IBGP Next Hop Strange Behaviour

Unanswered Question
Apr 11th, 2006
User Badges:

Chaps,


Consider the following scenario: An AS with multiple (lots) internal routers exchanging information via EIGRP. Out of these routers, two are border, with EBGP feeds to upstream providers. One of these routers is used as a default entry/exit point, whilst the other is used to lab purposes. A third router, somewhere in the depth of the network, requires a BGP routing table.


Neighbors (ibgp) between this third router and the "lab" border router have been established, with a lovely set of Internet routes reciding on the third router. The next hop of the ibgp routes are pointing towards the loopback of the "lab" border router. Everything seems absolutley fine. All loopbacks are reachable via the IGP, and from any BGP router.


Now, When I trace from the third router (from an interface address which is been announced via the "lab" border router to upstream) it decides to follow the candidate default route located on next-igp-hop (a pure igp router), exiting via the wrong border router, not the one specified by the BGP NEXT HOP.



I've checked the administrative distances, and they seem to be fine (perhaps not).


I'm confused, why could this be happenening? Any feedback would be greatly appreciated.


Thanks in advance.


Jansen


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 3 (1 ratings)
Loading.
sundar.palaniappan Tue, 04/11/2006 - 09:33
User Badges:
  • Green, 3000 points or more

I assume, the 3rd IBGP router is peering with the lab router's loopback interface through multiple IGP hops in between them. Your gateway on the 3rd IBGP router might be pointing to the lab router but the non-bgp (eigrp) routers on the path might be using a default route to point to the primary EBGP router and hence, the routing doesn't the work the way you intend it to be. That's the reason one of the BGP requirement is to have full mesh or workaround that using confederation/route reflector configuration. Another option is to redistribute BGP into EIGRP and that mightn't be practical if you are learning full/partial internet routing table from your ISPs.


Pls. rate all helpful posts.


HTH,

Sundar

Keith Alman Tue, 04/11/2006 - 11:12
User Badges:

Sundar,


Sure it helps - I did think that what I was doing defied all "next-hop" rules.


So to recap, the only *feasible* way is to use RR's?


Thank you


sundar.palaniappan Tue, 04/11/2006 - 16:05
User Badges:
  • Green, 3000 points or more

Jansen,


RRs are ideal for a small BGP network. However, if your's is an enterprise network, then you would have to go for confederation (sub-ASs) within your AS.


If you are unable to redistribute the BGP routes into EIGRP then you would have to create a full mesh using one of the two techniques mentioned above for all the routers to choose the optimal path out to the Internet.


Pls. rate all helpful posts.


HTH,

Sundar

Harold Ritter Tue, 04/11/2006 - 16:36
User Badges:
  • Cisco Employee,

Sundar,


I don't completely agree on your statement on RR being ideal for small networks. I know quite a lot of large SPs using RRs and on the other hand very few running confederations.


Why do you recomemnd using a confederation on an entreprise network?


My 2 cents,

sundar.palaniappan Tue, 04/11/2006 - 17:02
User Badges:
  • Green, 3000 points or more

Hritter,


Apprecaite your thoughts!


But, doesn't confederation make the BGP peering ideal for large scale networks? Wouldn't breaking a AS into many sub-ASs make it easy to manage. Ofcourse, the admin would have to be comfortable with the rules of BGP in a confed environment. Sure, you could have RRs within the sub-ASs. A flat AS with no sub-ASs and just RRs doesn't sound like a great idea to me.


My 2 cents.


Rgds,

Sundar

Harold Ritter Tue, 04/11/2006 - 18:33
User Badges:
  • Cisco Employee,

Sundar,


I have seen networks with close to a thousand nodes running RRs with no issue whatsoever. The argumentation about confederation being more scalable than RR has been put aside in favor of simplicity.


You can scale with RR too using multiple level of RRs if need be.


I doubt that an entreprise network would ever need to consider confederation since I have never ever seen an entreprise network running iBGP on all routers in the AS. That sounds to me like it would constitute a complex network to operate, which at best would potentially be suitable for an SP with experienced operation folks but rather overwhelming for an entreprise customer.


Cheers,

Actions

This Discussion