cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1237
Views
25
Helpful
24
Replies

BGP Question

Rick Morris
Level 6
Level 6

LAB Set-up

I have 2 CE routers running BGP with a PE router for site A

I have the mirror set-up for Site B

My issue is now running BGP between the two PE's and getting the routes to propagate between them.

How is this done?

CARRIER-A#sh ip bgp sum

BGP router identifier 210.1.1.1, local AS number 209

BGP table version is 2, main routing table version 2

2 network entries using 264 bytes of memory

3 path entries using 156 bytes of memory

3/1 BGP path/bestpath attribute entries using 444 bytes of memory

1 BGP AS-PATH entries using 24 bytes of memory

0 BGP route-map cache entries using 0 bytes of memory

0 BGP filter-list cache entries using 0 bytes of memory

Bitfield cache entries: current 1 (at peak 2) using 32 bytes of memory

BGP using 920 total bytes of memory

BGP activity 13/11 prefixes, 25/22 paths, scan interval 60 secs

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd

123.2.2.2 4 209 77 76 2 0 0 01:10:39 1

208.10.10.1 4 1000 8780 8692 2 0 0 01:13:04 1

208.10.10.2 4 1000 1482 1465 2 0 0 01:13:02 1

CARRIER-A#sh ip bgp neigh 123.2.2.2 adv

BGP table version is 2, local router ID is 210.1.1.1

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path

*> 63.10.10.0/24 208.10.10.1 0 100 0 1000 i

Total number of prefixes 1

CARRIER-A#sh ip bgp neigh 123.2.2.2 ro

BGP table version is 2, local router ID is 210.1.1.1

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path

* i63.20.20.0/24 208.20.20.1 0 100 0 1000 i

Total number of prefixes 1

CARRIER-A#ping 63.20.20.1

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 63.20.20.1, timeout is 2 seconds:

.....

Success rate is 0 percent (0/5)

CARRIER-A#sh ip route 63.20.20.1

% Subnet not in table

CARRIER-A#sh ip bgp 63.20.20.1

BGP routing table entry for 63.20.20.0/24, version 0

Paths: (1 available, no best path)

Not advertised to any peer

1000

208.20.20.1 (inaccessible) from 123.2.2.2 (210.2.2.1)

Origin IGP, metric 0, localpref 100, valid, internal

router bgp 209

no synchronization

bgp log-neighbor-changes

neighbor 123.2.2.2 remote-as 209

neighbor 123.2.2.2 ebgp-multihop 2

neighbor 123.2.2.2 update-source Loopback10

neighbor 123.2.2.2 version 4

neighbor 208.10.10.1 remote-as 1000

neighbor 208.10.10.1 ebgp-multihop 2

neighbor 208.10.10.1 update-source Loopback0

neighbor 208.10.10.1 version 4

neighbor 208.10.10.1 default-originate

neighbor 208.10.10.1 route-map MONROE-IN in

neighbor 208.10.10.1 route-map MONROE-OUT out

neighbor 208.10.10.2 remote-as 1000

neighbor 208.10.10.2 ebgp-multihop 2

neighbor 208.10.10.2 update-source Loopback0

neighbor 208.10.10.2 version 4

neighbor 208.10.10.2 default-originate

neighbor 208.10.10.2 route-map MONROE-IN in

neighbor 208.10.10.2 route-map MONROE-OUT out

no auto-summary

24 Replies 24

Jon Marshall
Hall of Fame
Hall of Fame

Rick

208.20.20.1 (inaccessible) from 123.2.2.2 (210.2.2.1)

Origin IGP, metric 0, localpref 100, valid, internal

What is 208.20.20.1 - could you provide a quick topology with IP addressing for the PE's.

Jon

Attached are the configs for all devices and a throw together topology.

I am not sure if what I am doing is correct.

I added a route to the carrier A side:

ip route 208.20.20.1 255.255.255.255 fa0/0

ip route 208.20.20.2 255.255.255.255 fa0/0

did a ping to 63.20.20.1 and it worked.

I go to the CE router and ping with no luck see output:

MONR001-A#ping 63.20.20.1

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 63.20.20.1, timeout is 2 seconds:

.....

Success rate is 0 percent (0/5)

MONR001-A#

MONR001-A#sh ip bgp 63.20.20.1

BGP routing table entry for 0.0.0.0/0, version 10

Paths: (1 available, best #1, table Default-IP-Routing-Table)

Not advertised to any peer

209

123.1.1.1 from 123.1.1.1 (210.1.1.1)

Origin IGP, metric 0, localpref 100, valid, external, best

MONR001-A#

Rick

1) Remove the 2 static routes you added ie.

ip route 208.20.20.1 255.255.255.255 fa0/0

ip route 208.20.20.2 255.255.255.255 fa0/0

2) On carrier A add this to your BGP config -

neighbor 123.2.2.2 next-hop self

3) On carrier B add this to BGP config -

neighbor 123.1.1.2 next-hop self

assuming you are peering with carrier A on 123.1.1.2

What the next-hop self command does is tell each PE to make itself the next-hop when it advertises the routes to the other PE.

Without this they will advertise the routes with the original next-hop which is the CE address ie. from your example 208.20.20.1/2. But the CE behind carrier A doesn't know how to get to the 208.20.20.x network.

Because the link between PE's is IBGP, ie. they are in the same AS, then the default is not to change the next-hop, hence you need the command.

For the CE you are pinging from, can you post the "sh ip route" & the "sh ip bgp" and the same from the CE your are trying to ping ie. 63.20.20.1

Jon

I am trying to get to the network on Carrier B side by pinging from my inside switch, layer 2 - this will go through the layer 3 swith to the CE router then to the PE router at site A

Here is what I see:

MONMDF01-A#ping 63.20.20.1

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 63.20.20.1, timeout is 2 seconds:

U.U.U

Success rate is 0 percent (0/5)

MONMDF01-A#ping 210.20.20.1

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 210.20.20.1, timeout is 2 seconds:

U.U.U

Success rate is 0 percent (0/5)

MONMDF01-A#ping 208.20.20.1

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 208.20.20.1, timeout is 2 seconds:

U.U.U

If I move to the layer 3 switch which is receiving default routes from the CE router:

MONEXT01-A#ping 63.20.20.1

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 63.20.20.1, timeout is 2 seconds:

U.U.U

Success rate is 0 percent (0/5)

MONEXT01-A#sh ip bgp 63.20.20.1

BGP routing table entry for 0.0.0.0/0, version 18

Paths: (2 available, best #2, table Default-IP-Routing-Table)

Multipath: iBGP

Not advertised to any peer

Local, (received & used)

10.252.1.5 from 10.252.1.5 (208.10.10.2)

Origin IGP, metric 0, localpref 100, valid, internal, multipath

Local, (received & used)

10.252.1.4 from 10.252.1.4 (208.10.10.1)

Origin IGP, metric 0, localpref 100, valid, internal, multipath, best

MONEXT01-A#sh ip route 63.20.20.1

% Network not in table

If I ping from the CE Router:

MONR001-A#ping 63.20.20.1

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 63.20.20.1, timeout is 2 seconds:

U.U.U

Success rate is 0 percent (0/5)

MONR001-A#sh ip bgp 63.20.20.1

BGP routing table entry for 0.0.0.0/0, version 17

Paths: (1 available, best #1, table Default-IP-Routing-Table)

Not advertised to any peer

209

123.1.1.1 from 123.1.1.1 (210.1.1.1)

Origin IGP, metric 0, localpref 100, valid, external, best

MONR001-A#sh ip route 63.20.20.1

% Subnet not in table

From the PE-A side:

CARRIER-A#sh ip bgp 63.20.20.1

BGP routing table entry for 63.20.20.0/24, version 9

Paths: (1 available, no best path)

Not advertised to any peer

1000

123.2.2.2 from 123.2.2.2 (210.2.2.1)

Origin IGP, metric 0, localpref 100, valid, internal, not synchronized

CARRIER-A#sh ip route 63.20.20.1

% Subnet not in table

CARRIER-A#ping 63.20.20.1

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 63.20.20.1, timeout is 2 seconds:

.....

