Bgp Route reflector
Hello,
i have this bgp topology all router running bgp and no igp is running. Now, the problem is R2 and R3 are route reflector, R1 and R4 are Rclient.
R3 has learn route from R4 (4.4.4.4) from its R client and it advertise to R2 but R2 not advertise (4.4.4.4) route to its client (R1).
R1#sh ip bgp
BGP table version is 5, local router ID is 192.168.12.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 1.1.1.1/32 0.0.0.0 0 32768 i
*>i2.2.2.2/32 192.168.12.2 0 100 0 i
* i3.3.3.3/32 192.168.23.3 0 100 0 i
R2#sh ip bgp
BGP table version is 8, local router ID is 192.168.12.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*>i1.1.1.1/32 192.168.12.1 0 100 0 i
*> 2.2.2.2/32 0.0.0.0 0 32768 i
*>i3.3.3.3/32 192.168.23.3 0 100 0 i
* i4.4.4.4/32 192.168.34.4 0 100 0 i
R3#sh ip bgp
BGP table version is 8, local router ID is 192.168.23.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
* i1.1.1.1/32 192.168.12.1 0 100 0 i
*>i2.2.2.2/32 192.168.23.2 0 100 0 i
*> 3.3.3.3/32 0.0.0.0 0 32768 i
*>i4.4.4.4/32 192.168.34.4 0 100 0
R3#sh run | se router bgp
router bgp 1
no synchronization
bgp log-neighbor-changes
network 3.3.3.3 mask 255.255.255.255
neighbor 192.168.23.2 remote-as 1
neighbor 192.168.23.2 next-hop-self
neighbor 192.168.34.4 remote-as 1
neighbor 192.168.34.4 route-reflector-client
no auto-summary
Similar Messages
-
BGP route-reflector next-hop issue
Hello,
I have a small GNS3 lab that is working with one exception: I cannot ping loopback0 on RRc2 and RRc3 from RRc1.
RRc1, RRc2 and RRc3 can all ping loopback0 on SmileyISP and RRc2 and RRc3 can ping each others loopback0
interfaces.
I am broken between the two route-reflectors: RRS1 and RRS2.
Given these conditions:
1) Do not configure any IGP.
2) No static routes
How do I get connectivity from RRc1's loopback0 interface to RRc2 loopback0 and RRc3 loopback0?
I used a route-map to set the next hop, but I am obviously doing something wrong.
I am providing relevant show command outputs, router configs, and the GNS3 topology.net config.
You will have to change the image and working directories to match your computer.
Not quite sure where I am going wrong.
Any help would be greatly appreciated.
Thanks.
-- Mark
RRc1#sh ip bgp
BGP table version is 53, local router ID is 172.16.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*>i 1.1.1.0/24 10.1.25.5 0 100 0 100 i
*>i 10.1.12.0/24 10.1.26.2 0 100 0 i
*>i 10.1.13.0/24 10.1.12.1 0 100 0 i
*>i 10.1.14.0/24 10.1.12.1 0 100 0 i
*>i 10.1.15.0/24 10.1.12.1 0 100 0 i
*>i 10.1.25.0/24 10.1.26.2 0 100 0 i
* i 10.1.26.0/24 10.1.26.2 0 100 0 i
*> 0.0.0.0 0 32768 i
*> 172.16.1.0/24 0.0.0.0 0 32768 i
*>i 172.16.2.0/24 10.1.12.1 0 100 0 i
*>i 172.16.3.0/24 10.1.12.1 0 100 0 i
RRc1#
RRc1#ping 172.16.2.1 so lo0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.2.1, timeout is 2 seconds:
Packet sent with a source address of 172.16.1.1
Success rate is 0 percent (0/5)
RRc1#
RRc2#sh ip bgp
BGP table version is 31, local router ID is 172.16.2.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*>i 1.1.1.0/24 10.1.15.5 0 100 0 100 i
* i 10.1.12.0/24 10.1.12.2 0 100 0 i
* i 10.1.13.0/24 10.1.13.1 0 100 0 i
*> 0.0.0.0 0 32768 i
*>i 10.1.14.0/24 10.1.13.1 0 100 0 i
*>i 10.1.15.0/24 10.1.13.1 0 100 0 i
* i 10.1.25.0/24 10.1.12.2 0 100 0 i
* i 10.1.26.0/24 10.1.12.2 0 100 0 i
* i 172.16.1.0/24 10.1.12.2 0 100 0 i
*> 172.16.2.0/24 0.0.0.0 0 32768 i
*>i 172.16.3.0/24 10.1.14.4 0 100 0 i
RRc2#
SmileyISP#sh run
Building configuration...
Current configuration : 988 bytes
version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
hostname SmileyISP
boot-start-marker
boot-end-marker
no aaa new-model
ip cef
no ipv6 cef
multilink bundle-name authenticated
interface Loopback0
ip address 1.1.1.1 255.255.255.0
interface FastEthernet0/0
no ip address
shutdown
duplex half
interface FastEthernet1/0
ip address 10.1.15.5 255.255.255.0
speed auto
duplex auto
interface FastEthernet1/1
ip address 10.1.25.5 255.255.255.0
speed auto
duplex auto
router bgp 100
bgp log-neighbor-changes
network 1.1.1.0 mask 255.255.255.0
network 10.1.15.0 mask 255.255.255.0
neighbor 10.1.15.1 remote-as 200
neighbor 10.1.25.2 remote-as 200
ip forward-protocol nd
no ip http server
no ip http secure-server
control-plane
line con 0
logging synchronous
transport preferred none
stopbits 1
line aux 0
stopbits 1
line vty 0 4
login
end
RRS1#sh run
Building configuration...
Current configuration : 1594 bytes
! Last configuration change at 19:24:34 UTC Sat Feb 7 2015
version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
hostname RRS1
boot-start-marker
boot-end-marker
no aaa new-model
ip cef
no ipv6 cef
multilink bundle-name authenticated
interface FastEthernet0/0
no ip address
shutdown
duplex half
interface FastEthernet1/0
ip address 10.1.15.1 255.255.255.0
speed auto
duplex auto
interface FastEthernet1/1
ip address 10.1.12.1 255.255.255.0
speed auto
duplex auto
interface FastEthernet2/0
ip address 10.1.13.1 255.255.255.0
speed auto
duplex auto
interface FastEthernet2/1
ip address 10.1.14.1 255.255.255.0
speed auto
duplex auto
router bgp 200
bgp log-neighbor-changes
network 10.1.13.0 mask 255.255.255.0
network 10.1.14.0 mask 255.255.255.0
network 10.1.15.0 mask 255.255.255.0
neighbor RouteReflectors peer-group
neighbor RouteReflectors remote-as 200
neighbor RouteReflectors route-map NEXTHOP out
neighbor RRClients peer-group
neighbor RRClients remote-as 200
neighbor RRClients route-reflector-client
neighbor 10.1.12.2 peer-group RouteReflectors
neighbor 10.1.13.3 peer-group RRClients
neighbor 10.1.14.4 peer-group RRClients
neighbor 10.1.15.5 remote-as 100
ip forward-protocol nd
no ip http server
no ip http secure-server
route-map NEXTHOP permit 10
set ip next-hop peer-address
control-plane
line con 0
logging synchronous
transport preferred none
stopbits 1
line aux 0
stopbits 1
line vty 0 4
login
end
RRS2#sh ru
Building configuration...
Current configuration : 1542 bytes
! Last configuration change at 19:42:06 UTC Sat Feb 7 2015
version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
hostname RRS2
boot-start-marker
boot-end-marker
no aaa new-model
ip cef
no ipv6 cef
multilink bundle-name authenticated
interface FastEthernet0/0
no ip address
shutdown
duplex half
interface FastEthernet1/0
ip address 10.1.12.2 255.255.255.0
speed auto
duplex auto
interface FastEthernet1/1
ip address 10.1.25.2 255.255.255.0
speed auto
duplex auto
interface FastEthernet2/0
ip address 10.1.26.2 255.255.255.0
speed auto
duplex auto
interface FastEthernet2/1
no ip address
shutdown
speed auto
duplex auto
router bgp 200
bgp log-neighbor-changes
network 10.1.12.0 mask 255.255.255.0
network 10.1.25.0 mask 255.255.255.0
network 10.1.26.0 mask 255.255.255.0
neighbor RouteReflectors peer-group
neighbor RouteReflectors remote-as 200
neighbor RouteReflectors route-map NEXTHOP out
neighbor RRClients peer-group
neighbor RRClients remote-as 200
neighbor RRClients route-reflector-client
neighbor 10.1.12.1 peer-group RouteReflectors
neighbor 10.1.25.5 remote-as 100
neighbor 10.1.26.6 peer-group RRClients
ip forward-protocol nd
no ip http server
no ip http secure-server
route-map NEXTHOP permit 10
set ip next-hop peer-address
control-plane
line con 0
logging synchronous
transport preferred none
stopbits 1
line aux 0
stopbits 1
line vty 0 4
login
end
RRc1#sh run
Building configuration...
Current configuration : 1005 bytes
! Last configuration change at 18:43:57 UTC Sat Feb 7 2015
version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
hostname RRc1
boot-start-marker
boot-end-marker
no aaa new-model
ip cef
no ipv6 cef
multilink bundle-name authenticated
interface Loopback0
ip address 172.16.1.1 255.255.255.0
interface FastEthernet0/0
no ip address
shutdown
duplex half
interface FastEthernet1/0
ip address 10.1.26.6 255.255.255.0
speed auto
duplex auto
interface FastEthernet1/1
no ip address
shutdown
speed auto
duplex auto
router bgp 200
bgp log-neighbor-changes
network 10.1.26.0 mask 255.255.255.0
network 172.16.1.0 mask 255.255.255.0
neighbor 10.1.26.2 remote-as 200
ip forward-protocol nd
no ip http server
no ip http secure-server
control-plane
line con 0
logging synchronous
transport preferred none
stopbits 1
line aux 0
stopbits 1
line vty 0 4
login
end
RRc2#sh run
Building configuration...
Current configuration : 1005 bytes
! Last configuration change at 18:45:05 UTC Sat Feb 7 2015
version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
hostname RRc2
boot-start-marker
boot-end-marker
no aaa new-model
ip cef
no ipv6 cef
multilink bundle-name authenticated
interface Loopback0
ip address 172.16.2.1 255.255.255.0
interface FastEthernet0/0
no ip address
shutdown
duplex half
interface FastEthernet1/0
ip address 10.1.13.3 255.255.255.0
speed auto
duplex auto
interface FastEthernet1/1
no ip address
shutdown
speed auto
duplex auto
router bgp 200
bgp log-neighbor-changes
network 10.1.13.0 mask 255.255.255.0
network 172.16.2.0 mask 255.255.255.0
neighbor 10.1.13.1 remote-as 200
ip forward-protocol nd
no ip http server
no ip http secure-server
control-plane
line con 0
logging synchronous
transport preferred none
stopbits 1
line aux 0
stopbits 1
line vty 0 4
login
end
RRc3#wr term
Building configuration...
Current configuration : 1005 bytes
! Last configuration change at 18:31:12 UTC Sat Feb 7 2015
version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
hostname RRc3
boot-start-marker
boot-end-marker
no aaa new-model
ip cef
no ipv6 cef
multilink bundle-name authenticated
interface Loopback0
ip address 172.16.3.1 255.255.255.0
interface FastEthernet0/0
no ip address
shutdown
duplex half
interface FastEthernet1/0
ip address 10.1.14.4 255.255.255.0
speed auto
duplex auto
interface FastEthernet1/1
no ip address
shutdown
speed auto
duplex auto
router bgp 200
bgp log-neighbor-changes
network 10.1.14.0 mask 255.255.255.0
network 172.16.3.0 mask 255.255.255.0
neighbor 10.1.14.1 remote-as 200
ip forward-protocol nd
no ip http server
no ip http secure-server
control-plane
line con 0
logging synchronous
transport preferred none
stopbits 1
line aux 0
stopbits 1
line vty 0 4
login
end
autostart = False
version = 0.8.6
[127.0.0.1:7202]
workingdir = C:\Users\Mark\AppData\Local\Temp
udp = 10200
image = C:\downloads\GNS3\c7200-adventerprisek9-mz.152-4.S5.image
idlepc = 0x62f1e4ec
ghostios = True
console = 2005
aux = 2100
cnfg = configs\SmileyISP.cfg
slot1 = PA-2FE-TX
f1/0 = RRS1 f1/0
f1/1 = RRS2 f1/1
x = -24.0
y = -259.0
z = 1.0
hx = -1.5
hy = -24.0
console = 2015
aux = 2101
cnfg = configs\RRc1.cfg
slot1 = PA-2FE-TX
f1/0 = RRS2 f2/0
x = -292.0
y = 200.0
z = 1.0
hx = -5.5
hy = -25.0
[127.0.0.1:7200]
workingdir = C:\Users\Mark\AppData\Local\Temp
udp = 10000
image = C:\downloads\GNS3\c7200-adventerprisek9-mz.152-4.S5.image
idlepc = 0x62f1e4ec
ghostios = True
console = 2012
aux = 2102
cnfg = configs\RRS1.cfg
slot1 = PA-2FE-TX
f1/0 = SmileyISP f1/0
f1/1 = RRS2 f1/0
slot2 = PA-2FE-TX
f2/0 = RRc2 f1/0
f2/1 = RRc3 f1/0
x = 197.0
y = 6.0
z = 1.0
hx = 42.5
hy = -20.0
console = 2013
aux = 2103
cnfg = configs\RRS2.cfg
slot1 = PA-2FE-TX
f1/0 = RRS1 f1/1
f1/1 = SmileyISP f1/1
slot2 = PA-2FE-TX
f2/0 = RRc1 f1/0
x = -239.0
y = 9.0
z = 1.0
hx = 1.5
hy = -24.0
[127.0.0.1:7201]
workingdir = C:\Users\Mark\AppData\Local\Temp
udp = 10100
image = C:\downloads\GNS3\c7200-adventerprisek9-mz.152-4.S5.image
idlepc = 0x62f1e4ec
ghostios = True
console = 2009
aux = 2104
cnfg = configs\RRc3.cfg
slot1 = PA-2FE-TX
f1/0 = RRS1 f2/1
x = 337.0
y = 155.0
z = 1.0
hx = 17.5
hy = -25.0
console = 2008
aux = 2105
cnfg = configs\RRc2.cfg
slot1 = PA-2FE-TX
f1/0 = RRS1 f2/0
x = 149.0
y = 204.0
z = 1.0
hx = -13.5
hy = -23.0
[GNS3-DATA]
configs = configs
text = ".1"
x = 208.0
y = -23.0
text = "10.1.12.0/24"
x = -19.0
y = 5.0
text = ".1"
x = 153.0
y = 25.0
text = ".1"
x = 259.0
y = 33.0
text = "10.1.13.0/24"
x = 238.0
y = 84.0
rotate = 99
text = "10.1.25.0/24"
x = -188.0
y = -124.0
text = "l0: 172.16.2.1/24"
x = 125.0
y = 244.0
text = "l0:172.16.1.1/24"
x = -269.0
y = 240.0
text = "10.1.15.0/24"
x = 116.0
y = -127.0
text = "10.1.14.0/24"
x = 293.0
y = 53.0
rotate = 50
text = ".1"
x = 194.0
y = 68.0
text = "AS100"
x = -20.0
y = -342.0
text = ".2"
x = -148.0
y = 46.0
text = "AS200"
x = 33.0
y = 300.0
text = "l0: 1.1.1.1/24"
x = -42.0
y = -306.0
text = ".5"
x = 50.0
y = -213.0
text = ".2"
x = -248.0
y = 60.0
text = ".2"
x = -174.0
y = -52.0
text = ".5"
x = -54.0
y = -209.0
text = ".6"
x = -232.0
y = 189.0
text = "l0:172.16.3.1/24"
x = 299.0
y = 194.0
text = "10.1.26.0/24"
x = -274.0
y = 167.0
rotate = 290
text = ".3"
x = 208.0
y = 187.0
text = ".4"
x = 312.0
y = 155.0
type = ellipse
x = 50.0
y = -35.0
width = 385.0
height = 345.0
fill_color = "#ffff7f"
border_style = 2
z = -1.0
type = ellipse
x = -171.0
y = -346.0
width = 359.0
height = 200.0
fill_color = "#aaff7f"
border_style = 2
z = -1.0
type = ellipse
x = -407.0
y = -87.0
width = 883.0
height = 443.0
border_style = 2
z = -2.0
type = ellipse
x = -361.0
y = -29.0
width = 385.0
height = 326.0
fill_color = "#55aaff"
border_style = 2
z = -3.0BD,
Ahh...
OK. In the original article, the author states that the final piece with the route map
NEXTHOP was supposed to fix the reachability issue. Obviously it doesn't.
After reading your last post, I looked more carefully at the output from 'sh ip bgp'
on each of the client routers and I realized that several of the next hop addresses were
wrong for some of the prefixes.
1) I completely removed the 'neighbor RouteReflectors route-map NEXTHOP out'
from both RR's. Then I ran 'sh ip bgp' on the clients and noted a change in the next hop addresses. Still wrong, but it changed.
2) I then tried next-hop-self from the RR's to the clients, but it did not change from where
it was after I completed step 1. I am not sure why there was no change. (actually, see the very end of this post)
3) I then applied my version of the route map: route-map NEXTHOP permit 10
set ip next-hop peer-address
to the RR's with this: neighbor RRClients route-map NEXTHOP out
That fixed it. All three clients have as their next hop for all prefixes their respective
RR's (which is what they should have for this topology).
I have full connectivity everywhere, even loopback to loopback between all clients.
1) THANK YOU for pointing me in the right direction.
2) If I may ask, why did next hop self fail? More specifically, I saw no change at all
in the next hop for the advertised prefixes. Is it because next-hop-self should be used
for eBGP peers and all of the RR's and clients are all within the same AS? -
Hi All...
I have this topology:
CE2-->PE1-->P--->PE2-->CE2
.............\-->PE3-->CE2
In router "P" I want to configure MP-BGP, but I have many doubts with configurations this router. I need to do route-reflector too.
Anybody can help me?
CLRGomesThanks, look my configuration:
Router P
router bgp 65500
no synchronization
no bgp default route-target filter
bgp log-neighbor-changes
neighbor MPLS peer-group
neighbor MPLS remote-as 65500
neighbor MPLS ebgp-multihop 255
neighbor MPLS update-source Loopback0
neighbor MPLS route-reflector-client
neighbor MPLS allowas-in
neighbor MPLS soft-reconfiguration inbound
neighbor 10.10.10.2 peer-group MPLS
neighbor 10.10.10.3 peer-group MPLS
neighbor 10.10.10.4 peer-group MPLS
no auto-summary
address-family vpnv4
neighbor MPLS route-reflector-client
neighbor MPLS send-community both
neighbor 10.10.10.2 activate
neighbor 10.10.10.3 activate
neighbor 10.10.10.4 activate
exit-address-family
ok...working perfect, I did MP-BGP between PE routers and I configured RDs differents too...
Later I did between PE->CE with OSPF and working too, loadshare working.
Thanks a lot
CLRGomes
CCIE R&S -
MP-BGP Router Reflectot (RR) Default Behaviour
Hi All,
I have a 7206VXR configured like RR for MPBGP (Afi/safi 1/128 L3VPN rfc 2547Bis).
My RR is configured with different peer-group towards its clients (PE).
I'd like to konw what is the RR's default behaviour when it receives an updata message type 'withdrawal' by its client.
I've observed that:
- When a PE send its update (withdrawal), it receive back by RR all its bgp table...with a lot NLRI that my PE doesn't need..Is it a normal behaviour?
- When a PE send its update (withdrawal), it receives back by RR its own update..I think that this is a normal behaviuor since he is configured within a peer-group on RR. Is it correct?
Many thanks in advance for your support.
GianlucaHello I'm trying to configure a lab with 4 7600-sup32-3b 12.2(2)-33.SRC. 2 of them as P routers and the rest as PE. P's are Route Reflector and PE are route reflector clients. If I create the same VRF in both PE routes are note not advertised between PEs.(show ip route vrf lab). Please could you give me a configuration example or a link where I could take a look.
Thanks in advance. Santiago. -
MPLS BGP routes push to DMVPN spokes
I have an MPLS with BGP. I also have sites that are not connected directly to the MPLS, but have a s2s VPN to hub sites that are connected to the MPLS and that way they access the MPLS resources. I need to communicate the route changes to the MPLS when the DMVPN fails-over to another hub.
Currently this is my config:
Datacenter (MPLS only)
interface GigabitEthernet0/1
description MPLS
ip address 192.168.0.34 255.255.255.252
interface Vlan2
ip address 192.168.96.2 255.255.255.0
router bgp 65511
bgp log-neighbor-changes
network 192.168.96.0
neighbor 192.168.0.33 remote-as 65510
Hub site 1 (MPLS + internet)
interface Tunnel200
ip address 10.99.99.1 255.255.255.0
no ip redirects
ip mtu 1400
ip nhrp authentication auth
ip nhrp map multicast dynamic
ip nhrp network-id 12345
ip nhrp holdtime 600
tunnel source GigabitEthernet0/0
tunnel mode gre multipoint
tunnel key 200
tunnel protection ipsec profile dmvpn
interface GigabitEthernet0/1
description MPLS
ip address 192.168.1.2 255.255.255.0 secondary
ip address 192.168.0.2 255.255.255.252
router bgp 65001
bgp log-neighbor-changes
network 192.168.1.0
network 192.168.21.0
!10.99 clients are DMVPN spokes
neighbor 10.99.99.3 remote-as 99010
neighbor 10.99.99.3 route-reflector-client
neighbor 10.99.99.21 remote-as 99001
neighbor 10.99.99.21 route-reflector-client
!as 65000 is the MPLS PE
neighbor 192.168.0.1 remote-as 65000
Hub Site 2, has the same configuration, except for local ip address and router BGP ID.
Spoke site:
interface Tunnel200
ip address 10.99.99.3 255.255.255.0
no ip redirects
ip mtu 1400
ip nhrp authentication auth
ip nhrp map 10.99.99.1 PUBLIC_IP_HUB_1
ip nhrp map 10.99.99.16 PUBLIC_IP_HUB_2
ip nhrp network-id 12345
ip nhrp holdtime 600
ip nhrp nhs 10.99.99.1 priority 1
ip nhrp nhs 10.99.99.16 priority 5
ip nhrp nhs fallback 60
tunnel source GigabitEthernet0/0
tunnel mode gre multipoint
tunnel key 200
tunnel protection ipsec profile dmvpn
interface GigabitEthernet0/1
description Internal
ip address 192.168.3.1 255.255.255.192
router bgp 99010
bgp log-neighbor-changes
network 192.168.3.0
neighbor 10.99.99.1 remote-as 65001
neighbor 10.99.99.16 remote-as 65013
On this spoke site
#sh ip route
B 192.168.1.0/24 [20/0] via 10.99.99.1, 00:47:01
which is the HUB network, but the rest of the MPLS routes are not "learned".
What am I missing?
Thanks!Hi Jon, I've ommited the configuration of the MPLS provider routers in between. The DC is connected to a router that has the AS 65510.
DC:CPE---PE:{MPLS}PE---CPE:HUB---{internet}---Spoke
The DC is ok getting the network information via BGP:
#sh ip route
B 192.168.3.0/24 [20/0] via 192.168.0.33, 3d05h
B 192.168.21.0/24 [20/0] via 192.168.0.33, 3d05h
#sh ip bgp 192.168.21.0
BGP routing table entry for 192.168.21.0/24, version 559
Paths: (1 available, best #1, table default)
Not advertised to any peer
Refresh Epoch 1
65510 3549 6140 3549 65000
192.168.0.33 from 192.168.0.33 (###.###.###.###)
Origin IGP, localpref 100, valid, external, best
#sh ip route 192.168.21.0
Routing entry for 192.168.21.0/24
Known via "bgp 65511", distance 20, metric 0
Tag 65510, type external
Last update from 192.168.0.33 3d05h ago
Routing Descriptor Blocks:
* 192.168.0.33, from 192.168.0.33, 3d05h ago
Route metric is 0, traffic share count is 1
AS Hops 5
Route tag 65510
MPLS label: none
Spoke:
#sh ip bgp
BGP table version is 494, local router ID is 192.168.21.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*> 10.0.129.32/27 10.99.99.16 0 65013 65012 3549 ?
*> 192.168.96.0 10.99.99.16 0 65013 65012 3549 6745 65510 ?
#sh ip route 192.168.96.0
Routing entry for 192.168.96.0/24
Known via "bgp 99001", distance 20, metric 0
Tag 65013, type external
Last update from 10.99.99.16 00:02:11 ago
Routing Descriptor Blocks:
* 10.99.99.16, from 10.99.99.16, 00:02:11 ago
Route metric is 0, traffic share count is 1
AS Hops 5
Route tag 65013
MPLS label: none
#sh ip bgp 192.168.96.0
BGP routing table entry for 192.168.96.0/24, version 465
Paths: (1 available, best #1, table default)
Not advertised to any peer
Refresh Epoch 2
65013 65012 3549 6745 65510
10.99.99.16 from 10.99.99.16 (10.2.16.1)
Origin incomplete, localpref 100, valid, external, best
The route is not being updated to the rest of the routers, and the 192.168.21.0 network is still announced via the old route.
(from spoke)
ping 192.168.96.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.96.2, timeout is 2 seconds:
Success rate is 0 percent (0/5)
From DC
#traceroute 192.168.21.1
Type escape sequence to abort.
Tracing the route to 192.168.21.1
VRF info: (vrf in name/id, vrf out name/id)
1 192.168.0.33 [AS 65510] 0 msec 0 msec 0 msec
2 172.50.1.33 [AS 65510] 56 msec 36 msec 36 msec
3 10.80.1.1 [AS 3549] 44 msec 44 msec 44 msec
4 10.80.1.2 [AS 3549] 172 msec 172 msec 168 msec
5 172.50.1.1 [AS 3549] 168 msec 168 msec 172 msec
6 172.50.1.2 [AS 3549] 180 msec 180 msec 176 msec
7 192.168.0.2 [AS 65000] 172 msec 172 msec 168 msec <- old route, should be 192.168.0.9
8 192.168.0.2 [AS 65000] !H * !H -
BGP Route Propagation Without Population
Morning/Afternoon all,
I'm in the process of designing a new data centre infrastructure and the technical architect that I'm working with has come up with a wacky idea that involves having an eBGP relationship established with our Internet providers on a router that then passes off the routes to one of it's iBGP peers without letting the routes populate in its routing table. This is largely because the eBGP peering router can't handle the entire Internet routing table as much as the internal router can. This sounds like some kind of jujumagic to me but I wanted to check whether it's possible or not with people that undoubtedly have a great deal more experience than me.
I realize that the easiest thing to do in this scenario would be to have the router that can handle the internet routing table as the eBGP edge gateway to our service providers but I believe that the architect has some exciting ideas that involve DDoS mitigation that mean that we want to do things in the way specified above.
Thanks in advance,
TomYou can prevent BGP from installing routes into RIB by using "BGP Selective Route Download" feature. This feature is commonly used on Route Reflector deployments, where you dont really need to install the routes on the RIB, only receive them on BGP and pass them to your peers.
More Info:
http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_bgp/configuration/15-s/irg-15-s-book/irg-selective-download.html
http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_bgp/configuration/xe-3s/irg-xe-3s-book/irg-selective-download.pdf -
Rt-filter or route-policy in a route-reflector
Hi,
I want to implement a route reflector that i will use in two differents networks with differents VPNL3. So i do not want that my route reflector advertise the prefixes form a network to the other. I am using an ASR9000 with IOS XR 4.3.2 as route reflector.
I tried two differents configurations in a testing enviroment and both work fine, one applying route-policy filtering by RD, and another using RT-filter. But i do not know what is better to implement on production. I will appreciate if somebody could help me to decide what is the best to implement in a production Network, thinking in the resources of the network and in the IPv6 deployment (i could not configure RT Filter with address-family ipv6)
With route-policy
rd-set RD_XXX
65000:*
end-set
route-policy to_XXX
if rd in RD_XXX then
pass
else
drop
endif
end-policy
route-policy to_YYY
if rd in RD_XXX then
drop
else
pass
endif
end-policy
router bgp 65001
neighbor-group XXX
remote-as 65001
address-family vpnv4 unicast
route-reflector-client
route-policy to_XXX out
neighbor-group YYY
remote-as 650001
update-source Loopback0
address-family vpnv4 unicast
route-reflector-client
route-policy to_YYY out
with RT-Filter
router bgp 65001
address-family ipv4 rt-filter
neighbor-group XXX
address-family ipv4 rt-filter
route-reflector-client
soft-reconfiguration inbound always
neighbor-group YYY
address-family ipv4 rt-filter
route-reflector-client
soft-reconfiguration inbound always
RegardsHi,
One benefit I see with rt-filter is, this feature provides considerable savings in CPU cycles and transient memory usage, generally this will be beneficial when you have large number of prefixes to be filtered, as you do not need to define route-policy for all the prefixes, and also it simple to configure (only one command )
Look at the Restrictions for BGP: RT Constrained Route Distribution in below document
http://www.cisco.com/en/US/docs/ios/ios_xe/iproute_bgp/configuration/guide/irg_rt_filter_xe.html
HTH
Regards,
Sandip -
if i config mp-bgp vpnv4 reflector on a P router, does this P router become a PE router? Or keep P router role in mpls network?
thank you!Hello,
As I see it, how you do the route reflection process is more your own business than the customers'. How well you are doing it will of course affect the customers, but this is more an internal issue of the core, rather than something to discuss with the customer. Anyway, in this case the customers might have a point.
The problem when you have 2 PE's as your RR's is that if you want to perform a maintenance procedure on those PE's, it might also affect customers not even connected to the particular PE's. If on the other hand the core routers are the RR's, if you perform maintenance on them, few things in the network will be operational anyway since they stand in the middle, so no more harm done than expected. One could argue that in both cases there are 2 RR's, so things cannot be that bad. If one goes down we do have the other. (In the case of the P's however, if one goes down you might have a split network, so route reflection is the last thing that would concern you.)
You have 122 PE's and expect more. My guess is that your routers can handle the process if in most cases only a couple of routes are exchanged between VPN sites. Whether you choose to make RR's the P's or the PE's is more of a matter of style. I would prefer the PE's, because I would rather keep the P's "clean", doing what they are supposed to do, that is label switching traffic. MPLS is supposed to relief the core from running BGP, and we do not want to take risks in the P's by running something not absolutely necessary for them. In addition, route reflection is supposed to relief the PE's from having to peer with each other directly, so it looks more their own business to handle the route reflection process, which is coming to remedy the necessity for them (that is the PE's) to peer with every other PE in the network.
The bottom line is: Your P's are more important to you than any other router. This is for the customers' best interest as well. Keep functions where they belong more naturally.
Kind Regards,
M. -
Route-reflector-client inheritance-disable
Hi Folks,
I found the command route-reflector-client inheritance-disable here, why do we use it.
http://www.cisco.com/en/US/docs/routers/xr12000/software/xr12k_r3.9/routing/command/reference/b_rr39xr12kbook_chapter_01.html#wp1681856112
RP/0/0/CPU0:router(config)# router bgp 140
RP/0/0/CPU0:router(config-bgp)# af-group group1 address-family ipv4 unicast
RP/0/0/CPU0:router(config-bgp-afgrp)# route-reflector-client
RP/0/0/CPU0:router(config-bgp-afgrp)#exit
RP/0/0/CPU0:router(config-bgp)# neighbor 172.20.1.1
RP/0/0/CPU0:router(config-bgp-nbr)# remote-as 140
RP/0/0/CPU0:router(config-bgp-nbr)# address-family ipv4 unicast
RP/0/0/CPU0:router(config-bgp-nbr-af)# use af-group group1
RP/0/0/CPU0:router(config-bgp-nbr-af)# route-reflector-client inheritance-disable
I Will rate all helpful posts Thanks in advance
Regards
Thanveer
"Everybody is genius. But if you judge a fish by its ability to climb a tree, it will live its whole life believing that it is a stupid."Hello Muhammad,
As document says:
The following example disables the route-reflector client for neighbor 172.20.1.1, preventing this feature from being automatically inherited from address family group group1:
RP/0/RP0/CPU0:router(config)# router bgp 140
RP/0/RP0/CPU0:router(config-bgp)# af-group group1 address-family ipv4 unicast
RP/0/RP0/CPU0:router(config-bgp-afgrp)# route-reflector-client
RP/0/RP0/CPU0:router(config-bgp-afgrp)#exit
RP/0/RP0/CPU0:router(config-bgp)# neighbor 172.20.1.1
RP/0/RP0/CPU0:router(config-bgp-nbr)# remote-as 140
RP/0/RP0/CPU0:router(config-bgp-nbr)# address-family ipv4 unicast
RP/0/RP0/CPU0:router(config-bgp-nbr-af)# use af-group group1
RP/0/RP0/CPU0:router(config-bgp-nbr-af)# route-reflector-client inheritance-disable
Neighbor 172.20.1.1 si configured as member of group1. Members of group1 are configured as route-reflector-clients. But you want to disable neighbor 172.20.1.1 to become route-reflector-client so you need to configure route-reflector-client inheritance-disable.
Best Regards
Please rate all helpful posts and close solved questions -
EIGRP vs BGP route path selection scenario
I am looking for a routing solution to the following scenario. It is a fairly simple design.
I have two WAN connections between sites A and B. One is a 20 Meg Metro Ethernet Circuit running EIGRP. The other is a 10 Meg MPLS running BGP. What do I need to do in my configuration to make sure that the 20 Meg connection is the chosen path based off the fact that it has better speed and bandwidth? It appears to me that the MPLS is the preferred path even though it is slower.
See attached Diagram:
Site A Config
interface GigabitEthernet1/0/12
description PADC COX P2P 20 Meg
no switchport
bandwidth 20480
ip address 172.20.1.1 255.255.255.252
interface GigabitEthernet2/0/2
description LEVEL 3 MPLS
no switchport
bandwidth 10240
ip address 172.22.0.2 255.255.255.252
router eigrp 1
network 10.0.1.0 0.0.0.255
network 172.20.1.0 0.0.0.3
network 192.168.76.8 0.0.0.3
redistribute bgp 65003 metric 100 1 255 1 1500 route-map MPLS_NETWORKS
redistribute static route-map DEFAULT_ROUTE
router bgp 65003
bgp log-neighbor-changes
redistribute static
redistribute eigrp 1
neighbor 172.22.0.1 remote-as 1
default-information originate
Site B Config
interface GigabitEthernet0/1
description COX Communications 10 Meg to Venyu
bandwidth 20480
ip address 172.20.1.2 255.255.255.252
duplex auto
speed auto
service-policy output VOIP
interface GigabitEthernet0/2
description Level 3 MPLS
bandwidth 10240
ip address 172.22.1.2 255.255.255.252
duplex full
speed 100
router eigrp 1
network 10.3.1.0 0.0.0.31
network 10.52.1.0 0.0.0.255
network 10.76.6.0 0.0.0.255
network 172.20.1.0 0.0.0.3
network 192.168.63.64 0.0.0.63
network 192.168.76.249 0.0.0.0
passive-interface default
no passive-interface GigabitEthernet0/0
no passive-interface GigabitEthernet0/1
router bgp 65003
bgp log-neighbor-changes
network 10.3.1.0 mask 255.255.255.224
network 10.52.1.0 mask 255.255.255.0
network 10.76.6.0 mask 255.255.255.0
network 192.168.76.249 mask 255.255.255.255
neighbor 172.22.1.1 remote-as 1If each router is receiving advertisements for the same networks/subnet masks from both BGP and EIGRP it will always choose the BGP routes because they have a lower AD ie. 20 vs EIGRP 90.
Doesn't matter what the bandwidth is.
If you want to prefer the 20Mbps links then there are a number of options -
1) if you can summarise each sites subnets then advertise the summary via BGP and the more specific via EIGRP. More specific will be chosen even before AD is taken into account.
2) change the AD of either BGP or EIGRP so EIGRP ends up with the lower AD
3) run BGP on both links although you would still need to manipulate the attributes to make sure the link you want is used.
Jon -
Query on BGP route distribution
Hello Everyone
In the below scenario (GNS3), IBGP peering enabled between R1-R2, R1-R3, R2-R3 and EBGP peering enabled between R2-R4,R3-R5,R4-R6,R5-R7. OSPF enabled as IGP. Scenario attached for reference.
The problem I've observed in R1 is not getting entire BGP routing table for destinations 30.x.x.x/40.x.x.x.
I'm able to see only best routes in R1 BGP routing table, but alternate valid routes are not visible in its topology table.
R1#sh ip bgp
BGP table version is 81, local router ID is 100.100.2.1
*>i30.30.1.0/24 10.10.1.2 0 100 0 200 300 ?
*>i30.30.2.0/24 10.10.1.2 0 100 0 200 300 ?
*>i40.40.1.0/24 10.10.2.2 0 100 0 200 400 i
*>i40.40.2.0/24 10.10.2.2 0 100 0 200 400 i
*> 100.100.1.0/24 0.0.0.0 0 32768 i
*> 100.100.2.0/24 0.0.0.0 0 32768 i
More confusing part to me is when I disable IBGP peering between R2-R3 or shutdown interface between R2-R3 or else if I disable ospf in R1,R2 & R3 routers , I'm able to see both best route and alternate valid route in BGP topology table.
R1#sh ip bgpHi Milin & Renan,
Thanks for your replies. To narrow down the problem, I’ve shut down the 40.40.x.x network.
Now between R2-R3, R3 is not advertising 30.30.X.X network to R2, but whereas R2 is advertising 30.30.X.X network to R3. Why R3 is not advertising 30.30.X.X (route via 200 400 300) to R2.
R2#sh ip bgp ( No alternate route)
Network Next Hop Metric LocPrf Weight Path
*> 30.30.1.0/24 10.10.4.2 0 200 300 ?
*> 30.30.2.0/24 10.10.4.2 0 200 300 ?
*>i100.100.1.0/24 10.10.1.1 0 100 0 i
*>i100.100.2.0/24 10.10.1.1 0 100 0 i
R2#sh ip bgp summary
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
10.10.1.1 4 100 96 98 5 0 0 01:05:50 2
10.10.3.2 4 100 98 100 5 0 0 01:05:54 0
10.10.4.2 4 200 100 98 5 0 0 01:05:39 2
R3#sh ip bgp ( only in R3 we can see both best route & alternate route)
Network Next Hop Metric LocPrf Weight Path
*>i30.30.1.0/24 10.10.3.1 0 100 0 200 300 ?
* 10.10.5.2 0 200 400 300 ?
*>i30.30.2.0/24 10.10.3.1 0 100 0 200 300 ?
* 10.10.5.2 0 200 400 300 ?
*>i100.100.1.0/24 10.10.2.1 0 100 0 i
*>i100.100.2.0/24 10.10.2.1 0 100 0 i
R3#sh ip bgp summary
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
10.10.2.1 4 100 54 57 19 0 0 00:50:17 2
10.10.3.1 4 100 62 60 19 0 0 00:27:22 2
10.10.5.2 4 200 58 58 19 0 0 00:50:08 2 -
Hello Guys,
My scenario is:
2 Sites interconnected by 2 MPLS Links and BGP between the routers.
I need some help to force some traffic to be routed using one Link based on Protocol or TCP Port.
But if the link goes down, I need the traffic to be send using another link.
I want to do a PBR using track that validates a specific BGP Route or BGP Neighbor.
Can someone tell me some tips for this case?
Best Regards.
Heleno FagundesHi,
For your two concerns.
**2 Sites interconnected by 2 MPLS Links and BGP between the routers
Do you have some sort of network diagram ????
**I want to do a PBR using track that validates a specific BGP Route or BGP Neighbor.
We can always apply a track and an IP sla monitoring an IP address which the router is receiving from its BGP peer which you wish to monitor.
I am sure if you provide me sample diagram/config i'll be able to give some more descriptive answer.
Regards,
HK -
I am confused about which routes will a bgp speaker advertise to its bgp neighbors?
Will it advertise the bgp routes in routing table OR will it advertise the best routes from the bgp table (but not necessarily in routing table)?Thanks!!
I thought so, but in Troubleshooting IP Routing Protocols book by Cisco press, it is stated that bgp router will advertise its routes from routing table, so wanted to confirm that that was indeed wrong.
On page 668, this is what is written:
One rule that BGP follows when advertising prefixes to other neighbors is that the prefix being advertised must
exist in the routing table of the advertising router. -
Monitoring a BGP route and AS-PATH.
Hello.
I need to receive a SNMP trap when a BGP route, received with a specific AS-PATH, disappears from routing table.
Any ideas?
Thanks.
AndreaYou can use EEM for this. Check out the cisco beyond web site for sample scripts that may help you do this.
A company that I used to work for, www.magnus.net had a mature EEM solution for doing this for large network environments. They took a standalone router and using EEM turned it into a route monitor. It would send out notifications when BGP routes of defined attributes like AS-Path diasappeared from routing tables. It was driven by an excel spreadsheet as inputs. It was written by a super CCIE engineer. -
Hi,
I would like to change the bgp router id on my router that dialogue with peers in other AS.
I will use the loopback interface 0 and I have a doubt about the ip address that I can use.
I think that can be a private address in a public addresses domain. Is it correct?
So, I think that it's better I'd implement the ebgp multihop command with the remote AS peers. Right?
Before I do these changes do I have to warn the other peers to permit to change their configuration?Hello,
Changing your router-id will be effective after you reset your connections.
You can use a RFC 1918 address to suit your needs. Be careful not to leak the address to the Internet.
If you use the Loopback interface as a update-source you need to use the ebgp-multihop command for reachability. If you are useing it for a router-id only you should not bother to change the TTL in BGP packets.
It is recommended that you inform your peers about your plans.
HTH
Leon
* Please rate posts.
Maybe you are looking for
-
SAP LVM SETUP ON WINDOWS SERVER 2012
Hi Experts How to do the SAP LVM SETUP on windows server 2012. If Any One Knows Please Let Mme Know. Regards suresh
-
How do I see all of my family accounts
I used to have 5 family accounts on mobile me-I can't find them after moving to icloud. I want to start using one of the accounts i set up. Where do I find it?
-
Boot Camp on an External Drive
Does anyone know why Apple has chosen not to allow installion of Windows on an external drive? I don't think I am going to be willing to risk putting Windows on my internal drive. Mac Mini (Intel Core Duo) Mac OS X (10.4.5)
-
Using v25.0.1 on a Mac running OS X Lion. When I open a link in an e-mail, if Firefox is already running the link opens without any problems. If Firefox is not already running, clicking the link only launches Firefox and takes me to my home page. I h
-
I honestly have no clue what could have caused this! I turned it on this morning & it was stuck on the booting screen. It read "ThinkPad" in large letters followed by "To interrupt normal start up, press the blue ThinkVantage button." I waited for a