ebgp-multi-hop connection

Answered Question
Mar 28th, 2008

Hi everyone how are things? I have a quick quesiton here. I'm trying to create a ebgp-multihop connection but the problem is it never establishes. I don't have any access-list on the interface so it is wide open, I've been looking at this for a while now so everything looks ok to me. I know I'm missing something but anyways here is my config:

router bgp 60301

neighbor 192.168.50.50 remote-as 64637

neighbor 192.168.50.50 ebgp-multihop 5

neighbor 192.168.50.50 update-source FastEthernet1/15

neighbor 192.168.50.50 version 4

neighbor 192.168.50.50 soft-reconfiguration inbound

neighbor 192.168.50.50 prefix-list from-interim in

neighbor 192.168.50.50 prefix-list to-interm out

when I do a sh ip bgp neigh 192.168.50.50 I see the bgp state as active but not established. I've done a soft clear and clear but nothing as of yet. Thank you in advance!!

Correct Answer by Harold Ritter about 8 years 10 months ago

Warren,

You can use the loopback interface as the update-source for the eBGP and iBGP session.

Regards,

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Loading.
Rick Morris Fri, 03/28/2008 - 08:01

Who is providing the number of hops?

Do you know what it is suppose to be?

Is this peering with a vendor or yourself?

If your peer is directly connected to you then you will not have multiple hops, if you are peering with a router on the other side of a router then your hop count will be 2 and so on.

wgranada1 Fri, 03/28/2008 - 08:12

Thank you for the quick response I will try to answer your questions at once. I'm peering with another router that isn't mine inorder for me to get to the 192.168.50.50 peer I have to go through my eth 1/15 which is connected to his 10.16.4.176/30(I'm 177 and he is 178) Yes I have a static route that points to 10.16.4.178:

ip route 192.168.50.50 255.255.255.255 10.16.4.178

Harold Ritter Fri, 03/28/2008 - 08:05

Warren,

A couple of things you might want to check.

1. Is there a route to 192.168.50.50?

2. Try an extended ping to 192.168.50.50 with the address of fa1/5 as the source.

3. Make sure that the neighbor address on the side matches the address of fa1/5 and that 192.168.50.50 matches the source addresses used on the BGP peer.

Regards,

wgranada1 Fri, 03/28/2008 - 08:15

Yes there is a route:

sfschirt4#sh ip route 192.168.50.50

Routing entry for 192.168.50.50/32

Known via "static", distance 1, metric 0

Redistributing via ospf 1

Routing Descriptor Blocks:

* 10.16.4.178

Route metric is 0, traffic share count is 1

Also I can ping:

sfschirt4#ping 10.128.184.105 source 172.19.80.9

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 192.168.50.50, timeout is 2 seconds:

Packet sent with a source address of 10.16.4.177

!!!!!

Success rate is 100 percent (5/5), round-trip

min/avg/max = 1/1/4 ms

wgranada1 Fri, 03/28/2008 - 08:27

Yes he has emailed me his config:

router bgp 64637

no synchronization

neighbor 172.19.103.45 remote-as 64821

neighbor 172.19.103.45 ebgp-multihop 5

neighbor 172.19.103.45 update-source Loopback1

neighbor 172.19.103.45 soft-reconfiguration inbound

neighbor 172.19.103.45 prefix-list Routes-from-Futures in

neighbor 172.19.103.45 prefix-list Routes-to-Futures out

no auto-summary

172.19.103.45 is my loopback address I don't have the routing though. He is also away from the office so it will be hard to get a hold of him today. Didn't want to wait till monday just trying to make sure I'm good on my end.

Rick Morris Fri, 03/28/2008 - 08:30

this remote as is wrong.

it has 64821

and you have configured on your end

router bgp 60301

Jon Marshall Fri, 03/28/2008 - 08:30

Warren

Your bgp AS number

router bgp 60301

So why does his config say

neighbor 172.19.103.45 remote-as 64821 ie.

AS = 64821

Jon

Harold Ritter Fri, 03/28/2008 - 08:36

Warren,

As other mentionned, the remote-as is wrong and should be 60301.

Also, 172.19.103.45 is your loopback address, so you should configure your loopback address as the update-source rather than fa1/5.

One more thing, make sure loopback1 address on the remote side is 192.168.50.50, as this is the address used as the update-source.

Regards,

wgranada1 Fri, 03/28/2008 - 08:47

I was looking over the config and noticed that I have an internal peering as well that is also using the loopback as well if I source from teh new connection as suggested will that affect what is already there?

router bgp 64821

no synchronization

bgp router-id 172.19.103.45

bgp log-neighbor-changes

redistribute ospf 1 match internal external 1 external 2 route-map to-VNET

neighbor VNET peer-group

neighbor VNET remote-as 64820

neighbor VNET update-source FastEthernet1/0

neighbor VNET version 4

neighbor VNET soft-reconfiguration inbound

neighbor VNET prefix-list from-VNET in

neighbor VNET prefix-list to-VNET out

neighbor VNET route-map from-VNET-LOCALPREF in

neighbor VNET route-map to-VNET-PREPEND out

neighbor VNET filter-list 17 out

neighbor SFS-INTERNAL peer-group

neighbor SFS-INTERNAL remote-as 64821

neighbor SFS-INTERNAL update-source Loopback0

neighbor 10.128.184.105 remote-as 64637

neighbor 10.128.184.105 ebgp-multihop 5

neighbor 10.128.184.105 update-source FastEthernet1/15

neighbor 10.128.184.105 version 4

neighbor 10.128.184.105 soft-reconfiguration inbound

neighbor 10.128.184.105 prefix-list from-interim in

neighbor 10.128.184.105 prefix-list to-interm out

neighbor 172.19.98.50 peer-group VNET

neighbor 172.19.103.30 peer-group SFS-INTERNAL

no auto-summary

Harold Ritter Fri, 03/28/2008 - 08:25

Warren,

"debug ip bgp" should give you a lot more information on why the session is not coming up.

Regards,

Harold Ritter Fri, 03/28/2008 - 08:29

Warren,

The extended ping should be to 192.168.50.50 rather than 10.128.184.105 and should also use the address of fa1/5 as the source.

Regards,

wgranada1 Fri, 03/28/2008 - 08:39

I appreciate the help...sorry guys I was trying to keep my ip private but I think I'm doing more harm than help so here is it is with the real IPs

MY SIDE:

router bgp 64821

no synchronization

bgp router-id 172.19.103.45

bgp log-neighbor-changes

neighbor 10.128.184.105 remote-as 64637

neighbor 10.128.184.105 ebgp-multihop 5

neighbor 10.128.184.105 update-source FastEthernet1/15

neighbor 10.128.184.105 version 4

neighbor 10.128.184.105 soft-reconfiguration inbound

neighbor 10.128.184.105 prefix-list from-interim in

neighbor 10.128.184.105 prefix-list to-interm out

His side:

router bgp 64637

no synchronization

neighbor 172.19.103.45 remote-as 64821

neighbor 172.19.103.45 ebgp-multihop 5

neighbor 172.19.103.45 update-source Loopback1

neighbor 172.19.103.45 soft-reconfiguration inbound

neighbor 172.19.103.45 prefix-list Routes-from-Futures in

neighbor 172.19.103.45 prefix-list Routes-to-Futures out

no auto-summary

now he told me I'm suppose to be peering with his 10.128.184.105 and inorder for me to get to that peer I need to go through the ethernet connection

My side

interface FastEthernet1/15

ip address 172.19.80.9 255.255.255.252

His side

interface gigethernet 0/1

ip address 172.19.80.10 255.255.255.252

I have routes to his 10.128.184.105

sfschirt4#sh ip route 10.128.184.105

Routing entry for 10.128.184.105/32

Known via "static", distance 1, metric 0

Redistributing via ospf 1

Routing Descriptor Blocks:

* 172.19.80.10

Route metric is 0, traffic share count is 1

and can source ping

sfschirt4#ping 10.128.184.105 source 172.19.80.9

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 10.128.184.105, timeout is 2 seconds:

Packet sent with a source address of 172.19.80.9

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/4 ms

sorry guys about that

wgranada1 Fri, 03/28/2008 - 08:41

Also when I did run a debug I see the following:

Mar 28 15:29:17.315 UTC: BGP: 10.128.184.105 passive open to 172.19.103.45

*Mar 28 15:29:17.315 UTC: BGP: 10.128.184.105 passive open failed - 172.19.103.45 is not update-source FastEthernet1/15's address (172.19.80.9)

*Mar 28 15:29:17.315 UTC: BGP: 10.128.184.105 remote connection attempt failed, local address 172.19.103.45

*Mar 28 15:29:37.195 UTC: BGP: 10.128.184.105 open active, local address 172.19.80.9

*Mar 28 15:29:37.195 UTC: BGP: 10.128.184.105 open failed: Connection refused by remote host, open active delayed 25365ms (35000ms max, 28% jitter)

Harold Ritter Fri, 03/28/2008 - 08:44

Warren,

172.19.103.45 is the address your peer uses. Make sure you use the interface that matches that address as your update-source on your side.

Regards,

wgranada1 Fri, 03/28/2008 - 08:51

I was looking over the config and noticed that I have an internal peering as well that is also using the loopback address as well if I source from the new connection as suggested will that affect what is already there?

router bgp 64821

no synchronization

bgp router-id 172.19.103.45

bgp log-neighbor-changes

redistribute ospf 1 match internal external 1 external 2 route-map to-VNET

neighbor VNET peer-group

neighbor VNET remote-as 64820

neighbor VNET update-source FastEthernet1/0

neighbor VNET version 4

neighbor VNET soft-reconfiguration inbound

neighbor VNET prefix-list from-VNET in

neighbor VNET prefix-list to-VNET out

neighbor VNET route-map from-VNET-LOCALPREF in

neighbor VNET route-map to-VNET-PREPEND out

neighbor VNET filter-list 17 out

neighbor SFS-INTERNAL peer-group

neighbor SFS-INTERNAL remote-as 64821

neighbor SFS-INTERNAL update-source Loopback0<-- Already being used

neighbor 10.128.184.105 remote-as 64637

neighbor 10.128.184.105 ebgp-multihop 5

neighbor 10.128.184.105 update-source FastEthernet1/15

neighbor 10.128.184.105 version 4

neighbor 10.128.184.105 soft-reconfiguration inbound

neighbor 10.128.184.105 prefix-list from-interim in

neighbor 10.128.184.105 prefix-list to-interm out

neighbor 172.19.98.50 peer-group VNET

neighbor 172.19.103.30 peer-group SFS-INTERNAL

no auto-summary

Correct Answer
Harold Ritter Fri, 03/28/2008 - 08:52

Warren,

You can use the loopback interface as the update-source for the eBGP and iBGP session.

Regards,

wgranada1 Fri, 03/28/2008 - 08:58

YOU GUYS ROCK!!!!! thank you all for helping out sorry about the confusion in the beginning

I see that neighor relationship has been established:

sfschirt4#sh ip bgp neigh 10.128.184.105

BGP neighbor is 10.128.184.105, remote AS 64637, external link

BGP version 4, remote router ID 10.128.184.105

BGP state = Established, up for 00:00:10

YEAH!!!!! thank you agian!!!!!

Actions

This Discussion