BGP looping

Similar Messages

• BGP AS numbers?

  We have 50+ sites on our MPLS network. All are connected quite successfully and all have a completely individual private AS number eg router bgp 65001
  We are about to bring a new site online and our telco provider has given us the details but this time with an AS number that we have on another site.
  When I spotted this and pointed it out, our provider said that it was ok for our sites to have the same AS number and they didn't have to be unique to each site.
  Is this correct?

  Hi Louis,
  It might work, it all depends on the kind of solution you've got in your network.
  We all know that BGP loop prevention mechanism works checking the AS-path of the packet and it compares it with your AS. If any of the AS written in the AS-path match with your AS the update will be discarded and your router will not learn that update.
  This might represent some problems with LantoLan communications.
  According to that, you can use some features that BGP have:
  BGP allowas-in: (http://www.cisco.com/c/en/us/support/docs/ip/border-gateway-protocol-bgp/112236-allowas-in-bgp-config-example.html)
  BGP as-override: (https://supportforums.cisco.com/document/87671/understanding-bgp-override-feature)
  You can use any of them depending on your network needs.
  I Hope this information could be useful to you.
  Sorry about my english.

• Loop in MPLS

  Hi,
  Here is the standard MPLS network with vrf INTERNET:
  PE2--P2--P1--PE1--INTERNET
  |
  CPE
  PE1-routes
  ip route vrf INTERNET 0.0.0.0 0.0.0.0 --> PE1
  IP route vrf INTERNET 0.0.0.0 0.0.0.0 -- > INTERNET
  vrf INTERNET 10.10.0.0/16 connected
  192.168.0.5 is loopback for MP-BGP
  PE2-routes
  ip route vrf INTERNET 0.0.0.0 0.0.0.0 --> PE1
  ip route vrf INTERNET 111.111.111.111 255.255.255.255 10.10.0.10
  Route on PE2:
  ip route vrf INTERNET 111.111.111.111 255.255.255.255 10.10.0.10 is misconfigured because nexthop is from network 10.10.0.0/16 which is directly is connected on PE1, and address 111.111.111.111 is not active
  When I start the ping from CPE to 111.111.111.111 route on PE1 sends packet via P1, and P2 to PE2. PE2 has route that recursively points back to PE1. Ofcourse there is LOOP in routing network.
  All devices except CPE are Cisco7600
  Here are the questions:
  1) With only one continuous PING packet-size 1500Bytes from CPE toward address 111.111.111.111 link utilisation P1-P2 goes up to 150Mbps. And with pings from more CPEs link utilisation rises. Why TTL doesn't prevent increasing of link utilisation?
  2) CPU on PE2 goes up to 70-80%. Shouln't Cisco 7600 forward packets in hardware? Or maybe recursive lookup is done with CPU?
  output from PE2:
  Sh ip route vrf INTERNET 111.111.111.111
  Routing entry for 111.111.111.111/32
  Known via "static", distance 1, metric 0
  Redistributing via bgp 65001
  Advertised by bgp 65001
  Routing Descriptor Blocks:
  * 10.10.0.10
  Route metric is 0, traffic share count is 1
  PE2#sh ip route vrf INTERNET 10.10.0.10
  Routing entry for 10.10.0.0/16
  Known via "bgp 65001", distance 200, metric 0, type internal
  Last update from 192.168.0.5 6d17h ago
  Routing Descriptor Blocks:
  * 192.168.0.5 (Default-IP-Routing-Table), from 192.168.0.5, 6d17h ago
  Route metric is 0, traffic share count is 1
  AS Hops 0
  Regards,
  A

  sorry, I made a mistake.
  CPE is connected to PE1 like this:
  PE2--P2--P1--PE1--INTERNET
  |
  CPE

• BGP load sharing with bandwidth

  We are running eBGP between two routers. We had a 250 M PVC between the two routers on OSM STM4 ATM interface. We need to increase the B/W between the two routers to 350M, but because there's a limitation on the PVC size for the OSM STM4 ATM card (Max. size of the PVC is 300M), so we created new PVC between the two routers on the same circuits (and of course the same interfaces). Now I need to enable the load sharing between the two routers taking the PVC B/W in consideration.. So I prepared this config, is it right and full? Or Am I missing anything here..
  RouterA:
  Router bgp 100
  Neighbor 10.1.1.1 remote-as 200 (10.1.1.1 is loop back address fro Router B)
  Neighbor 10.1.1.1 ebgp-multihop
  bgp dmzlink-bw
  neighbor 10.1.1.1 dmzlink-bw
  neighbor 10.1.1.1 send-community both
  maximum-paths ebgp 2
  RouterB:
  Router bgp 100
  Neighbor 10.10.1.1 remote-as 200 (10.10.1.1 is loop back address fro Router A)
  Neighbor 10.10.1.1 ebgp-multihop
  neighbor 10.10.1.1 send-community both
  bgp dmzlink-bw
  neighbor 10.10.1.1 dmzlink-bw
  maximum-paths ebgp 2

  I implmented these changes but did not work, becuase the command neighbor 10.10.1.1 dmzlink-bw is not supported with multihop (Neighbor 10.10.1.1 ebgp-multihop).
  I removed the loopback BGP neighbor and created 2 BGP neighbors with the directly connected interfaces IP's and applied same configuration and now it works fine.. Here's show Ip route (Ip's and AS numbers have been chnaged)
  R1#sh ip ro 10.10.0.1
  Routing entry for 10.10.0.0/20
  Known via "bgp xxxxx", distance 20, metric 10
  Tag xxxx, type external
  Last update from x.x.x.x 00:00:24 ago
  Routing Descriptor Blocks:
  * x.x.x.x, from x.x.x.x, 00:00:24 ago
  Route metric is 10, traffic share count is 240
  AS Hops 1
  Route tag xxxxx
  y.y.y.y, from y.y.y.y, 00:00:24 ago
  Route metric is 10, traffic share count is 83
  AS Hops 1
  Route tag xxxx
  notice the traffic share count
  traffic share count is 240 (for peer #1)
  traffic share count is 83 (for peer # 2)
  It's almost 3:1

• Routing loop concern

  Hello all,
  We have an MPLS setup with all remote sites connected to site X and site X is directly connected to site Y(datacenter). Note: site Y is not connected to MPLS cloud till now. All the traffic is passing from site X to site Y for accessing servers at datacenter. site X and site Y are connected to each other through Metro E. Now we have new circuit thats being provisioned for site Y(datacenter) that is going to be connected to MPLS cloud directly. We do bgp peering with ISP for MPLS connectivity and Internal routing protocol is Eigrp. We are doing mutual redistribution at each location for propogating routes at each site.  Now the concern is when site Y is connected to MPLS and when I will do the route redistribution on site Y with MetroE connected to site X will there be a routing loop occurance or will there be a best path selection based on the metrics calculated and will choose the optimal path.
  Need suggestions. Thanks in advance.

  Okay no problem, it can be a little daunting when you haven't done it before :-)
  1) No this isn't right.
  When I refer to remote sites I mean sites other than X or Y.
  So you must not allow either X or Y to redistribute any remote site networks into BGP.
  There is no need because the remote site networks should never be advertised from X or Y and if you do allow it it will cause you problems.
  So assuming you want X and Y to back each other up -
  X redistributes it's own subnets from EIGRP into BGP and also Y's but no remote sites.
  Y redistributes it's own subnets from EIGRP into BGP and also X's but again no remote sites.
  If X and Y were not connected via a dedicated link this would not be an issue but because they are and they are exchanging EIGRP routes via that link they each receive EIGRP routes for the remote sites networks from each other as well as from their own MPLS router which is why you need to filter.
  2) You can do the configuration on your CE routers.
  MED or AS prepending are the tools you use.
  So at X you advertise it's own subnets without any modification. You advertise Y's subnets but change one of the above BGP attributes.
  At Y you advertise it's own subnets without any modification and X's subnets you need to modify the BGP attribute again.
  This basically means that traffic will go direct to X or Y as long as their MPLS links are up.
  Either should work although it may be worth having a quick chat with your provider and tell them what you are doing to make sure they are not doing anything that would override your settings.
  Apart from that internally the L3 switches in X and Y should see their own MPLS routers as the best path to all remote sites because from your description the L3 switch is only one hop away from the MPLS router in X and Y whereas to go via the dedicated link would mean more hops.
  I'm assuming it means more hops.
  Quick way to check is do a traceroute from  X L3 switch to it's MPLS router and then a traceroute from X L3 switch to Y MPLS router and hopefully there should be more hops going to Y.
  Do the same from the Y L3 switch.
  If it is the same number of hops then you may have to modify the EIGRP metrics.
  All of the above about redistribution only applies to EIGRP to BGP.
  There is nothing to do about the BGP to EIGRP redistribution.
  Concentrate on the redistribution issue because that could seriously affect your network in terms of it working properly.
  Regarding the second issue have a chat with your provider about the MED and AS prepending just to clear it with them.
  It's not a given that traffic would go in the wrong site, it might, but it wouldn't be the end of the world if you got it wrong temporarily because traffic is doing exactly that to and from the DC at the moment ie. it goes into X and across to Y.
  By all means come back if you need more help but like I say focus on the redistribution issue because that really does need addressing.
  Jon