Success rate is 0 percent (0/5)

CARRIER-A#sh ip bgp neigh 123.2.2.2 ro

BGP table version is 9, local router ID is 210.1.1.1

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path

* i63.20.20.0/24 123.2.2.2 0 100 0 1000 i

Total number of prefixes 1

Rick

Lets sort out one thing at a time then :-)

PE ping not working because you are advertising the routes with the loopbacks ie.

update source loopback10

Does carrier A PE know how to get to carrier B's loopback ie.

on carrier A do you have a route for 123.2.2.2 ?

if not add

ip route 123.2.2.2 255.255.255.255 172.16.0.2

and do the same thing on carrier B ie.

ip route 123.1.1.2 255.255.255.255 172.16.0.1

then try pinging again.

Jon

I have the following in there:

Carrier-A

interface FastEthernet0/0

description Connection to Carrier-B network

ip address 172.16.0.1 255.255.255.252

!

ip route 123.2.2.2 255.255.255.255 FastEthernet0/0

!

CARRIER-A#ping 123.2.2.2

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 123.2.2.2, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms

Carrier-B:

interface FastEthernet0/0

description Connection to Carrier-A network

ip address 172.16.0.2 255.255.255.252

!

ip route 123.1.1.2 255.255.255.255 FastEthernet0/0

!

CARRIER-B#ping 123.1.1.2

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 123.1.1.2, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms

Cannot ping any other IP on the other network:

CARRIER-B#ping 63.10.10.1

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 63.10.10.1, timeout is 2 seconds:

.....

Success rate is 0 percent (0/5)

CARRIER-B#ping 208.10.10.1

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 208.10.10.1, timeout is 2 seconds:

.....

Success rate is 0 percent (0/5)

Rick

Okay, can you post full details ie.

sh ip bgp

sh ip ro

+ bgp config of router

from

CE-A & B in both sites

Carrier A & Carrier B

Jon

Output attached

Hello Rick,

>> If CE Router 10.1.1.0 advertises its routes to PE Router A and CE Router 10.2.2.0 advertises its routes to PE Router B, how to the 2 PE routers send those routes to each other?

by using an iBGP session between them (PE1-PE2) under the condition that what you call CE1 and CE2 have true eBGP sessions with PE1 and PE2.

I mean:

CE1 AS number x

CE2 AS number y

PE1 and PE2 AS number Z

the reason is that a BGP router cannot accept an advertisement with an AS path that contain its own AS number.

Possible options are:

using a different AS number at each CE as suggested above;

using private AS number on CE nodes and using AS override on PE nodes;

third option (advanced one not suggested for beginners)

use of neigh allowas-in that can tweak the check on the AS path attribute.

Hope to help

Giuseppe

Giuseppe,

Thanks!

I have been beating my head against a wall here on this one. I have the two sites working as they should then trying to bridge the two carrier pieces together has been something new and difficult.

When you are talking about the as override do you have the command or link to this?

I think I understand now!

I might just end up changing the AS as the CE sides just to make it easier on me config wise.

Hello Rick,

I would use a different AS number first.

I've used widely neigh .. as-override but only in real MPLS VPN context under

address-family ipv4 vrf VRF-name and with CE nodes using private ASN.

Another note about the way you presented your scenario:

terms like CE and PE have a different meaning without looking inside your attachment file we can think you are trying to setup a L3 MPLS VPN.

a command that can be useful in normal BGP scenarios:

http://www.cisco.com/en/US/docs/ios/iproute/command/reference/irp_bgp3.html#wp1016112

but works only if you give to CE a private AS in range

The private autonomous system values are from 64512 to 65535.

