Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Help me in BGP concepts

Dear All,

I hope every one in a good condition , kindly i need an assistance as i am a beginner in CCNP routing so i need to understand many of things , i have uploaded a topology made by GNS3 which had done by me but i need to understand why R1 can't ping R5

Thanks for Help

3 ACCEPTED SOLUTIONS

Accepted Solutions

Re: Help me in BGP concepts

Hello

Try this:

R4

##

router ospf 1

network 10.1.45.1 0.0.0.0 area 0

redistribute bgp 5500 subnets

router bgp 5500

redistribute ospf 1 match internal external 1 external 2

neighbor 1.1.1.1 next hop-self

res

Paul

Please don't forget to rate any posts that have been helpful.

Thanks.

Please don't forget to rate any posts that have been helpful. Thanks.

Re: Help me in BGP concepts

Amr,

I loaded up your gns topology this morning, and you actually had a couple of things going on so I'll break them down. Along with what I stated last night, you should have added the network statement to R5 and on R4 the next-hop-self statement for R1.

Paul stated correctly that you needed to redistribute ospf into bgp. After redistributing ospf on R4, R5 knows how to get to R1 via R4's loopback, and it does a recursive lookup to get to 4.4.4.4 it will go to R2 or R3 which is where the traffic is dropped. Being that R4 has a connected route, it doesn't redistribute that route into bgp, so advertising the network into ospf via the network command or redistribute connected would resolve the issue. You can do a one way redistribution from ospf into bgp and it would still work fine.

HTH,
John

*** Please rate all useful posts ***

HTH, John *** Please rate all useful posts ***

Re: Help me in BGP concepts

"i need to understand why i must provide BGP  with another routing  protocol like OSPF or EIGRP to complete routing"

Well, you don't. You can have just BGP in your environment and it will work fine, or you can run an IGP like ospf or eigrp all over the place and it will work fine as well. The primary difference is that BGP was designed to be able to hold hundreds of thousands of routes if you have enough memory to hold a full routing table. An igp on the other hand was designed to route internal subnets, so you wouldn't, in general, have hundreds of thousands of routes. An IGP can't handle the same amount of routes that bgp can.

"i need to know  when i must use cmd # Network at BGP & cmd #  Neighbour"

Network command under bgp allows for you to advertise the specific network. The network needs to be in the routing table in order to advertise though, and bgp needs an exact match. 10.10.10.10/32 is not the same as 10.10.10.0/24 under bgp. BGP would need "network 10.10.10.10 mask 255.255.255.255" in order to advertise the 10.10.10.10/32 address. The neighbor command tells bgp who to connect to to share those addresses with by peering up with them. BGP works on a unicast address and has a direct connection to another peer. By default bgp has a ttl of 1, which means that it has to be a directly connected peer. You can disable that check though if you're peering with someone on the other side of a next hop or a loopback address.

"why we have used cmd #  Network at R5 only and didn't use it at any other router "

R5 was running BGP, but wasn't advertising anything. Technically, I'd have to lab this up again when I get back home to test it, but you probably didn't need it after all and here's why. R5 was connected directly to R4 10.1.45.0, so R4 knew how to get to R5 and vice versa. The problem is that R1 thought to get to 10.1.45.0, it needed to go to 4.4.4.4. 4.4.4.4 went to R2 or R3, but R2 or R3 didn't know about 10.1.45.0 and dropped the packet. So, in reality, you could have kept your peering with R1 --> R4 --> R5 and only advertise the 10.1.45.0 in ospf on R4. You would still have to redistribute into BGP so R5 would know how to get to your other subnets unless you wanted to advertise a default route to R5 from R4.

HTH,
John

*** Please rate all useful posts ***

HTH, John *** Please rate all useful posts ***
19 REPLIES

Help me in BGP concepts

It would be easier if you posted your configs and a screenshot of your topology. Can you post those?

HTH,
John

*** Please rate all useful posts ***

HTH, John *** Please rate all useful posts ***
New Member

Help me in BGP concepts

Dear John ,

Here your Request

---------------

R5

#sh

R5#show run

R5#show running-config

Building configuration...

Current configuration : 1180 bytes

!

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname R5

!

boot-start-marker

boot-end-marker

!

!

no aaa new-model

memory-size iomem 5

no ip icmp rate-limit unreachable

ip cef

ip tcp synwait-time 5

!

!

!

!

no ip domain lookup

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

interface FastEthernet0/0

no ip address

shutdown

duplex auto

speed auto

!

interface FastEthernet0/1

no ip address

shutdown

duplex auto

speed auto

!

interface Serial1/0

ip address 10.1.45.2 255.255.255.252

serial restart-delay 0

!

interface Serial1/1

no ip address

shutdown

serial restart-delay 0

!

interface Serial1/2

no ip address

shutdown

serial restart-delay 0

!

interface Serial1/3

no ip address

shutdown

serial restart-delay 0

!

router bgp 6500

no synchronization

bgp log-neighbor-changes

neighbor 10.1.45.1 remote-as 5500

no auto-summary

!

!

!

no ip http server

no ip http secure-server

!

!

!

!

!

control-plane

!

!

!

!

!

!

!

!

!

!

line con 0

exec-timeout 0 0

privilege level 15

logging synchronous

line aux 0

exec-timeout 0 0

privilege level 15

logging synchronous

line vty 0 4

login

!

!

end

--------------------

R4

!

!

!

!

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname R4

!

boot-start-marker

boot-end-marker

!

enable password amr

!

no aaa new-model

memory-size iomem 5

no ip icmp rate-limit unreachable

ip cef

ip tcp synwait-time 5

!

!

!

!

no ip domain lookup

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

interface Loopback4

ip address 4.4.4.4 255.255.255.255

!

interface FastEthernet0/0

no ip address

shutdown

duplex auto

speed auto

!

interface FastEthernet0/1

no ip address

shutdown

duplex auto

speed auto

!

interface Serial1/0

ip address 10.1.45.1 255.255.255.252

serial restart-delay 0

!

interface Serial1/1

ip address 10.1.24.2 255.255.255.252

serial restart-delay 0

!

interface Serial1/2

ip address 10.1.34.2 255.255.255.252

serial restart-delay 0

!

interface Serial1/3

no ip address

shutdown

serial restart-delay 0

!

router ospf 1

log-adjacency-changes

network 4.4.4.4 0.0.0.0 area 0

network 10.1.24.0 0.0.0.3 area 0

network 10.1.34.0 0.0.0.3 area 0

!

router bgp 5500

no synchronization

bgp log-neighbor-changes

neighbor 1.1.1.1 remote-as 5500

neighbor 1.1.1.1 update-source Loopback4

neighbor 10.1.45.2 remote-as 6500

no auto-summary

!

!

!

no ip http server

no ip http secure-server

!

!

!

!

!

control-plane

!

!

!

!

!

!

!

!

!

!

line con 0

exec-timeout 0 0

privilege level 15

logging synchronous

line aux 0

exec-timeout 0 0

privilege level 15

logging synchronous

line vty 0 4

password amr

login

!

!

end

----------------

R3

!

!

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname R3

!

boot-start-marker

boot-end-marker

!

enable password amr

!

no aaa new-model

memory-size iomem 5

no ip icmp rate-limit unreachable

ip cef

ip tcp synwait-time 5

!

!

!

!

no ip domain lookup

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

interface FastEthernet0/0

no ip address

shutdown

duplex auto

speed auto

!

interface FastEthernet0/1

no ip address

shutdown

duplex auto

speed auto

!

interface Serial1/0

ip address 10.1.13.2 255.255.255.252

serial restart-delay 0

!

interface Serial1/1

ip address 10.1.34.1 255.255.255.252

serial restart-delay 0

!

interface Serial1/2

no ip address

shutdown

serial restart-delay 0

!

interface Serial1/3

no ip address

shutdown

serial restart-delay 0

!

router ospf 1

log-adjacency-changes

network 10.1.13.0 0.0.0.3 area 0

network 10.1.34.0 0.0.0.3 area 0

!

!

!

no ip http server

no ip http secure-server

!

!

!

!

!

control-plane

!

!

!

!

!

!

!

!

!

!

line con 0

exec-timeout 0 0

privilege level 15

logging synchronous

line aux 0

exec-timeout 0 0

privilege level 15

logging synchronous

line vty 0 4

password amr

login

!

!

end

----------

R2

!

!

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname R2

!

boot-start-marker

boot-end-marker

!

enable password amr

!

no aaa new-model

memory-size iomem 5

no ip icmp rate-limit unreachable

ip cef

ip tcp synwait-time 5

!

!

!

!

no ip domain lookup

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

interface FastEthernet0/0

no ip address

shutdown

duplex auto

speed auto

!

interface FastEthernet0/1

no ip address

shutdown

duplex auto

speed auto

!

interface Serial1/0

ip address 10.1.24.1 255.255.255.252

serial restart-delay 0

!

interface Serial1/1

ip address 10.1.12.2 255.255.255.252

serial restart-delay 0

!

interface Serial1/2

no ip address

shutdown

serial restart-delay 0

!

interface Serial1/3

no ip address

shutdown

serial restart-delay 0

!

router ospf 1

log-adjacency-changes

network 10.1.12.0 0.0.0.3 area 0

network 10.1.24.0 0.0.0.3 area 0

!

!

!

no ip http server

no ip http secure-server

!

!

!

!

!

control-plane

!

!

!

!

!

!

!

!

!

!

line con 0

exec-timeout 0 0

privilege level 15

logging synchronous

line aux 0

exec-timeout 0 0

privilege level 15

logging synchronous

line vty 0 4

password amr

login

!

!

end

---------

R1

!

!

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname R1

!

boot-start-marker

boot-end-marker

!

enable password amr

!

no aaa new-model

memory-size iomem 5

no ip icmp rate-limit unreachable

ip cef

ip tcp synwait-time 5

!

