summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--print-bgp.c105
-rw-r--r--tests/TESTLIST1
-rw-r--r--tests/bgp-bgpsec.out778
-rw-r--r--tests/bgp-bgpsec.pcapbin0 -> 7686 bytes
4 files changed, 884 insertions, 0 deletions
diff --git a/print-bgp.c b/print-bgp.c
index 1292542c..4fc39957 100644
--- a/print-bgp.c
+++ b/print-bgp.c
@@ -173,6 +173,7 @@ static const struct tok bgp_route_refresh_subtype_values[] = {
#define BGPTYPE_PE_DISTINGUISHER_LABEL 27 /* RFC6514 */
#define BGPTYPE_ENTROPY_LABEL 28 /* RFC6790 */
#define BGPTYPE_LARGE_COMMUNITY 32 /* draft-ietf-idr-large-community-05 */
+#define BGPTYPE_BGPSEC_PATH 33 /* RFC8205 */
#define BGPTYPE_ATTR_SET 128 /* RFC6368 */
#define BGP_MP_NLRI_MINSIZE 3 /* End of RIB Marker detection */
@@ -201,6 +202,7 @@ static const struct tok bgp_attr_values[] = {
{ BGPTYPE_PE_DISTINGUISHER_LABEL, "PE Distinguisher Label"},
{ BGPTYPE_ENTROPY_LABEL, "Entropy Label"},
{ BGPTYPE_LARGE_COMMUNITY, "Large Community"},
+ { BGPTYPE_BGPSEC_PATH, "BGPsec Path"},
{ BGPTYPE_ATTR_SET, "Attribute Set"},
{ 255, "Reserved for development"},
{ 0, NULL}
@@ -245,6 +247,7 @@ static const struct tok bgp_opt_values[] = {
#define BGP_CAPCODE_MR 4 /* RFC3107 */
#define BGP_CAPCODE_EXT_NH 5 /* RFC5549 */
#define BGP_CAPCODE_EXT_MSG 6 /* RFC8654 */
+#define BGP_CAPCODE_BGPSEC 7 /* RFC8205 */
#define BGP_CAPCODE_ML 8 /* RFC8277 */
#define BGP_CAPCODE_RESTART 64 /* RFC4724 */
#define BGP_CAPCODE_AS_NEW 65 /* RFC6793 */
@@ -262,6 +265,7 @@ static const struct tok bgp_capcode_values[] = {
{ BGP_CAPCODE_MR, "Multiple Routes to a Destination"},
{ BGP_CAPCODE_EXT_NH, "Extended Next Hop Encoding"},
{ BGP_CAPCODE_EXT_MSG, "BGP Extended Message"},
+ { BGP_CAPCODE_BGPSEC, "BGPsec"},
{ BGP_CAPCODE_ML, "Multiple Labels"},
{ BGP_CAPCODE_RESTART, "Graceful Restart"},
{ BGP_CAPCODE_AS_NEW, "32-Bit AS Number"},
@@ -600,6 +604,18 @@ static const struct tok bgp_add_path_recvsend[] = {
{ 0, NULL },
};
+static const struct tok bgp_bgpsec_bitmap_str[] = {
+ { 1U << 0, "MBZ-0" },
+ { 1U << 1, "MBZ-1" },
+ { 1U << 2, "MBZ-2" },
+ { 1U << 3, "MBZ-3" },
+ { 1U << 4, "MBZ-4" },
+ { 1U << 5, "MBZ-5" },
+ { 1U << 6, "MBZ-6" },
+ { 1U << 7, "C" },
+ { 0, NULL}
+};
+
#define AS_STR_SIZE sizeof("xxxxx.xxxxx")
/*
@@ -2543,6 +2559,74 @@ bgp_attr_print(netdissect_options *ndo,
len -= 12;
}
break;
+ case BGPTYPE_BGPSEC_PATH:
+ {
+ uint16_t sblen, splen;
+
+ splen = GET_BE_U_2(tptr);
+
+ /*
+ * A secure path has a minimum length of 8 bytes:
+ * 2 bytes length field
+ * 6 bytes per secure path segment
+ */
+ ND_ICHECKMSG_U("secure path length", splen, <, 8);
+
+ ND_PRINT("\n\t Secure Path Length: %u", splen);
+
+ tptr += 2;
+ splen -= 2;
+ /* Make sure the secure path length does not signal trailing bytes */
+ if (splen % 6) {
+ ND_PRINT(" [invalid total segments len %u]", splen);
+ break;
+ }
+
+ /* Parse secure path segments */
+ while (splen != 0) {
+ uint8_t pcount = GET_U_1(tptr);
+ uint8_t flags = GET_U_1(tptr + 1);
+ uint32_t asn = GET_BE_U_4(tptr + 2);
+ ND_PRINT("\n\t Secure Path Segment: pCount: %u, Flags: [%s] (0x%02x), AS: %u",
+ pcount,
+ bittok2str(bgp_bgpsec_bitmap_str, "none", flags),
+ flags,
+ asn);
+ tptr += 6;
+ splen -= 6;
+ }
+
+ sblen = GET_BE_U_2(tptr);
+
+ ND_PRINT("\n\t Signature Block: Length: %u, Algo ID: %u",
+ sblen,
+ GET_U_1(tptr + 2));
+
+ tptr += 3;
+ sblen -= 3;
+ /* Parse signature segments */
+ while (sblen > 0) {
+ uint16_t siglen;
+
+ ND_PRINT("\n\t Signature Segment:\n\t SKI: ");
+ ND_ICHECKMSG_U("remaining length", sblen, <, 20);
+ hex_print(ndo, "\n\t ", tptr, 20);
+ tptr += 20;
+ sblen -= 20;
+ ND_ICHECKMSG_U("remaining length", sblen, <, 2);
+ siglen = GET_BE_U_2(tptr);
+ tptr += 2;
+ sblen -= 2;
+
+ ND_PRINT("\n\t Length: %u", siglen);
+ ND_ICHECKMSG_U("remaining length", sblen, <, siglen);
+ ND_PRINT("\n\t Signature:");
+ hex_print(ndo, "\n\t ", tptr, siglen);
+ tptr += siglen;
+ sblen -= siglen;
+ }
+ break;
+ }
default:
ND_TCHECK_LEN(pptr, len);
ND_PRINT("\n\t no Attribute %u decoder", atype); /* we have no decoder for the attribute */
@@ -2557,6 +2641,10 @@ done:
}
return 1;
+invalid:
+ nd_print_invalid(ndo);
+ return 1;
+
trunc:
return 0;
}
@@ -2592,6 +2680,23 @@ bgp_capabilities_print(netdissect_options *ndo,
tok2str(bgp_safi_values, "Unknown", GET_U_1(opt + i + 5)),
GET_U_1(opt + i + 5));
break;
+ case BGP_CAPCODE_BGPSEC:
+ /* Version (4 bits), Direction (1 bit), Flags (3 bits), AFI (16 bits) */
+ cap_offset = 1;
+ /* The capability length [...] MUST be set to 3. */
+ if (cap_len != 3) {
+ ND_PRINT(" [%u != 3]", cap_len);
+ return;
+ }
+
+ ND_PRINT("\n\t\tVersion %u, Direction %s (%u), AFI %s (%u)",
+ GET_U_1(opt + i + 2)&0xf0,
+ (GET_U_1(opt + i + 2)&0x08) ? "Send" : "Receive",
+ (GET_U_1(opt + i + 2)&0x08)>>3,
+ bittok2str(af_values, "Unknown",
+ GET_BE_U_2(opt + i + cap_offset + 2)),
+ GET_BE_U_2(opt + i + cap_offset + 2));
+ break;
case BGP_CAPCODE_ML:
cap_offset = 2;
tcap_len = cap_len;
diff --git a/tests/TESTLIST b/tests/TESTLIST
index 1b0d9593..763b251c 100644
--- a/tests/TESTLIST
+++ b/tests/TESTLIST
@@ -70,6 +70,7 @@ bgp-cease-hard-reset bgp-cease-hard-reset.pcap bgp-cease-hard-reset.out -v
bgp-malformed-hard-reset bgp-malformed-hard-reset.pcap bgp-malformed-hard-reset.out -v
