Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Ignored prefix is alerted for in monitorAS #100

Closed
DamianZaremba opened this issue Dec 15, 2019 · 2 comments
Closed

Ignored prefix is alerted for in monitorAS #100

DamianZaremba opened this issue Dec 15, 2019 · 2 comments
Labels
bug Something isn't working next release Implemented but will be released with the next release

Comments

@DamianZaremba
Copy link
Contributor

Describe the bug
When a prefix is configured with ignore: true and an ASN covered by monitorASns announces the prefix a misconfiguration is emitted.

Per the documentation ignore should Exclude the current prefix from monitoring. Useful when you are monitoring a prefix and you want to exclude a particular sub-prefix, which I interpret to mean we shouldn't alert for things related to this prefix.

Currently this appears to work for prefix monitoring (monitorHijack, monitorNewPrefix, monitorPath, monitorVisibility), but not for AS monitoring.

Provide an example

config.yml

environment: production

connectors:
  - file: connectorRIS
    name: ris
    params:
      carefulSubscription: true
      url: wss://ris-live.ripe.net/v1/ws/
      subscription:
        moreSpecific: true
        type: UPDATE
        host:
        socketOptions:
          includeRaw: false

monitors:
  - file: monitorVisibility
    channel: visibility
    name: withdrawal-detection
    params:
      thresholdMinPeers: 1

  - file: monitorAS
    channel: misconfiguration
    name: asn-monitor
    params:
      thresholdMinPeers: 1

reports:
  - file: reportFile
    channels:
      - misconfiguration
      - visibility

notificationIntervalSeconds: 86400
alertOnlyOnce: true

monitoredPrefixesFiles:
  - prefixes.yml

logging:
  directory: logs
  logRotatePattern: YYYY-MM-DD 
  zippedArchive: true
  maxSize: 80m
  maxFiles: 7d

checkForUpdatesAtBoot: true

prefixes.yml

172.111.69.96/27:
    asn: [65001]
    description: example prefix
    ignore: true
    ignoreMorespecifics: true

options:
    monitorASns:
        65001: {group: default}

Expected behavior

  1. When AS65001 announces 172.111.69.96/27 no message is emitted from BGPalerter.
  2. When AS65001 withdraws 172.111.69.96/27 no message is emitted from BGPalerter.

Currently 2 is happening, however for the AS path monitor it is being logged/notified;

$ cat reports-2019-12-15.log
[production] verbose: AS65001 is announcing 172.111.69.96/27 but this prefix is not in the configured list of announced prefixes

Are you using the binary or the source code?

Binary;

# /opt/bgpalerter/bgpalerter-linux-x64 --version
1.22.0
@massimocandela
Copy link
Member

Thanks for reporting. I think your pull request is also perfect.
I'm going to merge this in dev (the next release is close) and upload a new pre-release binary for you to use in the meanwhile.

@massimocandela massimocandela added the next release Implemented but will be released with the next release label Dec 15, 2019
@massimocandela
Copy link
Member

Binary available in pre-release v1.22.2-pre

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug Something isn't working next release Implemented but will be released with the next release
Projects
None yet
Development

No branches or pull requests

2 participants