ok so i am implementing bgp for the first time and each time i implement it, i find myself confused and i mess up, have to start all over again. I am attaching the image of the topology i am working on. Currently i am work in gns3 preparing for the ccnp route exam.
Ok here is the structure of the topology
and here is toplogy explained.
1. R10 is the enterprise core router managing all the internal networks ( i created some loopback interfaces for that). It is further connected to 2 Edge routers R7 and R9.
2. R7 and R9 are the edge routers of this enterprise and they connect to 2 different ISP.
3. ISP1 is running ebgp 211 and ISP2 is running ebgp 200. The link b/w ISP1 and R7 has 126.96.36.199/30 prefix/mask and the link b/w ISP2 and R9 has 188.8.131.52/30 prefix/mask.
4. iBGP 300 is for enterprise routers.
5 For the router R10 IGP running is OSPF
Now here are the questions i want to ask.
1. Ok first of do i have to run OSPF on all the internal routers of the enterprise i.e R10,R7 and R9.
2. Secondly do i introduce iBGP on the transit router R10 too or just R7 and R9.
3. For the indirectly connected iBGP neighbors do i have to create loopback interfaces on R7 and R9 too.
4. inorder to have full connectivity of R10 with both ISP routers, how do i do that?
5. I also used the bgp router-id command on ISP and Edge routers but i wasnt able to achieve adjacency b/w them, why?
Please help me out here ppl. i made the topology in gns3 and the config files are too large to be attached so sorry for that. Will wait for a positive response.
1. Since I can not see any reduntant link to your topology you can use static routes instead of OSPF. The IGP is used to reach the BGP peering address. You can also use the directly connected IP from R10 to R7 and R10 to R9 so you do not any routing IGP.
2. Yes you can introduce iBGP to learn the eBGP routes learned by the R6 and R8.
3. No it is not mandatory....there is not any redundant path in order to reach the BGP peering loopback IP and keep the iBGP neighborship up.
4. R10 peers via iBGP with R7 and R9. R7 and R9 learns the BGP routes (via eBGP) by R6 and R8 and advertise to the R10.
5. BGP router id could not be the reason that you cannot achieve adjacency. Can be any IP and does not need to be routable. Check the remote-as and if you can ping the peering (next hop ip). Do you use the connected subnet or loopback?
Hope that helps,
By adjaceny i meant was that i wasnt able to ping ISP1 or ISP2 from R10. And i used connected subnet to achieve the neighborship b/w ISP1 and R7 and same connected subnet b/w R7 and R10, same goes for ISP2. Why?
I used this command from ISP1 ----> neighbor 184.108.40.206 remote-as 300
on R7 i used these commands ----> neighbor 220.127.116.11 remote-as 211
neighbor 172.16.9.1 remote-as 300
On R10 i used these cmds ------->neighbor 172.16.9.2 remote-as 300
neighbor 172.16.10.2 remote-as 300
Then i used same commands but with different IPs for ISP2 and so on.but i was not able to ping ISP1 or ISP2 interface from R10. any idea what i am doing wrong or something i am missing? Or do i have to use the next-hop-self cmd on R7 and R9??
Yes. If you do not use the next hop self command the R10 should know the p2p R6-R7 and R8-R9 p2p subnets.
If you do not have routing for these subnets use the next hop self command on R7 and R9. This is needed for iBGP sessions.
This should work since the ibgp routes will update the next hop IP.
Hope that helps,
Do i give the next hop of R10 or R6 on R7??
And what if i have an internal network attached to the downstream interface of R10, i introduce it into bgp via network command "only" on R10 right?
1) you must do the following on your border routers:
neighbour x.x.x.x next-hop-self where x.x.x.x is R10 peering address
2) if you ping the ISP serial interface IP address from R10 then each ISP must know how to get to the corresponding serial of R10 and so you must have a network command for these subnets or redistribute these connected interfaces into BGP.
if you only advertised the loopbacks into BGP on R10 then you must do an extended ping sourcing from the loopback addresses
3) you must also have the corresponding subnet from ISPs advertised via BGP
First of i would like rto thank you cos you helped me alot when i was preparing for my ccna and now as i am preparing for my ccnp so the questions are new....lol...
So in response to your 2nd point what you mean is that i use the network command on the isp routers i.e R6 and R8 and advertise the 172.16.9.0/30 and 172.16.10.0/30 subnets. right?
And then i advertise the 18.104.22.168/30 and 22.214.171.124/30 subnets into BGP running on R10. right?
no the other way around: the 172.16.x.x on R10 and the 150 and 151 on the respective ISPs.
But you don't need to advertise the 172.16.x.x if you source the ping from one of the loopback on R10 as long as you advertise the loopback subnets in BGP so the ISPs know about them.
well alain i did as you told me to and i am still not able to achieve ping from R10 to any of the ISP routers. what am i doing wrong? secondly if i am getting the subnets from both the ISP and the R10 router then which next hop should i set on transit router that is R7???
EDIT -------- i advertised the directly connected subnets into R7 i.e 172.16.9.0/30 and 126.96.36.199/30 and on R10 i advertised 172.16.9.0/30 and 172.16.10.0/30 and i got the ping reply BUT when i dont advertise the directly connected interfaces using network command i am unable to achieve ping even though i see the routes in the bgp route table. the extended ping cmd is like this "ping [destination ip or loopback ip] source [src ip] " right??
waiting for your reply back.
Message was edited by: Ahmed Malik
You give to the next hop the IP of R10 on R7.
Yes you advertise these subnets with network x.x.x.x mask z.z.z.z command.
This subnet should be in your routing table