bgp-bfd-cease bgp-bfd-cease.pcap bgp-bfd-cease.out -v
bgp-orf bgp-orf.pcapng bgp-orf.out -v
+bgp-bgpsec bgp-bgpsec.pcap bgp-bgpsec.out -v
# Broadcom tag tests
brcmtag brcm-tag.pcap brcm-tag.out
diff --git a/tests/bgp-bgpsec.out b/tests/bgp-bgpsec.out
new file mode 100644
index 00000000..7fadd3e3
--- /dev/null
+++ b/tests/bgp-bgpsec.out
@@ -0,0 +1,778 @@
+ 1 13:45:50.158839 IP (tos 0xc0, ttl 1, id 931, offset 0, flags [DF], proto TCP (6), length 60)
+ 172.18.0.2.44538 > 172.18.0.3.179: Flags [S], cksum 0x5858 (incorrect -> 0xe30a), seq 1813951547, win 64240, options [mss 1460,sackOK,TS val 2791087222 ecr 0,nop,wscale 7], length 0
+ 2 13:45:50.158874 IP (tos 0xc0, ttl 64, id 0, offset 0, flags [DF], proto TCP (6), length 40)
+ 172.18.0.3.179 > 172.18.0.2.44538: Flags [R.], cksum 0x889e (correct), seq 0, ack 1813951548, win 0, length 0
+ 3 13:45:52.580424 IP (tos 0xc0, ttl 1, id 49352, offset 0, flags [DF], proto TCP (6), length 60)
+ 172.18.0.3.54094 > 172.18.0.2.179: Flags [S], cksum 0x5858 (incorrect -> 0xe776), seq 2144546963, win 64240, options [mss 1460,sackOK,TS val 1161315278 ecr 0,nop,wscale 7], length 0
+ 4 13:45:52.580594 IP (tos 0xc0, ttl 255, id 0, offset 0, flags [DF], proto TCP (6), length 60)
+ 172.18.0.2.179 > 172.18.0.3.54094: Flags [S.], cksum 0x5858 (incorrect -> 0xb7ed), seq 2060149963, ack 2144546964, win 65160, options [mss 1460,sackOK,TS val 2791089644 ecr 1161315278,nop,wscale 7], length 0
+ 5 13:45:52.580696 IP (tos 0xc0, ttl 1, id 49353, offset 0, flags [DF], proto TCP (6), length 52)
+ 172.18.0.3.54094 > 172.18.0.2.179: Flags [.], cksum 0x5850 (incorrect -> 0xe34b), ack 1, win 502, options [nop,nop,TS val 1161315279 ecr 2791089644], length 0
+ 6 13:45:52.582638 IP (tos 0xc0, ttl 1, id 29723, offset 0, flags [DF], proto TCP (6), length 159)
+ 172.18.0.2.179 > 172.18.0.3.54094: Flags [P.], cksum 0x58bb (incorrect -> 0xf937), seq 1:108, ack 1, win 510, options [nop,nop,TS val 2791089646 ecr 1161315279], length 107: BGP
+ Open Message (1), length: 107
+ Version 4, my AS 2, Holdtime 180s, ID 172.18.0.2
+ Optional parameters, length: 78
+ Option Capabilities Advertisement (2), length: 6
+ Multiprotocol Extensions (1), length: 4
+ AFI IPv4 (1), SAFI Unicast (1)
+ Option Capabilities Advertisement (2), length: 2
+ Route Refresh (Cisco) (128), length: 0
+ Option Capabilities Advertisement (2), length: 2
+ Route Refresh (2), length: 0
+ Option Capabilities Advertisement (2), length: 2
+ Enhanced Route Refresh (70), length: 0
+ Option Capabilities Advertisement (2), length: 6
+ 32-Bit AS Number (65), length: 4
+ 4 Byte AS 2
+ Option Capabilities Advertisement (2), length: 2
+ BGP Extended Message (6), length: 0
+ Option Capabilities Advertisement (2), length: 6
+ Multiple Paths (69), length: 4
+ AFI IPv4 (1), SAFI Unicast (1), Send/Receive: Receive
+ Option Capabilities Advertisement (2), length: 9
+ Unknown (73), length: 7
+ no decoder for Capability 73
+ 0x0000: 0562 6770 6431 00
+ Option Capabilities Advertisement (2), length: 5
+ BGPsec (7), length: 3
+ Version 0, Direction Send (1), AFI IPv4 (1)
+ Option Capabilities Advertisement (2), length: 5
+ BGPsec (7), length: 3
+ Version 0, Direction Receive (0), AFI IPv4 (1)
+ Option Capabilities Advertisement (2), length: 5
+ BGPsec (7), length: 3
+ Version 0, Direction Send (1), AFI IPv6 (2)
+ Option Capabilities Advertisement (2), length: 4
+ Graceful Restart (64), length: 2
+ Restart Flags: [R], Restart Time 120s
+ 7 13:45:52.582735 IP (tos 0xc0, ttl 1, id 49354, offset 0, flags [DF], proto TCP (6), length 52)
+ 172.18.0.3.54094 > 172.18.0.2.179: Flags [.], cksum 0x5850 (incorrect -> 0xe2dc), ack 108, win 502, options [nop,nop,TS val 1161315281 ecr 2791089646], length 0
+ 8 13:45:52.583463 IP (tos 0xc0, ttl 1, id 49355, offset 0, flags [DF], proto TCP (6), length 159)
+ 172.18.0.3.54094 > 172.18.0.2.179: Flags [P.], cksum 0x58bb (incorrect -> 0xf6cf), seq 1:108, ack 108, win 502, options [nop,nop,TS val 1161315282 ecr 2791089646], length 107: BGP
+ Open Message (1), length: 107
+ Version 4, my AS 3, Holdtime 180s, ID 172.18.0.3
+ Optional parameters, length: 78
+ Option Capabilities Advertisement (2), length: 6
+ Multiprotocol Extensions (1), length: 4
+ AFI IPv4 (1), SAFI Unicast (1)
+ Option Capabilities Advertisement (2), length: 2
+ Route Refresh (Cisco) (128), length: 0
+ Option Capabilities Advertisement (2), length: 2
+ Route Refresh (2), length: 0
+ Option Capabilities Advertisement (2), length: 2
+ Enhanced Route Refresh (70), length: 0
+ Option Capabilities Advertisement (2), length: 6
+ 32-Bit AS Number (65), length: 4
+ 4 Byte AS 3
+ Option Capabilities Advertisement (2), length: 2
+ BGP Extended Message (6), length: 0
+ Option Capabilities Advertisement (2), length: 6
+ Multiple Paths (69), length: 4
+ AFI IPv4 (1), SAFI Unicast (1), Send/Receive: Receive
+ Option Capabilities Advertisement (2), length: 9
+ Unknown (73), length: 7
+ no decoder for Capability 73
+ 0x0000: 0562 6770 6432 00
+ Option Capabilities Advertisement (2), length: 5
+ BGPsec (7), length: 3
+ Version 0, Direction Send (1), AFI IPv4 (1)
+ Option Capabilities Advertisement (2), length: 5
+ BGPsec (7), length: 3
+ Version 0, Direction Receive (0), AFI IPv4 (1)
+ Option Capabilities Advertisement (2), length: 5
+ BGPsec (7), length: 3
+ Version 0, Direction Send (1), AFI IPv6 (2)
+ Option Capabilities Advertisement (2), length: 4
+ Graceful Restart (64), length: 2
+ Restart Flags: [R], Restart Time 120s
+ 9 13:45:52.583533 IP (tos 0xc0, ttl 1, id 29724, offset 0, flags [DF], proto TCP (6), length 52)
+ 172.18.0.2.179 > 172.18.0.3.54094: Flags [.], cksum 0x5850 (incorrect -> 0xe267), ack 108, win 510, options [nop,nop,TS val 2791089647 ecr 1161315282], length 0
+ 10 13:45:52.584130 IP (tos 0xc0, ttl 1, id 29725, offset 0, flags [DF], proto TCP (6), length 71)
+ 172.18.0.2.179 > 172.18.0.3.54094: Flags [P.], cksum 0x5863 (incorrect -> 0xde39), seq 108:127, ack 108, win 510, options [nop,nop,TS val 2791089647 ecr 1161315282], length 19: BGP
+ Keepalive Message (4), length: 19
+ 11 13:45:52.584126 IP (tos 0xc0, ttl 1, id 49356, offset 0, flags [DF], proto TCP (6), length 71)
+ 172.18.0.3.54094 > 172.18.0.2.179: Flags [P.], cksum 0x5863 (incorrect -> 0xde41), seq 108:127, ack 108, win 502, options [nop,nop,TS val 1161315282 ecr 2791089647], length 19: BGP
+ Keepalive Message (4), length: 19
+ 12 13:45:52.584196 IP (tos 0xc0, ttl 1, id 29726, offset 0, flags [DF], proto TCP (6), length 52)
+ 172.18.0.2.179 > 172.18.0.3.54094: Flags [.], cksum 0x5850 (incorrect -> 0xe241), ack 127, win 510, options [nop,nop,TS val 2791089647 ecr 1161315282], length 0
+ 13 13:45:52.584196 IP (tos 0xc0, ttl 1, id 49357, offset 0, flags [DF], proto TCP (6), length 52)
+ 172.18.0.3.54094 > 172.18.0.2.179: Flags [.], cksum 0x5850 (incorrect -> 0xe249), ack 127, win 502, options [nop,nop,TS val 1161315282 ecr 2791089647], length 0
+ 14 13:45:52.585786 IP (tos 0xc0, ttl 1, id 8954, offset 0, flags [DF], proto TCP (6), length 60)
+ 172.18.0.3.45314 > 172.18.0.4.179: Flags [S], cksum 0x585a (incorrect -> 0x9b7b), seq 1914912993, win 64240, options [mss 1460,sackOK,TS val 2450416287 ecr 0,nop,wscale 7], length 0
+ 15 13:45:52.585912 IP (tos 0xc0, ttl 64, id 0, offset 0, flags [DF], proto TCP (6), length 40)
+ 172.18.0.4.179 > 172.18.0.3.45314: Flags [R.], cksum 0xf2e9 (correct), seq 0, ack 1914912994, win 0, length 0
+ 16 13:45:53.685808 IP (tos 0xc0, ttl 1, id 49358, offset 0, flags [DF], proto TCP (6), length 75)
+ 172.18.0.3.54094 > 172.18.0.2.179: Flags [P.], cksum 0x5867 (incorrect -> 0xdbc5), seq 127:150, ack 127, win 502, options [nop,nop,TS val 1161316384 ecr 2791089647], length 23: BGP
+ Update Message (2), length: 23
+ End-of-Rib Marker (empty NLRI)
+ 17 13:45:53.685905 IP (tos 0xc0, ttl 1, id 29727, offset 0, flags [DF], proto TCP (6), length 52)
+ 172.18.0.2.179 > 172.18.0.3.54094: Flags [.], cksum 0x5850 (incorrect -> 0xd98e), ack 150, win 510, options [nop,nop,TS val 2791090749 ecr 1161316384], length 0
+ 18 13:45:53.695782 IP (tos 0xc0, ttl 1, id 29728, offset 0, flags [DF], proto TCP (6), length 1662)
+ 172.18.0.2.179 > 172.18.0.3.54094: Flags [P.], cksum 0x5e9a (incorrect -> 0xc146), seq 127:1737, ack 150, win 510, options [nop,nop,TS val 2791090759 ecr 1161316384], length 1610: BGP
+ Update Message (2), length: 158
+ Multi-Protocol Reach NLRI (14), length: 13, Flags [OE]:
+ AFI: IPv4 (1), SAFI: Unicast (1)
+ nexthop: 172.18.0.2, nh-length: 4, no SNPA
+ 1.0.1.0/24
+ Origin (1), length: 1, Flags [T]: IGP
+ Multi Exit Discriminator (4), length: 4, Flags [O]: 0
+ BGPsec Path (33), length: 103, Flags [OE]:
+ Secure Path Length: 8
+ Secure Path Segment: pCount: 1, Flags: [none] (0x00), AS: 2
+ Signature Block: Length: 95, Algo ID: 1
+ Signature Segment:
+ SKI:
+ 0x0000: 0a15 fa1c b92f 4d34 95fe f0ca 9180 c0a9
+ 0x0010: 3c4a 254f
+ Length: 70
+ Signature:
+ 0x0000: 3044 0220 7e5f 7511 2da3 41b1 2fe0 9789
+ 0x0010: 2cc9 2c5a 2396 5445 955e 3e11 ac65 b660
+ 0x0020: 6441 3630 0220 2103 bd0f 5793 7b63 b6f2
+ 0x0030: 613f 1f6a 13e6 e65f 8484 b6b8 84c1 479e
+ 0x0040: 878c f668 71a4
+ Update Message (2), length: 160
+ Multi-Protocol Reach NLRI (14), length: 13, Flags [OE]:
+ AFI: IPv4 (1), SAFI: Unicast (1)
+ nexthop: 172.18.0.2, nh-length: 4, no SNPA
+ 1.0.10.0/24
+ Origin (1), length: 1, Flags [T]: IGP
+ Multi Exit Discriminator (4), length: 4, Flags [O]: 0
+ BGPsec Path (33), length: 105, Flags [OE]:
+ Secure Path Length: 8
+ Secure Path Segment: pCount: 1, Flags: [none] (0x00), AS: 2
+ Signature Block: Length: 97, Algo ID: 1
+ Signature Segment:
+ SKI:
+ 0x0000: 0a15 fa1c b92f 4d34 95fe f0ca 9180 c0a9
+ 0x0010: 3c4a 254f
+ Length: 72
+ Signature:
+ 0x0000: 3046 0221 00aa d2ca 6cf3 8568 3bc1 ddb9
+ 0x0010: 5ecf 53a2 e1dc bb76 f80b 8cc9 d3d5 f23d
+ 0x0020: e973 303c f302 2100 bff5 8cb3 a1d4 458d
+ 0x0030: aa1b b6b8 faaa ad11 0d27 54a9 c2cb 1b77
+ 0x0040: c88f ac3c 3ef0 2676
+ Update Message (2), length: 158
+ Multi-Protocol Reach NLRI (14), length: 13, Flags [OE]:
+ AFI: IPv4 (1), SAFI: Unicast (1)
+ nexthop: 172.18.0.2, nh-length: 4, no SNPA
+ 1.0.9.0/24
+ Origin (1), length: 1, Flags [T]: IGP
+ Multi Exit Discriminator (4), length: 4, Flags [O]: 0
+ BGPsec Path (33), length: 103, Flags [OE]:
+ Secure Path Length: 8
+ Secure Path Segment: pCount: 1, Flags: [none] (0x00), AS: 2
+ Signature Block: Length: 95, Algo ID: 1
+ Signature Segment:
+ SKI:
+ 0x0000: 0a15 fa1c b92f 4d34 95fe f0ca 9180 c0a9
+ 0x0010: 3c4a 254f
+ Length: 70
+ Signature:
+ 0x0000: 3044 0220 0a09 31f7 9172 940a d1df 7dd5
+ 0x0010: 5fde dc2b 0dc0 6a46 bb0f a22b 8021 f735
+ 0x0020: 98bb fd46 0220 35c7 bb54 ca67 07df 45bc
+ 0x0030: 51da dd9d 8f4c 66c7 f09b a72f 5ead 7393
+ 0x0040: 6807 96dc 01c5
+ Update Message (2), length: 160
+ Multi-Protocol Reach NLRI (14), length: 13, Flags [OE]:
+ AFI: IPv4 (1), SAFI: Unicast (1)
+ nexthop: 172.18.0.2, nh-length: 4, no SNPA
+ 1.0.8.0/24
+ Origin (1), length: 1, Flags [T]: IGP
+ Multi Exit Discriminator (4), length: 4, Flags [O]: 0
+ BGPsec Path (33), length: 105, Flags [OE]:
+ Secure Path Length: 8
+ Secure Path Segment: pCount: 1, Flags: [none] (0x00), AS: 2
+ Signature Block: Length: 97, Algo ID: 1
+ Signature Segment:
+ SKI:
+ 0x0000: 0a15 fa1c b92f 4d34 95fe f0ca 9180 c0a9
+ 0x0010: 3c4a 254f
+ Length: 72
+ Signature:
+ 0x0000: 3046 0221 0091 cce5 3628 025f 5a44 8465
+ 0x0010: 0351 d3d7 5bbe ad98 5040 49cc a0d5 373c
+ 0x0020: 7f79 3ed6 1802 2100 fe77 53d6 df6d 1d03
+ 0x0030: e096 4a05 3bbf 1765 845d f777 0cb9 ab99
+ 0x0040: d3c4 186c 3cea 8b0b
+ Update Message (2), length: 159
+ Multi-Protocol Reach NLRI (14), length: 13, Flags [OE]:
+ AFI: IPv4 (1), SAFI: Unicast (1)
+ nexthop: 172.18.0.2, nh-length: 4, no SNPA
+ 1.0.7.0/24
+ Origin (1), length: 1, Flags [T]: IGP
+ Multi Exit Discriminator (4), length: 4, Flags [O]: 0
+ BGPsec Path (33), length: 104, Flags [OE]:
+ Secure Path Length: 8
+ Secure Path Segment: pCount: 1, Flags: [none] (0x00), AS: 2
+ Signature Block: Length: 96, Algo ID: 1
+ Signature Segment:
+ SKI:
+ 0x0000: 0a15 fa1c b92f 4d34 95fe f0ca 9180 c0a9
+ 0x0010: 3c4a 254f
+ Length: 71
+ Signature:
+ 0x0000: 3045 0220 05e2 5f3f 9544 f375 6217 eaf8
+ 0x0010: 528e 65ad 24c9 74da 9f92 18fb b6c8 5720
+ 0x0020: 6dbb da29 0221 00c4 84e5 1c46 c18d c3ee
+ 0x0030: b5fd 629f c6b9 7ba5 e18e abdf 64b9 8e46
+ 0x0040: cd69 5b53 eac0 c3
+ Update Message (2), length: 158
+ Multi-Protocol Reach NLRI (14), length: 13, Flags [OE]:
+ AFI: IPv4 (1), SAFI: Unicast (1)
+ nexthop: 172.18.0.2, nh-length: 4, no SNPA
+ 1.0.6.0/24
+ Origin (1), length: 1, Flags [T]: IGP
+ Multi Exit Discriminator (4), length: 4, Flags [O]: 0
+ BGPsec Path (33), length: 103, Flags [OE]:
+ Secure Path Length: 8
+ Secure Path Segment: pCount: 1, Flags: [none] (0x00), AS: 2
+ Signature Block: Length: 95, Algo ID: 1
+ Signature Segment:
+ SKI:
+ 0x0000: 0a15 fa1c b92f 4d34 95fe f0ca 9180 c0a9
+ 0x0010: 3c4a 254f
+ Length: 70
+ Signature:
+ 0x0000: 3044 0220 7f1a edbc e643 4869 ec9c 60ac
+ 0x0010: 7d9e cb04 d4cf 1d68 4a03 aa19 f7c2 ed8a
+ 0x0020: 9d3d c37b 0220 53e8 87be b9e9 1c3a 2785
+ 0x0030: d856 022f 482f 63c6 06c9 957b a688 b0ee
+ 0x0040: 6b88 30bc ad46
+ Update Message (2), length: 158
+ Multi-Protocol Reach NLRI (14), length: 13, Flags [OE]:
+ AFI: IPv4 (1), SAFI: Unicast (1)
+ nexthop: 172.18.0.2, nh-length: 4, no SNPA
+ 1.0.5.0/24
+ Origin (1), length: 1, Flags [T]: IGP
+ Multi Exit Discriminator (4), length: 4, Flags [O]: 0
+ BGPsec Path (33), length: 103, Flags [OE]:
+ Secure Path Length: 8
+ Secure Path Segment: pCount: 1, Flags: [none] (0x00), AS: 2
+ Signature Block: Length: 95, Algo ID: 1
+ Signature Segment:
+ SKI:
+ 0x0000: 0a15 fa1c b92f 4d34 95fe f0ca 9180 c0a9
+ 0x0010: 3c4a 254f
+ Length: 70
+ Signature:
+ 0x0000: 3044 0220 65b5 609f c88b 232e c992 3daa
+ 0x0010: 8d19 9e22 43e7 e83d 378a 88c3 6636 01a5
+ 0x0020: 183a 469d 0220 6bab 77fb 4d8b 8ef8 c3cf
+ 0x0030: a206 82de 9da8 e0a1 77eb cabc 0e3d 8c49
+ 0x0040: 260e 9bc2 cf9d
+ Update Message (2), length: 158
+ Multi-Protocol Reach NLRI (14), length: 13, Flags [OE]:
+ AFI: IPv4 (1), SAFI: Unicast (1)
+ nexthop: 172.18.0.2, nh-length: 4, no SNPA
+ 1.0.4.0/24
+ Origin (1), length: 1, Flags [T]: IGP
+ Multi Exit Discriminator (4), length: 4, Flags [O]: 0
+ BGPsec Path (33), length: 103, Flags [OE]:
+ Secure Path Length: 8
+ Secure Path Segment: pCount: 1, Flags: [none] (0x00), AS: 2
+ Signature Block: Length: 95, Algo ID: 1
+ Signature Segment:
+ SKI:
+ 0x0000: 0a15 fa1c b92f 4d34 95fe f0ca 9180 c0a9
+ 0x0010: 3c4a 254f
+ Length: 70
+ Signature:
+ 0x0000: 3044 0220 7415 c8b7 7912 8968 caa9 4dfd
+ 0x0010: db4b feb1 286d e68d bc88 3930 9506 a1b8
+ 0x0020: 9e16 0919 0220 61fa 3f1e dbd1 2594 5243
+ 0x0030: 2a8c c95c 84ee 29f8 c207 b646 977c 10b3
+ 0x0040: 1d9c 3fb5 1f3f
+ Update Message (2), length: 159
+ Multi-Protocol Reach NLRI (14), length: 13, Flags [OE]:
+ AFI: IPv4 (1), SAFI: Unicast (1)
+ nexthop: 172.18.0.2, nh-length: 4, no SNPA
+ 1.0.3.0/24
+ Origin (1), length: 1, Flags [T]: IGP
+ Multi Exit Discriminator (4), length: 4, Flags [O]: 0
+ BGPsec Path (33), length: 104, Flags [OE]:
+ Secure Path Length: 8
+ Secure Path Segment: pCount: 1, Flags: [none] (0x00), AS: 2
+ Signature Block: Length: 96, Algo ID: 1
+ Signature Segment:
+ SKI:
+ 0x0000: 0a15 fa1c b92f 4d34 95fe f0ca 9180 c0a9
+ 0x0010: 3c4a 254f
+ Length: 71
+ Signature:
+ 0x0000: 3045 0220 1073 0d4c 8363 cae0 41f7 45e3
+ 0x0010: f5d0 8893 413f c095 e3f7 95eb 0aa3 4da5
+ 0x0020: a400 9c4d 0221 00b4 8e44 c4fb e5bb 77a2
+ 0x0030: e8b8 808d cd4f 3db9 94be e72c f929 5628
+ 0x0040: bc74 e99c 55af 64
+ Update Message (2), length: 159
+ Multi-Protocol Reach NLRI (14), length: 13, Flags [OE]:
+ AFI: IPv4 (1), SAFI: Unicast (1)
+ nexthop: 172.18.0.2, nh-length: 4, no SNPA
+ 1.0.2.0/24
+ Origin (1), length: 1, Flags [T]: IGP
+ Multi Exit Discriminator (4), length: 4, Flags [O]: 0
+ BGPsec Path (33), length: 104, Flags [OE]:
+ Secure Path Length: 8
+ Secure Path Segment: pCount: 1, Flags: [none] (0x00), AS: 2
+ Signature Block: Length: 96, Algo ID: 1
+ Signature Segment:
+ SKI:
+ 0x0000: 0a15 fa1c b92f 4d34 95fe f0ca 9180 c0a9
+ 0x0010: 3c4a 254f
+ Length: 71
+ Signature:
+ 0x0000: 3045 0220 7d87 e54d f871 4400 768a 3db7
+ 0x0010: acfa 55ae be23 e200 3cdf 21b6 1424 0d1e
+ 0x0020: 8831 49e3 0221 00e2 d828 edb0 0277 dc25
+ 0x0030: f4c5 aa4e 2906 74e3 aa13 6c30 f78b d415
+ 0x0040: 0e55 35ef 3fc8 70
+ Update Message (2), length: 23
+ End-of-Rib Marker (empty NLRI)
+ 19 13:45:53.695866 IP (tos 0xc0, ttl 1, id 49359, offset 0, flags [DF], proto TCP (6), length 52)
+ 172.18.0.3.54094 > 172.18.0.2.179: Flags [.], cksum 0x5850 (incorrect -> 0xd339), ack 1737, win 501, options [nop,nop,TS val 1161316394 ecr 2791090759], length 0
+ 20 13:45:56.356964 IP (tos 0xc0, ttl 1, id 59932, offset 0, flags [DF], proto TCP (6), length 60)
+ 172.18.0.4.32836 > 172.18.0.3.179: Flags [S], cksum 0x585a (incorrect -> 0x05d8), seq 2209904309, win 64240, options [mss 1460,sackOK,TS val 3983705651 ecr 0,nop,wscale 7], length 0
+ 21 13:45:56.357094 IP (tos 0xc0, ttl 255, id 0, offset 0, flags [DF], proto TCP (6), length 60)
+ 172.18.0.3.179 > 172.18.0.4.32836: Flags [S.], cksum 0x585a (incorrect -> 0xe537), seq 994631237, ack 2209904310, win 65160, options [mss 1460,sackOK,TS val 2450420058 ecr 3983705651,nop,wscale 7], length 0
+ 22 13:45:56.357166 IP (tos 0xc0, ttl 1, id 59933, offset 0, flags [DF], proto TCP (6), length 52)
+ 172.18.0.4.32836 > 172.18.0.3.179: Flags [.], cksum 0x5852 (incorrect -> 0x1097), ack 1, win 502, options [nop,nop,TS val 3983705651 ecr 2450420058], length 0
+ 23 13:45:56.358934 IP (tos 0xc0, ttl 1, id 52957, offset 0, flags [DF], proto TCP (6), length 159)
+ 172.18.0.3.179 > 172.18.0.4.32836: Flags [P.], cksum 0x58bd (incorrect -> 0x2481), seq 1:108, ack 1, win 510, options [nop,nop,TS val 2450420060 ecr 3983705651], length 107: BGP
+ Open Message (1), length: 107
+ Version 4, my AS 3, Holdtime 180s, ID 172.18.0.3
+ Optional parameters, length: 78
+ Option Capabilities Advertisement (2), length: 6
+ Multiprotocol Extensions (1), length: 4
+ AFI IPv4 (1), SAFI Unicast (1)
+ Option Capabilities Advertisement (2), length: 2
+ Route Refresh (Cisco) (128), length: 0
+ Option Capabilities Advertisement (2), length: 2
+ Route Refresh (2), length: 0
+ Option Capabilities Advertisement (2), length: 2
+ Enhanced Route Refresh (70), length: 0
+ Option Capabilities Advertisement (2), length: 6
+ 32-Bit AS Number (65), length: 4
+ 4 Byte AS 3
+ Option Capabilities Advertisement (2), length: 2
+ BGP Extended Message (6), length: 0
+ Option Capabilities Advertisement (2), length: 6
+ Multiple Paths (69), length: 4
+ AFI IPv4 (1), SAFI Unicast (1), Send/Receive: Receive
+ Option Capabilities Advertisement (2), length: 9
+ Unknown (73), length: 7
+ no decoder for Capability 73
+ 0x0000: 0562 6770 6432 00
+ Option Capabilities Advertisement (2), length: 5
+ BGPsec (7), length: 3
+ Version 0, Direction Send (1), AFI IPv4 (1)
+ Option Capabilities Advertisement (2), length: 5
+ BGPsec (7), length: 3
+ Version 0, Direction Receive (0), AFI IPv4 (1)
+ Option Capabilities Advertisement (2), length: 5
+ BGPsec (7), length: 3
+ Version 0, Direction Send (1), AFI IPv6 (2)
+ Option Capabilities Advertisement (2), length: 4
+ Graceful Restart (64), length: 2
+ Restart Flags: [R], Restart Time 120s
+ 24 13:45:56.359049 IP (tos 0xc0, ttl 1, id 59934, offset 0, flags [DF], proto TCP (6), length 52)
+ 172.18.0.4.32836 > 172.18.0.3.179: Flags [.], cksum 0x5852 (incorrect -> 0x1028), ack 108, win 502, options [nop,nop,TS val 3983705653 ecr 2450420060], length 0
+ 25 13:45:56.359710 IP (tos 0xc0, ttl 1, id 59935, offset 0, flags [DF], proto TCP (6), length 159)
+ 172.18.0.4.32836 > 172.18.0.3.179: Flags [P.], cksum 0x58bd (incorrect -> 0x2219), seq 1:108, ack 108, win 502, options [nop,nop,TS val 3983705654 ecr 2450420060], length 107: BGP
+ Open Message (1), length: 107
+ Version 4, my AS 4, Holdtime 180s, ID 172.18.0.4
+ Optional parameters, length: 78
+ Option Capabilities Advertisement (2), length: 6
+ Multiprotocol Extensions (1), length: 4
+ AFI IPv4 (1), SAFI Unicast (1)
+ Option Capabilities Advertisement (2), length: 2
+ Route Refresh (Cisco) (128), length: 0
+ Option Capabilities Advertisement (2), length: 2
+ Route Refresh (2), length: 0
+ Option Capabilities Advertisement (2), length: 2
+ Enhanced Route Refresh (70), length: 0
+ Option Capabilities Advertisement (2), length: 6
+ 32-Bit AS Number (65), length: 4
+ 4 Byte AS 4
+ Option Capabilities Advertisement (2), length: 2
+ BGP Extended Message (6), length: 0
+ Option Capabilities Advertisement (2), length: 6
+ Multiple Paths (69), length: 4
+ AFI IPv4 (1), SAFI Unicast (1), Send/Receive: Receive
+ Option Capabilities Advertisement (2), length: 9
+ Unknown (73), length: 7
+ no decoder for Capability 73
+ 0x0000: 0562 6770 6433 00
+ Option Capabilities Advertisement (2), length: 5
+ BGPsec (7), length: 3
+ Version 0, Direction Send (1), AFI IPv4 (1)
+ Option Capabilities Advertisement (2), length: 5
+ BGPsec (7), length: 3
+ Version 0, Direction Receive (0), AFI IPv4 (1)
+ Option Capabilities Advertisement (2), length: 5
+ BGPsec (7), length: 3
+ Version 0, Direction Send (1), AFI IPv6 (2)
+ Option Capabilities Advertisement (2), length: 4
+ Graceful Restart (64), length: 2
+ Restart Flags: [R], Restart Time 120s
+ 26 13:45:56.359726 IP (tos 0xc0, ttl 1, id 52958, offset 0, flags [DF], proto TCP (6), length 52)
+ 172.18.0.3.179 > 172.18.0.4.32836: Flags [.], cksum 0x5852 (incorrect -> 0x0fb3), ack 108, win 510, options [nop,nop,TS val 2450420061 ecr 3983705654], length 0
+ 27 13:45:56.359883 IP (tos 0xc0, ttl 1, id 52959, offset 0, flags [DF], proto TCP (6), length 71)
+ 172.18.0.3.179 > 172.18.0.4.32836: Flags [P.], cksum 0x5865 (incorrect -> 0x0b85), seq 108:127, ack 108, win 510, options [nop,nop,TS val 2450420061 ecr 3983705654], length 19: BGP
+ Keepalive Message (4), length: 19
+ 28 13:45:56.359886 IP (tos 0xc0, ttl 1, id 59936, offset 0, flags [DF], proto TCP (6), length 71)
+ 172.18.0.4.32836 > 172.18.0.3.179: Flags [P.], cksum 0x5865 (incorrect -> 0x0b8d), seq 108:127, ack 108, win 502, options [nop,nop,TS val 3983705654 ecr 2450420061], length 19: BGP
+ Keepalive Message (4), length: 19
+ 29 13:45:56.359901 IP (tos 0xc0, ttl 1, id 52960, offset 0, flags [DF], proto TCP (6), length 52)
+ 172.18.0.3.179 > 172.18.0.4.32836: Flags [.], cksum 0x5852 (incorrect -> 0x0f8d), ack 127, win 510, options [nop,nop,TS val 2450420061 ecr 3983705654], length 0
+ 30 13:45:56.359926 IP (tos 0xc0, ttl 1, id 59937, offset 0, flags [DF], proto TCP (6), length 52)
+ 172.18.0.4.32836 > 172.18.0.3.179: Flags [.], cksum 0x5852 (incorrect -> 0x0f95), ack 127, win 502, options [nop,nop,TS val 3983705654 ecr 2450420061], length 0
+ 31 13:45:56.360322 IP (tos 0xc0, ttl 1, id 6237, offset 0, flags [DF], proto TCP (6), length 60)
+ 172.18.0.4.38322 > 172.18.0.5.179: Flags [S], cksum 0x585c (incorrect -> 0xc38f), seq 2729165046, win 64240, options [mss 1460,sackOK,TS val 1672860564 ecr 0,nop,wscale 7], length 0
+ 32 13:45:56.360364 IP (tos 0xc0, ttl 64, id 0, offset 0, flags [DF], proto TCP (6), length 40)
+ 172.18.0.5.179 > 172.18.0.4.38322: Flags [R.], cksum 0x5d9a (correct), seq 0, ack 2729165047, win 0, length 0
+ 33 13:45:57.460725 IP (tos 0xc0, ttl 1, id 59938, offset 0, flags [DF], proto TCP (6), length 75)
+ 172.18.0.4.32836 > 172.18.0.3.179: Flags [P.], cksum 0x5869 (incorrect -> 0x0912), seq 127:150, ack 127, win 502, options [nop,nop,TS val 3983706755 ecr 2450420061], length 23: BGP
+ Update Message (2), length: 23
+ End-of-Rib Marker (empty NLRI)
+ 34 13:45:57.460843 IP (tos 0xc0, ttl 1, id 52961, offset 0, flags [DF], proto TCP (6), length 52)
+ 172.18.0.3.179 > 172.18.0.4.32836: Flags [.], cksum 0x5852 (incorrect -> 0x06dc), ack 150, win 510, options [nop,nop,TS val 2450421162 ecr 3983706755], length 0
+ 35 13:45:57.523627 IP (tos 0xc0, ttl 1, id 52962, offset 0, flags [DF], proto TCP (6), length 2582)
+ 172.18.0.3.179 > 172.18.0.4.32836: Flags [P.], cksum 0x6234 (incorrect -> 0xda51), seq 127:2657, ack 150, win 510, options [nop,nop,TS val 2450421225 ecr 3983706755], length 2530: BGP
+ Update Message (2), length: 250
+ Multi-Protocol Reach NLRI (14), length: 13, Flags [OE]:
+ AFI: IPv4 (1), SAFI: Unicast (1)
+ nexthop: 172.18.0.2, nh-length: 4, no SNPA
+ 1.0.1.0/24
+ Origin (1), length: 1, Flags [T]: IGP
+ BGPsec Path (33), length: 202, Flags [OE]:
+ Secure Path Length: 14
+ Secure Path Segment: pCount: 1, Flags: [none] (0x00), AS: 3
+ Secure Path Segment: pCount: 1, Flags: [none] (0x00), AS: 2
+ Signature Block: Length: 188, Algo ID: 1
+ Signature Segment:
+ SKI:
+ 0x0000: 0ca0 6bdf c294 88fa 1a7f 4a47 93f3 a940
+ 0x0010: 10a8 0f97
+ Length: 71
+ Signature:
+ 0x0000: 3045 0221 00d5 9ec6 6346 2826 f329 b960
+ 0x0010: c898 c635 a89d 4fa1 5219 d000 32df ee1a
+ 0x0020: 5da1 49a0 e202 204a 8331 61a0 8a04 4a1b
+ 0x0030: 10cc 85b4 883c a7ff 9c73 43c0 5fc9 2633
+ 0x0040: 97b9 830d d2ca 75
+ Signature Segment:
+ SKI:
+ 0x0000: 0a15 fa1c b92f 4d34 95fe f0ca 9180 c0a9
+ 0x0010: 3c4a 254f
+ Length: 70
+ Signature:
+ 0x0000: 3044 0220 7e5f 7511 2da3 41b1 2fe0 9789
+ 0x0010: 2cc9 2c5a 2396 5445 955e 3e11 ac65 b660
+ 0x0020: 6441 3630 0220 2103 bd0f 5793 7b63 b6f2
+ 0x0030: 613f 1f6a 13e6 e65f 8484 b6b8 84c1 479e
+ 0x0040: 878c f668 71a4
+ Update Message (2), length: 252
+ Multi-Protocol Reach NLRI (14), length: 13, Flags [OE]:
+ AFI: IPv4 (1), SAFI: Unicast (1)
+ nexthop: 172.18.0.2, nh-length: 4, no SNPA
+ 1.0.10.0/24
+ Origin (1), length: 1, Flags [T]: IGP
+ BGPsec Path (33), length: 204, Flags [OE]:
+ Secure Path Length: 14
+ Secure Path Segment: pCount: 1, Flags: [none] (0x00), AS: 3
+ Secure Path Segment: pCount: 1, Flags: [none] (0x00), AS: 2
+ Signature Block: Length: 190, Algo ID: 1
+ Signature Segment:
+ SKI:
+ 0x0000: 0ca0 6bdf c294 88fa 1a7f 4a47 93f3 a940
+ 0x0010: 10a8 0f97
+ Length: 71
+ Signature:
+ 0x0000: 3045 0220 6397 a10f 4e63 04df 9f54 e32d
+ 0x0010: 801c fa8c 024a 319a 76cd 10b6 4a41 03b2
+ 0x0020: 47b2 8835 0221 00e2 2ed8 3acb d650 fc0c
+ 0x0030: 5057 2aac 8c8b 909c f5d9 fe51 d921 c539
+ 0x0040: 083d da53 ffff 63
+ Signature Segment:
+ SKI:
+ 0x0000: 0a15 fa1c b92f 4d34 95fe f0ca 9180 c0a9
+ 0x0010: 3c4a 254f
+ Length: 72
+ Signature:
+ 0x0000: 3046 0221 00aa d2ca 6cf3 8568 3bc1 ddb9
+ 0x0010: 5ecf 53a2 e1dc bb76 f80b 8cc9 d3d5 f23d
+ 0x0020: e973 303c f302 2100 bff5 8cb3 a1d4 458d
+ 0x0030: aa1b b6b8 faaa ad11 0d27 54a9 c2cb 1b77
+ 0x0040: c88f ac3c 3ef0 2676
+ Update Message (2), length: 249
+ Multi-Protocol Reach NLRI (14), length: 13, Flags [OE]:
+ AFI: IPv4 (1), SAFI: Unicast (1)
+ nexthop: 172.18.0.2, nh-length: 4, no SNPA
+ 1.0.9.0/24
+ Origin (1), length: 1, Flags [T]: IGP
+ BGPsec Path (33), length: 201, Flags [OE]:
+ Secure Path Length: 14
+ Secure Path Segment: pCount: 1, Flags: [none] (0x00), AS: 3
+ Secure Path Segment: pCount: 1, Flags: [none] (0x00), AS: 2
+ Signature Block: Length: 187, Algo ID: 1
+ Signature Segment:
+ SKI:
+ 0x0000: 0ca0 6bdf c294 88fa 1a7f 4a47 93f3 a940
+ 0x0010: 10a8 0f97
+ Length: 70
+ Signature:
+ 0x0000: 3044 0220 7a44 089c 6460 dfbf b5a8 d951
+ 0x0010: 088d 7c39 0f67 f78c e457 182e c5e1 5a1f
+ 0x0020: 95f5 7a35 0220 47d3 7d2c c110 f829 c6a2
+ 0x0030: 16dc 369e e371 fe23 9536 f122 eb5c a4ad
+ 0x0040: 3d68 7fb0 44cb
+ Signature Segment:
+ SKI:
+ 0x0000: 0a15 fa1c b92f 4d34 95fe f0ca 9180 c0a9
+ 0x0010: 3c4a 254f
+ Length: 70
+ Signature:
+ 0x0000: 3044 0220 0a09 31f7 9172 940a d1df 7dd5
+ 0x0010: 5fde dc2b 0dc0 6a46 bb0f a22b 8021 f735
+ 0x0020: 98bb fd46 0220 35c7 bb54 ca67 07df 45bc
+ 0x0030: 51da dd9d 8f4c 66c7 f09b a72f 5ead 7393
+ 0x0040: 6807 96dc 01c5
+ Update Message (2), length: 253
+ Multi-Protocol Reach NLRI (14), length: 13, Flags [OE]:
+ AFI: IPv4 (1), SAFI: Unicast (1)
+ nexthop: 172.18.0.2, nh-length: 4, no SNPA
+ 1.0.8.0/24
+ Origin (1), length: 1, Flags [T]: IGP
+ BGPsec Path (33), length: 205, Flags [OE]:
+ Secure Path Length: 14
+ Secure Path Segment: pCount: 1, Flags: [none] (0x00), AS: 3
+ Secure Path Segment: pCount: 1, Flags: [none] (0x00), AS: 2
+ Signature Block: Length: 191, Algo ID: 1
+ Signature Segment:
+ SKI:
+ 0x0000: 0ca0 6bdf c294 88fa 1a7f 4a47 93f3 a940
+ 0x0010: 10a8 0f97
+ Length: 72
+ Signature:
+ 0x0000: 3046 0221 0085 4894 249d 57a5 53c5 b00f
+ 0x0010: 2059 df1c b425 db15 fbe5 7f07 9904 5e1b
+ 0x0020: be06 9f0a cc02 2100 c6cc 1be0 c5a8 07fb
+ 0x0030: 18f3 c3c4 8cfc 02e3 e35e ff23 ceda aa0e
+ 0x0040: e667 a2c9 e4e6 689e
+ Signature Segment:
+ SKI:
+ 0x0000: 0a15 fa1c b92f 4d34 95fe f0ca 9180 c0a9
+ 0x0010: 3c4a 254f
+ Length: 72
+ Signature:
+ 0x0000: 3046 0221 0091 cce5 3628 025f 5a44 8465
+ 0x0010: 0351 d3d7 5bbe ad98 5040 49cc a0d5 373c
+ 0x0020: 7f79 3ed6 1802 2100 fe77 53d6 df6d 1d03
+ 0x0030: e096 4a05 3bbf 1765 845d f777 0cb9 ab99
+ 0x0040: d3c4 186c 3cea 8b0b
+ Update Message (2), length: 251
+ Multi-Protocol Reach NLRI (14), length: 13, Flags [OE]:
+ AFI: IPv4 (1), SAFI: Unicast (1)
+ nexthop: 172.18.0.2, nh-length: 4, no SNPA
+ 1.0.7.0/24
+ Origin (1), length: 1, Flags [T]: IGP
+ BGPsec Path (33), length: 203, Flags [OE]:
+ Secure Path Length: 14
+ Secure Path Segment: pCount: 1, Flags: [none] (0x00), AS: 3
+ Secure Path Segment: pCount: 1, Flags: [none] (0x00), AS: 2
+ Signature Block: Length: 189, Algo ID: 1
+ Signature Segment:
+ SKI:
+ 0x0000: 0ca0 6bdf c294 88fa 1a7f 4a47 93f3 a940
+ 0x0010: 10a8 0f97
+ Length: 71
+ Signature:
+ 0x0000: 3045 0220 75de f062 9ba6 9a02 75d8 78c0
+ 0x0010: d5d7 4b04 0929 e81b 477f 6260 909c fbc7
+ 0x0020: 906c d1c8 0221 0083 9ce1 00ca 7546 ef95
+ 0x0030: 2667 2525 7457 aa25 0bb6 5eee 1eb5 2374
+ 0x0040: b7bd bc79 f8d6 19
+ Signature Segment:
+ SKI:
+ 0x0000: 0a15 fa1c b92f 4d34 95fe f0ca 9180 c0a9
+ 0x0010: 3c4a 254f
+ Length: 71
+ Signature:
+ 0x0000: 3045 0220 05e2 5f3f 9544 f375 6217 eaf8
+ 0x0010: 528e 65ad 24c9 74da 9f92 18fb b6c8 5720
+ 0x0020: 6dbb da29 0221 00c4 84e5 1c46 c18d c3ee
+ 0x0030: b5fd 629f c6b9 7ba5 e18e abdf 64b9 8e46
+ 0x0040: cd69 5b53 eac0 c3
+ Update Message (2), length: 250
+ Multi-Protocol Reach NLRI (14), length: 13, Flags [OE]:
+ AFI: IPv4 (1), SAFI: Unicast (1)
+ nexthop: 172.18.0.2, nh-length: 4, no SNPA
+ 1.0.6.0/24
+ Origin (1), length: 1, Flags [T]: IGP
+ BGPsec Path (33), length: 202, Flags [OE]:
+ Secure Path Length: 14
+ Secure Path Segment: pCount: 1, Flags: [none] (0x00), AS: 3
+ Secure Path Segment: pCount: 1, Flags: [none] (0x00), AS: 2
+ Signature Block: Length: 188, Algo ID: 1
+ Signature Segment:
+ SKI:
+ 0x0000: 0ca0 6bdf c294 88fa 1a7f 4a47 93f3 a940
+ 0x0010: 10a8 0f97
+ Length: 71
+ Signature:
+ 0x0000: 3045 0220 594c bc47 1182 94ab e269 ddd6
+ 0x0010: b751 3a4b 1077 441b e5c9 3357 4194 7e01
+ 0x0020: edb3 a121 0221 00f3 be50 cd41 db62 5a24
+ 0x0030: b317 6ba4 1d4d 4f34 befa a0e5 3515 41f8
+ 0x0040: 0b5b 9032 4860 a6
+ Signature Segment:
+ SKI:
+ 0x0000: 0a15 fa1c b92f 4d34 95fe f0ca 9180 c0a9
+ 0x0010: 3c4a 254f
+ Length: 70
+ Signature:
+ 0x0000: 3044 0220 7f1a edbc e643 4869 ec9c 60ac
+ 0x0010: 7d9e cb04 d4cf 1d68 4a03 aa19 f7c2 ed8a
+ 0x0020: 9d3d c37b 0220 53e8 87be b9e9 1c3a 2785
+ 0x0030: d856 022f 482f 63c6 06c9 957b a688 b0ee
+ 0x0040: 6b88 30bc ad46
+ Update Message (2), length: 250
+ Multi-Protocol Reach NLRI (14), length: 13, Flags [OE]:
+ AFI: IPv4 (1), SAFI: Unicast (1)
+ nexthop: 172.18.0.2, nh-length: 4, no SNPA
+ 1.0.5.0/24
+ Origin (1), length: 1, Flags [T]: IGP
+ BGPsec Path (33), length: 202, Flags [OE]:
+ Secure Path Length: 14
+ Secure Path Segment: pCount: 1, Flags: [none] (0x00), AS: 3
+ Secure Path Segment: pCount: 1, Flags: [none] (0x00), AS: 2
+ Signature Block: Length: 188, Algo ID: 1
+ Signature Segment:
+ SKI:
+ 0x0000: 0ca0 6bdf c294 88fa 1a7f 4a47 93f3 a940
+ 0x0010: 10a8 0f97
+ Length: 71
+ Signature:
+ 0x0000: 3045 0221 00a6 82a5 78ea 9069 7156 5c1b
+ 0x0010: fb82 8250 5861 c13c ba7b c9a5 6c20 8f58
+ 0x0020: 12e9 02d7 ae02 2066 87a8 78ee 0041 009d
+ 0x0030: 5480 ce6d 0f57 2bae 4198 7aee 7156 f555
+ 0x0040: 03b2 5bb2 110b 5c
+ Signature Segment:
+ SKI:
+ 0x0000: 0a15 fa1c b92f 4d34 95fe f0ca 9180 c0a9
+ 0x0010: 3c4a 254f
+ Length: 70
+ Signature:
+ 0x0000: 3044 0220 65b5 609f c88b 232e c992 3daa
+ 0x0010: 8d19 9e22 43e7 e83d 378a 88c3 6636 01a5
+ 0x0020: 183a 469d 0220 6bab 77fb 4d8b 8ef8 c3cf
+ 0x0030: a206 82de 9da8 e0a1 77eb cabc 0e3d 8c49
+ 0x0040: 260e 9bc2 cf9d
+ Update Message (2), length: 250
+ Multi-Protocol Reach NLRI (14), length: 13, Flags [OE]:
+ AFI: IPv4 (1), SAFI: Unicast (1)
+ nexthop: 172.18.0.2, nh-length: 4, no SNPA
+ 1.0.4.0/24
+ Origin (1), length: 1, Flags [T]: IGP
+ BGPsec Path (33), length: 202, Flags [OE]:
+ Secure Path Length: 14
+ Secure Path Segment: pCount: 1, Flags: [none] (0x00), AS: 3
+ Secure Path Segment: pCount: 1, Flags: [none] (0x00), AS: 2
+ Signature Block: Length: 188, Algo ID: 1
+ Signature Segment:
+ SKI:
+ 0x0000: 0ca0 6bdf c294 88fa 1a7f 4a47 93f3 a940
+ 0x0010: 10a8 0f97
+ Length: 71
+ Signature:
+ 0x0000: 3045 0220 053f d166 2455 ff75 71fe 7fa9
+ 0x0010: a7a7 04d9 0d7b 663f 41c2 8d8c c4f3 1819
+ 0x0020: 7d49 d6bd 0221 00dc 88fb 3f3c cd81 ac69
+ 0x0030: 52e2 e4fb d14f f589 8207 471f 7e37 f870
+ 0x0040: bb29 6d09 2f86 19
+ Signature Segment:
+ SKI:
+ 0x0000: 0a15 fa1c b92f 4d34 95fe f0ca 9180 c0a9
+ 0x0010: 3c4a 254f
+ Length: 70
+ Signature:
+ 0x0000: 3044 0220 7415 c8b7 7912 8968 caa9 4dfd
+ 0x0010: db4b feb1 286d e68d bc88 3930 9506 a1b8
+ 0x0020: 9e16 0919 0220 61fa 3f1e dbd1 2594 5243
+ 0x0030: 2a8c c95c 84ee 29f8 c207 b646 977c 10b3
+ 0x0040: 1d9c 3fb5 1f3f
+ Update Message (2), length: 251
+ Multi-Protocol Reach NLRI (14), length: 13, Flags [OE]:
+ AFI: IPv4 (1), SAFI: Unicast (1)
+ nexthop: 172.18.0.2, nh-length: 4, no SNPA
+ 1.0.3.0/24
+ Origin (1), length: 1, Flags [T]: IGP
+ BGPsec Path (33), length: 203, Flags [OE]:
+ Secure Path Length: 14
+ Secure Path Segment: pCount: 1, Flags: [none] (0x00), AS: 3
+ Secure Path Segment: pCount: 1, Flags: [none] (0x00), AS: 2
+ Signature Block: Length: 189, Algo ID: 1
+ Signature Segment:
+ SKI:
+ 0x0000: 0ca0 6bdf c294 88fa 1a7f 4a47 93f3 a940
+ 0x0010: 10a8 0f97
+ Length: 71
+ Signature:
+ 0x0000: 3045 0221 0083 b2b1 b64c 8370 e11b 5d41
+ 0x0010: 5234 7e42 6c40 ac59 314e dbd7 50df a43c
+ 0x0020: 4af5 ce7c e702 202b 7a87 d510 a632 580c
+ 0x0030: fc80 c4e4 d318 a09f 226e 72a9 8c8e aade
+ 0x0040: 6593 2659 5894 6b
+ Signature Segment:
+ SKI:
+ 0x0000: 0a15 fa1c b92f 4d34 95fe f0ca 9180 c0a9
+ 0x0010: 3c4a 254f
+ Length: 71
+ Signature:
+ 0x0000: 3045 0220 1073 0d4c 8363 cae0 41f7 45e3
+ 0x0010: f5d0 8893 413f c095 e3f7 95eb 0aa3 4da5
+ 0x0020: a400 9c4d 0221 00b4 8e44 c4fb e5bb 77a2
+ 0x0030: e8b8 808d cd4f 3db9 94be e72c f929 5628
+ 0x0040: bc74 e99c 55af 64
+ Update Message (2), length: 251
+ Multi-Protocol Reach NLRI (14), length: 13, Flags [OE]:
+ AFI: IPv4 (1), SAFI: Unicast (1)
+ nexthop: 172.18.0.2, nh-length: 4, no SNPA
+ 1.0.2.0/24
+ Origin (1), length: 1, Flags [T]: IGP
+ BGPsec Path (33), length: 203, Flags [OE]:
+ Secure Path Length: 14
+ Secure Path Segment: pCount: 1, Flags: [none] (0x00), AS: 3
+ Secure Path Segment: pCount: 1, Flags: [none] (0x00), AS: 2
+ Signature Block: Length: 189, Algo ID: 1
+ Signature Segment:
+ SKI:
+ 0x0000: 0ca0 6bdf c294 88fa 1a7f 4a47 93f3 a940
+ 0x0010: 10a8 0f97
+ Length: 71
+ Signature:
+ 0x0000: 3045 0221 0087 24ba eae1 09bc a23a c0f1
+ 0x0010: 794c e301 3bab 329b 7c23 5e0a a0fd a4ca
+ 0x0020: 0afe 736c ef02 203b 42ff c318 7568 16bb
+ 0x0030: 3e88 0796 7379 db4f a83c fd56 1821 28d2
+ 0x0040: b78a 6ec7 145e 75
+ Signature Segment:
+ SKI:
+ 0x0000: 0a15 fa1c b92f 4d34 95fe f0ca 9180 c0a9
+ 0x0010: 3c4a 254f
+ Length: 71
+ Signature:
+ 0x0000: 3045 0220 7d87 e54d f871 4400 768a 3db7
+ 0x0010: acfa 55ae be23 e200 3cdf 21b6 1424 0d1e
+ 0x0020: 8831 49e3 0221 00e2 d828 edb0 0277 dc25
+ 0x0030: f4c5 aa4e 2906 74e3 aa13 6c30 f78b d415
+ 0x0040: 0e55 35ef 3fc8 70
+ Update Message (2), length: 23
+ End-of-Rib Marker (empty NLRI)
+ 36 13:45:57.523797 IP (tos 0xc0, ttl 1, id 59939, offset 0, flags [DF], proto TCP (6), length 52)
+ 172.18.0.4.32836 > 172.18.0.3.179: Flags [.], cksum 0x5852 (incorrect -> 0xfc87), ack 2657, win 498, options [nop,nop,TS val 3983706818 ecr 2450421225], length 0
diff --git a/tests/bgp-bgpsec.pcap b/tests/bgp-bgpsec.pcap
new file mode 100644
index 00000000..b2ae6a93
--- /dev/null
+++ b/tests/bgp-bgpsec.pcap
Binary files differ
View Lorry Controller Status