cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
934
Views
0
Helpful
19
Replies

BGP question

SOL10
Level 1
Level 1

hi all, please see my attached diagram of BGP lab along with the configs. the problem im having is that although i can ping networks within the same AS, i cant ping from R1 to any networks on the end of R5. Also cant ping from R5 to network 1.1.1.1

Please help

1 Accepted Solution

Accepted Solutions

You're welcome.

Have a great weekend, too.

And by the way, it would be nice to get a good 20 or 30 points of ratings out of all this. :-D

Victor

View solution in original post

19 Replies 19

Hi Suleiman,

Seems you've got some black hole routes somewhere within AS5500. The basic rule is a full IBGP connectivity.But you can redistribute something into IGP as well.

Just try as follows:

From Router2( Maybe 3)

!

router bgp 5500

no synchronization

bgp log-neighbor-changes

neighbor 4.4.4.4 remote-as 5500

no auto-summary

!

From Router3( Maybe 2)

router bgp 5500

no synchronization

bgp log-neighbor-changes

neighbor 4.4.4.4 remote-as 5500

no auto-summary

From Router4

!

router bgp 5500

no synchronization

bgp log-neighbor-changes

neighbor 1.1.1.1 remote-as 5500

neighbor 10.1.24.1 remote-as 5500

neighbor 10.1.34.1 remote-as 5500

neighbor 1.1.1.1 update-source Loopback4

neighbor 10.1.24.1 update-source Loopback4

neighbor 10.1.34.1 update-source Loopback4

neighbor 1.1.1.1 next-hop-self

neighbor 10.1.45.2 remote-as 6500

no auto-summary

!

Hopes this helps

Thot

Sully:

The BGP processes on R1 and R4, in AS 5500, are not advertising any networks to AS 6500. How are the BGP speakers in AS 6500 going to forward traffic to networks in AS 5500 when they have not learned about them?

Look at the BGP table and OSPF route table for R5:

IP ROUTE TABLE FROM R5

Gateway of last resort is not set

C 200.1.4.0/24 is directly connected, Loopback4

50.0.0.0/24 is subnetted, 1 subnets

C 50.1.1.0 is directly connected, Loopback7

5.0.0.0/32 is subnetted, 1 subnets

C 5.5.5.5 is directly connected, Loopback5

C 200.1.1.0/24 is directly connected, Loopback1

C 200.1.2.0/24 is directly connected, Loopback2

C 200.1.3.0/24 is directly connected, Loopback3

10.0.0.0/24 is subnetted, 1 subnets

C 10.1.45.0 is directly connected, Serial1/0

R5#

IP BGP TABLE FROM R5

R5#sh ip bgp

BGP table version is 9, local router ID is 10.1.45.2

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path

*> 50.1.1.0/24 0.0.0.0 0 32768 i

*> 200.1.1.0 0.0.0.0 0 32768 ?

*> 200.1.2.0 0.0.0.0 0 32768 ?

*> 200.1.3.0 0.0.0.0 0 32768 ?

R5#

R5, in AS 6500, has no knowledge of any networks in AS 5500, so how can it forward traffic (icmp echo-replies, in your case) to networks that reside in AS 5500? It can't.

The eBGP neighbor relationships are established, but the learning process is unidirectional.

HTH

Victor

Victor,

thanks for the explanation. how would i get R5 to learn about the remote networks? Apologies if this is a basic question but Ive just started BGP in my BSCI so its all new to me.

Regards

Sully

Sully:

R4 will have to advertise the internal networks to its eBGP peer. There are two ways to do that. Either by using the network command under the BGP process (as R5 in AS 6500 is doing), or by redistributing the IGP into BGP. Using the latter method is more complex and requires more planning. It will require outbound filters in most cases to prevent route leaking and advertising private addresses over the public Internet.

In your case, use the network command. Follow R5's example.

[EDIT] By the way, if you are going to turn off BGP auto-summarization on R4 and advertise a classless internal subnet to your eBGP peer, you must make sure that a route with an exact match exists for that subnet in your IP routing table. By an exact match, I mean the prefix length must be the same.

However, with BGP auto-summarization enabled, you can advertise a classful network, which will be summarized along classful boundaries. In that case, all you need in the IP routing table is the major network prefix or one of its subnets. The exact match is not necessary.[EDIT]

HTH

Victor

Thanks victor, i will try that. and let you know how i get on.

Sully, I just added some additional comments to the earlier post. Check it out.

Thanks and good luck.

Victor

victor,

ive gone onto R4 and added the remote neworks using the network commands and this has been added in the BGP table of R4 as below:

BGP table version is 9, local router ID is 4.4.4.4

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path

*> 10.1.12.0/24 10.1.24.1 128 32768 i

*> 10.1.13.0/24 10.1.34.1 128 32768 i

*> 10.1.24.0/24 0.0.0.0 0 32768 i

*> 10.1.34.0/24 0.0.0.0 0 32768 i

*> 50.1.1.0/24 10.1.45.2 0 0 6500 i

*> 200.1.1.0 10.1.45.2 0 0 6500 ?