Hope to help

Giuseppe

Here is the change I made

CE (Customer Edge) - A ASN 64512

PE (Provider Edge) - A ASN 209

PE (Provider Edge) - B ASN 209

CE (Customer Edge) - B ASN 64513

Output:

CARRIER-A#sh ip bgp sum

BGP router identifier 210.1.1.1, local AS number 209

2 network entries using 264 bytes of memory

3 path entries using 156 bytes of memory

6/1 BGP path/bestpath attribute entries using 888 bytes of memory

3 BGP AS-PATH entries using 72 bytes of memory

0 BGP route-map cache entries using 0 bytes of memory

0 BGP filter-list cache entries using 0 bytes of memory

Bitfield cache entries: current 1 (at peak 2) using 32 bytes of memory

BGP using 1412 total bytes of memory

BGP activity 3/1 prefixes, 4/1 paths, scan interval 60 secs

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd

123.2.2.2 4 209 24 19 2 0 0 00:02:34 1

208.10.10.1 4 64512 18 15 2 0 0 00:13:17 1

208.10.10.2 4 64512 17 15 2 0 0 00:13:17 1

CARRIER-A#sh ip bgp neigh 123.2.2.2 adv

BGP table version is 2, local router ID is 210.1.1.1

Network Next Hop Metric LocPrf Weight Path

*> 63.10.10.0/24 208.10.10.1 0 100 0 64512 i

Total number of prefixes 1

CARRIER-A#sh ip bgp neigh 123.2.2.2 ro

BGP table version is 2, local router ID is 210.1.1.1

Network Next Hop Metric LocPrf Weight Path

* i63.20.20.0/24 123.2.2.2 0 100 0 64513 i

Total number of prefixes 1

CARRIER-A#sh ip bgp 63.20.20.1

BGP routing table entry for 63.20.20.0/24, version 0

Paths: (1 available, no best path)

Multipath: eBGP

Not advertised to any peer

64513

123.2.2.2 from 123.2.2.2 (210.2.2.1)

Origin IGP, metric 0, localpref 100, valid, internal, not synchronized

CARRIER-A#ping 63.20.20.1

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 63.20.20.1, timeout is 2 seconds:

.....

Success rate is 0 percent (0/5)

CARRIER-B#sh ip bgp sum

BGP router identifier 210.2.2.1, local AS number 209

3 path entries using 156 bytes of memory

4/1 BGP path/bestpath attribute entries using 496 bytes of memory

2 BGP AS-PATH entries using 48 bytes of memory

0 BGP route-map cache entries using 0 bytes of memory

0 BGP filter-list cache entries using 0 bytes of memory

Bitfield cache entries: current 1 (at peak 1) using 32 bytes of memory

BGP using 972 total bytes of memory

BGP activity 2/0 prefixes, 3/0 paths, scan interval 60 secs

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd

123.1.1.2 4 209 8 9 2 0 0 00:04:22 1

208.20.20.1 4 64513 9 9 2 0 0 00:04:14 1

208.20.20.2 4 64513 9 9 2 0 0 00:04:19 1

CARRIER-B#sh ip bgp neigh 123.1.1.2 adv

BGP table version is 2, local router ID is 210.2.2.1

Network Next Hop Metric LocPrf Weight Path

*> 63.20.20.0/24 208.20.20.1 0 100 0 64513 i

Total number of prefixes 1

CARRIER-B#sh ip bgp neigh 123.1.1.2 ro

BGP table version is 2, local router ID is 210.2.2.1

Network Next Hop Metric LocPrf Weight Path

* i63.10.10.0/24 123.1.1.2 0 100 0 64512 i

Total number of prefixes 1

CARRIER-B#sh ip bgp 63.10.10.1

BGP routing table entry for 63.10.10.0/24, version 0

Paths: (1 available, no best path)

Not advertised to any peer

64512

123.1.1.2 from 123.1.1.2 (210.1.1.1)

Origin IGP, metric 0, localpref 100, valid, internal, not synchronized

CARRIER-B#ping 63.10.10.1

.....

Success rate is 0 percent (0/5)

For sanity sake from Carrier A to CE network:

CarrierA

CARRIER-A#ping 63.10.10.1

!!!!!

CarrierB

CARRIER-B#ping 63.20.20.1

!!!!!

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco