Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Ask the Experts - Config eBGP: two neighbour with the same AS

Dear Experts,

We have a problem about eBGP configuration.

Now my customer need config 2 physical circiut to our network.

The first circiut use for internet traffic, other circiut use for peering between IXPs in our country.

We think, we create 2 neighbour with the same customer's AS, and separate policies between 2 neighbour.

The example below:

neighbor 202.78.224.41 remote-as 24085

neighbor 202.78.224.41 ebgp-multihop 255

neighbor 202.78.224.41 version 4

neighbor 202.78.224.41 remove-private-AS

neighbor 202.78.224.41 route-map CUSTOMER_IN in

neighbor 202.78.224.41 route-map CUSTOMER-OUT out

neighbor 203.113.158.158 remote-as 24085

neighbor 203.113.158.158 version 4

neighbor 203.113.158.158 remove-private-AS

neighbor 203.113.158.158 route-map CUSTOMER-PEER-IN in

neighbor 203.113.158.158 route-map CUSTOMER-PEER-OUT in

Could you tell me this config can be done or not ??

Beacause i check in ietf, i see only draft about multisession BGP. I'm not sure about it and want to ask the Experts about this problem.

Thanks for your support!

20 REPLIES
Purple

Re: Ask the Experts - Config eBGP: two neighbour with the same A

Hi,

It is perfectly legal to have two or more BGP session with neighbors in the same remote AS.

There should be absolutely no problems with using such a config. You'll just have to be mindful that if you advertise any routes you learn over one of the sessions over the other session, the router at the other end will drop them since it will see its own AS in the AS Path ...

Pls do remember to rate posts.

Paresh

New Member

Re: Ask the Experts - Config eBGP: two neighbour with the same A

Thanks for your information.

According to your comment, i'm still not sure about this problem. Beacause i have not never seen this config before.

When i search this problem in internet, no documents deal with it except draft of ietf.

About routing information, i'm sure about separate routes between two sessions.

Notice: this is an eBGP configuration. Our AS is 7552

router bgp 7552

neighbor 202.78.224.41 remote-as 24085

neighbor 202.78.224.41 ebgp-multihop 255

neighbor 202.78.224.41 version 4

neighbor 202.78.224.41 remove-private-AS

neighbor 202.78.224.41 route-map CUSTOMER_IN in

neighbor 202.78.224.41 route-map CUSTOMER-OUT out

neighbor 203.113.158.158 remote-as 24085

neighbor 203.113.158.158 version 4

neighbor 203.113.158.158 remove-private-AS

neighbor 203.113.158.158 route-map CUSTOMER-PEER-IN in

neighbor 203.113.158.158 route-map CUSTOMER-PEER-OUT in

Purple

Re: Ask the Experts - Config eBGP: two neighbour with the same A

Maybe I'm really understanding the issue here...

Are you asking whether or not it is possible for a single router to have more than EBGP session to the same AS ? Is that the question ?

Paresh

New Member

Re: Ask the Experts - Config eBGP: two neighbour with the same A

In my case, this is a configuration in single router.

This single router need config two separate sessions to the same AS on separate physical circiut.

Purple

Re: Ask the Experts - Config eBGP: two neighbour with the same A

Ok, so I did understand you correctly. So the comments I made in my first post are still valid.

You won't find this in any RFCs/drafts because there is nothing really special about this.

Here's a simple example of dual-homing to a single AS:

http://www.cisco.com/warp/public/459/40.html#conf2

Pls do remember to rate posts.

Paresh

New Member

Re: Ask the Experts - Config eBGP: two neighbour with the same A

Hi pkhatri,

You send me the URL about load sharing. Could you see in session: Load Sharing When Dual-Homed to One Internet Service Provider (ISP) Through a Single Local Router . I think you understand me like this case.

But in my case, RA =====RB

- RA in AS 7552, RB in AS 24085.

- RA have 2 physical link connect to RB.

And i have to config like my example, Please notice that, only one router in AS 7552 and only one router in AS 24085.

In your URL, RA in AS11 connect to 2 routers RB n RC in AS 10. It's different with my case.

Purple

Re: Ask the Experts - Config eBGP: two neighbour with the same A

Ok, the example I gave you was slightiy different. However, there is no problem with running 2 EBGP sessions between the same two routers (as long as each of the sessions peers to a different address). However, there is not much point in doing so. Even if you enforce different policies over the two sessions, all routes learned via the two eBGP sessions will end up in the same BGP routing table ... So I don't see much point in doing this.

Pls do remember to rate posts.

Paresh

New Member

Re: Ask the Experts - Config eBGP: two neighbour with the same A

Hi,

This problem with your experience is ok. But i still not sure about multisession. Can you so me some example about this case or some documents practise about it.

Thanks so much !

Purple

Re: Ask the Experts - Config eBGP: two neighbour with the same A

Hi,

I'm afraid you will not find too many examples of this since people don't use it much in practice.

However, there is one example of this in the book 'Internet Routing Architectures'... it does not have the config but has a figure and outlines the reasons why you would not use it.

Pls do remember to rate posts.

Paresh

Re: Ask the Experts - Config eBGP: two neighbour with the same A

Hello,

So you have eBGP between two routers RA and RB connected with two physical interfaces.

From BGP update behaviour you will get the same updates from a single peer, no matter how many BGP sessions you setup, because only the best path for a prefix is sent. And your router will only have one BGP table. So the question is: what do you want to gain from having two eBGP sessions between RA and RB?

The only technical answer I can think off is to direct traffic to certain destinations over a specific physical link (correct me if I am wrong). The same can be achieved however by using eBGP multi-hop between RA and RB loopbacks and an inbound route-map setting the BGP next-hop to the desired physical link interface IP.

This setup would reduce number of BGP updates and is well known with example configs readily available.

Hope this helps! Please rate all posts.

Regards, Martin

New Member

Re: Ask the Experts - Config eBGP: two neighbour with the same A

Hi,

About routing update, i think like this:

With incoming traffic from our neighbour:

- With the first circiut, we will advertise prefix-list A to the first neighbour.

- With the second circiut, we will advertise prefix-list B to the second neighbour.

- A different B.

With ougoing traffic to our neighbour:

- With the first circiut, we will receicve routing information from the first neighbour normally

- With the second circiut, we will set an access-list extended with source address and destination address. After that, apply this access-list to route-map. This route-map will apply on the second circiut with next-hop ip of second physical service. Every destination we want to control go through the second receiving will be done.

If you see any problem, please post your reply.

New Member

Re: Ask the Experts - Config eBGP: two neighbour with the same A

Hi pkhatri ,

Could you show me which page description like you said. I will have information quickly.

Let me check and send you a real config we will apply.

Many thanks.

New Member

Re: Ask the Experts - Config eBGP: two neighbour with the same A

It is not entirely clear to me what you are trying to do. Are you looking for a method to distribute load? If so you can receive the routes you need via both paths and adjust bgp maximum-path parameter. By default BGP will only populate the routing table with one path regardless of the number of possible paths even if they have the same costs. Use bgp maximum-path n (where n is the number of paths you want to load balance) to be able to load-balance the paths. If you are looking to route some routes via one interface and other routes via the other interface that is a different issue. Depending on the number of routes you want to specify there are a number of methods for doing this. It would seem to me that if you are connecting to just one remote router from one local device you are either concerned about load or want to prioritize some traffic over other traffic. Again it is hard to tell exactly what you want to do.

Purple

Re: Ask the Experts - Config eBGP: two neighbour with the same A

Hi,

It is on page 213 of the original edition.

Paresh

New Member

Re: Ask the Experts - Config eBGP: two neighbour with the same A

Hi rtaulton ,

The first, i want to confirm that, we can config two neighbor with two physical circiuts in single router between 2 AS. It could be done or not?

With two neighbors, our router will received the same route from customer AS. We need create two separate routing policies between two neighbor, make sure that incoming and outgoing traffic in two physical circiut separate.

Many thanks.

Purple

Re: Ask the Experts - Config eBGP: two neighbour with the same A

Hi Mate,

Just to prove to you that this is possible, I simulated this setup in my lab. There are 2 routers, with 2 links between them and eBGP configured over each of these links:

Router 1

--------

router bgp 100

no synchronization

bgp log-neighbor-changes

neighbor 10.7.1.2 remote-as 200

neighbor 10.8.1.2 remote-as 200

no auto-summary

Router1#sh ip bgp summary

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd

10.7.1.2 4 200 5 5 19 0 0 00:00:13 15

10.8.1.2 4 200 5 5 19 0 0 00:00:11 15

Router1#

Router 2

--------

router bgp 200

no synchronization

bgp log-neighbor-changes

neighbor 10.7.1.1 remote-as 100

neighbor 10.8.1.1 remote-as 100

Router2#sh ip bgp summary

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd

10.7.1.1 4 100 5 5 391 0 0 00:00:52 0

10.8.1.1 4 100 5 5 391 0 0 00:00:50 0

Router2#

Paresh

New Member

Re: Ask the Experts - Config eBGP: two neighbour with the same A

Hi friend,

This configuration tested by myself.

But i wonder about policies will be applyed in two neighbors.

With MP-BGP it could be done but in BGPv4 i'm not sure.

But in this week, i will test with my customer and i hope that i will send a good infor to you.

Regard,

Purple

Re: Ask the Experts - Config eBGP: two neighbour with the same A

Hi,

While I have been trying to say that this config is certainly possible, I have to re-iterate my earlier warning to you about such a setup:

It does not make sense to run 2 separate eBGP sessions and then apply different policies to each of them. The reason is that the routes learned over both sessions will end up in the same BGP table. Let's take an example, say you apply an inbound policy on one session that filters out the 10.1.1.0/24 network. On the other session, you apply an inbound policy that does not filter out that network. The end result will be that the 10.1.1.0/24 route will appear in the BGP table, even though it was rejected by the first filter.

Unless you are planning to use Multi-VRF or are running BGP for different address-families on each session, then the setup is not going to work.

Paresh

New Member

Re: Ask the Experts - Config eBGP: two neighbour with the same A

Hi,

This is my configuration:

interface Serial7/1/0

ip address 203.113.157.245 255.255.255.252

framing g751

dsu bandwidth 34010

Interface VLAN 7

ip address 203.113.158.153 255.255.255.248

ip policy route-map QTSC-HighPriority-vn

router bgp 7552

neighbor 202.78.224.41 remote-as 24085

neighbor 202.78.224.41 ebgp-multihop 255

neighbor 202.78.224.41 version 4

neighbor 202.78.224.41 remove-private-AS

neighbor 202.78.224.41 route-map PMQT-CUSTOMER in

neighbor 202.78.224.41 route-map PMQT-CUSTOMER-OUT out

neighbor 203.113.158.158 remote-as 24085

neighbor 203.113.158.158 version 4

neighbor 203.113.158.158 remove-private-AS

neighbor 203.113.158.158 route-map PMQT-CUSTOMER in

neighbor 203.113.158.158 route-map QTSC-PEER-OUT in

*/ as-path use for advetise to AS 24085, apply for second physical interface

ip as-path access-list 12 permit _24085$

ip as-path access-list 15 permit ^23962 18403$

ip as-path access-list 15 permit ^23962 7643$

ip as-path access-list 15 permit ^23962 24066$

*/ All IP address receive from peering AS 23692, use for route-map

access-list 3 permit 58.186.0.0 0.1.255.255

access-list 3 permit 125.214.0.0 0.0.63.255

access-list 3 permit 202.6.2.0 0.0.0.255

access-list 3 permit 202.6.96.0 0.0.1.255

access-list 3 permit 202.47.142.0 0.0.0.255

access-list 3 permit 202.151.160.0 0.0.15.255

access-list 3 permit 203.77.178.0 0.0.0.255

access-list 3 permit 203.119.8.0 0.0.3.255

access-list 3 permit 203.128.240.0 0.0.7.255

access-list 3 permit 203.160.0.0 0.0.127.255

access-list 3 permit 203.162.0.0 0.0.255.255

access-list 3 permit 203.190.160.0 0.0.15.255

access-list 3 permit 203.210.128.0 0.0.127.255

access-list 3 permit 210.245.0.0 0.0.127.255

access-list 3 permit 221.121.0.0 0.0.63.255

access-list 3 permit 221.132.0.0 0.0.63.255

access-list 3 permit 221.133.0.0 0.0.31.255

access-list 3 permit 222.252.0.0 0.1.255.255

access-list 3 permit 222.255.0.0 0.0.255.255

access-list 3 permit 202.134.16.0 0.0.7.255

access-list 3 permit 220.231.64.0 0.0.63.255

access-list 3 permit 203.113.128.0 0.0.63.255

access-list 3 permit 125.234.0.0 0.1.255.255

access-list 3 permit 202.78.224.0 0.0.7.255

deny ip any any

*/ Route-map policies apply for the second physical interface permit any traffic receice in AS 23692

route-map QTSC-HighPriority-vn permit 10

match ip address 3

set ip next-hop 203.113.158.158

set metric 33333

route-map QTSC-HighPriority-vn permit 20

set ip next-hop 202.78.224.41

*/ Advertise to customer AS 24085, permit only traffic with destination received by AS 23692

route-map QTSC-PEER-OUT permit 100

match ip address prefix-list AllowToVNNIX

!

route-map QTSC-PEER-OUT permit 110

match as-path 15

!

route-map QTSC-PEER-OUT permit 120

match as-path 18

!

route-map QTSC-PEER-OUT deny 150

*/ Advertise to customer Internet, permit only traffic from Internet go though this link which policies apply

route-map PMQT-CUSTOMER-OUT deny 100

match ip address prefix-list AllowToVNNIX

!

route-map PMQT-CUSTOMER-OUT deny 110

match as-path 15

!

route-map PMQT-CUSTOMER-OUT deny 120

match as-path 18

!

route-map PMQT-CUSTOMER-OUT permit 150

!

*/ receive only routing from AS 24085

route-map PMQT-CUSTOMER permit 100

match as-path 12

!

route-map PMQT-CUSTOMER deny 150

Purple

Re: Ask the Experts - Config eBGP: two neighbour with the same A

Alright mate, I've had a pretty close look at your config and I am thinking that it will work okay. Since the next-hop of eBGP-learned routes is the peering address used for the peer from which the routes were learned, the customer router in AS 24085 will use the first link for all Internet traffic and the second link for traffic to the other ASs directly connected to AS 7552.

So on the face of it, I can't seem to see any problems with what you are proposing.

Pls do remember to rate posts.

Paresh

241
Views
32
Helpful
20
Replies
CreatePlease login to create content