*> 200.1.2.0 10.1.45.2 0 0 6500 ?

*> 200.1.3.0 10.1.45.2 0 0 6500 ?

R4#

however, when i go to R1's bgp table i get the following:

R1#sh ip bgp

BGP table version is 13, local router ID is 1.1.1.1

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path

r>i10.1.12.0/24 4.4.4.4 128 100 0 i

r>i10.1.13.0/24 4.4.4.4 128 100 0 i

r>i10.1.24.0/24 4.4.4.4 0 100 0 i

r>i10.1.34.0/24 4.4.4.4 0 100 0 i

*>i50.1.1.0/24 4.4.4.4 0 100 0 6500 i

*>i200.1.1.0 4.4.4.4 0 100 0 6500 ?

*>i200.1.2.0 4.4.4.4 0 100 0 6500 ?

*>i200.1.3.0 4.4.4.4 0 100 0 6500 ?

R1#

can you please explain why? and what RIB failure is? also, why are the metrics 0 for some of the neworks?

Sol

Post the new configs for R1 and R4.

Include the IP routing tables and BGP tables.

Show me the tables for R5, too.

hi Victor

attached are the configs. Ive noticed that R1,R2,R3 have networks 200.1.1.0, 2.0 & 3.0/24 as External Routes. Is this supposed to be the case? also, i can ping from R1,R2 &R3 to network 200.1.1.0,2.0 3.0 (off R5) but cant ping 50.1.1.1 which is off R5 as well.

From R5 i still cant ping the remote n/w although they appear in the bgp and routing table. as the R5 config shows, network 10.1.45.0 is marked r>.

Any explanations?

looks like you have synch turned on over R1. "r>" indicates the routes that were learnt from an IGP 7 they are still advertised by BGP bcoz you hv synch turne on router.

B:

Synchronization is off. Look at the configs he posted.

Sully:

I wanted to make sure I know exactly what changes you made and how they effected the routing and BGP tables before I answer your question. But it seems that you're tied up and I need to head out to a client ASAP.

So, let me just say that the RIB-FAILURE means that the paths that iBGP on R1 has selected as the best paths were not placed into the IGP routing table/RIB because they already exist and the source has a lower AD.

Remember, a router that has learned of multiple routes to the same destination from different sources will always select the source with the lower AD (administrative distance). That is the route that will be placed in the routing table/RIB.

Remember, too, that iBGP has an AD of 200. OSPF has an AD of 110.

Look again at R1's routing table:

Gateway of last resort is not set

1.0.0.0/32 is subnetted, 1 subnets

C 1.1.1.1 is directly connected, Loopback1

50.0.0.0/24 is subnetted, 1 subnets

B 50.1.1.0 [200/0] via 4.4.4.4, 00:29:24

4.0.0.0/32 is subnetted, 1 subnets

O 4.4.4.4 [110/129] via 10.1.12.2, 00:29:24, Serial1/0

B 200.1.1.0/24 [200/0] via 4.4.4.4, 00:29:24

B 200.1.2.0/24 [200/0] via 4.4.4.4, 00:29:24

B 200.1.3.0/24 [200/0] via 4.4.4.4, 00:29:24

10.0.0.0/24 is subnetted, 4 subnets

C 10.1.13.0 is directly connected, Serial1/1

C 10.1.12.0 is directly connected, Serial1/0

O 10.1.24.0 [110/128] via 10.1.12.2, 00:29:24, Serial1/0

O 10.1.34.0 [110/192] via 10.1.12.2, 00:29:24, Serial1/0

All those iBGP-learned prefixes that were tagged with the "r" are already in R1's RIB, and they are either being learned through OSPF or by virtue of being directly connected. In both cases, the AD is less than 200, and therefore the BGP-learned routes will not be placed in the RIB.

In other words, all is normal. I'll be offline for most of the day.

HTH

Victor

victor your explanation of the "r" makes sense. thanks for that.

coming back to the networks 200.1.x.0 i cant understand why they are learned via external OSPF and not bGP? i didnt make any changes that would have affected this. (so i say) still cant understand why i cant ping the 50.1.1.0 network as its on R5? i gues im pinging the 200 networks via OSPF?

Im not sure I know what you're talking about?

External OSPF?

Who is learning the 200.1 network through "external OSPF"?

What are you trying to PING and where are you trying to PING it from?

Please be clearer.

Thanks

Victor

Victor

if you look at the 2nd lot of configs for R1 and the routing table, R1 is learning the routes to networks 200.1.x.0 via OSPF E2.

Im trying to ping network 50.1.1.1 (attached at R5) but with no success but i can ping networks 200.1.x.0 which are also attached to R5. does this make sense?

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: