core/BGP ): maximum BGP peers allowed: 2
sfacctd-1  | INFO ( default/core/RPKI ): Connected to RTR Cache: 0.0.0.0:3323
sfacctd-1  | INFO ( default/core/BGP ): waiting for BGP data on interface=all ip=:: port=180/tcp
sfacctd-1  | INFO ( default/core ): [/etc/pmacct/mappings/roa_pretag.map] (re)loading map.
sfacctd-1  | INFO ( default/core ): [/etc/pmacct/mappings/roa_pretag.map] map successfully (re)loaded.
sfacctd-1  | INFO ( default/core ): waiting for sFlow data on interface=all ip=:: port=5008/udp
sfacctd-1  | INFO ( TEST/print ): cache entries=16411 base cache memory=72208400 bytes
sfacctd-1  | INFO ( TEST/print ): JSON: setting object handlers.
sfacctd-1  | INFO ( TEST/print ): *** Purging cache - START (PID: 11) ***
sfacctd-1  | INFO ( TEST/print ): *** Purging cache - END (PID: 11, QN: 0/0, ET: X) ***
sfacctd-1  | INFO ( default/core/BGP ): [2.2.2.2] BGP peers usage: 1/2
sfacctd-1  | INFO ( default/core/BGP ): [2.2.2.2] Capability: 4-bytes AS [65] ASN [12345]
sfacctd-1  | INFO ( default/core/BGP ): [2.2.2.2] Capability: MultiProtocol [1] AFI [1] SAFI [1]
sfacctd-1  | INFO ( default/core/BGP ): [2.2.2.2] Capability: ADD-PATHs [69] AFI [1] SAFI [1] SEND_RECEIVE [1]
sfacctd-1  | INFO ( default/core/BGP ): [2.2.2.2] BGP_OPEN: Local AS: 12345 Remote AS: 12345 HoldTime: 180
sfacctd-1  | INFO ( default/core/BGP ): [1.1.1.1] BGP peers usage: 2/2
sfacctd-1  | INFO ( default/core/BGP ): [1.1.1.1] Capability: 4-bytes AS [65] ASN [12345]
sfacctd-1  | INFO ( default/core/BGP ): [1.1.1.1] Capability: MultiProtocol [1] AFI [1] SAFI [1]
sfacctd-1  | INFO ( default/core/BGP ): [1.1.1.1] Capability: ADD-PATHs [69] AFI [1] SAFI [1] SEND_RECEIVE [1]
sfacctd-1  | INFO ( default/core/BGP ): [1.1.1.1] BGP_OPEN: Local AS: 12345 Remote AS: 12345 HoldTime: 180
sfacctd-1  | INFO ( TEST/print ): *** Purging cache - START (PID: 12) ***
sfacctd-1  | INFO ( TEST/print ): *** Purging cache - END (PID: 12, QN: 0/0, ET: X) ***
sfacctd-1  | INFO ( TEST/print ): *** Purging cache - START (PID: 13) ***
sfacctd-1  | INFO ( TEST/print ): *** Purging cache - END (PID: 13, QN: 0/0, ET: X) ***
sfacctd-1  | INFO ( TEST/print ): *** Purging cache - START (PID: 14) ***
sfacctd-1  | INFO ( TEST/print ): *** Purging cache - END (PID: 14, QN: 0/0, ET: X) ***
sfacctd-1  | INFO ( TEST/print ): *** Purging cache - START (PID: 15) ***
sfacctd-1  | INFO ( TEST/print ): *** Purging cache - END (PID: 15, QN: 0/0, ET: X) ***
sfacctd-1  | INFO ( TEST/print ): *** Purging cache - START (PID: 16) ***
sfacctd-1  | INFO ( TEST/print ): *** Purging cache - END (PID: 16, QN: 0/0, ET: X) ***
sfacctd-1  | INFO ( TEST/print ): *** Purging cache - START (PID: 17) ***

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@paololucente @SanderDelden