BGP RIB
I am learning advance bgp ....having query :
BGP uses different types of routing table..i.e 1) adj-rib-in (unprocessed routes which are received from neighbors)
2) adj-rib-out (routes which are sent by router to its neighbors)
3) local bgp table: (remained routes after process on adj-rib-in & rib-out) Best routes from local bgp table is forwarded to ip bgp talbe...
Q1. is it right??
Q2. how can i see these three table separately... is there any command to see only adj-rib-in or rib-out etc ??
Q3. Is there any concern of command
show ip bgp neighbors [address] advertised-routes
show ip bgp neighbors [address] received-routes
show ip bgp rib-failure
S@ndy...
Hi S@ndy,
Ad Q1: Almost correct. I believe that looking into RFC 4271 is worth a try, and the RFC puts it very nicely:
Adj-RIB-In
The Adj-RIBs-In contains unprocessed routing information that has
been advertised to the local BGP speaker by its peers.
Adj-RIB-Out
The Adj-RIBs-Out contains the routes for advertisement to specific
peers by means of the local speaker's UPDATE messages.
Loc-RIB
The Loc-RIB contains the routes that have been selected by the
local BGP speaker's Decision Process.
In particular, the Loc-RIB are not "the remaining" routes but simply routes that have been selected from Adj-RIB-In and locally injected routes as the best paths. These routes would be attempted to be installed into the router's routing table and would also be candidates for advertisement to other BGP peers.
Ad Q2: To see what routes have been received from a particular neighbor (Adj-RIB-In), use show ip bgp neighbor X.X.X.X routes. To see what routes have been sent to a particular neighbor (Adj-RIB-Out), use show ip bgp neighbor X.X.X.X advertised-routes. I am not sure if there is a command to display the Loc-RIB; I do not know of any.
Ad Q3: The advertised-routes shows the Adj-RIB-Out for the neighbor. The received-routes is relevant to a deprecated feature called Soft Reconfiguration that is beyond the topic of this discussion. The rib-failure shows you a set of routes from Loc-RIB that could not be installed into the router's routing table, if there are any. Most often, this is caused by the same network being already present in the routing table with a better administrative distance.
Best regards,
Peter
Similar Messages
-
NX-OS show ip bgp rib-failure equivalent
I utilize the: show ip bgp rib-failure command in IOS to check for BGP learned routes which did not get installed in the routing table.
However, in my Cisco 7009 with Enterprise licensing, I cannot find the equivalent command to check for RIB failures and the reason for the RIB failure.I've ran into the same issue on IOS-XR code and hasn't been able to find any equivalent in XR docs.
Just wondering if you have found some more information on your NX code?
BR,
Tomas -
MP-BGP and MPLS multipath load sharing
Hi,
I am trying to PoC MPLS multi path load sharing by using per-PE-per-VRF RDs in the network.
I have a simple lab setup with AS65000 which consists of SITE1 PE1&PE2 routers (10.250.0.101 and 10.250.0.102), route reflector RR in the middle (10.250.0.55) and SITE2 PE1&PE2 routers (10.250.0.201 and 10.250.0.202). PE routers only do iBGP peering with centralized route reflector and passing route to 10.1.1.0/24 prefix (learned from single CE router) with 100:1 and 100:2 RDs for specific VRF.
Route reflector gets routes with multiple RDs, makes copies of these routes in order to make local comparison to RD 55:55 configured, uses these routes and install multiple paths into its routing table (all PE routers and RR have "maximum-paths eibgp 4" configured):
RR#sh ip bgp vpnv4 all
BGP table version is 7, local router ID is 10.250.0.55
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 55:55 (default for vrf VRF-A) VRF Router ID 10.250.0.55
* i10.1.1.0/24 10.250.0.102 0 100 0 65001 i
*>i 10.250.0.101 0 100 0 65001 i
Route Distinguisher: 100:1
*>i10.1.1.0/24 10.250.0.101 0 100 0 65001 i
Route Distinguisher: 100:2
*>i10.1.1.0/24 10.250.0.102 0 100 0 65001 i
RR#sh ip route vrf VRF-A
<output omitted>
10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
B 10.1.1.0/24 [200/0] via 10.250.0.102, 00:45:52
[200/0] via 10.250.0.101, 00:46:22
BUT, for some reason RR doest reflects routes with multiple RDs down to SITE2 PE1&PE2 - its own clients:
RR#sh ip bgp vpnv4 all neighbors 10.250.0.201 advertised-routes
Total number of prefixes 0
RR#sh ip bgp vpnv4 all neighbors 10.250.0.202 advertised-routes
Total number of prefixes 0
Here comes RR BGP configuration:
router bgp 65000
no synchronization
bgp router-id 10.250.0.55
bgp cluster-id 1.1.1.1
bgp log-neighbor-changes
neighbor 10.250.0.101 remote-as 65000
neighbor 10.250.0.101 update-source Loopback0
neighbor 10.250.0.101 route-reflector-client
neighbor 10.250.0.101 soft-reconfiguration inbound
neighbor 10.250.0.102 remote-as 65000
neighbor 10.250.0.102 update-source Loopback0
neighbor 10.250.0.102 route-reflector-client
neighbor 10.250.0.102 soft-reconfiguration inbound
neighbor 10.250.0.201 remote-as 65000
neighbor 10.250.0.201 update-source Loopback0
neighbor 10.250.0.201 route-reflector-client
neighbor 10.250.0.201 soft-reconfiguration inbound
neighbor 10.250.0.202 remote-as 65000
neighbor 10.250.0.202 update-source Loopback0
neighbor 10.250.0.202 route-reflector-client
neighbor 10.250.0.202 soft-reconfiguration inbound
no auto-summary
address-family vpnv4
neighbor 10.250.0.101 activate
neighbor 10.250.0.101 send-community both
neighbor 10.250.0.102 activate
neighbor 10.250.0.102 send-community both
neighbor 10.250.0.201 activate
neighbor 10.250.0.201 send-community both
neighbor 10.250.0.202 activate
neighbor 10.250.0.202 send-community both
exit-address-family
address-family ipv4 vrf VRF-A
maximum-paths eibgp 4
no synchronization
bgp router-id 10.250.0.55
network 10.255.1.1 mask 255.255.255.255
exit-address-family
SITE1 PE1 configuration:
router bgp 65000
no synchronization
bgp router-id 10.250.0.101
bgp log-neighbor-changes
neighbor 10.250.0.55 remote-as 65000
neighbor 10.250.0.55 update-source Loopback0
neighbor 10.250.0.55 soft-reconfiguration inbound
no auto-summary
address-family vpnv4
neighbor 10.250.0.55 activate
neighbor 10.250.0.55 send-community both
exit-address-family
address-family ipv4 vrf VRF-A
neighbor 10.1.101.2 remote-as 65001
neighbor 10.1.101.2 activate
neighbor 10.1.101.2 soft-reconfiguration inbound
maximum-paths eibgp 4
no synchronization
bgp router-id 10.250.0.101
exit-address-family
SITE1 PE2 configuration is similar to SITE1 PE1. They both do eBGP peering with dualhomed CE router in AS65001 which announces 10.1.1.0/24 prefix into VRF-A table.
My question is: clearly, the issue is that RR doesn't reflect any routes to its clients (SITE2 PE1&PE2) for 10.1.1.0/24 prefix with 100:1 and 100:2 RDs that dont match it's locally configured RD 55:55 for VRF-A, although they are present in its BGP/RIB tables and used for multipathing. Is this an expected behavior or some feature limitation for specific platform or IOS version? Currently, in this test lab setup I run IOS 12.4(24)T8 on all the devices.
Please, let me know if any further details are needed to get an idea of why this well known and widely used feature is not working correctly in my case. Thanks a lot!
Regards,
SergeyHi Ashish,
I tried to remove VRF and address family configurations completely from RR.
router bgp 65000
no synchronization
bgp router-id 10.250.0.55
bgp cluster-id 1.1.1.1
bgp log-neighbor-changes
neighbor 10.250.0.101 remote-as 65000
neighbor 10.250.0.101 update-source Loopback0
neighbor 10.250.0.101 route-reflector-client
neighbor 10.250.0.101 soft-reconfiguration inbound
neighbor 10.250.0.102 remote-as 65000
neighbor 10.250.0.102 update-source Loopback0
neighbor 10.250.0.102 route-reflector-client
neighbor 10.250.0.102 soft-reconfiguration inbound
neighbor 10.250.0.201 remote-as 65000
neighbor 10.250.0.201 update-source Loopback0
neighbor 10.250.0.201 route-reflector-client
neighbor 10.250.0.201 soft-reconfiguration inbound
neighbor 10.250.0.202 remote-as 65000
neighbor 10.250.0.202 update-source Loopback0
neighbor 10.250.0.202 route-reflector-client
neighbor 10.250.0.202 soft-reconfiguration inbound
no auto-summary
address-family vpnv4
neighbor 10.250.0.101 activate
neighbor 10.250.0.101 send-community both
neighbor 10.250.0.102 activate
neighbor 10.250.0.102 send-community both
neighbor 10.250.0.201 activate
neighbor 10.250.0.201 send-community both
neighbor 10.250.0.202 activate
neighbor 10.250.0.202 send-community both
exit-address-family
After this, RR doesn't accept any routes at all from S1PE1&S1PE2 routers, thus not reflecting any routes down to its clients S2PE1&S2PE2 as well:
S1PE1#sh ip bgp vpnv4 all
BGP table version is 6, local router ID is 10.250.0.101
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 100:1 (default for vrf VRF-A) VRF Router ID 10.250.0.101
*> 10.1.1.0/24 10.1.101.2 0 0 65001 i
S1PE1#sh ip bgp vpnv4 all neighbors 10.250.0.55 advertised-routes
BGP table version is 6, local router ID is 10.250.0.101
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 100:1 (default for vrf VRF-A) VRF Router ID 10.250.0.101
*> 10.1.1.0/24 10.1.101.2 0 0 65001 i
Total number of prefixes 1
S1PE2#sh ip bgp vpnv4 all
BGP table version is 6, local router ID is 10.250.0.102
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 100:2 (default for vrf VRF-A) VRF Router ID 10.250.0.102
*> 10.1.1.0/24 10.1.201.2 0 0 65001 i
S1PE2#sh ip bgp vpnv4 all neighbors 10.250.0.55 advertised-routes
BGP table version is 6, local router ID is 10.250.0.102
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 100:2 (default for vrf VRF-A) VRF Router ID 10.250.0.102
*> 10.1.1.0/24 10.1.201.2 0 0 65001 i
Total number of prefixes 1
RR#sh ip bgp vpnv4 all
RR#sh ip bgp vpnv4 all neighbors 10.250.0.101 routes
Total number of prefixes 0
RR#sh ip bgp vpnv4 all neighbors 10.250.0.102 routes
Total number of prefixes 0
Any feedback is appreciated. Thanks.
Regards,
Sergey -
HSRP + BGP - LAN interface failover occurs but BGP fails to work
I have 2 ISP's with 2 separate routers. 1 - 3845 and 1 - 2801. The routers are connected to a 2900 Catalyst switch stack on the LAN side. My Goal is to have BGP "follow" HSRP. When HSRP fails over I would like BGP to failover as well. Currently if I test failure of the LAN interface on the master router, HSRP works correctly but BGP fails to route traffic.
I have attached modified examples of the configs from both routers.@Gary,
See attached document. Some disclaimers:
Its the Internet, failover will not be fast. It will not be pleasant. In most cases, ( even in L3VPN scenario and on the open Internet), I've seen BGP converge in ~2 minutes. This depends on how your ISPs are connected and how your users are connected to the internet. (Waves hand vigorously, its the Internet, such is beyond the scope of this example :)
Because of point 1 above, real-time traffic will drop during failover. But the failover is automatic so no 5am surprise while your stuck in traffic on the way into the office. Failback is also automatic ( although some people prefer users not to have two hits if at all possible. If that's the case, this isn't for you. As soon as that other active router returns to service, BGP will failback
You should test the crap out of this in a lab environment there may be idiosyncrasies in your network I did not account for ( goes without saying)
I would remove your track of "4.4.4.4" in the original configuration. Pinging stuff on the Internet is notoriously unreliable. More important, if it causes HSRP to switch _AND_ there's only a problem with the path to "4.4.4.4", you will have asymmetric routing within your network (i.e. egress from your site, you'll take router_b path, ingress to your site will take router_a path). Not totally as bad thing but something to be aware of. Whats more, egress path from internal network will go to router_a, come back on the 2960S stack, and then hit router_b. Again not totally a bad thing but something to think about. You can either add a direct link between router_a and router_b or track additional stuff ( I personally track Google and Microsoft's anycast DNS servers). The former solves the "back through stack" problem; the latter solves the "no one cares about pings / transient internet pathing problem"
One last thing. It occurred to me: What happens in this scenario:
router_a ebgp with ISPA is up. ( Or router_a bgp is down but link is up/up?)
router_a is up as well
From router_b, path to router_a is up
You get a blackhole for your site prefixes. This is because router_b still does not advertise your site prefixes because it still has the ISPA connected /30 in is BGP RIB. The workaround is to condition the announcement on the existence of prefixes originated from ISPA directly ( see doc). If you don't have such routes, you don't have a direct connection to ISPA and that verifies that router_a is no longer a viable ingress/egress point.
