I want to discuss a problem that I am facing in the BGP scenario.
The problem is that I have 2 ISP connections from a service provider which is terminating on 6509 VSS and our companies 2 routers and ASA is also connected to 6509 VSS.
R5 is creating a eBGP peering with R3 (Primary ISP) and R4 (Secondary ISP) and in same way R6 is having eBGP peering with R3 and R4.
I am using 2 default routes 1st with default AD towards R3 (Pri ISP) and 2nd with a higher AD value towards R4 (Sec ISP).
After this I had changed Next-hop with the help of route-map.So, that the traffic will hit on ASAs interface from WAN side.
The route-map for R3 is having a set IP next-hop of ASAs IP address x.x.x.10 and the route-map for R4 is having a set IP next-hop of ASAs 2nd interface IP address y.y.y.10
So, now problem is when I use command on R5 to see which next-hop I am sending to customer(#sh ip bgp nei x.x.x.3 advertised-routes) than for R3 network it shows me the exact next-hop which I want of x.x.x.10 ASAs interfaces but when I use same command to check for R4 than the output is also same i.e. it is having the next-hop of ASAs IP x.x.x.10 even in my route-map I am having a entry to set next-hop for R4 is ASAs interface IP y.y.y.10
After this I used wireshark to capture packet and I also used debug but the output shows that next-hop is set for R4 is y.y.y.10
So, this is the problem i.e. in show output command it is showing wrong next-hop but in capturing it is acknowledging that it is using the next-hop mentioned in route-map.
This is my configuration on R5 and same is on R6 just IPs are like y.y.y.6
! interface GigabitEthernet0/0 description TO Primary ISP ip address x.x.x.5 255.255.255.248 duplex auto speed auto no shut ! interface GigabitEthernet0/1 description To Secondary ISP ip address y.y.y.5 255.255.255.248 duplex auto speed auto no shut ! ip access-list standard BLOCK deny any
route-map as_prepend_secondary permit 10 set ip next-hop y.y.y.10 ! route-map as_prepend_primary permit 10 set ip next-hop x.x.x.10 !
router bgp AAAAA no synchronization bgp log-neighbor-changes network z.z.z.z mask 255.255.255.248 timers bgp 10 30 neighbor y.y.y.4 remote-as BBBBB neighbor y.y.y.4 route-map as_prepend_secondary out neighbor x.x.x.3 remote-as BBBBB neighbor x.x.x.3 route-map as_prepend_primary out distribute-list BLOCK in no auto-summary !
ip route x.x.x.0 255.255.255.0 x.x.x.3 ip route y.y.y.0 255.255.255.0 y.y.y.3 2
This is the output of Debug on R6
BGP: TX IPv4 Unicast Wkr global 7 Cur Processing.
BGP: TX IPv4 Unicast Wkr global 7 Cur Attr change from 0x0 to 0x68F081C8.
*Sep 15 13:16:15.056: BGP(0): y.y.y.4 NEXT_HOP is set to y.y.y.10 by policy for net y.y.y.128,
[toc:faq]The ProblemOn traditional switches whenever we have a trunk
interface we use the VLAN tag to demultiplex the VLANs. The switch needs
to determine which MAC Address table to look in for a forwarding
decision. To do this we require the switch to do...
[toc:faq]Introduction:Netdr is a tool available on a RSP720, Sup720 or
Sup32 that allows one to capture packets on the RP or SP inband. The
netdr command can be used to capture both Tx and Rx packets in the
software switching path. This is not a substitut...
IntroductionOSPF, being a link-state protocol, allows for every router
in the network to know of every link and OSPF speaker in the entire
network. From this picture each router independently runs the Shortest
Path First (SPF) algorithm to determine the b...