BIRD BGP: Unexpected connect from unknown address

Posted byVyacheslav Leave a comment on BIRD BGP: Unexpected connect from unknown address

Once I set it up on a new BIRD server and noticed entries in the logs:

<WARN> BGP: Unexpected connect from unknown address X.X.X.X (port XXXXX)

The message occurs due to the fact that the BGP port is publicly open, for security it should be opened only by BGP neighbors, for example:

iptables -A INPUT -p tcp -s X.X.X.1 --dport 179 -j ACCEPT
iptables -A INPUT -p tcp --dport 179 -j DROP

After allowing rules, the last one must be DROP.
An example of adding new neighbors:

iptables -D INPUT -p tcp --dport 179 -j DROP
iptables -A INPUT -p tcp -s X.X.X.2 --dport 179 -j ACCEPT
iptables -A INPUT -p tcp --dport 179 -j DROP

From a third-party server, check which ports are publicly open:

nmap -p 1-65000 X.X.X.X

See also my articles:
IPTables Rules for BGP
Installing and configuring BIRD (BGP)

Leave a comment

Leave a Reply