07-08-2009 12:56 PM - edited 03-04-2019 05:22 AM
LAB Set-up
I have 2 CE routers running BGP with a PE router for site A
I have the mirror set-up for Site B
My issue is now running BGP between the two PE's and getting the routes to propagate between them.
How is this done?
CARRIER-A#sh ip bgp sum
BGP router identifier 210.1.1.1, local AS number 209
BGP table version is 2, main routing table version 2
2 network entries using 264 bytes of memory
3 path entries using 156 bytes of memory
3/1 BGP path/bestpath attribute entries using 444 bytes of memory
1 BGP AS-PATH entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
Bitfield cache entries: current 1 (at peak 2) using 32 bytes of memory
BGP using 920 total bytes of memory
BGP activity 13/11 prefixes, 25/22 paths, scan interval 60 secs
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
123.2.2.2 4 209 77 76 2 0 0 01:10:39 1
208.10.10.1 4 1000 8780 8692 2 0 0 01:13:04 1
208.10.10.2 4 1000 1482 1465 2 0 0 01:13:02 1
CARRIER-A#sh ip bgp neigh 123.2.2.2 adv
BGP table version is 2, local router ID is 210.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 63.10.10.0/24 208.10.10.1 0 100 0 1000 i
Total number of prefixes 1
CARRIER-A#sh ip bgp neigh 123.2.2.2 ro
BGP table version is 2, local router ID is 210.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
* i63.20.20.0/24 208.20.20.1 0 100 0 1000 i
Total number of prefixes 1
CARRIER-A#ping 63.20.20.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 63.20.20.1, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
CARRIER-A#sh ip route 63.20.20.1
% Subnet not in table
CARRIER-A#sh ip bgp 63.20.20.1
BGP routing table entry for 63.20.20.0/24, version 0
Paths: (1 available, no best path)
Not advertised to any peer
1000
208.20.20.1 (inaccessible) from 123.2.2.2 (210.2.2.1)
Origin IGP, metric 0, localpref 100, valid, internal
router bgp 209
no synchronization
bgp log-neighbor-changes
neighbor 123.2.2.2 remote-as 209
neighbor 123.2.2.2 ebgp-multihop 2
neighbor 123.2.2.2 update-source Loopback10
neighbor 123.2.2.2 version 4
neighbor 208.10.10.1 remote-as 1000
neighbor 208.10.10.1 ebgp-multihop 2
neighbor 208.10.10.1 update-source Loopback0
neighbor 208.10.10.1 version 4
neighbor 208.10.10.1 default-originate
neighbor 208.10.10.1 route-map MONROE-IN in
neighbor 208.10.10.1 route-map MONROE-OUT out
neighbor 208.10.10.2 remote-as 1000
neighbor 208.10.10.2 ebgp-multihop 2
neighbor 208.10.10.2 update-source Loopback0
neighbor 208.10.10.2 version 4
neighbor 208.10.10.2 default-originate
neighbor 208.10.10.2 route-map MONROE-IN in
neighbor 208.10.10.2 route-map MONROE-OUT out
no auto-summary
07-08-2009 01:40 PM
Rick
208.20.20.1 (inaccessible) from 123.2.2.2 (210.2.2.1)
Origin IGP, metric 0, localpref 100, valid, internal
What is 208.20.20.1 - could you provide a quick topology with IP addressing for the PE's.
Jon
07-09-2009 08:10 AM
07-09-2009 08:30 AM
I am not sure if what I am doing is correct.
I added a route to the carrier A side:
ip route 208.20.20.1 255.255.255.255 fa0/0
ip route 208.20.20.2 255.255.255.255 fa0/0
did a ping to 63.20.20.1 and it worked.
I go to the CE router and ping with no luck see output:
MONR001-A#ping 63.20.20.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 63.20.20.1, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
MONR001-A#
MONR001-A#sh ip bgp 63.20.20.1
BGP routing table entry for 0.0.0.0/0, version 10
Paths: (1 available, best #1, table Default-IP-Routing-Table)
Not advertised to any peer
209
123.1.1.1 from 123.1.1.1 (210.1.1.1)
Origin IGP, metric 0, localpref 100, valid, external, best
MONR001-A#
07-09-2009 11:20 AM
Rick
1) Remove the 2 static routes you added ie.
ip route 208.20.20.1 255.255.255.255 fa0/0
ip route 208.20.20.2 255.255.255.255 fa0/0
2) On carrier A add this to your BGP config -
neighbor 123.2.2.2 next-hop self
3) On carrier B add this to BGP config -
neighbor 123.1.1.2 next-hop self
assuming you are peering with carrier A on 123.1.1.2
What the next-hop self command does is tell each PE to make itself the next-hop when it advertises the routes to the other PE.
Without this they will advertise the routes with the original next-hop which is the CE address ie. from your example 208.20.20.1/2. But the CE behind carrier A doesn't know how to get to the 208.20.20.x network.
Because the link between PE's is IBGP, ie. they are in the same AS, then the default is not to change the next-hop, hence you need the command.
For the CE you are pinging from, can you post the "sh ip route" & the "sh ip bgp" and the same from the CE your are trying to ping ie. 63.20.20.1
Jon
07-09-2009 11:34 AM
I am trying to get to the network on Carrier B side by pinging from my inside switch, layer 2 - this will go through the layer 3 swith to the CE router then to the PE router at site A
Here is what I see:
MONMDF01-A#ping 63.20.20.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 63.20.20.1, timeout is 2 seconds:
U.U.U
Success rate is 0 percent (0/5)
MONMDF01-A#ping 210.20.20.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 210.20.20.1, timeout is 2 seconds:
U.U.U
Success rate is 0 percent (0/5)
MONMDF01-A#ping 208.20.20.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 208.20.20.1, timeout is 2 seconds:
U.U.U
If I move to the layer 3 switch which is receiving default routes from the CE router:
MONEXT01-A#ping 63.20.20.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 63.20.20.1, timeout is 2 seconds:
U.U.U
Success rate is 0 percent (0/5)
MONEXT01-A#sh ip bgp 63.20.20.1
BGP routing table entry for 0.0.0.0/0, version 18
Paths: (2 available, best #2, table Default-IP-Routing-Table)
Multipath: iBGP
Not advertised to any peer
Local, (received & used)
10.252.1.5 from 10.252.1.5 (208.10.10.2)
Origin IGP, metric 0, localpref 100, valid, internal, multipath
Local, (received & used)
10.252.1.4 from 10.252.1.4 (208.10.10.1)
Origin IGP, metric 0, localpref 100, valid, internal, multipath, best
MONEXT01-A#sh ip route 63.20.20.1
% Network not in table
If I ping from the CE Router:
MONR001-A#ping 63.20.20.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 63.20.20.1, timeout is 2 seconds:
U.U.U
Success rate is 0 percent (0/5)
MONR001-A#sh ip bgp 63.20.20.1
BGP routing table entry for 0.0.0.0/0, version 17
Paths: (1 available, best #1, table Default-IP-Routing-Table)
Not advertised to any peer
209
123.1.1.1 from 123.1.1.1 (210.1.1.1)
Origin IGP, metric 0, localpref 100, valid, external, best
MONR001-A#sh ip route 63.20.20.1
% Subnet not in table
From the PE-A side:
CARRIER-A#sh ip bgp 63.20.20.1
BGP routing table entry for 63.20.20.0/24, version 9
Paths: (1 available, no best path)
Not advertised to any peer
1000
123.2.2.2 from 123.2.2.2 (210.2.2.1)
Origin IGP, metric 0, localpref 100, valid, internal, not synchronized
CARRIER-A#sh ip route 63.20.20.1
% Subnet not in table
CARRIER-A#ping 63.20.20.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 63.20.20.1, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
CARRIER-A#sh ip bgp neigh 123.2.2.2 ro
BGP table version is 9, local router ID is 210.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
* i63.20.20.0/24 123.2.2.2 0 100 0 1000 i
Total number of prefixes 1
07-09-2009 11:47 AM
Rick
Lets sort out one thing at a time then :-)
PE ping not working because you are advertising the routes with the loopbacks ie.
update source loopback10
Does carrier A PE know how to get to carrier B's loopback ie.
on carrier A do you have a route for 123.2.2.2 ?
if not add
ip route 123.2.2.2 255.255.255.255 172.16.0.2
and do the same thing on carrier B ie.
ip route 123.1.1.2 255.255.255.255 172.16.0.1
then try pinging again.
Jon
07-09-2009 12:06 PM
I have the following in there:
Carrier-A
interface FastEthernet0/0
description Connection to Carrier-B network
ip address 172.16.0.1 255.255.255.252
!
ip route 123.2.2.2 255.255.255.255 FastEthernet0/0
!
CARRIER-A#ping 123.2.2.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 123.2.2.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms
Carrier-B:
interface FastEthernet0/0
description Connection to Carrier-A network
ip address 172.16.0.2 255.255.255.252
!
ip route 123.1.1.2 255.255.255.255 FastEthernet0/0
!
CARRIER-B#ping 123.1.1.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 123.1.1.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms
Cannot ping any other IP on the other network:
CARRIER-B#ping 63.10.10.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 63.10.10.1, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
CARRIER-B#ping 208.10.10.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 208.10.10.1, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
07-09-2009 01:46 PM
Rick
Okay, can you post full details ie.
sh ip bgp
sh ip ro
+ bgp config of router
from
CE-A & B in both sites
Carrier A & Carrier B
Jon
07-10-2009 05:32 AM
07-10-2009 10:50 AM
Hello Rick,
>> If CE Router 10.1.1.0 advertises its routes to PE Router A and CE Router 10.2.2.0 advertises its routes to PE Router B, how to the 2 PE routers send those routes to each other?
by using an iBGP session between them (PE1-PE2) under the condition that what you call CE1 and CE2 have true eBGP sessions with PE1 and PE2.
I mean:
CE1 AS number x
CE2 AS number y
PE1 and PE2 AS number Z
the reason is that a BGP router cannot accept an advertisement with an AS path that contain its own AS number.
Possible options are:
using a different AS number at each CE as suggested above;
using private AS number on CE nodes and using AS override on PE nodes;
third option (advanced one not suggested for beginners)
use of neigh allowas-in that can tweak the check on the AS path attribute.
Hope to help
Giuseppe
07-10-2009 10:55 AM
Giuseppe,
Thanks!
I have been beating my head against a wall here on this one. I have the two sites working as they should then trying to bridge the two carrier pieces together has been something new and difficult.
When you are talking about the as override do you have the command or link to this?
I think I understand now!
I might just end up changing the AS as the CE sides just to make it easier on me config wise.
07-10-2009 11:06 AM
Hello Rick,
I would use a different AS number first.
I've used widely neigh .. as-override but only in real MPLS VPN context under
address-family ipv4 vrf VRF-name and with CE nodes using private ASN.
Another note about the way you presented your scenario:
terms like CE and PE have a different meaning without looking inside your attachment file we can think you are trying to setup a L3 MPLS VPN.
a command that can be useful in normal BGP scenarios:
http://www.cisco.com/en/US/docs/ios/iproute/command/reference/irp_bgp3.html#wp1016112
but works only if you give to CE a private AS in range
The private autonomous system values are from 64512 to 65535.
Hope to help
Giuseppe
07-10-2009 11:01 AM
for those looking for some commands found this:
07-10-2009 11:40 AM
Here is the change I made
CE (Customer Edge) - A ASN 64512
PE (Provider Edge) - A ASN 209
PE (Provider Edge) - B ASN 209
CE (Customer Edge) - B ASN 64513
Output:
CARRIER-A#sh ip bgp sum
BGP router identifier 210.1.1.1, local AS number 209
2 network entries using 264 bytes of memory
3 path entries using 156 bytes of memory
6/1 BGP path/bestpath attribute entries using 888 bytes of memory
3 BGP AS-PATH entries using 72 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
Bitfield cache entries: current 1 (at peak 2) using 32 bytes of memory
BGP using 1412 total bytes of memory
BGP activity 3/1 prefixes, 4/1 paths, scan interval 60 secs
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
123.2.2.2 4 209 24 19 2 0 0 00:02:34 1
208.10.10.1 4 64512 18 15 2 0 0 00:13:17 1
208.10.10.2 4 64512 17 15 2 0 0 00:13:17 1
CARRIER-A#sh ip bgp neigh 123.2.2.2 adv
BGP table version is 2, local router ID is 210.1.1.1
Network Next Hop Metric LocPrf Weight Path
*> 63.10.10.0/24 208.10.10.1 0 100 0 64512 i
Total number of prefixes 1
CARRIER-A#sh ip bgp neigh 123.2.2.2 ro
BGP table version is 2, local router ID is 210.1.1.1
Network Next Hop Metric LocPrf Weight Path
* i63.20.20.0/24 123.2.2.2 0 100 0 64513 i
Total number of prefixes 1
CARRIER-A#sh ip bgp 63.20.20.1
BGP routing table entry for 63.20.20.0/24, version 0
Paths: (1 available, no best path)
Multipath: eBGP
Not advertised to any peer
64513
123.2.2.2 from 123.2.2.2 (210.2.2.1)
Origin IGP, metric 0, localpref 100, valid, internal, not synchronized
CARRIER-A#ping 63.20.20.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 63.20.20.1, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
CARRIER-B#sh ip bgp sum
BGP router identifier 210.2.2.1, local AS number 209
3 path entries using 156 bytes of memory
4/1 BGP path/bestpath attribute entries using 496 bytes of memory
2 BGP AS-PATH entries using 48 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
Bitfield cache entries: current 1 (at peak 1) using 32 bytes of memory
BGP using 972 total bytes of memory
BGP activity 2/0 prefixes, 3/0 paths, scan interval 60 secs
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
123.1.1.2 4 209 8 9 2 0 0 00:04:22 1
208.20.20.1 4 64513 9 9 2 0 0 00:04:14 1
208.20.20.2 4 64513 9 9 2 0 0 00:04:19 1
CARRIER-B#sh ip bgp neigh 123.1.1.2 adv
BGP table version is 2, local router ID is 210.2.2.1
Network Next Hop Metric LocPrf Weight Path
*> 63.20.20.0/24 208.20.20.1 0 100 0 64513 i
Total number of prefixes 1
CARRIER-B#sh ip bgp neigh 123.1.1.2 ro
BGP table version is 2, local router ID is 210.2.2.1
Network Next Hop Metric LocPrf Weight Path
* i63.10.10.0/24 123.1.1.2 0 100 0 64512 i
Total number of prefixes 1
CARRIER-B#sh ip bgp 63.10.10.1
BGP routing table entry for 63.10.10.0/24, version 0
Paths: (1 available, no best path)
Not advertised to any peer
64512
123.1.1.2 from 123.1.1.2 (210.1.1.1)
Origin IGP, metric 0, localpref 100, valid, internal, not synchronized
CARRIER-B#ping 63.10.10.1
.....
Success rate is 0 percent (0/5)
For sanity sake from Carrier A to CE network:
CarrierA
CARRIER-A#ping 63.10.10.1
!!!!!
CarrierB
CARRIER-B#ping 63.20.20.1
!!!!!
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: