Nexus5548 BGP soft-reconfiguration inbound
Hi,
I have a small problem when using Nexus5548 version 5.2(1)N1(2a) with BGP and "soft-reconfiguration inbound". The BGP config looks exactly like other Nexus implementations with BGP but with N5K im not able to see "show ip bgp neighbors x.x.x.x received-routes". I get the error message saying:
% Inbound soft reconfiguration for IPv4 Unicast not enabled on x.x.x.x
The BGP-config looks like this:
router bgp [ASN]
router-id 1.2.3.4
neighbor x.x.x.x remote-as [eBGP_ASN]
address-family ipv4 unicast
route-map BGP_prim in
soft-reconfiguration inbound
The neighbor looks like it supports this feature:
Neighbor capabilities:
Dynamic capability: advertised (mp, refresh, gr)
Dynamic capability (old): advertised
Route refresh capability (new): advertised received
Route refresh capability (old): advertised received
4-Byte AS capability: advertised received
Address family IPv4 Unicast: advertised received
Graceful Restart capability: advertised
Any idea where im going wrong or is it not possible to do this in N5K?
Cheers! // Mattias
Mattias,
I may be answering a slightly different question but here goes: Are you sure you need the soft-reconfiguration inbound? Are you perhaps confusing this feature with route refresh, a different feature?
It appears that most people do not differentiate between these two features. They provide the same functionality but use vastly different means of accomplishing them.
The soft-reconfig inbound is an ancient workaround about BGP's former inability to ask a neighbor to repeatedly resend a set of routes. Cisco devices have traditionally solved this problem by storing a separate, unfiltered copy of all routes received from a particular neighbor configured with the neighbor soft-reconfig inbound command. Every change on the inbound policy would then simply re-filter the routes from the unfiltered database maintained on a per-neighbor basis. An obvious disadvantage of this approach is the amount of wasted memory to keep unfiltered BGP databases for each neighbor for which you have configured the soft-reconfig inbound.
In RFC 2918 which is 15 years old by now, a new BGP message was standardized: the Route Refresh message. Using this message, a BGP router can ask its neighbor at any time to resend a particular family of routes (IPv4 routes, IPv6 routes, etc.). No storing of unfiltered databases is necessary anymore. In addition, this Route Refresh is negotiated and used automatically as soon as both routers support it.
Now, your Nexus tells you right away:
Route refresh capability (new): advertised received
Route refresh capability (old): advertised received
It is telling you that both your Nexus (advertised) and its neighbor (received) support the Route Refresh feature, and as a result, they will be using it automatically, without you configuring anything in particular.
If you configured soft-reconfig inbound for a neighbor, you would be losing the advantages of Route Refresh, as you would be forcing your router to store unfiltered routes from the neighbor even though both routers support the Route Refresh and storing the unfiltered database is entirely useless.
It is possible that NX-OS tries to do things the smart way, and when it finds out that both peers support Route Refresh, it uses it in place of soft-reconfig inbound even if you have it configured. I am not fluent in NX-OS so I cannot comment on that with certainty but it is a possibility.
In any case, to show the routes received from a neighbor, you should use just show ip bgp neighbor x.x.x.x received routes (not received-routes).
Would you mind trying this out? If this works for you then I suggest that you remove the soft-reconfig inbound from your configuration. It seems to be useless in your (and in most people's) case.
Best regards,
Peter
Similar Messages
-
Route-refresh vs soft-reconfiguration inbound
Hi,
If IOS supports route-refresh capability then can i do away with soft-reconfiguration inbound to save memory and cpu utilization in multi-vrf ce routers.
Thanks
KasAbsolutely !!
soft-reconfiguration inbound is more seen as a troubleshooting tool and should be enabled only to check what you are receiving and then should be removed.
HTH
Laurent. -
BGP, VRF and PBR ("set vrf")
Hi networkers!
Requirements:
- 2 locations (OFFICE, DC) in the same town
- each having two active WAN connections (carrying individual routing domains): The default Any2Any WAN (where several other locations are connected to) and a client specific MC WAN.
- There is a high speed "metro" connection between the locations
- Targets of MC WAN must only be available from a dedicated "MC LAN" network segment
- The default route of "MC LAN" is into Any2Any. Some specific routes coming from MC WAN will overrule A2A routes
- By default, all locally generated traffic should leave into the local WAN links
- In case of a local fault, the locally generated traffic should go via "metro" link into the remote WAN links.
- Traffic between office and DC has to use the metro link.
Hardware: Cat 4500X in VSS configuration at both locations acting as router.
The challenge is with the "MC LAN" that should be fully integrated into A2A routing (communicating locally with devices in other LAN segments and remotely with other sites) but it should also communicate with some special targets of the MC WAN that all other LAN segments must not see.
The general solution that I found is to set the "MC LAN segment" into the GRT but apply "ip vrf receive VRF_MC" and "set vrf VRF_MC" as PBR for targets that should be reached via MC-WAN. It is makes me a little unhappy, that I have to configure a static PBR "routing" because the MC routes are already available by BGP within VRF_MC. But I have tested several other solutions (route leackage e.g.). But they did not work (route leakage for example is not possible on-device between VLANs but only between physical ports).
I put in here only the OFFICE part of the configuration. At the DC there is no "MC LAN" only "MC WAN" which is fully isolated by VRF.
We create two transfer networks at each side. One for the Metro and one for the WAN and start BGP sessions with the neighbors. Failover is guaranteed by longer AS-PATH:
vrf definition VRF_MC
description MC routing domain
rd 65500:1
address-family ipv4
exit-address-family
interface Vlan3
description MC Office
ip vrf receive VRF_MC
ip address 1.40.1.1 255.255.255.0
no ip redirects
no ip proxy-arp
ip policy route-map MC_PBR_VRF
interface Vlan30
description WAN A2A transfer (partner 2.2.2.18 // remote-as 65293 - local AS 65502)
ip address 2.2.2.21 255.255.255.240
interface Vlan31
description WAN MC(partner 2.2.2.50 // remote-as 65293 - local AS 65502)
vrf forwarding VRF_MC
ip address 2.2.2.53 255.255.255.240
interface Vlan34
description Metro A2A transfer (partner 3.3.3.69 remote-as 65503)
ip address 3.3.3.66 255.255.255.240
interface Vlan36
description Metro MC transfer (partner 3.3.3.85 remote-as 65503)
vrf forwarding VRF_MC
ip address 3.3.3.82 255.255.255.240
router bgp 65502
bgp always-compare-med
bgp log-neighbor-changes
network 1.40.1.0 mask 255.255.255.0 <-- MC LAN
network 1.1.192.0 mask 255.255.248.0 <-- other Office LAN segments below
network 1.1.200.0 mask 255.255.248.0
network 1.1.208.0 mask 255.255.248.0
neighbor 2.2.2.18 remote-as 65293
neighbor 2.2.2.18 description to_A2A_WAN
neighbor 2.2.2.18 version 4
neighbor 2.2.2.18 remove-private-as
neighbor 2.2.2.18 soft-reconfiguration inbound
neighbor 2.2.2.18 prefix-list BGP_A2A_out out
neighbor 3.3.3.69 remote-as 65503
neighbor 3.3.3.69 description A2A_Metro_to_DC
neighbor 3.3.3.69 update-source Vlan34
neighbor 3.3.3.69 version 4
neighbor 3.3.3.69 soft-reconfiguration inbound
address-family ipv4 vrf VRF_MC
network 1.40.1.0 mask 255.255.255.0 <-- MC LAN
neighbor 2.2.2.50 remote-as 65293
neighbor 2.2.2.50 description to_MC_WAN
neighbor 2.2.2.50 version 4
neighbor 2.2.2.50 activate
neighbor 2.2.2.50 remove-private-as
neighbor 2.2.2.50 soft-reconfiguration inbound
neighbor 2.2.2.50 prefix-list BGP_MC_out out
neighbor 3.3.3.85 remote-as 65503
neighbor 3.3.3.85 description MC_Metro_to_DC
neighbor 3.3.3.85 update-source Vlan36
neighbor 3.3.3.85 activate
neighbor 3.3.3.85 soft-reconfiguration inbound
exit-address-family
route-map MC_PBR_VRF permit 10
match ip address MC_PBR_ROUTE
set vrf VRF_MC
! control BGP
ip prefix-list BGP_A2A_out seq 10 permit 1.1.192.0/21 le 32
ip prefix-list BGP_A2A_out seq 20 permit 1.1.200.0/21 le 32
ip prefix-list BGP_A2A_out seq 30 permit 1.1.208.0/21 le 32
ip prefix-list BGP_A2A_out seq 40 permit 1.40.1.0/24 le 32
! control BGP
ip prefix-list BGP_MC_out seq 10 permit 1.40.1.0/24 le 32
ip access-list extended MC_PBR_ROUTE
permit ip any 2.2.2.48 0.0.0.15
permit ip any 3.3.3.80 0.0.0.15
permit ip any 7.87.208.0 0.0.15.255
permit ip any 55.55.0.0 0.0.0.255
permit ip any host 93.93.93.93
That's all.
What is possible:
- traceroute into MC WAN from Office LAN router "traceroute vrf VRF_MC 55.55.0.83"
1 2.2.2.50 [AS 65276] 8 msec 0 msec 0 msec
2 10.10.21.189 [AS 65276] 4 msec 0 msec 4 msec
3 10.10.41.74 [AS 65276] 12 msec 8 msec 16 msec
- MC LAN is fully reachable from A2A WAN
- Metro link is used for backup and "city" traffic between office and DC.
What does not work:
- A device connected to MC LAN cannot reach any target in MC WAN. Example:
C:\Users\me>tracert -d 55.55.0.83
1 2 ms 1 ms 1 ms 2.2.2.53 <- IP local VLAN31 MC-WAN transfer net (belonging to VRF_MC)
2 <1 ms <1 ms <1 ms 2.2.2.18 <- jump back into the GTR (A2A WAN router IP)
3 1 ms 1 ms 1 ms 5.5.5.5 <- A2A WAN
What is missing?? Is my solution itself a no-go?
Additional question: There is a backup metro link with a smaller bandwidth that should be used only in case of main metro link is down. I installed a route-map to "set local-preference 20" for all routes received via this backup metro link. Is this the recommended way to implement such backup link.
Best regardsUse the route map as a noraml thing.
To match the all the ip address there should not be any match statement in the route map. -
Influencing BGP attributes within MPLS network
pls take a look at my question and diagram is attached in the file. pls help me to fix this problem.
I have following requirement about traffic paths within the
MPLS network.MPLS network is running MP-BGP4.
1.Traffic from Europe branch to Asia branch go through London
router.
2.Traffic from America branch to Asia branch go through Los Angeles
router.
3.The two paths through London and Los Angeles should have redundancy.
That is if path through London is not accessible all the traffic must
go through Los Angeles. IF Los Angeles path go down all the traffic must
go through London.
4.Traffic from Asia to Europe and America is controlled by redistributing
BGP4 learned routes with different metrics at the London and Los Angeles
routers.So that trafic from Asia branch to Europe go through London and
traffic from Asia to America go through Los Angeles.
I have been using below configs on the PE routers. But it is not working.
In the MPLS network only one path is selected for both traffic from Europe
and America.Pls can anyone help me to fix this problem.
#PE3
ip vrf CUSTOMER
rd 1:10
route-target export 1:20
route-target import 1:40
export map EXPORT-ROUTE
import map IMPORT-ROUTE
interface FastEthernet0/0
description LONDON-GW
ip vrf forwarding CUSTOMER
ip address 1.1.1.2 255.255.255.252
router bgp 65400
address-family ipv4 vrf CUSTOMER
redistribute connected
neighbor 1.1.1.1 remote-as 65401
neighbor 1.1.1.1 activate
neighbor 1.1.1.1 next-hop-self
neighbor 1.1.1.1 soft-reconfiguration inbound
no auto-summary
no synchronization
exit-address-family
ip extcommunity-list 1 permit rt 1:10
ip extcommunity-list 2 permit rt 1:40
route-map EXPORT-ROUTE permit 10
description LONDON-GW
match extcommunity 1
set extcomm-list 1 delete
set extcommunity rt 1:20 additive
route-map IMPORT-ROUTE permit 10
description EU & US-BRANCH
match extcommunity 2
#PE4
ip vrf CUSTOMER
rd 1:10
route-target export 1:30
route-target import 1:40
export map EXPORT-ROUTE
import map IMPORT-ROUTE
interface FastEthernet0/0
description LA-GW
ip vrf forwarding CUSTOMER
ip address 2.2.2.2 255.255.255.252
router bgp 65400
address-family ipv4 vrf CUSTOMER
redistribute connected
neighbor 2.2.2.1 remote-as 65402
neighbor 2.2.2.1 activate
neighbor 2.2.2.1 next-hop-self
neighbor 2.2.2.1 soft-reconfiguration inbound
no auto-summary
no synchronization
exit-address-family
ip extcommunity-list 1 permit rt 1:10
ip extcommunity-list 2 permit rt 1:40
route-map EXPORT-ROUTE permit 10
description LA-GW
match extcommunity 1
set extcomm-list 1 delete
set extcommunity rt 1:30 additive
route-map IMPORT-ROUTE permit 10
description EU & US-BRANCH
match extcommunity 2
#PE1
ip vrf CUSTOMER
rd 1:10
route-target export 1:40
route-target import 1:20
route-target import 1:30
export map EXPORT-ROUTE
import map IMPORT-ROUTE
interface FastEthernet0/0
description EU-BRANCH
ip vrf forwarding CUSTOMER
ip address 3.3.3.2 255.255.255.252
router bgp 65400
address-family ipv4 vrf CUSTOMER
redistribute connected
redistribute static
no auto-summary
no synchronization
exit-address-family
ip route vrf CUSTOMER 172.16.1.0 255.255.255.0 FastEthernet0/0 3.3.3.1 name EU-BRANCH
ip extcommunity-list 1 permit rt 1:10
ip extcommunity-list 2 permit rt 1:20
ip extcommunity-list 3 permit rt 1:30
route-map EXPORT-ROUTE permit 10
description EU-BRANCH
match extcommunity 1
set extcomm-list 1 delete
set extcommunity rt 1:40 additive
route-map IMPORT-ROUTE permit 10
description LONDON-GW(MAIN)
match extcommunity 2
set metric 100
route-map IMPORT-ROUTE permit 20
description LA-GW(BACKUP)
match extcommunity 3
set metric 200
route-map IMPORT-ROUTE permit 30
description OTHER
#PE2
ip vrf CUSTOMER
rd 1:10
route-target export 1:40
route-target import 1:20
route-target import 1:30
export map EXPORT-ROUTE
import map IMPORT-ROUTE
interface FastEthernet0/0
description US-BRANCH
ip vrf forwarding CUSTOMER
ip address 4.4.4.2 255.255.255.252
router bgp 65400
address-family ipv4 vrf CUSTOMER
redistribute connected
redistribute static
no auto-summary
no synchronization
exit-address-family
ip route vrf CUSTOMER 192.168.1.0 255.255.255.0 FastEthernet0/0 4.4.4.1 name US-BRANCH
ip extcommunity-list 1 permit rt 1:10
ip extcommunity-list 2 permit rt 1:20
ip extcommunity-list 3 permit rt 1:30
route-map EXPORT-ROUTE permit 10
description US-BRANCH
match extcommunity 1
set extcomm-list 1 delete
set extcommunity rt 1:40 additive
route-map IMPORT-ROUTE permit 10
description LONDON-GW(BACKUP)
match extcommunity 2
set metric 200
route-map IMPORT-ROUTE permit 20
description LA-GW(MAIN)
match extcommunity 3
set metric 100
route-map IMPORT-ROUTE permit 30
description OTHERHi Manoj
"send-community both" will export both Standard and Extended Communities
The Standard Community Values which we are setting up New on PE3 and PE4 and Matching on PE1 and PE2 can be anything in ASN:nn Format..I Just randomly chose them as 65400:1111 on PE3/PE1 and 65400:2222 on PE4/PE2.
The extcommunity values to be used on PE3/PE4 will be the export RT values used in the VRF Customer Config as posted in your first post..
#PE3
ip vrf CUSTOMER
rd 1:10
route-target export 1:20
route-target import 1:40
export map EXPORT-ROUTE
import map IMPORT-ROUTE
#PE4
ip vrf CUSTOMER
rd 1:10
route-target export 1:30
route-target import 1:40
export map EXPORT-ROUTE
import map IMPORT-ROUTE
I think I mixed up little with PE3 as PE1 and PE4 as PE2 instead ..Revised corrected config would be
On PE3-- Under VPNv4 We enable sending out the normal community values out to the RR.Then we match the extcommunity rt for the VRF Customer and set the community value to 65400:1111 which will be matched at PE1
router bgp 65400
address-family vpnv4
neighbor "RR-IP" send-community both
neighbor "RR-IP" route-map community out
exit-address-family
route-map community permit 10
match extcommunity CUSTOMER
set community 65400:1111
route-map community permit 20
ip extcommunity-list standard CUSTOMER permit rt 1:20
On PE4-- Under VPNv4 We enable sending out the normal community values out to the RR.Then we match the extcommunity rt for the VRF Customer and set the community value to 65400:2222 which will be matched at PE2
router bgp 65400
address-family vpnv4
neighbor "RR-IP" send-community both
neighbor "RR-IP" route-map community out
exit-address-family
route-map community permit 10
match extcommunity CUSTOMER
set community 65400:2222
route-map community permit 20
ip extcommunity-list standard CUSTOMER permit rt 1:30
On PE1-- Under VPNv4 We match the community value 65400:1111 which was set at PE3 and set the LP to 110
router bgp 65400
address-family vpnv4
neighbor "RR-IP" route-map community in
exit-address-family
route-map community permit 10
match community CUSTOMER
set local-preference 110
route-map community permit 20
ip community-list standard CUSTOMER permit 65400:1111
On PE2-- Under VPNv4 We match the community value 65400:2222 which was set at PE4 and set the LP to 110
router bgp 65400
address-family vpnv4
neighbor "RR-IP" route-map community in
exit-address-family
route-map community permit 10
match community CUSTOMER
set local-preference 110
route-map community permit 20
ip community-list standard CUSTOMER permit 65400:2222
Make Sure that RR is enabled to propogate the normal BGP communities as well...
Hope this helps to answer your question..Please let me know for any clarifications..
Regards
Varma -
MP-BGP and MPLS multipath load sharing
Hi,
I am trying to PoC MPLS multi path load sharing by using per-PE-per-VRF RDs in the network.
I have a simple lab setup with AS65000 which consists of SITE1 PE1&PE2 routers (10.250.0.101 and 10.250.0.102), route reflector RR in the middle (10.250.0.55) and SITE2 PE1&PE2 routers (10.250.0.201 and 10.250.0.202). PE routers only do iBGP peering with centralized route reflector and passing route to 10.1.1.0/24 prefix (learned from single CE router) with 100:1 and 100:2 RDs for specific VRF.
Route reflector gets routes with multiple RDs, makes copies of these routes in order to make local comparison to RD 55:55 configured, uses these routes and install multiple paths into its routing table (all PE routers and RR have "maximum-paths eibgp 4" configured):
RR#sh ip bgp vpnv4 all
BGP table version is 7, local router ID is 10.250.0.55
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 55:55 (default for vrf VRF-A) VRF Router ID 10.250.0.55
* i10.1.1.0/24 10.250.0.102 0 100 0 65001 i
*>i 10.250.0.101 0 100 0 65001 i
Route Distinguisher: 100:1
*>i10.1.1.0/24 10.250.0.101 0 100 0 65001 i
Route Distinguisher: 100:2
*>i10.1.1.0/24 10.250.0.102 0 100 0 65001 i
RR#sh ip route vrf VRF-A
<output omitted>
10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
B 10.1.1.0/24 [200/0] via 10.250.0.102, 00:45:52
[200/0] via 10.250.0.101, 00:46:22
BUT, for some reason RR doest reflects routes with multiple RDs down to SITE2 PE1&PE2 - its own clients:
RR#sh ip bgp vpnv4 all neighbors 10.250.0.201 advertised-routes
Total number of prefixes 0
RR#sh ip bgp vpnv4 all neighbors 10.250.0.202 advertised-routes
Total number of prefixes 0
Here comes RR BGP configuration:
router bgp 65000
no synchronization
bgp router-id 10.250.0.55
bgp cluster-id 1.1.1.1
bgp log-neighbor-changes
neighbor 10.250.0.101 remote-as 65000
neighbor 10.250.0.101 update-source Loopback0
neighbor 10.250.0.101 route-reflector-client
neighbor 10.250.0.101 soft-reconfiguration inbound
neighbor 10.250.0.102 remote-as 65000
neighbor 10.250.0.102 update-source Loopback0
neighbor 10.250.0.102 route-reflector-client
neighbor 10.250.0.102 soft-reconfiguration inbound
neighbor 10.250.0.201 remote-as 65000
neighbor 10.250.0.201 update-source Loopback0
neighbor 10.250.0.201 route-reflector-client
neighbor 10.250.0.201 soft-reconfiguration inbound
neighbor 10.250.0.202 remote-as 65000
neighbor 10.250.0.202 update-source Loopback0
neighbor 10.250.0.202 route-reflector-client
neighbor 10.250.0.202 soft-reconfiguration inbound
no auto-summary
address-family vpnv4
neighbor 10.250.0.101 activate
neighbor 10.250.0.101 send-community both
neighbor 10.250.0.102 activate
neighbor 10.250.0.102 send-community both
neighbor 10.250.0.201 activate
neighbor 10.250.0.201 send-community both
neighbor 10.250.0.202 activate
neighbor 10.250.0.202 send-community both
exit-address-family
address-family ipv4 vrf VRF-A
maximum-paths eibgp 4
no synchronization
bgp router-id 10.250.0.55
network 10.255.1.1 mask 255.255.255.255
exit-address-family
SITE1 PE1 configuration:
router bgp 65000
no synchronization
bgp router-id 10.250.0.101
bgp log-neighbor-changes
neighbor 10.250.0.55 remote-as 65000
neighbor 10.250.0.55 update-source Loopback0
neighbor 10.250.0.55 soft-reconfiguration inbound
no auto-summary
address-family vpnv4
neighbor 10.250.0.55 activate
neighbor 10.250.0.55 send-community both
exit-address-family
address-family ipv4 vrf VRF-A
neighbor 10.1.101.2 remote-as 65001
neighbor 10.1.101.2 activate
neighbor 10.1.101.2 soft-reconfiguration inbound
maximum-paths eibgp 4
no synchronization
bgp router-id 10.250.0.101
exit-address-family
SITE1 PE2 configuration is similar to SITE1 PE1. They both do eBGP peering with dualhomed CE router in AS65001 which announces 10.1.1.0/24 prefix into VRF-A table.
My question is: clearly, the issue is that RR doesn't reflect any routes to its clients (SITE2 PE1&PE2) for 10.1.1.0/24 prefix with 100:1 and 100:2 RDs that dont match it's locally configured RD 55:55 for VRF-A, although they are present in its BGP/RIB tables and used for multipathing. Is this an expected behavior or some feature limitation for specific platform or IOS version? Currently, in this test lab setup I run IOS 12.4(24)T8 on all the devices.
Please, let me know if any further details are needed to get an idea of why this well known and widely used feature is not working correctly in my case. Thanks a lot!
Regards,
SergeyHi Ashish,
I tried to remove VRF and address family configurations completely from RR.
router bgp 65000
no synchronization
bgp router-id 10.250.0.55
bgp cluster-id 1.1.1.1
bgp log-neighbor-changes
neighbor 10.250.0.101 remote-as 65000
neighbor 10.250.0.101 update-source Loopback0
neighbor 10.250.0.101 route-reflector-client
neighbor 10.250.0.101 soft-reconfiguration inbound
neighbor 10.250.0.102 remote-as 65000
neighbor 10.250.0.102 update-source Loopback0
neighbor 10.250.0.102 route-reflector-client
neighbor 10.250.0.102 soft-reconfiguration inbound
neighbor 10.250.0.201 remote-as 65000
neighbor 10.250.0.201 update-source Loopback0
neighbor 10.250.0.201 route-reflector-client
neighbor 10.250.0.201 soft-reconfiguration inbound
neighbor 10.250.0.202 remote-as 65000
neighbor 10.250.0.202 update-source Loopback0
neighbor 10.250.0.202 route-reflector-client
neighbor 10.250.0.202 soft-reconfiguration inbound
no auto-summary
address-family vpnv4
neighbor 10.250.0.101 activate
neighbor 10.250.0.101 send-community both
neighbor 10.250.0.102 activate
neighbor 10.250.0.102 send-community both
neighbor 10.250.0.201 activate
neighbor 10.250.0.201 send-community both
neighbor 10.250.0.202 activate
neighbor 10.250.0.202 send-community both
exit-address-family
After this, RR doesn't accept any routes at all from S1PE1&S1PE2 routers, thus not reflecting any routes down to its clients S2PE1&S2PE2 as well:
S1PE1#sh ip bgp vpnv4 all
BGP table version is 6, local router ID is 10.250.0.101
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 100:1 (default for vrf VRF-A) VRF Router ID 10.250.0.101
*> 10.1.1.0/24 10.1.101.2 0 0 65001 i
S1PE1#sh ip bgp vpnv4 all neighbors 10.250.0.55 advertised-routes
BGP table version is 6, local router ID is 10.250.0.101
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 100:1 (default for vrf VRF-A) VRF Router ID 10.250.0.101
*> 10.1.1.0/24 10.1.101.2 0 0 65001 i
Total number of prefixes 1
S1PE2#sh ip bgp vpnv4 all
BGP table version is 6, local router ID is 10.250.0.102
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 100:2 (default for vrf VRF-A) VRF Router ID 10.250.0.102
*> 10.1.1.0/24 10.1.201.2 0 0 65001 i
S1PE2#sh ip bgp vpnv4 all neighbors 10.250.0.55 advertised-routes
BGP table version is 6, local router ID is 10.250.0.102
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 100:2 (default for vrf VRF-A) VRF Router ID 10.250.0.102
*> 10.1.1.0/24 10.1.201.2 0 0 65001 i
Total number of prefixes 1
RR#sh ip bgp vpnv4 all
RR#sh ip bgp vpnv4 all neighbors 10.250.0.101 routes
Total number of prefixes 0
RR#sh ip bgp vpnv4 all neighbors 10.250.0.102 routes
Total number of prefixes 0
Any feedback is appreciated. Thanks.
Regards,
Sergey -
BGP default route advertisement - change preference
hi guys,
I would appreciate some assistance here. We have a primary head office & a DR site. Routers at both sites connect to our carrier for an IP VPN service using BGP. BGP configs on each router advertise a default route 0.0.0.0.
#sh ip bgp neighbors x.x.x.x advertised-routes
BGP table version is 358, local router ID is x.x.x.x
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Originating default network 0.0.0.0
Issue is, some of our remote sites prefer the DR router path for traffic destined to internet.
We are advertising multiple default routes to our carrier, and based on feedback from carrier, route with lowest MED is preferred.
This brings me to what i need to change from my side. Need to change the route preference so that from our remote offices, only the route to head office is preferred with DR site the least preferred route. I know there are multliple ways of doing this, however keen to get input from the experts out there.
DR site router has this BGP config currently applied:
router bgp XXXXX
bgp log-neighbor-changes
redistribute connected
redistribute ospf 1 match internal external 1 external 2
neighbor x.x.x.x remote-as XXXX
neighbor x.x.x.x default-originate
neighbor x.x.x.x soft-reconfiguration inbound
neighbor x.x.x.x route-map IMPORT-POLICY in
neighbor x.x.x.x route-map OPI-route-advertisement out
default-information originate
Removing the "neighbor x.x.x.x default-originate" is not an option, as we need to have the ability to failover to DR at any point.
Thanks in advance & if you need any further info pls advise.
RamaHi Milan,
Thanks. Answers below:
Does it provide an MPLS backbone to you? YES
Are you using the same AS number on all your sites or different ones? Same AS
Any way, what about advertising the default route from your DR site with the site AS number prepended several times (5 times, e.g.)? That's the thing I am struggling to understand as the route-map OPI-route-advertisement already has it prepended 2 times. Shouldn't that be enough to influence which route is least preferred?
route-map OPI-route-advertisement permit 20
match ip address prefix-list xxx default-route
set as-path prepend XXXXX XXXXX
If your provider would permit that and hasn't configured his routers to ignore the AS_PATH length (as him a question), it should make the default route advertised from your DR less preferred within your backbone. Will ask.
Given this, any other thoughts/questions?
Thanks, Rama -
BGP: Customer network announcing error (not advertised)
Hi to all.
Our company - is small business ISP. We have two BGP upstreams, and some customers who connect with us via BGP. Day ago, our customer opened a case that we don't announce his network to the "global network". I can see, that he announce me his network, and BGP add this prefix to the routing table. But when i open prefix detail - i see that prefix not advertised to any peer.
Here is sh run :
router bgp xxx
bgp router-id xx.xx.xx.xx
bgp log-neighbor-changes
neighbor xx.xx.xx.xx remote-as xxxx
neighbor xx.xx.xx.xx description Customer
neighbor yy.yy.yy.yy remote-as yyyy
neighbor yy.yy.yy.yy description Uplink
address-family ipv4
neighbor xx.xx.xx.xx activate
neighbor xx.xx.xx.xx default-originate
neighbor xx.xx.xx.xx soft-reconfiguration inbound
neighbor xx.xx.xx.xx prefix-list DEFAULT out
neighbor xx.xx.xx.xx prefix-list Deny-Default in
neighbor yy.yy.yy.yy activate
neighbor yy.yy.yy.yy prefix-list BizTel out
neighbor yy.yy.yy.yy filter-list 1 out
exit-address-family
ip as-path access-list 1 permit ^$
ip as-path access-list 1 permit ^xxxx$
ip prefix-list DEFAULT seq 5 permit 0.0.0.0/0
ip prefix-list Deny-Default seq 10 deny 0.0.0.0/32
ip prefix-list Deny-Default seq 15 permit 0.0.0.0/0 le 32
sh ip bgp neighbors xx.xx.xx.xx received-routes:
Network Next Hop Metric LocPrf Weight Path
*> 0.0.0.0 xx.xx.xx.xx 0 xxxx xxxx yyyy i
*> zz.zz.zz.zz/24 xx.xx.xx.xx 0 0 xxxx xxxx i
sh ip bgp neigh xx.xx.xx.xx adv routes:
Network Next Hop Metric LocPrf Weight Path
*> 0.0.0.0 xx.xx.xx.xx 0 xxxx xxxx yyyy i
sh ip bgp zz.zz.zz.zz /24:
BGP routing table entry for zz.zz.zz.zz/24, version 6503140
Paths: (3 available, best #1, table default)
Not advertised to any peer
xxxx xxxx, (received & used)
xx.xx.xx.xx from xx.xx.xx.xx (cc.cc.cc.cc)
Origin IGP, metric 0, localpref 100, valid, external, best
Can somebody help me with this question?The outputs are very confusing ie.
sh ip bgp neighbors xx.xx.xx.xx received-routes:
Network Next Hop Metric LocPrf Weight Path
*> 0.0.0.0 xx.xx.xx.xx 0 xxxx xxxx yyyy i
*> zz.zz.zz.zz/24 xx.xx.xx.xx 0 0 xxxx xxxx i
presumably these are the routes received from the customer ? If so -
1) why are you receiving a default from the customer with yyyy in the AS PATH ?
2) why are there two instances of xxxx in AS PATH for both routes in the AS PATH ?
also -
sh ip bgp neigh xx.xx.xx.xx adv routes:
Network Next Hop Metric LocPrf Weight Path
*> 0.0.0.0 xx.xx.xx.xx 0 xxxx xxxx yyyy i
if you are looking at routes advertised upstream why are you looking at advertised routes to the customer ?
It is difficult to say what is happening because you have blanked out all the information.
Finally you have -
neighbor yy.yy.yy.yy prefix-list BizTel out
but there is no such prefix list in the config you posted
Can you clarify by answering the above and perhaps explain how this is all setup ie. is x.x.x.x the customer and y.y.y.y your upstream provider.
The more information you can give the more we can help.
Jon -
BGP allowas-in and split horizon problem.
Hi,
I need some help. I can't understand why R2 advertises back the same networks to the neighbor from that received.
My topology is:
R1 is in AS1, R2 is in AS2 and R3 is in AS3, I've eBGP R1-R2, and eBGP R2-R3.
R1 and R3 has configured allowas-in to permit routes with their own AS.
The problem is with eBGP Updates. The router R1 advertise 1.1.1.1/32 to R2, and R2 sent back to R1 the same route 1.1.1.1/32.
I think that should not happen according the BGP split horizon rules. R2 should not advertise those networks who learned from R1, unless R2 has a route with better metric.
The same behavior happens between R2 and R3.
Thanks in advance.
All the router had the same IOS: c7200-is-mz.123-14.T1.bin
R1 Configuration
R1#sh run | sec router
router bgp 1
no synchronization
bgp log-neighbor-changes
network 1.1.1.1 mask 255.255.255.255
neighbor 172.28.1.1 remote-as 2
neighbor 172.28.1.1 allowas-in 10
neighbor 172.28.1.1 soft-reconfiguration inbound
no auto-summary
R1#
R2 Configuration
router bgp 2
no synchronization
bgp log-neighbor-changes
neighbor 172.28.1.2 remote-as 1
neighbor 172.28.1.2 soft-reconfiguration inbound
neighbor 172.28.2.2 remote-as 3
neighbor 172.28.2.2 soft-reconfiguration inbound
no auto-summary
R2#
R3 Configuration
router eigrp 200
redistribute connected
redistribute bgp 3 metric 100000 10 255 100 1500
network 192.168.3.0 0.0.0.3
no auto-summary
router bgp 3
no synchronization
bgp log-neighbor-changes
redistribute connected
redistribute eigrp 200
neighbor 172.28.2.1 remote-as 2
neighbor 172.28.2.1 allowas-in 10
neighbor 172.28.2.1 soft-reconfiguration inbound
no auto-summary
R3#
R1 BGP Table, Advertised Route, Received Routes
R1#sh ip bgp
BGP table version is 6, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
* 1.1.1.1/32 172.28.1.1 0 2 1 i
*> 0.0.0.0 0 32768 i
*> 3.3.3.3/32 172.28.1.1 0 2 3 ?
*> 4.4.4.4/32 172.28.1.1 0 2 3 ?
*> 172.28.2.0/30 172.28.1.1 0 2 3 ?
*> 192.168.3.0/30 172.28.1.1 0 2 3 ?
R1#
R1#sh ip bgp neighbors 172.28.1.1 advertised-routes
BGP table version is 6, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 1.1.1.1/32 0.0.0.0 0 32768 i
Total number of prefixes 1
R1#
R1#sh ip bgp neighbors 172.28.1.1 received-routes
BGP table version is 6, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
* 1.1.1.1/32 172.28.1.1 0 2 1 i
*> 3.3.3.3/32 172.28.1.1 0 2 3 ?
*> 4.4.4.4/32 172.28.1.1 0 2 3 ?
*> 172.28.2.0/30 172.28.1.1 0 2 3 ?
*> 192.168.3.0/30 172.28.1.1 0 2 3 ?
Total number of prefixes 5
R1#
R2 BGP Table, Advertised Route, Received Routes
R2#sh ip bgp
BGP table version is 7, local router ID is 172.28.2.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 1.1.1.1/32 172.28.1.2 0 0 1 i
*> 3.3.3.3/32 172.28.2.2 0 0 3 ?
*> 4.4.4.4/32 172.28.2.2 156160 0 3 ?
r> 172.28.2.0/30 172.28.2.2 0 0 3 ?
*> 192.168.3.0/30 172.28.2.2 0 0 3 ?
R2#
R2#
R2 Received routes from R1
R2#sh ip bgp neighbors 172.28.1.2 received-routes
BGP table version is 7, local router ID is 172.28.2.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 1.1.1.1/32 172.28.1.2 0 0 1 i
Total number of prefixes 1
R2#
R2 Advertised routes to R1
R2#sh ip bgp neighbors 172.28.1.2 advertised-routes
BGP table version is 7, local router ID is 172.28.2.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 1.1.1.1/32 172.28.1.2 0 0 1 i
*> 3.3.3.3/32 172.28.2.2 0 0 3 ?
*> 4.4.4.4/32 172.28.2.2 156160 0 3 ?
r> 172.28.2.0/30 172.28.2.2 0 0 3 ?
*> 192.168.3.0/30 172.28.2.2 0 0 3 ?
Total number of prefixes 5
R2#
R2 Received routes from R3
R2#sh ip bgp neighbors 172.28.2.2 received-routes
BGP table version is 7, local router ID is 172.28.2.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 3.3.3.3/32 172.28.2.2 0 0 3 ?
*> 4.4.4.4/32 172.28.2.2 156160 0 3 ?
r> 172.28.2.0/30 172.28.2.2 0 0 3 ?
*> 192.168.3.0/30 172.28.2.2 0 0 3 ?
Total number of prefixes 4
R2#
R2 Advertised routes to R3
R2#sh ip bgp neighbors 172.28.2.2 advertised-routes
BGP table version is 7, local router ID is 172.28.2.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 1.1.1.1/32 172.28.1.2 0 0 1 i
*> 3.3.3.3/32 172.28.2.2 0 0 3 ?
*> 4.4.4.4/32 172.28.2.2 156160 0 3 ?
r> 172.28.2.0/30 172.28.2.2 0 0 3 ?
*> 192.168.3.0/30 172.28.2.2 0 0 3 ?
Total number of prefixes 5
R2#
R3 BGP Table, Advertised Route, Received Routes
R3#sh ip bg
BGP table version is 7, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 1.1.1.1/32 172.28.2.1 0 2 1 i
* 3.3.3.3/32 172.28.2.1 0 2 3 ?
*> 0.0.0.0 0 32768 ?
* 4.4.4.4/32 172.28.2.1 0 2 3 ?
*> 192.168.3.2 156160 32768 ?
* 172.28.2.0/30 172.28.2.1 0 2 3 ?
*> 0.0.0.0 0 32768 ?
* 192.168.3.0/30 172.28.2.1 0 2 3 ?
*> 0.0.0.0 0 32768 ?
R3#
R3#sh ip bgp neighbors 172.28.2.1 advertised-routes
BGP table version is 7, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 3.3.3.3/32 0.0.0.0 0 32768 ?
*> 4.4.4.4/32 192.168.3.2 156160 32768 ?
*> 172.28.2.0/30 0.0.0.0 0 32768 ?
*> 192.168.3.0/30 0.0.0.0 0 32768 ?
Total number of prefixes 4
R3#
R3#sh ip bgp neighbors 172.28.2.1 received-routes
BGP table version is 7, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 1.1.1.1/32 172.28.2.1 0 2 1 i
* 3.3.3.3/32 172.28.2.1 0 2 3 ?
* 4.4.4.4/32 172.28.2.1 0 2 3 ?
* 172.28.2.0/30 172.28.2.1 0 2 3 ?
* 192.168.3.0/30 172.28.2.1 0 2 3 ?
Total number of prefixes 5
R3#I agree with the previous posters. What you could do is look at show bgp ipv4 unicast 1.1.1.1 on R2. You will find that the prefix is associated with an update group. An update group is an optimisation within the router BGP process to reduce the processing overhead for generating updates to peers. If two peers have exactly the same outbound routing policy they would be in the same update group. If you looked at the update group show bgp ipv4 unicast update-group <number> you would probabably find that it would contain the peers 172.28.1.2 and 172.28.2.2.
This would mean that the 1.1.1.1 would be replicated to R1 and R3. Without remoteas-in configured R1 would reject the prefix due the AS path containing AS1 - you can see this if you look at the output from show bgp ipv4 unicast neighbor 172.28.1.1 towards the bottom you will see the quantity of prefixes that have been rejected and why - use debug ip bgp updates if you want to see this in real time.
When remoteas-in is configured the prefix from R2 is accepted into the BGP table - however this is irrelevant as it will never become the best-path due to the weight 32768 for the local origination. If R1 peered with R4 via eBGP for example only this best path would advertised and hence nothing is broken.
HTH -
BGP Advertised Routes two Peering
Dear all
I have issue with BGP behaviour. I have two BGP peering; from both I receive default route, but one of them,
AS 65472 is primary so I setup local preference in 200; it is because I want to use AS 65472 as internet
provider. The another one, AS 65472 is used as secundary internet access, but for internal network (private) is
used as primary. The issue is when try ping from LAN, can not reach internal network, seems to be that
becuase Local preference is setup within AS65472 and the packet try to go thru AS 65472 because local prefeence 200,
but I need that internal network go thru AS 65471.
I am sure that I am advertising network as I expect, but when is running BGP for both peering, it fails.
Here are go output for this situation:
7204VXR-SCT#sh ip bgp neighbors 172.16.40.37 received-routes
Network Next Hop Metric LocPrf Weight Path
* i0.0.0.0 172.16.40.37 0 100 0 i
Total number of prefixes 1
7204VXR-SCT#sh ip bgp neighbors 172.16.40.37 advertised-routes
Network Next Hop Metric LocPrf Weight Path
*> 10.10.200.0/30 0.0.0.0 0 32768 i
*> 10.30.24.0/21 172.16.40.4 0 32768 i
*> 172.16.17.0/24 172.16.40.5 0 32768 i
*> 172.16.211.0/24 0.0.0.0 0 32768 i
*> 172.18.56.16/29 0.0.0.0 0 32768 i
*> 172.30.100.18/32 0.0.0.0 0 32768 i
*> 172.31.0.20/30 0.0.0.0 0 32768 i
7204VXR-SCT#sh ip bgp neighbors 190.97.254.241 received-routes
Network Next Hop Metric LocPrf Weight Path
* 0.0.0.0 190.97.254.241 0 65472 i
Total number of prefixes 1
Network Next Hop Metric LocPrf Weight Path
*> 190.153.116.0/22 172.16.40.4 0 32768 i
*> 190.153.120.0/22 172.16.40.4 0 32768 i
*> 190.153.124.0/24 172.16.40.37 10 32768 i
router bgp 65471
bgp log-neighbor-changes
neighbor externalBGP peer-group
neighbor externalBGP remote-as 65472
neighbor externalBGP version 4
neighbor internalBGP-SCT peer-group
neighbor internalBGP-SCT remote-as 65471
neighbor internalBGP-SCT version 4
neighbor 172.16.40.37 peer-group internalBGP-SCT
neighbor 190.97.254.241 peer-group viginet
address-family ipv4
neighbor externalBGPsoft-reconfiguration inbound
neighbor externalBGProute-map viginet-in in
neighbor externalBGProute-map viginet-out out
neighbor internalBGP-SCT soft-reconfiguration inbound
neighbor internalBGP-SCT route-map internalBGP-SCT-out out
neighbor 172.16.40.37 activate
neighbor 190.97.254.241 activate
no auto-summary
no synchronization
network 10.10.200.0 mask 255.255.255.252
network 10.30.24.0 mask 255.255.248.0
network 172.16.17.0 mask 255.255.255.0
network 172.16.40.0 mask 255.255.255.0
network 172.16.211.0 mask 255.255.255.0
network 172.18.56.16 mask 255.255.255.248
network 172.30.100.18 mask 255.255.255.255
network 172.31.0.20 mask 255.255.255.252
network 190.153.116.0 mask 255.255.252.0
network 190.153.120.0 mask 255.255.252.0
network 190.153.124.0 mask 255.255.255.0
exit-address-family
ip route 172.16.40.36 255.255.255.252 Null0 250
ip route 190.153.116.0 255.255.252.0 172.16.40.4
ip route 190.153.120.0 255.255.252.0 172.16.40.4
ip prefix-list invalidas seq 10 permit 172.16.40.0/24
ip prefix-list invalidas seq 15 permit 10.30.24.0/21
ip prefix-list invalidas seq 20 permit 172.16.211.0/24
ip prefix-list invalidas seq 25 permit 172.18.56.16/29
ip prefix-list invalidas seq 30 permit 172.30.100.18/32
ip prefix-list invalidas seq 35 permit 10.10.200.0/30
ip prefix-list invalidas seq 40 permit 172.16.17.0/24
ip prefix-list invalidas seq 45 permit 172.31.0.20/30
ip access-list standard viginet-100
permit 190.153.116.0 0.0.3.255
permit 190.153.120.0 0.0.3.255
permit 190.153.124.0 0.0.0.255
route-map externalBGP-out permit 10
match ip address viginet-100
route-map externalBGP-in permit 10
set local-preference 200
route-map internalBGP-SCT-out permit 10
match ip address prefix-list invalidasHello.
If you want your internal network to go through peer 65471 (to 0.0.0.0/0), then why do you need AS 65472?
Could you please provide "show ip bgp 0.0.0.0/0"? -
Hi
From what I understand in the show ip bgp x.x.x.x/x output the received-only would be present when soft-reconfiguration inbound is configured and the route has been rejected by a policy i.e. a route map
What i have also found is that on many outputs i can see the exact same route in the output twice, one which has the received-only keyword and one doesn't.
Now for a specified neighbor we have a route map configured inbound which will change the weight based on the community value. It seems as though when a route map is configured and an attribute is changed that route appears in the output twice, one being modified and one which is unchanged. But this contradicts what is said on the Cisco website its states 'the received-only keyword will only show up if the route is denied by a policy', but its not.. it's just changed.
Has anyone had this discussion before? I would like to hear people's thoughts on the matter.
Thanks
Andre
corerouter#show ip bgp | b 10.141.54.0
* 10.141.54.0/23 10.199.10.18 0 64000 34406 65502 ?
*> 10.199.10.18 0 64000 34406 65502 ?
corerouter#sho ip bgp 10.141.54.0/23
BGP routing table entry for 10.141.54.0/23, version 1219279
Paths: (4 available, best #3, table Default-IP-Routing-Table)
Advertised to update-groups:
2 3 4 5 6 7
34406 65502
10.199.10.18 from 10.199.10.20 (82.196.60.60)
Origin incomplete, metric 0, localpref 100, weight 64000, valid, external
Community: 10199111
34406 65502, (received-only)
10.199.10.18 from 10.199.10.20 (82.196.60.60)
Origin incomplete, metric 0, localpref 100, valid, external
Community: 10199111
34406 65502
10.199.10.18 from 10.199.10.19 (82.196.60.1)
Origin incomplete, metric 0, localpref 100, weight 64000, valid, external, best
Community: 10199111
34406 65502, (received-only)
10.199.10.18 from 10.199.10.19 (82.196.60.1)
Origin incomplete, metric 0, localpref 100, valid, external
Community: 10199111show ip bgp neighbor x.x.x.x received-routes
show ip bgp neighbor x.x.x.x routes
sho ip bgp a.b.c.d
If you found this page, like I did, while searching for "received-only" - that means that the route has only been received, but not entered in the routing table. This is good if you meant to block that route. But if that route is actually also installed in the routing table and you meant to block it, check your route-map, specifically your prefix-lists and you will likely find that you have an error with wither the IP address or the CIDR mask, resulting in a non-match condition. The inverse is also true if you intend to allow a route but you only see the "received-only" route, you probably have a typo in your route-map or prefix list. Below are some examples that might help.
Here are some BGP with route-map and prefix-list examples, although the data is not meaningful.
router bgp 1234
neighbor CARRIER1 peer-group
neighbor CARRIER1 route-map PROVIDER1-IN in
neighbor 6.7.8.9 peer group CARRIER1
route-map PROVIDER1-IN deny 5
match ip address prefix-list MyIPs
route-map PROVIDER1-IN permit 10
match ip address prefix-list GOOG APPL
ip prefix-list GOOG seq 5 permit 8.8.8.0/24 le 32
ip prefix-list GOOG seq 10 permit 8.8.4.4/32
ip prefix-list APPL seq 5 per 17.142.160.59/32
ip prefix-list APPL seq 10 per 17.178.96.0/24 le 32
ip prefix-list MyIPs seq 5 per 1.2.0.0/16 le 24
ip prefix-list MyIPs seq 10 per 2.3.4.0/24 le 32
ip prefix-list MyIPs seq 15 per 4.5.6.7/32 -
Does a route-policy override BGP split-horizon rule in IOS-XR?
If I receive a default route from a non-client, can I turn around and send it to another non client if I have the following applied to the non-client?
prefix-set send-default
0.0.0.0/0
end-set
route-policy DEFAULT-POLICY
if destination in send-default then
pass
else
drop
endif
end-policy
neighbor-group BLAH
remote-as XXXXX
password encrypted XXXXXXX
description iBGP to Decryptors
update-source Loopback0
address-family ipv4 unicast
route-policy DEFAULT-POLICY out
soft-reconfiguration inbound always
neighbor X.X.X.X
use neighbor-group BLAH
endHi Carlopez,
For BGP to inject a default rotue you need the "default-information originate" command, unfortunately, you can't redistribute or regenerate a route via the RPL method you described.
regards
xander -
Hi
I've got two data centre sites. Each site has is connected by the same ISP, and BGP is is setup between the ISP and eash site:
The diagram looks like this:
ISP--Site1
|
Site2
The problem I have is when I do a traceroute from the external router in site1 (router1) to the external router in site2(2), the traceroute shows one hop, as though they are directly connected.
How is that possible, shouldn't the traceorute show the route through the ISP's router aswell.
note:
router1=yyy.yyy.yyy.1
router2=xxx.xxx.xxx.2
ISP router=
In my router I have the following config:
router bgp dddd
no synchronization
bgp log-neighbor-changes
network vvv.vvv.vvv.0 mask 255.255.255.252
network xxx.xxx.xxx.0 mask 255.255.255.224
network zzz.zzz.zzz.96 mask 255.255.255.224
neighbor vvv.vvv.vvv.1 remote-as nnnn
neighbor vvv.vvv.vvv.1 soft-reconfiguration inbound
neighbor vvv.vvv.vvv.1 route-map isp-to-se in
neighbor vvv.vvv.vvv.1 route-map se-to-isp out
neighbor xxx.xxx.xxx.2 remote-as dddd
neighbor xxx.xxx.xxx.2 soft-reconfiguration inbound
ip prefix-list se-src seq 10 permit xxx.xxx.xxx.0/27
ip prefix-list se-src seq 11 permit zzz.zzz.zzz.96/27
route-map se-to-isp permit 10
match ip address prefix-list se-src
set metric 300
route-map isp-to-se permit 10
set metric 20
Does the above play some part in hiding the actual traceroute? How does BGP play a part in this?
Thanks
DanDan,
This is in no mean related to BGP. Your SP is probably providing you with a L2VPN service of some sort, which explains your two routers seeing themselves as directly connected.
Hope this helps, -
BGP Smoothing Interval Exceeded
I got this error meassge on one of customer routers where the BGP failed:
SYSLOG Smoothing Interval Exceeded Alarm:xxxxxxxxxx BGP-5-ADJCHANGE down 666 seconds which exceeds smoothing interval of 660 seconds for neighbor x.x.x.x.
the BGP config:
router bgp 65002
bgp log-neighbor-changes
network x.x.x.x mask x.x.x.x
timers bgp 15 45
neighbor x.x.x.x remote-as xxxxx
neighbor x.x.x.x description PE - load sharing
neighbor x.x.x.x soft-reconfiguration inbound
neighbor x.x.x.x route-map setmedprimary out
neighbor x.x.x.x filter-list 1 in
We found that the link was down between the CE and PE router, but I don't understeand why the BGP adjecency didn't fail on dead timer set to 45s.Found it!
Just copy the prefix without the RD value:
show bgp ipv4 mvpn [1][192.168.0.4]/40
Hristo -
Command to clear the bgp vrf table.
Hi,
I want to clear the bgp table on this vrf. Here is how it looks like :-
address-family ipv4 vrf mj
redistribute connected
neighbor 12.12.12.12 remote-as 1111
neighbor 12.12.12.12 activate
neighbor 12.12.12.12 send-community
neighbor 12.12.12.12 as-override
neighbor 12.12.12.12 soft-reconfiguration inbound
neighbor 12.12.12.12 route-map customer in
neighbor 12.12.12.12 route-map vpn-routes out
neighbor 12.12.12.12 maximum-prefix 1000
neighbor 13.13.13.13 remote-as 65222
neighbor 13.13.13.13 activate
neighbor 13.13.13.13 send-community
neighbor 13.13.13.13 remove-private-as
neighbor 13.13.13.13 soft-reconfiguration inbound
neighbor 13.13.13.13 route-map a-in in
neighbor 13.13.13.13 route-map a-out out
neighbor 13.13.13.13 maximum-prefix 1000
no auto-summary
no synchronization
exit-address-family
I would like to confirm that the command to clear this vrf is whereby the ASN is 1110 :-
clear ip bgp vrf mj ipv4 unicast 1110 soft.
Pls advice,
InternetB.Hi Shivlu,
To confirm, since my ASN is 1110, the 200 should be replaced with my ASN number of 1110 right ?
Thank you,
InternetB. -
Hi, i´m new in the world of XR and i need to pass the next configuration in XR and i can´t, can you help me please?
router bgp 2222
bgp log-neighbor-changes
scope global
neighbor 94.142.103.17 remote-as 1111
neighbor 94.142.103.17 description CDE
neighbor 94.142.103.17 password 123123
neighbor 94.142.103.17 timers 20 60 60
neighbor 94.142.103.17 activate
neighbor 94.142.103.17 soft-reconfiguration inbound
neighbor 94.142.103.17 prefix-list Filter in
neighbor 94.142.103.17 prefix-list Filter-out out
neighbor 94.142.103.17 route-map LOCAL-PREF-BACKUP in
network 181.125.192.0 mask 255.255.192.0
network 181.125.192.0 mask 255.255.224.0
network 181.125.224.0 mask 255.255.224.0
network 181.126.0.0 mask 255.255.128.0
network 181.126.0.0 mask 255.255.192.0
network 181.126.64.0 mask 255.255.192.0
network 181.126.128.0 mask 255.255.128.0
network 181.126.128.0 mask 255.255.192.0
network 181.126.192.0 mask 255.255.192.0
network 181.127.0.0 mask 255.255.192.0
network 181.127.0.0 mask 255.255.224.0
network 181.127.32.0 mask 255.255.224.0
ip prefix-list Filter seq 20 permit 216.9.251.0/24
ip prefix-list Filter seq 30 permit 66.117.0.0/16 ge 17 le 24
ip prefix-list Filter seq 40 permit 208.109.88.0/22
ip prefix-list Filter seq 50 permit 83.39.0.0/16
ip prefix-list Filter seq 100 permit 201.217.0.0/16 ge 17 le 24
ip prefix-list Filter seq 101 permit 190.23.0.0/17 ge 18 le 24
ip prefix-list Filter seq 102 permit 190.52.128.0/19 ge 20 le 24
ip prefix-list Filter seq 103 permit 190.52.160.0/19 ge 20 le 24
ip prefix-list Filter seq 104 permit 156.42.0.0/16 ge 17 le 24
ip prefix-list Filter seq 105 permit 65.197.244.0/24
ip prefix-list Filter seq 106 permit 65.216.64.0/20
ip prefix-list Filter seq 10000 permit 0.0.0.0/0
ip prefix-list Filter-out seq 101102005 permit 186.16.96.0/20
ip prefix-list Filter-out seq 101102006 permit 186.16.128.0/20
ip prefix-list Filter-out seq 101102007 permit 186.16.144.0/20
ip prefix-list Filter-out seq 101102008 permit 186.16.160.0/20
ip prefix-list Filter-out seq 101102009 permit 186.16.176.0/20
ip prefix-list Filter-out seq 101102020 permit 190.128.192.0/19
ip prefix-list Filter-out seq 1011022225 permit 200.12.146.0/24
ip prefix-list Filter-out seq 1011022230 permit 201.220.25.0/24
route-map LOCAL-PREF-BACKUP permit 10
set local-preference 95The following 2 refences will give you some guidance on how to do that:
https://supportforums.cisco.com/docs/DOC-22848
and for RPL:
https://supportforums.cisco.com/docs/DOC-22031
You will need to use RPL to define your prefix sets (as opposed to prefix lists you have in IOS)
to filter inbound and outbound route updates.
You also use the RPL to modify BGP attributes.
The neighbor and network statements (need to be under the address family ipv4 unicast) are pretty much the same as in IOS.
regards
xander
Maybe you are looking for
-
How do i change the media type on a digital booklet when they option bar is greyed out?
I downloaded an album a couple days ago which came with a digital booklet. I am trying to put it on my phone but need to change the media type to book to be able to do this. whenever I go to the get info tab, the options tab is completely greyed out
-
"Source file does not conform to XML Schema!" error at Import Server
Dear SDN, When I run Import Server the import job stopped with the error "Source file does not conform to XML Schema!" in Log file. I used MDM SP05 Patch01 and HF1. Both of 2 Import Server have same problems. Of course it works in Import Manager. Wha
-
Invalid XML Character (Unicode: 0x0)
Hello guys, I have a problem with one mapping. The error is that there is an invalid character ( Unicode: 0x0 ). I have seen this is the null character, but how can I found it? I can't test the message mapping because we have a dynamic configuration
-
Using XML_SECTION_GROUP within Intermedia
Hello, I wanted to use Oracle's Intermedia Text services to store XML in a CLOB. I also wanted to see if I could do the following. 1. create index only on certain elements (and not all as in a AUTO_SECTION_GROUP).Intermedia Text Manager does not allo
-
My Contacts list is all screwed up. Any ideas?
My Contacts list is all screwed up. There's only a few contacts visible on the contact list on my phone under each letter of the alphabet. However, I can get contacts no longer visible on the list via Siri. Any ideas? Title edited for brevity. Mess