Solved: eBGP with loopback address issue

limtohsoon · ‎07-16-2007

Hi Sir,

The following two routers (R6 & R9) are configured to form an eBGP connection:

R6

--

!

interface Serial0/0

description *** Connection to R9 ***

ip address 150.50.69.1 255.255.255.252

!

router bgp 600

neighbor 150.50.9.99 remote-as 900

neighbor 150.50.9.99 ebgp-multihop 3

!

address-family ipv4

neighbor 150.50.9.99 activate

no auto-summary

no synchronization

exit-address-family

!

ip route 150.50.9.0 255.255.255.128 150.50.69.2

!

R9

--

!

interface Loopback0

ip address 150.50.9.99 255.255.255.255

!

interface Serial0/0

description *** Connection to R6 ***

ip address 150.50.69.2 255.255.255.252

!

router bgp 900

neighbor 150.50.69.1 remote-as 600

!

address-family ipv4

neighbor 150.50.69.1 activate

no auto-summary

no synchronization

exit-address-family

!

From the config, it looks like the eBGP connection won't come up because the command "neighbor 150.50.69.1 update-source lo0" is missing on R9. Surprisingly, the connection did come up, as follows:

R6#sh ip bgp ne 150.50.9.99

BGP neighbor is 150.50.9.99, remote AS 900, external link

BGP version 4, remote router ID 150.50.9.99

BGP state = Established, up for 01:20:08

<---Output omitted--->

Connection state is ESTAB, I/O status: 1, unread input bytes: 0

Connection is ECN Disabled

Local host: 150.50.69.1, Local port: 50619

Foreign host: 150.50.9.99, Foreign port: 179

R9#sh ip bgp nei 150.50.69.1

BGP neighbor is 150.50.69.1, remote AS 600, external link

BGP version 4, remote router ID 150.50.6.6

BGP state = Established, up for 01:13:56

<---Output omitted--->

Connection state is ESTAB, I/O status: 1, unread input bytes: 0

Connection is ECN Disabled

Local host: 150.50.9.99, Local port: 179

Foreign host: 150.50.69.1, Foreign port: 50619

Please advise. I'm a little confused.

Thank you.

B.Rgds,

Lim TS

Harold Ritter · ‎07-16-2007

It is indeed a good practice to configure both ends properly so they can both actively initiate the BGP session.

Hope this helps,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

View solution in original post

Harold Ritter · ‎07-16-2007

This will work as long as one side is configured correctly.

This is because R6 actively opened the TCP session using 150.50.9.99 as its destination. R9 passively opened the session using TCP syn destination address (150.50.9.9).

Note, that it would not work if R9 was to actively open the connection.

Hope this helps,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

limtohsoon · ‎07-16-2007

Hi Harold,

Yup, I can see R6 (active open) and R9 (passive open), as follows:

R6#sh ip bgp ne 150.50.9.99

<---Output omitted --->

SRTT: 300 ms, RTTO: 303 ms, RTV: 3 ms, KRTT: 0 ms

minRTT: 8 ms, maxRTT: 300 ms, ACK hold: 200 ms

Flags: active open, nagle

IP Precedence value : 6

R9#sh ip bgp ne 150.50.69.1

<---Output omitted --->

SRTT: 300 ms, RTTO: 303 ms, RTV: 3 ms, KRTT: 0 ms

minRTT: 8 ms, maxRTT: 300 ms, ACK hold: 200 ms

Flags: passive open, nagle, gen tcbs

IP Precedence value : 6

Is it a good practice to configure both ends of the BGP session correctly? I always do so. The sample config in this post is something I came across in a technical book.

Thank you.

B.Rgds,

Lim TS

Harold Ritter · ‎07-16-2007

It is indeed a good practice to configure both ends properly so they can both actively initiate the BGP session.

Hope this helps,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México