• BGP Redistribute-internal and MPLS

  Hi, usually when redistributing from BGP into IGP only EBGP routes are redistributed unless the bgp redistribute-internal command is configured which allows the redistribution of IBGP routes. However when doing the same redistribution on a PE router for a IGP running with the CE it seems that this command is not needed and IBGP routes still get redistributed into the IGP. It works without this command. Does anyone know why this is the case?
  I have been trying to understand this for some time now and it seems very trivial however its been bugging me and was hoping someone could clarify. Thx

  Hi Vikram,
  Well, look at it this way, in the case of MPLS VPN, BGP between the PEs (address-family ipv4 vrf x) is used to transport the customer routes between CEs, and thus it is very logical that it should redistribute all kind of routes (in the case of MPLS VPN the customer routes are always going to be iBGP anyway since they are redistributed from IGP (PE-CE) on another PE - except on the local router when the customer is using BGP as the PE-CE routing protocol) - using another prospective, redistributing iBGP routes into IGPs may cause routing loops to form within an autonomous system, but in the case of PE-CE the redistribution is done into a routing protocol outside the BGP domain (customer side).
  I hope that i've been informative.
  BR,
  Mohammed Mahmoud.

• BGP to OSPF redistribution with VRFs

  I am having a problem with redistribution of routes between BGP and OSPF when using VRFs mapping to VLANs between the PE and CE.
  In this lab I've put together I have R4 and R5 communicating with eachother via BGP with MPLS. If I redistribute the BGP into OSPF and delivering the connection to the CE without VLANs it works fine. If I want to essentially keep the same primary network going into the other side of the BGP but send the VRF over a VLAN to the next router the redistribution doesn't happen.
  In this example I have
  192.168.100.0/24 (R6) --ospf-- (R4) --BGP-- (R5) --ospf-- (R7) 192.168.200.0/24
  Between R4 and R5 is the core network running ospf (R1 - R3).
  Can anyone point me in the right direction why this isn't working? I am obviously missing something here.
  Thanks,
  Mike

  Hi Mike,
  You need to add capability vrf-lite under ospf process of R6 and R7 because they are configured with VRF-lite. This command will disable the check usually done on the PE to avoid routing loops.
  HTH
  Laurent.

• Redistributing BGP into ISIS

  I have issue Reditributing BGP into ISIS network. I have Router R1 running ISIS Level-2 with a neighborn router R2 ISIS L1-L2. Router R1 has a peering BGP with another router, so I want to redistribute network that receives from peering BGP and anounce to its neighbour ISIS.
  Here are go setting, all seems to be ok, but withen I check into R2 network 172.16.40.0 it gets "% Subnet not in table"
  R1 ISIS
  R1#sh isis neighbors
  R2 L2   Gi9/3       172.30.100.98   UP    24       R1.09  
  router isis
   net 49.0001.0000.0000.0024.00
   is-type level-2-only
   redistribute connected
   redistribute bgp 11562 route-map Metricas level-1-2
  route-map Metricas permit 10
   match ip address 20
  access-list 20 permit 172.16.40.0 0.0.0.255
  R1#show ip bgp neighbors 172.16.40.38 received-routes
     Network          Next Hop            Metric LocPrf Weight Path
  * i172.16.40.0/24 172.16.40.38             0    100      0 i
  Command  "redistribute bgp 11562 route-map Metricas level-1-2" I tried with "redistribute bgp 11562 route-map Metricas level-2"  too, but didnt work. Please, help me

  The prefix you're trying to redistribute into IS-IS is coming from an iBGP peering. By default, the BGP process will not redistribute iBGP into an IGP because this scenario can frequently create routing loops. If you really want to do this and you're sure your routing setup is stable, you can override this behaviour by adding the "bgp redistribute-internal" configuration command under your "router bgp" process.
  Make sure you issue a "clear bgp ipv4 unicast *" to clear the BGP table once you've made the configuration change.

