Routing Loop

Unanswered Question
Mar 19th, 2009

Hi,

Can somebody help me out please?? I am having a routing loop to this route 222.128.192.0/18.

I have 2 eBGP routers multihomed to two isps. 1 isp connection to each router. when i do a show ip route to one of the router, it has a route the this network going out to its ebgp neighbor. But somehow, doing a traceroute to this network, the router uses another exit link -- to its ibgp neighbor.

Now, the other router has the same route with its exit to the previous router. So now, i am getting a loop.

Why would a router have a route on its forwarding table but doesn't use it?

here's a snapshot of the 'show ip route' and trace result:

I1#sh ip route 222.128.254.1

Routing entry for 222.128.192.0/18, supernet

Known via "bgp 73xx", distance 20, metric 0

Tag 9658, type external

Last update from 61.28.163.41 00:05:22 ago

Routing Descriptor Blocks:

* 61.28.163.41, from 61.28.163.41, 00:05:22 ago

Route metric is 0, traffic share count is 1

AS Hops 4

Route tag 9658

Trace result:

Type escape sequence to abort.

Tracing the route to 222.128.254.1

1 10.255.254.2 [AS 3491] 0 msec 4 msec 0 msec

2 * * *

3 * * *

4 * *

Appreciate your help.

Thanks.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Giuseppe Larosa Fri, 03/20/2009 - 00:47

Hello Jonathan,

I remember a similar thread some time ago.

in that case the devices involved were two C6500 with sup2 /MSFC2.

What is happening is that the IP routing table says one thing but the CEF forwarding table has built a different entry.

check with sh ip bgp sum how many prefixes are present in the BGP table of the two devices.

Have you configured any route filter or route-map on BGP sessions ?

provide the following

sh ip bgp 222.128.254.1

sh ip cef 222.228.192.0 detail

in the CEF table you should see the other device as the next-hop instead of the eBGP peer

What type of devices are involved ?

Hope to help

Giuseppe

nojpt Sun, 03/22/2009 - 19:45

Hi Giuseppe,

Thanks for your response. Really appreciate it. Provided below are stuff you asked:

These two routers are 7206 VXRs. BGP prefixes on both routers are R1=286834 and R2=266323. I have no filters on BGP except advertised filter announcing only my AS.

Here's the output of 'show ip bgp', 'show ip cef' and 'show ip route'

I1#sh ip cef 222.128.254.1 detail

222.128.192.0/18, version 3172361, epoch 0, cached adjacency 10.255.254.2

0 packets, 0 bytes

Flow: AS 0, mask 18

via 10.222.222.2, 0 dependencies, recursive

next hop 10.255.254.2, GigabitEthernet0/2 via 10.222.222.2/32

valid cached adjacency

show ip bgp 222.128.254.1

I1#sh ip bgp 222.128.254.1

BGP routing table entry for 222.128.192.0/18, version 33472565

Paths: (2 available, best #1, table Default-IP-Routing-Table)

Advertised to update-groups:

3

9658 7018 4837 4808

61.28.163.41 from 61.28.163.41 (203.167.102.242)

Origin IGP, localpref 200, valid, external, best

9658 7018 4837 4808, (received-only)

61.28.163.41 from 61.28.163.41 (203.167.102.242)

Origin IGP, localpref 100, valid, external

show ip route 222.128.254.1

I1#sh ip route 222.128.254.1

Routing entry for 222.128.192.0/18, supernet

Known via "bgp 7306", distance 20, metric 0

Tag 9658, type external

Last update from 61.28.163.41 2d20h ago

Routing Descriptor Blocks:

* 61.28.163.41, from 61.28.163.41, 2d20h ago

Route metric is 0, traffic share count is 1

AS Hops 4

Route tag 9658

Now i am lost between what is the output of 'show ip route' and 'sh ip cef'. Isn't it that both of them are the actual forwarding table of the router? From the output above, both commands showed different results. And it seems that the router is using the CEF table, but where does it get that value?

Whereas, the result of 'show ip route' was taken from BGP routing table which clearly shows it from 'show ip bgp' command.

Thanks in advance.

Jonathan

lamav Sun, 03/22/2009 - 20:08

Jonathan:

According to the cef table, the next hop is the first hop taken by the trace route. So that makes sense.

The fact that the cef "next hop" is differet from the routing table's next hop is not necessarily inexplicable.

Is the routing table's next hop of 61.28.163.41 a directly connected route or is this an eBGP multiphop condition? I see that the output of the cef table shows that the lookup was recursive. So, the cef "next hop" may be the next hop on the path to the eBGP "next hop."

You may want to investigate what this 10.222.222.2 address is and how it relates to your router's network reachability information for 222.128.192.0/18.

If this does not explain it, can you try clearing the cef table and rebuilding it?

HTH

Victor

nojpt Sun, 03/22/2009 - 20:54

Hi Victor,

Thanks for the reply.

61.28.163.41 is my R1 eBGP neighor and is a point-to-point connection. The 10.222.222.2 is my R1 iBGP neighbor in multihop condition.

The funny thing is, my other router R2 (the iBGP neighbor of R1) has R1 as next hop for 222.128.192/18 prefix. So there it becomes a route loop for that prefix.

See output from R2:

I2#sh ip cef 222.128.254.1 detail

222.128.192.0/18, version 17189273, epoch 0, cached adjacency 10.255.254.1

0 packets, 0 bytes

Flow: AS 0, mask 18

via 10.111.111.1, 0 dependencies, recursive

next hop 10.255.254.1, GigabitEthernet0/2 via 10.111.111.1/32

valid cached adjacency

I2#sh ip bgp 222.128.254.1

BGP routing table entry for 222.128.192.0/18, version 29517408

Paths: (3 available, best #1, table Default-IP-Routing-Table)

Not advertised to any peer

9658 7018 4837 4808, (received & used)

10.111.111.1 from 10.111.111.1 (10.111.111.1)

Origin IGP, metric 0, localpref 200, valid, internal, best

23930 3491 7262 4837 4808

121.127.6.113 from 121.127.6.113 (121.127.1.253)

Origin IGP, localpref 200, valid, external

23930 3491 7262 4837 4808, (received-only)

121.127.6.113 from 121.127.6.113 (121.127.1.253)

Origin IGP, localpref 100, valid, external

I2#sh ip route 222.128.254.1

Routing entry for 222.128.192.0/18, supernet

Known via "bgp 7306", distance 200, metric 0

Tag 9658, type internal

Last update from 10.111.111.1 00:00:41 ago

Routing Descriptor Blocks:

* 10.111.111.1, from 10.111.111.1, 00:00:41 ago

Route metric is 0, traffic share count is 1

AS Hops 4

Route tag 9658

10.111.111.1 is R1 iBGP interface ip.

Now i think i have to clear the CEF table to resolve this. But is there a way to clear only the 222.128.192.0/18 entry? So that it won't have any effect on other prefixes?

Thanks!

Jonathan

Giuseppe Larosa Sun, 03/22/2009 - 22:52

Hello Jonathan,

R2 is correct in this case the two outputs of sh ip bgp and sh ip cef says the same thing.

R2 choices the iBGP path for the greater local preference

>> Origin IGP, metric 0, localpref 200, valid, internal, best

The problem is on R1.

you are receiving two full BGP tables in the order or more of 280,000 routes.

The problem appears similar of that of that thread of some mounths ago I mentioned.

The question becomes: is R1 as a multilayer switch that uses CEF capable of handling CEF tables for 280,000 prefixes ?

You can be in a grey zone where the signalling plane (MSFC) can handle 280,000 routes but the CEF engine is not able.

If this happens some CEF entries can be missing or it can be somewhat corrupted.

To understand if this is the case may you post what model of multilayer switch is R1 ?

sh ver / sh module

we need to look at the supervisor model including the version:

for example a sup720-3BXL can be fine in your scenario, while a sup720 base it is not OK.

Also the IOS version can be part of the problem:

what IOS versions you have ?

In C7600 we experienced CEF problems with specific flows lost inside the device even if their CEF entries were correct.

We have sup 720 3BXL and we run currently c7600s72033-adventerprisek9-mz.122-33.SRC.bin over them.

Hope to help

Giuseppe

nojpt Sun, 03/22/2009 - 23:15

Hi Giuseppe,

Both routers are 7206VXRs and using 12.3(14)T5 IOS.

I realize too that R1 is the problem. I have no idea where it gets the entry on its cef table. I may have to clear its fib but i am looking for ways to delete the enry for 222.128.192.0/18 only so that it is not as destructive. Would you have an idea how to do it?

Thanks.

Giuseppe Larosa Sun, 03/22/2009 - 23:26

Hello Jonathan,

I hope you have at least an NPE-G1 processor.

in addition to the suggestion of Mohamed

I see in one C7206VXR we have the following

clear ip cef A.B.C.D/nn

You can give a try but be aware that other prefixes can be in the same condition if the CEF table is overwhelmed.

Hope to help

Giuseppe

Mohamed Sobair Sun, 03/22/2009 - 23:03

Hi Jonathan,

A possible cause to this problem is that the path to network 222.x.x.x is being filtered.

As Giu and Victor said, Have you filtered the path to network 222.x.x.x?

On the other hand, you can normally clear the routing table for that entry with: "clear ip route 222.x.x.x"

HTH

Mohamed

nojpt Sun, 03/22/2009 - 23:43

Hi Mohamed,

I have no filters on these routers except in the advertisement where i filter to announce only my own AS.

!

ip as-path access-list 4 permit ^$

!

route-map out permit 10

match as-path 4

!

I did the clear ip route for the prefix 222.128.192.0/18 like you said, but the cef entry is still the same.

Thanks!

Actions

This Discussion