Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Dual ISP/ iBGP / Strange routing Problems

We have 2 internet routers, each connected to a different ISP, and connected together with an ethernet trunk.

RouterA is the HSRP primary for advertised networked 1.0.0.0 and the standby for network 2.0.0.0.

RouterB is the HSRP primary for advertised networked 2.0.0.0 and the standby for network 1.0.0.0.

RouterA has an eBGP neighbor that is providing full routes, and is advertising back both 1.0.0.0 and 2.0.0.0.

RouterB also has an eBGP neighbor that is providing full routes, and is advertising back both 1.0.0.0 and 2.0.0.0.

They have an iBGP relationship with each other simply with the configuration pointing to the neighbor, and the 'next-hop-self' statement.

The strange routing seems to occur when trying to access a few sites from a network behind RouterA that take the path through RouterB. It appears 2 or 3 ASs later the traceroutes begin to time out, as if they don't know how to come back to RouterA.

The configuration seems really basic..

RouterA

int fa0/1

no ip addr

int fa0/1.699

encapsulation dot1Q 699

ip addr 1.0.0.2 255.255.255.0

stand 1 ip 1.0.0.1

stand 1 pri 150

stand 1 pree

int fa0/1.899

encapsulation dot1Q 899

ip addr 2.0.0.2 255.255.255.0

stand 2 ip 2.0.0.1

stand 2 pri 90

ip as-path access-list 1 permit ^$

ip as-path access-list 1 deny .*

router bgp 3181

no synch

network 1.0.0.0

network 2.0.0.0

neighbor 1.0.0.3 remote-as 3181

neighbor 1.0.0.3 next-hop-self

neighbor 1.0.0.3 soft-recon in

neighbor 207.50.198.113 filter-list 1 out

neighbor 207.50.198.113 soft-recon in

===============

RouterB

int fa0/1

no ip addr

int fa0/1.699

encapsulation dot1Q 699

ip addr 1.0.0.3 255.255.255.0

stand 1 ip 1.0.0.1

stand 1 pri 90

stand 1 pree

int fa0/1.899

encapsulation dot1Q 899

ip addr 2.0.0.3 255.255.255.0

stand 2 ip 2.0.0.1

stand 2 pri 150

stand 2 pre

router bgp 3181

no synch

network 1.0.0.0

network 2.0.0.0

neighbor 1.0.0.2 remote-as 3181

neighbor 1.0.0.2 next-hop-self

neighbor 1.0.0.2 soft-recon in

neighbor 65.17.171.185 remote-as 209

neighbor 65.17.171.185 soft-recon in

neighbor 65.17.171.185 filter-list 1 out

ip as-path access-list 1 permit ^$

ip as-path access-list 1 deny .*

What is missing?

6 REPLIES
Bronze

Re: Dual ISP/ iBGP / Strange routing Problems

Is this a new setup? Many ISPs will only accept routes sourced from AS's validated by a routing registry (RR). We use ARIN's RR to advertise our upstream peers:

http://www.arin.net/registration/route_reg/index.html

We had a similar issue until we completed routing registry information.

You can check some looking glass sites to get an idea of whether your routes are being received and the AS path different service providers are using. This may also give you some information in case you're being black holed somewhere. Try this link for a start:

http://www.nanog.org/lookingglass.html

Good luck,

Ryan Morris

New Member

Re: Dual ISP/ iBGP / Strange routing Problems

This is a new setup.

Via ARIN, I noticed the 1.0.0.0 network has an OriginAS, but the 2.0.0.0 does not.

Thanks for the pointer, we'll see if that solves it.

Bronze

Re: Dual ISP/ iBGP / Strange routing Problems

Router A is primary router for network 1.0.0.0 for which the problem observed as per your mail.

It might be routing through Router B as Router A does not have any specific route learned through it's own eBGP neighbor for that particular destination.

And if Router B is reachable with IP address 1.0.0.2 & then Router A also should be reachable from Internet as they are on the same Ethernet network. So, apart from registry check for your network, you need to look routing logic why it's getting routed throgh Router B.

Regards...

-Ashok.

With best regards... Ashok ----------- Pls kindly rate if helpful or answered your question.
New Member

Re: Dual ISP/ iBGP / Strange routing Problems

The problem was solved by removing 'no ip redirects' on the ethernet interface... Does this make sense?

Hall of Fame Super Silver

Re: Dual ISP/ iBGP / Strange routing Problems

Hello Jeffrey,

this allows RA to send an icmp redirect telling the host that a better router for that specific destination (RB indeed) is present in the same LAN segment.

After receving the icmp redirect the host goes directly to RB to reach destination.

So the issue was related to asymmetric routing in some way.

Hope to help

Giuseppe

New Member

Re: Dual ISP/ iBGP / Strange routing Problems

Thanks Giuseppe.. So it is common to have ip redirects enabled on internet facing routers?

198
Views
0
Helpful
6
Replies