• BGP withdrawal convergence and shorter prefix

  An AS owns a /20. He advertises the /20 in BGP to ispA and ispB through policies of his own decision (but he definitely advertises the prefix, and the prefix is propagated). Within the /20 is a /24, which at times he wishes to advertise via ispC. ispC propagates said route upstream and traffic traverses ispC by virtue of longest prefix. No problem.
  Because the AS is just using prefix-lists and not route-maps, when he wants to move the /24 off of ispC and move it back into the regular /20 announcement, the /24 experiences downtime of up to 3 minutes because using a prefix-list means that this is actually a BGP withdrawal, which take longer to converge.
  What I don't get is, given the /20 is still propagated in the internet (routers still have it in their RIB, but install the /24 in the FIB as the preferred route), why should there be downtime.
  Let's say we have CarrierA -> CarrierB (carrierB is closer to ispC, and could theoretically be ispC). CarrierA hasn't received the update, so has the /24 and the /20 in his RIB, and the /24 in his FIB. Thus he sends traffic to CarrierB. CarrierB has received the update, so has the /20 only in his RIB and FIB. So should direct the traffic toward ispA and ispB.
  What am I missing here?

  Hi,
  ad
  "What I don't get is, given the /20 is still propagated in the internet (routers still have it in their RIB, but install the /24 in the FIB as the preferred route), why should there be downtime.")
  I can imagine following scenario:
  Let's say ispC is not peering directly to ispA nor ispB but there is ispD (or multiple other ISPs on the path) between them.
  So ispC has got the /20 prefix received from ispD in his RIB.
  So at the time you sent your /24 withdrawal to ispC, it removes the /24 fro his RIB.
  And let's say this withdrawal was not delivered to ispD yet.
  So what happeans at that moment when ispD receives a packet with a destination address within the /24 from the Internet?
  ispD still has got the /24 prefix in his RIB pointing to ispC. So it forwards the packet to ispC.
  But ispC has only /20 in his RIB pointing back to ispD!
  So there is a routing loop existing until  BGP gets converged by the /24 withdrawal delivery to ispD.
  This was just a very simple example.
  But showing your /24 might be not reachable from some parts on the Internet until the BGP is converged.
  Best regards,
  Milan

• BGP backdoor link

  Dear Team,
  Can u explain how does bgp backdoor link will work , 
  Scenario :
  Two customer sites connected  different PE  
  CE1>>>PE1(mpls core )PE2>>>CE2 this CE 1 and CE2 have back to back connectivity with Eigrp  , how does the loop avoidance happens here 

  Hello.
  If CE-PE protocol is eBGP., then ISP would be using SOO as loop-prevention mechanism.
  Also, if you have same AS for both CE-PE links, then your CE would prevent the prefix to be learnt due to self AS been found in AS-path.
  PS: I hope this answers your question about loop-prevention mechanism on ISP side; If you have a question about CE network, then additional information needed - what is advertised via each links, what is routing policy (active/active or active/backup), what link is primary (MPLS or backdoor) and etc.

• Tracking packet loss to selected destination on BGP gateway

  Hi,
  We have a Multihomed(2-ISP on 1-Router) BGP connectivity for ISP redundancy, through this link we are advertising our own IP prefix. The link failover works perfectly fine, it happens if either of the local loop for the ISP physically goes down or if the remote peer(neighbor router) is not reachable.
  The existing BGP configuration is not helping us much to address the intermittent packet loss issues that occurs with some of our critical remote destinations.
  I am not sure how we can fix this issue on the gateway router. I am actually trying with IP SLA configurations to see if we can address this issue.
  Let me know if there is a better way to address such issues on border router.

  VPN01#sh ip cef switching statistics
         Reason                          Drop       Punt  Punt2Host
  RP LES No route                          19          0          0
  RP LES Packet destined for us             0      39625         98
  RP LES No adjacency                     480          0          0
  RP LES TTL expired                        0          0      29428
  RP LES Fragmentation failed, DF         346          0       1877
  RP LES Features                       18434          0      21821
  RP LES Unclassified reason               18          0          0
  RP LES Neighbor resolution req         1029         20          0
  RP LES Tun decap, gre payload             0        187          0
  RP LES Fragmentation no pak               0          0      13108
  RP LES Total                          20326      39832      66332
  All    Total                          20326      39832      66332

• A problem with Threads and loops.

  Hi, I have some code that needs to be constantly running, like while(true)
        //code here
  }However, the code just checks to see if the user has input anything (and then if the user has, it goes to do some other stuff) so I don't need it constantly running and hogging up 98% of the CPU. So I made my class (which has the method that needs to be looped, call it ClassA) implement Runnable. Then I just added the method which needed to be looped into the public void run()
  I have another class which creates an instance of the above class (call it ClassB), and the main(String[] args) is in there.
  public static void main(String[] args)
            ClassA test = new ClassA();
            Thread thread = new Thread(test.getInstanceOfClassA());
            thread.start();
            while(true)
                         //I do not know what to put here
                 try
                      thread.sleep(100);
                 catch(InterruptedException iex)
       }However, the thread only calls run() once,(duh...) but I can't think of away to get it to run - sleep - run -sleep forever. Can someone help me?

  Hi, I have some code that needs to be constantly
  running, like while(true)
  //code here
  }However, the code just checks to see if the user has
  input anything (and then if the user has, it goes to
  do some other stuff) so I don't need it constantly
  running and hogging up 98% of the CPU. Where does the user input come from. Are you reading from an InputStream? If so, then your loop will be blocked anyway when reading from the InputStream until data is available. During that time, the loop will not consume processor cycles.
  public static void main(String[] args)
            ClassA test = new ClassA();
  Thread thread = new Thread(test.getInstanceOfClassA());I have never seen this idiom. If ClassA instanceof Runnable, you simply write new Thread(test).
            thread.start();
            while(true)
  //I do not know what to put
  do not know what to put here
                 try
                      thread.sleep(100);
                 catch(InterruptedException iex)
       }However, the thread only calls run() once,(duh...)Yeah, why would you want to call it more than once given that you have an infinite loop in ClassA.run()?
  Harald.
  Java Text Crunching: http://www.ebi.ac.uk/Rebholz-srv/whatizit/software

• Previewing loops

  Have had no luck with PCs trying to do music recoding so I swithced over to Mac because I heard it so easy, seamless, and problem free. Now, on opening Garageband for the first time and trying to preview loops I get an error mesage that says: "the software instrument or apple loop selected is currently being installed. You have already initiated the installation of additional content for Garageband via Software update. For additional information please open the software update application." I have opened this application and nothing. I have now spent about two hours trying to fix this problem. Should I "convert back to PC, take this load of crap back to the store or is there something simple I am missing?

  I have found if you wait long enough, you will hear the file begin to play. Sometimes the delay can several seconds. Not acceptable IMO.

• Adobe Cloud membership - I am stuck in the loop of Licensing VERY Frustrating!!!

  I have an Adobe Cloud membership - I am stuck in the loop of Licensing as well VERY Frustrating - I have a project due and have been troubleshooting for days -
  Un Installing - Re installing - NIGHTMARE  - Please someone help me!!! Thanks in advance -

  What happens when you enter your Adobe ID tied to your subscription?

• Lock ups and sound looping!

  I remember reading something here about people having trouble with their systems locking up and then getting a loud static noise then a sound loop when playing games.
     I am getting this about 2-3 times a night now and it is driving me nuts, I do not have temp problems of any sort and I have all of the latest drivers for everything on my system.
    Any ideas?
  Specs in sig

  Set your PCI/AGP Freq to 66.66/33.33MHz.
  Increase your DDR Voltage to 2.7~2.8v.
  Check if you have any background programs causing all high CPU load times while gaming.