02-10-2009 05:02 PM - edited 03-06-2019 03:58 AM
hi guys i have to following topology
R1(AS1)--IBGP--R2(AS1)--EBGP--R3(AS2)--EBGP--R4(AS3)
now i have added loop back addreses on R1 and advertised it thorugh network command under bgp and both IBGP peers can con ping that loop back
also i added lookpback on R4 AS 3
this one will be reachable by Ebgp
now the issue is
i can see all loopback on show ip bgp
thats mean its advertised corectly
R2 has next-hop-self ro R1 to solve the next hope issue
but when i ping between ASs i cant ping the advertsed loopbacks unless i advertise the networks between the deffrent ASs
for example if i want tp ping from R3 to R1 loopback address i need to advertise the IBGP link network address to R3 thourgh bgp to let it ping i think the return traffic need it !!
also if i wanna ping from R1 to R4 AS Loopback address i need to advertise the netwrok between R3 and R4
in other words i need to advertise the networks between ASs ( not directly connected) to get the ping work
by the way R2 peer with R3
R3 peer with R4
no direct peering between R2 and R4
is it normal to advertise those network between routers to get it ping ???
for IBGP no sync done
and it is directly connected no IGP \
but they ping but beyond thats i have the network advertisment need !!!
thank you
02-10-2009 06:32 PM
You need to advertise the source of your ping, in this case the egress interface from the transit routers.
With IGP, this is done by default as you need to include the router interfaces in the network statement in order to form neighbor adjacency while with BGP, this step isn't needed unless you want to ping from the router.
HTH,
__
Edison.
02-10-2009 06:36 PM
Hi Edison
i understand that but i just wanted to confirme it
now for example
if i have three ASs
the midel one lets say the transit AS
need to advertise both directly connected ASs netowrks to let ping works tow WAys ??
for internal IBGP peer to make it reachable we need to adverise the internal link to that peer to make it reachable by outside EBGP peers ?
thanks
02-10-2009 09:16 PM
if i have three ASs
the midel one lets say the transit AS
need to advertise both directly connected ASs netowrks to let ping works tow WAys ??
Yes, the middle router knows where to send the icmp echo but the destination does not know how to reach back the source of the ping thus it's unable to icmp echo-reply.
for internal IBGP peer to make it reachable we need to adverise the internal link to that peer to make it reachable by outside EBGP peers ?
I'm sorry - I don't follow..
__
Edison.
02-10-2009 06:40 PM
Hi,
It's normal as the IP address used as the source is not propagated via BGP.
When you issue the ping from R3, it will use the IP address of its ouput interface as the source address of the ping. The echo will reach R1 loopback but R1 has no route to send the echo-reply unless you announce R2-R3 link into BGP.
With your configuration only ping between R1 and R4 loopback addresses will work:
ping R1|R4 loopback @ source R4|R1 loopback address
HTH
Laurent.
02-10-2009 06:49 PM
hi Laurent
actually the case not like this
what you said is partially right
the issue is with the source not being advertised or not reachable
i know how to solved by advertising the networks
but i am doing some CCIE preperations
and i wanna confirm that this is normal for multiple ASs i need to advertise my internal network links to let the outside AS reachmy advetised addresses such as a loopback address
and for reachability between EBGP peers spaning multiple AS
they need to have the network between the ASs seen in the routing table (bgp) to reach each one though ping
because i were able to see all advertsied route but no ping
asl o you have mention that i can ping from R1 to R4 while
without advertising the ntworks between the ASs i cant !!
thats why i wanted to make sure if this is the normal way ???
thanks guys
02-10-2009 06:54 PM
by the way i will try to make extended ping source from loopbacks as u said i think should pin !!
02-11-2009 10:49 AM
Hi,
Routing is hop by hop decision so to troubleshoot you start from the router on which you initiate the ping (R3 in your case). On this router you check if you have an IP route to reach the destination. Once you know the next-hop, you connect to it and do the same check up to your destination (R1 in your case).
That was for the echo packet. Now you do the same thing for the echo reply. You check on R1 if you have a route to reach the destination (R3 ping source IP). Once you know the next-hop, connect to it and do the same check.
With this process you should find out who is missing a route.
HTH
Laurent.
02-11-2009 01:40 PM
hi guys
thanks for your notes
actually it was a basic issue but imortant as well
i have tried to make ping sourced from advertised loopbaks and worked thats which agree with both of your comments
i think i just confused at first
because it should be normal behaivor
by the way as long as we talking about BGP
i have question about route-map
as we know we can make the multiple matching as OR or AND
for example i wanna match traffic with AS 200 and community string 1:10
lets say i have community list 1
and as path list 1
the route map should be like
route-map map1 permit 10
match as-path 1
match comm-list 1
NOW if i wanna match any off them i mean as path OR comm-list how should the route map looks like ???
do i need to consult a policy -list or not ??
thanks again guys :)
02-11-2009 01:52 PM
NOW if i wanna match any off them i mean as path OR comm-list how should the route map looks like ???
route-map map1 permit 10
match as-path 1
route-map map1 permit 20
match comm-list 1
02-11-2009 03:48 PM
what about if i do it like this is it OR as well :
Router(config)# ip policy-list POLICY-LIST-NAME-1 permit
Router(config-policy-list)# match as-path 1
Router(config-policy-list)# match metric 10
Router(config)# ip policy-list POLICY-LIST-NAME-2 permit
Router(config-policy-list)# match community 20
Router(config-policy-list)# match metric 10
according to cisco website doc the bellow one use OR:
Router(config)# route-map MAP-NAME-2 10
Router(config-route-map)# match policy-list POLICY-LIST-NAME-3 POLICY-LIST-NAME-4
Router(config-route-map)# set community 10:1
Router(config-route-map)# set local-preference 140
thank you
02-11-2009 03:52 PM
Yes, there are many ways to skin the cat.
The solution you've posted (while not common) should work as well.
__
Edison.
02-11-2009 03:55 PM
cool
thaks for that
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide