Thanks for your reply..

I just want you to know that now we have three routes in HQ connected to three remote sites each router has it is instant . Now we want to bring a big router and plug all the links to it.

Regards..

Ammar Al Hayyani

IP Telephony Specialist

Information Technology

Abu Dhabi Ports Company

Phone +971 2 695 2142   +971 50 6146553

Fax +971 2 695 2111

Email ammar.alhayyani@adpc.ae

PO Box 54477, Abu Dhabi, UAE

Website www.adpc.ae

Hello Ammar,

as Peter has noted building 3-4 eBGP sessions is not a problem.

Use a new and different AS number on HQ router.

router bgp 65001

neigh 10.10.10.2 remote-as 65002

neigh 10.10.20.2 remote-as 65003

neigh 10.10.30.2 remote-as 65004

neigh 10.10.40.2 remote-as 65005

some notes :

use private AS numbers in range (64512-65535) it can be helpful for the future.

if you want to build sessions using loopbacks you need to provide:

static routes to tell how to reach the BGP endpoint

you need to use

conf t

ip route 20.20.20.2 255.255.255.255 10.10.10.2

router bgp 65001

neigh 20.20.20.2 remote-as 65002

neigh 20.20.20.2 update-source loop1

neigh 20.202.20.2 ebgp-multihop 2

Hope to help

Giuseppe

Giuseppe,

Thanks a lot for adding to my answer.

In situations where two directly connected routers should be peered in eBGP using their loopbacks, I often like to use the disable-connected-check option instead of ebgp-multihop. The disable-connected-check skips the test whether the peer is on a directly connected network but still sends the TCP packets using the TTL=1.

Best regards,

Peter

paluchpeter wrote:
Giuseppe,
Thanks a lot for adding to my answer.
In situations where two directly connected routers should be peered in eBGP using their loopbacks, I often like to use the disable-connected-check option instead of ebgp-multihop. The disable-connected-check skips the test whether the peer is on a directly connected network but still sends the TCP packets using the TTL=1.
Best regards,
Peter

Hello Peter,

Good seeing you on the forum.

Regarding BGP disable-connected-check, this command has to deployed in addition to ebgp-multihop command not instead.

So, I am wondering, what is the use of disable-connected-check command if you have to use it in conjunction with ebgp-multihop.  You may as well just use "ebgp-multihop 2"and not worry about disable-connected-check command at all.

Thanks,

Reza

This command is required only when the neighbor ebgp-multihopcommand is configured with a TTL value of 1. The address of the single-hop eBGP peer must be reachable. The neighbor update-sourcecommand must be configured to allow the BGP routing process to use the loopback interface for the peering session.

Examples

In the following example, a single-hop eBGP peering session is configured between two BGP peers that are reachable on the same network segment through a local loopback interface on each router:

BGP Peer 1

Router(config)# interface loopback 1 

Router(config-if)# ip address 10.0.0.100 255.255.255 

Router(config-if)# exit 

Router(config)# router bgp 64512 

Router(config-router)# neighbor 192.168.0.200 remote-as 65534 

Router(config-router)# neighbor 192.168.0.200 ebgp-multihop 1 

Router(config-router)# neighbor 192.168.0.200 update-source loopback 2 

Router(config-router)# neighbor 192.168.0.200 disable-connected-check

Router(config-router)# end 

Hello Reza,

Thank you for your kind words - I am also glad to have found some time to visit the forum again.

Regarding the snippet from the command reference you have posted - I believe it should be understood in the following way: The disable-connected-check is meaningful only if the ebgp-multihop is set to 1. Having the ebgp-multihop set to higher value than 1 also implies the disable-connected-check though it may not be visible in the configuration.

Note that for eBGP peers, the ebgp-multihop 1 is the default value:

R2(config)#router bgp 1
R2(config-router)#nei 1.2.3.4 remote-as 2
R2(config-router)#nei 1.2.3.4 ebgp-multihop 1
R2(config-router)#exit
R2(config)#do show run | sec router bgp
router bgp 1
 no synchronization
 bgp log-neighbor-changes
 neighbor 1.2.3.4 remote-as 2
 no auto-summary
R2(config)#

So - yes, the command reference is correct, the disable-connected-check should be used with ebgp-multihop 1, however, that is already the default value with eBGP peers. It does not have any effect with ebgp-multihop set to 2 or more.

Does this make more sense?

Best regards,

Peter

paluchpeter wrote:
Hello Reza,
Thank you for your kind words - I am also glad to have found some time to visit the forum again.
Regarding the snippet from the command reference you have posted - I believe it should be understood in the following way: The disable-connected-check is meaningful only if the ebgp-multihop is set to 1. Having the ebgp-multihop set to higher value than 1 also implies the disable-connected-check though it may not be visible in the configuration.
Note that for eBGP peers, the ebgp-multihop 1 is the default value:
R2(config)#router bgp 1
R2(config-router)#nei 1.2.3.4 remote-as 2
R2(config-router)#nei 1.2.3.4 ebgp-multihop 1
R2(config-router)#exit
R2(config)#do show run | sec router bgp
router bgp 1
 no synchronization
 bgp log-neighbor-changes
 neighbor 1.2.3.4 remote-as 2
 no auto-summary
R2(config)#


So - yes, the command reference is correct, the disable-connected-check should be used with ebgp-multihop 1, however, that is already the default value with eBGP peers. It does not have any effect with ebgp-multihop set to 2 or more.

Does this make more sense?

Best regards,
Peter

Hello Peter,

Yes, it does make sense.  I think what is confusing about ebgp-multihop command is that usually a default command is not a command you manually have to add.  for example when you create a new BGP session as the one you did here, the command "bgp log-neighbor-changes" and/or "no auto-summary" is already included so you don't need to added them manually.  But in the case ebgp-multihop you have to added it with value on 1 and then it does not show it in the config.  The other interesting part of this command is that if you enter ebgp-multihop without any values, it will assign 255 which is the highest.

T-1(config-router)#neighbor 10.10.10.1 remote-as 100  
T-1(config-router)#neighbor 10.10.10.1 ebgp-multihop  
T-1(config-router)#do sh run | sec bgp                
router bgp 65222
neighbor 10.10.10.1 remote-as 100
neighbor 10.10.10.1 ebgp-multihop 255

Thanks,

Reza

Hi Reza,

I would personally put it down this way:

1. There are default commands which are visible in the configuration, and there are default commands which are invisible. This is a matter of the configuration parser in IOS and there is little to be done about it. It is in my opinion one of the confusing things about IOS CLI - it's not consistent.
   
2. For eBGP peers, the ebgp-multihop 1 is the default setting.
3. Specifying only ebgp-multihop without specifying the TTL value causes the TTL 255 to be used. Obviously, we have to distinguish between a default (i.e. used when not explicitely specified) command, which is the ebgp-multihop 1, and a default parameter of an explicitely specified command ebgp-multihop, which is 255.

Best regards,

Peter

Hi Peter,

I agree, just one comment:

ad 1. default commands which are visible in the configuration:

IMHO, commands which are default in the latest IOS but were not in some previous IOS releases are visible and inserted automatically to keep backward compatibility.

BGP "no auto-summary" is a good example - command default behavior changed to disabled since 12.2(8)T.

BR,

Milan

Hi Milan,

You're absolutely correct. That makes perfect sense. Thanks!

Best regards,

Peter