I'll make one last commentary: All these mechanisms -- EEM scripts, BGP conditional announcement, IP SLA tracking, etc-- add complexity. Not strictly a bad thing, but I like to keep things simple and avoid turning knobs where possible. That said, you wouldn't have to go through these theatrics to cover the failure cases if you had a direct link between router_a and router_b, I would seriously consider making it so.
If you can't spring for an EHWIC, you could recreate your edge network by connecting both interfaces on your edge routers to the 2960S. Both ISPs would connect to either 2960S switch. Logically, you establish a full mesh eBGP sessions between your routers and your ISPs. But that's just trading one complexity for another. I'd spring for the EHWIC and add a link between your routers...
Mark if you find helpful. Come back and show me your results as well... -
Non existent route-map applied to redistribution
If a non existent route-map is referred in a redistribute command . How does it effect ?
Example configuration
address-family ipv4 vrf VRF:MMS:MGD:XLC:190
redistribute connected route-map MGD_XLC
redistribute static route-map VPN_XLC
no synchronization
exit-address-family
The above mentioned route-maps don't exist in the configurationHi,
By its very nature, this is an incorrect configuration. Different IOS versions may react differently to incorrect configuration. Therefore, do not take the results you find out on your particular router as a general rule.
In principle, there are only two possibilities when you reference a non-existent route-map in your redistribution: Either all routes are redistributed indiscriminately, or no routes are redistributed at all. Now, in your case, checking the show ip bgp vpnv4 vrf VRF:MMS:MGD:XLC:190 and comparing it with show ip route vrf VRF:MMS:MGD:XLC:190 static and show ip route vrf VRF:MMS:MGD:XLC:190 connected should tell you right away whether any (that is, all) or no routes have been injected into BGP RIB from this VRF.
Best regards,
Peter -
How many route entries does 3945E or/and 3900 ISR G2 support
hello guys:
I have a question concerning about how many ospf and bgp route entries does 3945E isr g2 router support?
cheers
tony xiTony,
This question can't be answered in general. It depends foremost on the amount of available memory in the router. With 256MB of RAM, you can expect that the router can manage roughly tens of thousands of routes. The full BGP routing table (not the BGP database) consumes around 70MB, however, the full BGP RIB on one of the route-views project routers consumes over 1100 MB of RAM (this also depends on the number of BGP peers and the amount of data sent to it by individual BGP neighbors). The exact number is impossible to determine, as it depends on the amount of other control information that the router has to store in its RAM - for example, OSPF LSDB, BGP RIB, the CEF and adjacency tables, etc. etc. etc.
So you can assume that 256MB of RAM should be working for deployments up to the order of tens of thousands but this has to be taken with a very, very rough and unreliable estimate.
Best regards,
Peter -
Hello,
Scenario:
Two data centers (Data Center A and B) in different states.
Company X owns x.x.1.0/24 and x.x.2.0/24 AS:1234
Data center A gets the full routing table for ISP1 and advertises x.x.1.0/24
Data center B gets DF only from ISP2 and advertises x.x.2.0/24
Issue:
Data center A is not getting x.x.2.0/24 from ISP2. ISP2 does advertise x.x.2.0/24 but Company’s bgp peering router doesn’t see a route for x.x.2.0/24
ISP2 is sending x.x.2.0/route like this
Prefix Nexthop MED Lclpref AS path
* x.x.2.0/24 Self 444 555 1234 I
Question?
Is the reason why the wan rt peering with ISP2 not seeing the route to x.x.2.0/24 because it sees its own AS number in the AS-path?
Thank you in advance for your input.
Cheers!Clarification TYPO!!!
Issue:
Data center A is not getting x.x.2.0/24 from ISP1. ISP1 does advertise x.x.2.0/24 but Company’s bgp peering router doesn’t see a route for x.x.2.0/24
ISP1 is sending x.x.2.0/route like this
Prefix Nexthop MED Lclpref AS path
* x.x.2.0/24 Self 444 555 1234 I
Thank you! -
Load balance not happening in BGP
Dear Friends,
As per I know local BGP process may implement equal-cost load-balancing to the paths that:
Have the same set of path attributes up to the MED (weight, Local Preference, Origin, MED)
Are of the same type (both learned via iBGP or eBGP)
Have the same IGP cost to reach their NEXT_HOP IP address
If the above conditions are met andmaximum-paths [ibgp]is configured under the BGP process, BGP will install multiple equal-cost routes into the local RIB and use them for load-balancing. We call the above condition as load-balancing conditions for BGP.
As all the above criteria are matched still BGP is not doing load balance. Please find below routing table:
R1:
R1#sh ip bgp
BGP table version is 4, local router ID is 40.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*>i192.168.1.0 20.1.1.2 0 100 0 i
* i 30.1.1.1 0 100 0 i
R1#sh ip route
Gateway of last resort is not set
20.0.0.0/24 is subnetted, 1 subnets
R 20.1.1.0 [120/1] via 10.1.1.2, 00:00:03, FastEthernet0/0
40.0.0.0/24 is subnetted, 1 subnets
C 40.1.1.0 is directly connected, FastEthernet0/1
10.0.0.0/24 is subnetted, 1 subnets
C 10.1.1.0 is directly connected, FastEthernet0/0
B 192.168.1.0/24 [200/0] via 20.1.1.2, 00:12:01
30.0.0.0/24 is subnetted, 1 subnets
R 30.1.1.0 [120/1] via 40.1.1.2, 00:00:15, FastEthernet0/1
router bgp 100
no synchronization
bgp log-neighbor-changes
neighbor 10.1.1.2 remote-as 100
neighbor 40.1.1.2 remote-as 100
maximum-paths 2
no auto-summary
Please help....!!!!!!! why BGP is not load balancing here????
R1#traceroute 192.168.1.1
Type escape sequence to abort.
Tracing the route to 192.168.1.1
1 10.1.1.2 88 msec 60 msec 28 msec
2 20.1.1.2 104 msec 56 msec 120 msec
Regards,
SanjibDear Jon,
Thank you so much.
When I changed the configuration BGP is now loadbalancing. But in configuartion Max-path showing as 1 instead of 2.
R1#sh ip pro | sec bgp
Routing Protocol is "bgp 100"
Outgoing update filter list for all interfaces is not set
Incoming update filter list for all interfaces is not set
IGP synchronization is disabled
Automatic route summarization is disabled
Neighbor(s):
Address FiltIn FiltOut DistIn DistOut Weight RouteMap
12.1.1.2
13.1.1.3
Maximum path: 1
Routing Information Sources:
Gateway Distance Last Update
13.1.1.3 200 00:01:12
12.1.1.2 200 00:02:15
Distance: external 20 internal 200 local 200
Regards,
Sanjib -
Difference between sh ip bgp & sh ip route? BGP tables and main routing table.
Difference between sh ip bgp & sh ip route?
sh ip bgp :::: loc-rib ?
sh ip bgp nei x.x.x.x advertised-routes : adj-rib-in.
sh ip bgp nei x.x.x.x recieved-routes : adj-rib-out.
sh ip bgp nei x.x.x.x routes : loc-rib ?
sh ip route = rib ? if yes does it mean its loc-rib ?
so in a given router with bgp running, will there be 5 tables (sh ip bgp; adj-rib-in; loc-rib;adj-rib-out; sh ip route) ? if yes where are they saved ?sh ip bgp
shows the BGP table (where are stored info coming from BGP update)
sh ip bgp nei x.x.x.x advertised-routes
shows networks that your router will advertise to a specific neighbor
sh ip bgp nei x.x.x.x recieved-routes
shows advertisement received from a specific neighbor; networks (NLRI) filtered with route-map distribute-list,... are included (Inbound soft reconfiguration must be enabled)
sh ip bgp nei x.x.x.x routes
shows only routes sent by a specific neighbor and not filtered or discarded (i.s accepted)
sh ip route
show routing table; it contains the best route for each network (best is first of all the lowest administrative distance, then the lowest metric)
Bye,
enrico.
PS please rate if useful -
hi,
i have the following cli show command output,
R2#show bgp ipv4 unicast
BGP table version is 11, local router ID is 192.168.220.252
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
* i192.168.30.0 192.168.110.70 0 100 0 63000 i
*> 192.168.220.70 0 0 63000 63000 i
* i192.168.40.0 192.168.110.70 0 100 0 63000 63000 i
*> 192.168.220.70 0 0 63000 i
R2#
why isn't the route through the shortest AS path not selected as the best route for 192.168.30.0. ?
thanks,
uddikaR2#
R2#
R2#show ip bgp 192.168.30.0
BGP routing table entry for 192.168.30.0/24, version 7
Paths: (2 available, best #2, table Default-IP-Routing-Table)
Advertised to update-groups:
2
63000
192.168.110.70 (inaccessible) from 192.168.111.251 (192.168.111.251)
Origin IGP, metric 0, localpref 100, valid, internal
63000 63000, (received & used)
192.168.220.70 from 192.168.220.70 (192.168.220.70)
Origin IGP, metric 0, localpref 100, valid, external, best
R2#
R2#
thanks, i noticed that R2 does not have the route for the next hop, 192.168.110.70. -
MPLS BGP routes push to DMVPN spokes
I have an MPLS with BGP. I also have sites that are not connected directly to the MPLS, but have a s2s VPN to hub sites that are connected to the MPLS and that way they access the MPLS resources. I need to communicate the route changes to the MPLS when the DMVPN fails-over to another hub.
Currently this is my config:
Datacenter (MPLS only)
interface GigabitEthernet0/1
description MPLS
ip address 192.168.0.34 255.255.255.252
interface Vlan2
ip address 192.168.96.2 255.255.255.0
router bgp 65511
bgp log-neighbor-changes
network 192.168.96.0
neighbor 192.168.0.33 remote-as 65510
Hub site 1 (MPLS + internet)
interface Tunnel200
ip address 10.99.99.1 255.255.255.0
no ip redirects
ip mtu 1400
ip nhrp authentication auth
ip nhrp map multicast dynamic
ip nhrp network-id 12345
ip nhrp holdtime 600
tunnel source GigabitEthernet0/0
tunnel mode gre multipoint
tunnel key 200
tunnel protection ipsec profile dmvpn
interface GigabitEthernet0/1
description MPLS
ip address 192.168.1.2 255.255.255.0 secondary
ip address 192.168.0.2 255.255.255.252
router bgp 65001
bgp log-neighbor-changes
network 192.168.1.0
network 192.168.21.0
!10.99 clients are DMVPN spokes
neighbor 10.99.99.3 remote-as 99010
neighbor 10.99.99.3 route-reflector-client
neighbor 10.99.99.21 remote-as 99001
neighbor 10.99.99.21 route-reflector-client
!as 65000 is the MPLS PE
neighbor 192.168.0.1 remote-as 65000
Hub Site 2, has the same configuration, except for local ip address and router BGP ID.
Spoke site:
interface Tunnel200
ip address 10.99.99.3 255.255.255.0
no ip redirects
ip mtu 1400
ip nhrp authentication auth
ip nhrp map 10.99.99.1 PUBLIC_IP_HUB_1
ip nhrp map 10.99.99.16 PUBLIC_IP_HUB_2
ip nhrp network-id 12345
ip nhrp holdtime 600
ip nhrp nhs 10.99.99.1 priority 1
ip nhrp nhs 10.99.99.16 priority 5
ip nhrp nhs fallback 60
tunnel source GigabitEthernet0/0
tunnel mode gre multipoint
tunnel key 200
tunnel protection ipsec profile dmvpn
interface GigabitEthernet0/1
description Internal
ip address 192.168.3.1 255.255.255.192
router bgp 99010
bgp log-neighbor-changes
network 192.168.3.0
neighbor 10.99.99.1 remote-as 65001
neighbor 10.99.99.16 remote-as 65013
On this spoke site
#sh ip route
B 192.168.1.0/24 [20/0] via 10.99.99.1, 00:47:01
which is the HUB network, but the rest of the MPLS routes are not "learned".
What am I missing?
Thanks!Hi Jon, I've ommited the configuration of the MPLS provider routers in between. The DC is connected to a router that has the AS 65510.
DC:CPE---PE:{MPLS}PE---CPE:HUB---{internet}---Spoke
The DC is ok getting the network information via BGP:
#sh ip route
B 192.168.3.0/24 [20/0] via 192.168.0.33, 3d05h
B 192.168.21.0/24 [20/0] via 192.168.0.33, 3d05h
#sh ip bgp 192.168.21.0
BGP routing table entry for 192.168.21.0/24, version 559
Paths: (1 available, best #1, table default)
Not advertised to any peer
Refresh Epoch 1
65510 3549 6140 3549 65000
192.168.0.33 from 192.168.0.33 (###.###.###.###)
Origin IGP, localpref 100, valid, external, best
#sh ip route 192.168.21.0
Routing entry for 192.168.21.0/24
Known via "bgp 65511", distance 20, metric 0
Tag 65510, type external
Last update from 192.168.0.33 3d05h ago
Routing Descriptor Blocks:
* 192.168.0.33, from 192.168.0.33, 3d05h ago
Route metric is 0, traffic share count is 1
AS Hops 5
Route tag 65510
MPLS label: none
Spoke:
#sh ip bgp
BGP table version is 494, local router ID is 192.168.21.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*> 10.0.129.32/27 10.99.99.16 0 65013 65012 3549 ?
*> 192.168.96.0 10.99.99.16 0 65013 65012 3549 6745 65510 ?
#sh ip route 192.168.96.0
Routing entry for 192.168.96.0/24
Known via "bgp 99001", distance 20, metric 0
Tag 65013, type external
Last update from 10.99.99.16 00:02:11 ago
Routing Descriptor Blocks:
* 10.99.99.16, from 10.99.99.16, 00:02:11 ago
Route metric is 0, traffic share count is 1
AS Hops 5
Route tag 65013
MPLS label: none
#sh ip bgp 192.168.96.0
BGP routing table entry for 192.168.96.0/24, version 465
Paths: (1 available, best #1, table default)
Not advertised to any peer
Refresh Epoch 2
65013 65012 3549 6745 65510
10.99.99.16 from 10.99.99.16 (10.2.16.1)
Origin incomplete, localpref 100, valid, external, best
The route is not being updated to the rest of the routers, and the 192.168.21.0 network is still announced via the old route.
(from spoke)
ping 192.168.96.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.96.2, timeout is 2 seconds:
Success rate is 0 percent (0/5)
From DC
#traceroute 192.168.21.1
Type escape sequence to abort.
Tracing the route to 192.168.21.1
VRF info: (vrf in name/id, vrf out name/id)
1 192.168.0.33 [AS 65510] 0 msec 0 msec 0 msec
2 172.50.1.33 [AS 65510] 56 msec 36 msec 36 msec
3 10.80.1.1 [AS 3549] 44 msec 44 msec 44 msec
4 10.80.1.2 [AS 3549] 172 msec 172 msec 168 msec
5 172.50.1.1 [AS 3549] 168 msec 168 msec 172 msec
6 172.50.1.2 [AS 3549] 180 msec 180 msec 176 msec
7 192.168.0.2 [AS 65000] 172 msec 172 msec 168 msec <- old route, should be 192.168.0.9
8 192.168.0.2 [AS 65000] !H * !H -
BGP Selection .. Why Path #2 is better ! ?
I have a question please. For below output why 2nd output is considered best
According to my topology this is the right behavior however I am just curious why it is considered the best
Many Thanks
||||||||||||||
R9#show ip bgp vpnv4 vrf ABC 172.9.0.5
BGP routing table entry for 1009:9:172.9.0.5/32, version 142
Paths: (2 available, best #2, table ABC, RIB-failure(17) - next-hop mismatch)
Not advertised to any peer
Local
172.9.195.15 from 0.0.0.0 (9.9.0.9)
Origin incomplete, metric 2560077056, localpref 100, weight 32768, valid, sourced
Extended Community: SoO:109:109 RT:1009:9
Cost:pre-bestpath:129:2560077056 (default+412593409) 0x8800:0:9
0x8801:100:77056 0x8802:259:2560000000 0x8803:257:1
0x8804:1009:2886270986 0x8805:9:0
mpls labels in/out 31/nolabel
9, imported path from 9:9:172.9.0.5/32
9.9.0.8 (metric 30) from 9.9.0.8 (9.9.0.8)
Origin IGP, metric 4125934090, localpref 100, valid, internal, best
Extended Community: RT:9:9 OSPF DOMAIN ID:0x0005:0x0000006D0200
OSPF RT:0.0.0.0:2:0 OSPF ROUTER ID:172.9.0.5:36783
mpls labels in/out 31/62
R9#The BGP cost community modifies the BGP path selection process.
the "pre-bestpath" point of insertion was introduced in the BGP Cost Community feature. This POI is applied automatically to EIGRP routes that are redistributed into BGP and carries the EIGRP route type and metric. This POI influences the best path calculation process by influencing BGP to consider this POI before any other comparison step effectivefly forcing BGP to use IGP-like selection rules.
https://supportforums.cisco.com/document/58226/dual-ce-pe-connection-and-eigrp
http://www.cisco.com/c/en/us/td/docs/ios/12_0s/feature/guide/s_bgpcc.html
http://www.cisco.com/c/en/us/support/docs/ip/border-gateway-protocol-bgp/13753-25.html#custom
Best Regards,
Bheem -
Inject BGP Default Routes into Multiple VRF before Best Path Selection
Hello,
I have the following setup:
Multiple Border Routers with eBGP sessions to external AS. We receive a default route from this multiple AS to keep the Table manageable. We noticed an important part of our traffic was been SW routed instead of CEF when we had the Full Internet table. Router Resources came to the ground when we changed to a default.
Now I want to separate this default routes into different VRF. Attached is the Diagram.
My question is, the multiple default route all go into the BGP Table. The BGP table then select the best route and place it on the RIB and then to the FIB.
I want to redistribute the different Route on the BGP table prior to the Best path selection algorithm and placed on the RIB.
How can I achieve this?Hi,
Redistribution of multiple routes to same prefix is not possible. Even if you have configured BGP multipath and all different bgp routes got installed into routing table, during redistribution only route will be redistributed.
Also would like to understand the requirement of redistributing multiple BGP routes in to IGP. As per your diagram, 3 different eBGP sessions are on three different routers, so you can prefer eBGP route over iBGP received from other routers and can distribute eBGP route to IGP from each router. Thus you will have three different default routes in to IGP in core.
Please don't forget to rate this post if it has been helpful
- Akash -
BGP route-reflector next-hop issue
Hello,
I have a small GNS3 lab that is working with one exception: I cannot ping loopback0 on RRc2 and RRc3 from RRc1.
RRc1, RRc2 and RRc3 can all ping loopback0 on SmileyISP and RRc2 and RRc3 can ping each others loopback0
interfaces.
I am broken between the two route-reflectors: RRS1 and RRS2.
Given these conditions:
1) Do not configure any IGP.
2) No static routes
How do I get connectivity from RRc1's loopback0 interface to RRc2 loopback0 and RRc3 loopback0?
I used a route-map to set the next hop, but I am obviously doing something wrong.
I am providing relevant show command outputs, router configs, and the GNS3 topology.net config.
You will have to change the image and working directories to match your computer.
Not quite sure where I am going wrong.
Any help would be greatly appreciated.
Thanks.
-- Mark
RRc1#sh ip bgp
BGP table version is 53, local router ID is 172.16.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*>i 1.1.1.0/24 10.1.25.5 0 100 0 100 i
*>i 10.1.12.0/24 10.1.26.2 0 100 0 i
*>i 10.1.13.0/24 10.1.12.1 0 100 0 i
*>i 10.1.14.0/24 10.1.12.1 0 100 0 i
*>i 10.1.15.0/24 10.1.12.1 0 100 0 i
*>i 10.1.25.0/24 10.1.26.2 0 100 0 i
* i 10.1.26.0/24 10.1.26.2 0 100 0 i
*> 0.0.0.0 0 32768 i
*> 172.16.1.0/24 0.0.0.0 0 32768 i
*>i 172.16.2.0/24 10.1.12.1 0 100 0 i
*>i 172.16.3.0/24 10.1.12.1 0 100 0 i
RRc1#
RRc1#ping 172.16.2.1 so lo0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.2.1, timeout is 2 seconds:
Packet sent with a source address of 172.16.1.1
Success rate is 0 percent (0/5)
RRc1#
RRc2#sh ip bgp
BGP table version is 31, local router ID is 172.16.2.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*>i 1.1.1.0/24 10.1.15.5 0 100 0 100 i
* i 10.1.12.0/24 10.1.12.2 0 100 0 i
* i 10.1.13.0/24 10.1.13.1 0 100 0 i
*> 0.0.0.0 0 32768 i
*>i 10.1.14.0/24 10.1.13.1 0 100 0 i
*>i 10.1.15.0/24 10.1.13.1 0 100 0 i
* i 10.1.25.0/24 10.1.12.2 0 100 0 i
* i 10.1.26.0/24 10.1.12.2 0 100 0 i
* i 172.16.1.0/24 10.1.12.2 0 100 0 i
*> 172.16.2.0/24 0.0.0.0 0 32768 i
*>i 172.16.3.0/24 10.1.14.4 0 100 0 i
RRc2#
SmileyISP#sh run
Building configuration...
Current configuration : 988 bytes
version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
hostname SmileyISP
boot-start-marker
boot-end-marker
no aaa new-model
ip cef
no ipv6 cef
multilink bundle-name authenticated
interface Loopback0
ip address 1.1.1.1 255.255.255.0
interface FastEthernet0/0
no ip address
shutdown
duplex half
interface FastEthernet1/0
ip address 10.1.15.5 255.255.255.0
speed auto
duplex auto
interface FastEthernet1/1
ip address 10.1.25.5 255.255.255.0
speed auto
duplex auto
router bgp 100
bgp log-neighbor-changes
network 1.1.1.0 mask 255.255.255.0
network 10.1.15.0 mask 255.255.255.0
neighbor 10.1.15.1 remote-as 200
neighbor 10.1.25.2 remote-as 200
ip forward-protocol nd
no ip http server
no ip http secure-server
control-plane
line con 0
logging synchronous
transport preferred none
stopbits 1
line aux 0
stopbits 1
line vty 0 4
login
end
RRS1#sh run
Building configuration...
Current configuration : 1594 bytes
! Last configuration change at 19:24:34 UTC Sat Feb 7 2015
version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
hostname RRS1
boot-start-marker
boot-end-marker
no aaa new-model
ip cef
no ipv6 cef
multilink bundle-name authenticated
interface FastEthernet0/0
no ip address
shutdown
duplex half
interface FastEthernet1/0
ip address 10.1.15.1 255.255.255.0
speed auto
duplex auto
interface FastEthernet1/1
ip address 10.1.12.1 255.255.255.0
speed auto
duplex auto
interface FastEthernet2/0
ip address 10.1.13.1 255.255.255.0
speed auto
duplex auto
interface FastEthernet2/1
ip address 10.1.14.1 255.255.255.0
speed auto
duplex auto
router bgp 200
bgp log-neighbor-changes
network 10.1.13.0 mask 255.255.255.0
network 10.1.14.0 mask 255.255.255.0
network 10.1.15.0 mask 255.255.255.0
neighbor RouteReflectors peer-group
neighbor RouteReflectors remote-as 200
neighbor RouteReflectors route-map NEXTHOP out
neighbor RRClients peer-group
neighbor RRClients remote-as 200
neighbor RRClients route-reflector-client
neighbor 10.1.12.2 peer-group RouteReflectors
neighbor 10.1.13.3 peer-group RRClients
neighbor 10.1.14.4 peer-group RRClients
neighbor 10.1.15.5 remote-as 100
ip forward-protocol nd
no ip http server
no ip http secure-server
route-map NEXTHOP permit 10
set ip next-hop peer-address
control-plane
line con 0
logging synchronous
transport preferred none
stopbits 1
line aux 0
stopbits 1
line vty 0 4
login
end
RRS2#sh ru
Building configuration...
Current configuration : 1542 bytes
! Last configuration change at 19:42:06 UTC Sat Feb 7 2015
version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
hostname RRS2
boot-start-marker
boot-end-marker
no aaa new-model
ip cef
no ipv6 cef
multilink bundle-name authenticated
interface FastEthernet0/0
no ip address
shutdown
duplex half
interface FastEthernet1/0
ip address 10.1.12.2 255.255.255.0
speed auto
duplex auto
interface FastEthernet1/1
ip address 10.1.25.2 255.255.255.0
speed auto
duplex auto
interface FastEthernet2/0
ip address 10.1.26.2 255.255.255.0
speed auto
duplex auto
interface FastEthernet2/1
no ip address
shutdown
speed auto
duplex auto
router bgp 200
bgp log-neighbor-changes
network 10.1.12.0 mask 255.255.255.0
network 10.1.25.0 mask 255.255.255.0
network 10.1.26.0 mask 255.255.255.0
neighbor RouteReflectors peer-group
neighbor RouteReflectors remote-as 200
neighbor RouteReflectors route-map NEXTHOP out
neighbor RRClients peer-group
neighbor RRClients remote-as 200
neighbor RRClients route-reflector-client
neighbor 10.1.12.1 peer-group RouteReflectors
neighbor 10.1.25.5 remote-as 100
neighbor 10.1.26.6 peer-group RRClients
ip forward-protocol nd
no ip http server
no ip http secure-server
route-map NEXTHOP permit 10
set ip next-hop peer-address
control-plane
line con 0
logging synchronous
transport preferred none
stopbits 1
line aux 0
stopbits 1
line vty 0 4
login
end
RRc1#sh run
Building configuration...
Current configuration : 1005 bytes
! Last configuration change at 18:43:57 UTC Sat Feb 7 2015
version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
hostname RRc1
boot-start-marker
boot-end-marker
no aaa new-model
ip cef
no ipv6 cef
multilink bundle-name authenticated
interface Loopback0
ip address 172.16.1.1 255.255.255.0
interface FastEthernet0/0
no ip address
shutdown
duplex half
interface FastEthernet1/0
ip address 10.1.26.6 255.255.255.0
speed auto
duplex auto
interface FastEthernet1/1
no ip address
shutdown
speed auto
duplex auto
router bgp 200
bgp log-neighbor-changes
network 10.1.26.0 mask 255.255.255.0
network 172.16.1.0 mask 255.255.255.0
neighbor 10.1.26.2 remote-as 200
ip forward-protocol nd
no ip http server
no ip http secure-server
control-plane
line con 0
logging synchronous
transport preferred none
stopbits 1
line aux 0
stopbits 1
line vty 0 4
login
end
RRc2#sh run
Building configuration...
Current configuration : 1005 bytes
! Last configuration change at 18:45:05 UTC Sat Feb 7 2015
version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
hostname RRc2
boot-start-marker
boot-end-marker
no aaa new-model
ip cef
no ipv6 cef
multilink bundle-name authenticated
interface Loopback0
ip address 172.16.2.1 255.255.255.0
interface FastEthernet0/0
no ip address
shutdown
duplex half
interface FastEthernet1/0
ip address 10.1.13.3 255.255.255.0
speed auto
duplex auto
interface FastEthernet1/1
no ip address
shutdown
speed auto
duplex auto
router bgp 200
bgp log-neighbor-changes
network 10.1.13.0 mask 255.255.255.0
network 172.16.2.0 mask 255.255.255.0
neighbor 10.1.13.1 remote-as 200
ip forward-protocol nd
no ip http server
no ip http secure-server
control-plane
line con 0
logging synchronous
transport preferred none
stopbits 1
line aux 0
stopbits 1
line vty 0 4
login
end
RRc3#wr term
Building configuration...
Current configuration : 1005 bytes
! Last configuration change at 18:31:12 UTC Sat Feb 7 2015
version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
hostname RRc3
boot-start-marker
boot-end-marker
no aaa new-model
ip cef
no ipv6 cef
multilink bundle-name authenticated
interface Loopback0
ip address 172.16.3.1 255.255.255.0
interface FastEthernet0/0
no ip address
shutdown
duplex half
interface FastEthernet1/0
ip address 10.1.14.4 255.255.255.0
speed auto
duplex auto
interface FastEthernet1/1
no ip address
shutdown
speed auto
duplex auto
router bgp 200
bgp log-neighbor-changes
network 10.1.14.0 mask 255.255.255.0
network 172.16.3.0 mask 255.255.255.0
neighbor 10.1.14.1 remote-as 200
ip forward-protocol nd
no ip http server
no ip http secure-server
control-plane
line con 0
logging synchronous
transport preferred none
stopbits 1
line aux 0
stopbits 1
line vty 0 4
login
end
autostart = False
version = 0.8.6
[127.0.0.1:7202]
workingdir = C:\Users\Mark\AppData\Local\Temp
udp = 10200
image = C:\downloads\GNS3\c7200-adventerprisek9-mz.152-4.S5.image
idlepc = 0x62f1e4ec
ghostios = True
console = 2005
aux = 2100
cnfg = configs\SmileyISP.cfg
slot1 = PA-2FE-TX
f1/0 = RRS1 f1/0
f1/1 = RRS2 f1/1
x = -24.0
y = -259.0
z = 1.0
hx = -1.5
hy = -24.0
console = 2015
aux = 2101
cnfg = configs\RRc1.cfg
slot1 = PA-2FE-TX
f1/0 = RRS2 f2/0
x = -292.0
y = 200.0
z = 1.0
hx = -5.5
hy = -25.0
[127.0.0.1:7200]
workingdir = C:\Users\Mark\AppData\Local\Temp
udp = 10000
image = C:\downloads\GNS3\c7200-adventerprisek9-mz.152-4.S5.image
idlepc = 0x62f1e4ec
ghostios = True
console = 2012
aux = 2102
cnfg = configs\RRS1.cfg
slot1 = PA-2FE-TX
f1/0 = SmileyISP f1/0
f1/1 = RRS2 f1/0
slot2 = PA-2FE-TX
f2/0 = RRc2 f1/0
f2/1 = RRc3 f1/0
x = 197.0
y = 6.0
z = 1.0
hx = 42.5
hy = -20.0
console = 2013
aux = 2103
cnfg = configs\RRS2.cfg
slot1 = PA-2FE-TX
f1/0 = RRS1 f1/1
f1/1 = SmileyISP f1/1
slot2 = PA-2FE-TX
f2/0 = RRc1 f1/0
x = -239.0
y = 9.0
z = 1.0
hx = 1.5
hy = -24.0
[127.0.0.1:7201]
workingdir = C:\Users\Mark\AppData\Local\Temp
udp = 10100
image = C:\downloads\GNS3\c7200-adventerprisek9-mz.152-4.S5.image
idlepc = 0x62f1e4ec
ghostios = True
console = 2009
aux = 2104
cnfg = configs\RRc3.cfg
slot1 = PA-2FE-TX
f1/0 = RRS1 f2/1
x = 337.0
y = 155.0
z = 1.0
hx = 17.5
hy = -25.0
console = 2008
aux = 2105
cnfg = configs\RRc2.cfg
slot1 = PA-2FE-TX
f1/0 = RRS1 f2/0
x = 149.0
y = 204.0
z = 1.0
hx = -13.5
hy = -23.0
[GNS3-DATA]
configs = configs
text = ".1"
x = 208.0
y = -23.0
text = "10.1.12.0/24"
x = -19.0
y = 5.0
text = ".1"
x = 153.0
y = 25.0
text = ".1"
x = 259.0
y = 33.0
text = "10.1.13.0/24"
x = 238.0
y = 84.0
rotate = 99
text = "10.1.25.0/24"
x = -188.0
y = -124.0
text = "l0: 172.16.2.1/24"
x = 125.0
y = 244.0
text = "l0:172.16.1.1/24"
x = -269.0
y = 240.0
text = "10.1.15.0/24"
x = 116.0
y = -127.0
text = "10.1.14.0/24"
x = 293.0
y = 53.0
rotate = 50
text = ".1"
x = 194.0
y = 68.0
text = "AS100"
x = -20.0
y = -342.0
text = ".2"
x = -148.0
y = 46.0
text = "AS200"
x = 33.0
y = 300.0
text = "l0: 1.1.1.1/24"
x = -42.0
y = -306.0
text = ".5"
x = 50.0
y = -213.0
text = ".2"
x = -248.0
y = 60.0
text = ".2"
x = -174.0
y = -52.0
text = ".5"
x = -54.0
y = -209.0
text = ".6"
x = -232.0
y = 189.0
text = "l0:172.16.3.1/24"
x = 299.0
y = 194.0
text = "10.1.26.0/24"
x = -274.0
y = 167.0
rotate = 290
text = ".3"
x = 208.0
y = 187.0
text = ".4"
x = 312.0
y = 155.0
type = ellipse
x = 50.0
y = -35.0
width = 385.0
height = 345.0
fill_color = "#ffff7f"
border_style = 2
z = -1.0
type = ellipse
x = -171.0
y = -346.0
width = 359.0
height = 200.0
fill_color = "#aaff7f"
border_style = 2
z = -1.0
type = ellipse
x = -407.0
y = -87.0
width = 883.0
height = 443.0
border_style = 2
z = -2.0
type = ellipse
x = -361.0
y = -29.0
width = 385.0
height = 326.0
fill_color = "#55aaff"
border_style = 2
z = -3.0BD,
Ahh...
OK. In the original article, the author states that the final piece with the route map
NEXTHOP was supposed to fix the reachability issue. Obviously it doesn't.
After reading your last post, I looked more carefully at the output from 'sh ip bgp'
on each of the client routers and I realized that several of the next hop addresses were
wrong for some of the prefixes.
1) I completely removed the 'neighbor RouteReflectors route-map NEXTHOP out'
from both RR's. Then I ran 'sh ip bgp' on the clients and noted a change in the next hop addresses. Still wrong, but it changed.
2) I then tried next-hop-self from the RR's to the clients, but it did not change from where
it was after I completed step 1. I am not sure why there was no change. (actually, see the very end of this post)
3) I then applied my version of the route map: route-map NEXTHOP permit 10
set ip next-hop peer-address
to the RR's with this: neighbor RRClients route-map NEXTHOP out
That fixed it. All three clients have as their next hop for all prefixes their respective
RR's (which is what they should have for this topology).
I have full connectivity everywhere, even loopback to loopback between all clients.
1) THANK YOU for pointing me in the right direction.
2) If I may ask, why did next hop self fail? More specifically, I saw no change at all
in the next hop for the advertised prefixes. Is it because next-hop-self should be used
for eBGP peers and all of the RR's and clients are all within the same AS? -
BGP default route advertisement - change preference
hi guys,
I would appreciate some assistance here. We have a primary head office & a DR site. Routers at both sites connect to our carrier for an IP VPN service using BGP. BGP configs on each router advertise a default route 0.0.0.0.
#sh ip bgp neighbors x.x.x.x advertised-routes
BGP table version is 358, local router ID is x.x.x.x
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Originating default network 0.0.0.0
Issue is, some of our remote sites prefer the DR router path for traffic destined to internet.
We are advertising multiple default routes to our carrier, and based on feedback from carrier, route with lowest MED is preferred.
This brings me to what i need to change from my side. Need to change the route preference so that from our remote offices, only the route to head office is preferred with DR site the least preferred route. I know there are multliple ways of doing this, however keen to get input from the experts out there.
DR site router has this BGP config currently applied:
router bgp XXXXX
bgp log-neighbor-changes
redistribute connected
redistribute ospf 1 match internal external 1 external 2
neighbor x.x.x.x remote-as XXXX
neighbor x.x.x.x default-originate
neighbor x.x.x.x soft-reconfiguration inbound
neighbor x.x.x.x route-map IMPORT-POLICY in
neighbor x.x.x.x route-map OPI-route-advertisement out
default-information originate
Removing the "neighbor x.x.x.x default-originate" is not an option, as we need to have the ability to failover to DR at any point.
Thanks in advance & if you need any further info pls advise.
RamaHi Milan,
Thanks. Answers below:
Does it provide an MPLS backbone to you? YES
Are you using the same AS number on all your sites or different ones? Same AS
Any way, what about advertising the default route from your DR site with the site AS number prepended several times (5 times, e.g.)? That's the thing I am struggling to understand as the route-map OPI-route-advertisement already has it prepended 2 times. Shouldn't that be enough to influence which route is least preferred?
route-map OPI-route-advertisement permit 20
match ip address prefix-list xxx default-route
set as-path prepend XXXXX XXXXX
If your provider would permit that and hasn't configured his routers to ignore the AS_PATH length (as him a question), it should make the default route advertised from your DR less preferred within your backbone. Will ask.
Given this, any other thoughts/questions?
Thanks, Rama
Maybe you are looking for
-
Where is the anonymous class in this? (lotsa code)
When I compile ThreadPool.java, I get three classes: ThreadPool.class, ThreadPool$WorkerThread.class, and ThreadPool$1.class. I understand the first two, but I can't figure out where the anonymous class is coming from. Could it be some kind of automa
-
I am trying to practice using Producer/Consumer(Events) design pattern. In the attached VI I'm trying to control 3 LED's using front panel controls. I'm not sure how to extend the time that the LEDs remain lit. My first guess would be to continue
-
Hi All I have come accross some brand new T61 penryn boards made after August 2008. It therefore seems quite obvious to me that I should convert two of my T60s to more powerful machines. (already traded my T61 for my wifes T60). I have bought two mot
-
For the variance account the work flow is ACCOUNT GENERATOR where standard variance account is defined .In the same way can u please tell me which is the workflow which gets fires when receiving transaction is done.
-
CF8 Application Server Service Will NOT Start
I ran into this error: java.lang.OutOfMemoryError: Java heap space and after researching it it seemed that I should up the max heap size on the Java/JVM page, so I increased my max heap size to 1044MB from 512, via the CF Administrator, I also a