ideas for additional checks

Question

ideas for additional checks

tcatm opened this issue 9 years ago · 4 comments

tcatm commented 9 years ago

check whether icvpn IPs are within transfer net
check whether BGP ipv4 and ipv6 "match"
check whether community range lies outside of transfer net

Answer 1 · 2015-01-12T19:03:31.000Z

Maybe we should add a check for overlapping community ip ranges too.

Answer 2 · 2015-01-12T19:08:53.000Z

@booo: That was one of the first checks I wrote.

Answer 3 · 2015-01-12T20:52:39.000Z

What are the rules for "matching" BGP IPv4 and IPv6 addresses?

I thought at least they should have the same last byte, but when I ran it this mostly was not the case:

Last bytes of BGP addresses differ between protocols:{17, 10} (augsburg)
Last bytes of BGP addresses differ between protocols:{25, 28} (bayreuth)
Last bytes of BGP addresses differ between protocols:{89, 59} (bielefeld)
Last bytes of BGP addresses differ between protocols:{96, 67} (bielefeld)
Last bytes of BGP addresses differ between protocols:{24, 218} (darmstadt)
Last bytes of BGP addresses differ between protocols:{25, 219} (darmstadt)
Last bytes of BGP addresses differ between protocols:{26, 12} (diepholz)
Last bytes of BGP addresses differ between protocols:{72, 188} (dreilaendereck)
Last bytes of BGP addresses differ between protocols:{75, 190} (dreilaendereck)
Last bytes of BGP addresses differ between protocols:{74, 186} (dreilaendereck)
Last bytes of BGP addresses differ between protocols:{2, 20} (dresden)
Last bytes of BGP addresses differ between protocols:{1, 19} (dresden)
Last bytes of BGP addresses differ between protocols:{45, 69} (ehingen)
Last bytes of BGP addresses differ between protocols:{128, 17} (flensburg)
Last bytes of BGP addresses differ between protocols:{16, 129} (flensburg)
Last bytes of BGP addresses differ between protocols:{33, 21} (freiburg)
Last bytes of BGP addresses differ between protocols:{65, 1} (goettingen)
Last bytes of BGP addresses differ between protocols:{57, 87} (kbu)
Last bytes of BGP addresses differ between protocols:{48, 30} (ljubljana)
Last bytes of BGP addresses differ between protocols:{35, 23} (ljubljana)
Last bytes of BGP addresses differ between protocols:{120, 32} (monitoringmoehne)
Last bytes of BGP addresses differ between protocols:{43, 67} (muenster)
Last bytes of BGP addresses differ between protocols:{66, 142} (rhein-neckar)
Last bytes of BGP addresses differ between protocols:{9, 79} (ruhrgebiet)
Last bytes of BGP addresses differ between protocols:{85, 55} (vfnnrw)
Last bytes of BGP addresses differ between protocols:{73, 113} (wuppertal)

Answer 4 · 2015-01-12T22:45:56.000Z

I implemented the check nonetheless (with the padding with zeroes to 16 bits in IPv6, or more precisely: the last half of the host part of the address has to match, i.e. 16 bits in IPv6 and 8 bits in IPv4).

I will do some refactoring (and already have done some) in order to introduce warnings and thus make the existing problems ignorable.

Until more ideas for checks pop up, I'll close this issue.