!

!

!

no ip domain lookup

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

interface Loopback1

ip address 1.1.1.1 255.255.255.255

!

interface FastEthernet0/0

no ip address

shutdown

duplex auto

speed auto

!

interface FastEthernet0/1

no ip address

shutdown

duplex auto

speed auto

!

interface Serial1/0

ip address 10.1.12.1 255.255.255.252

serial restart-delay 0

!

interface Serial1/1

ip address 10.1.13.1 255.255.255.252

serial restart-delay 0

!

interface Serial1/2

no ip address

shutdown

serial restart-delay 0

!

interface Serial1/3

no ip address

shutdown

serial restart-delay 0

!

router ospf 1

log-adjacency-changes

network 1.1.1.1 0.0.0.0 area 0

network 10.1.12.0 0.0.0.3 area 0

network 10.1.13.0 0.0.0.3 area 0

!

router bgp 5500

no synchronization

bgp log-neighbor-changes

neighbor 4.4.4.4 remote-as 5500

neighbor 4.4.4.4 update-source Loopback1

no auto-summary

!

!

!

no ip http server

no ip http secure-server

!

!

!

!

!

control-plane

!

!

!

!

!

!

!

!

!

!

line con 0

exec-timeout 0 0

privilege level 15

logging synchronous

line aux 0

exec-timeout 0 0

privilege level 15

logging synchronous

line vty 0 4

password amr

login

!

!

end

-----------

top.jpg

Re: Help me in BGP concepts

Can you post "show ip bgp" from R5 and R1?

HTH,
John

*** Please rate all useful posts ***

HTH, John *** Please rate all useful posts ***

Re: Help me in BGP concepts

Actually, on R5 you're not advertising any networks for R1 to get back to. You'll need to advertise the serial interface to R4:

R5:

router bgp 6500

network 10.1.45.0 mask 255.255.255.252

I see a logical peering from R1 - R4 with ibgp and from R4 - R5 with ebgp. For iBGP connections, the ibgp router doesn't modify the next hop. If R1 doesn't have a route to the advertising router on the other side of the ibgp neighbor, it won't be able to get to it. On R4, you would need to change your peering to R1 like:

R4:

router bgp 5500

neighbor 1.1.1.1 next-hop-self

Okay, it's late here, so I may have confused you even more...apologies if I did.

HTH,
John

*** Please rate all useful posts ***

HTH, John *** Please rate all useful posts ***
New Member

Re: Help me in BGP concepts

Dear John ,

Sorry for inconvenience but i have tried your cmds

R5:

router bgp 6500

network 10.1.45.0 mask 255.255.255.252

R4:

router bgp 5500

neighbor 1.1.1.1 next-hop-self

R1:

router bgp 5500

neighbor 4.4.4.4 next-hop-self

but still can't ping so what's the issue here

New Member

Re: Help me in BGP concepts

hello all ,

Can any one help

Cheers

New Member

Re: Help me in BGP concepts

kindly post the sh ip bgp summ from R5 and R1

thanks,

Fady

New Member

Re: Help me in BGP concepts

Dear Fady,

@ R5

R5#show ip bgp summary

BGP router identifier 10.1.45.2, local AS number 6500

BGP table version is 1, main routing table version 1

Neighbor        V    AS MsgRcvd MsgSent   TblVer  InQ OutQ Up/Down  State/PfxRcd

10.1.45.1       4  5500       4       4        1    0    0 00:01:12        0

@R4

R4#show ip bgp su

R4#show ip bgp summary

BGP router identifier 4.4.4.4, local AS number 5500

BGP table version is 1, main routing table version 1

Neighbor        V    AS MsgRcvd MsgSent   TblVer  InQ OutQ Up/Down  State/PfxRcd

1.1.1.1         4  5500       5       5        1    0    0 00:02:11        0

10.1.45.2       4  6500       5       5        1    0    0 00:02:06        0

R4#

@R1

R1#sh ip bg su

R1#sh ip bg summary

BGP router identifier 1.1.1.1, local AS number 5500

BGP table version is 1, main routing table version 1

Neighbor        V    AS MsgRcvd MsgSent   TblVer  InQ OutQ Up/Down  State/PfxRcd

4.4.4.4         4  5500      11      11        1    0    0 00:08:45        0

R1#

the bgp neighbourship is running well , but no network advertised as i didn't use cmd  #network at all , i need someone can correct my configuration which i have posted to see where is the error

Best Regards

Help me in BGP concepts

use redistribute ospf 1 under bgp 5500

Router bgp 5500

resdistibute ospf 1

Re: Help me in BGP concepts

Hello

Try this:

R4

##

router ospf 1

network 10.1.45.1 0.0.0.0 area 0

redistribute bgp 5500 subnets

router bgp 5500

redistribute ospf 1 match internal external 1 external 2

neighbor 1.1.1.1 next hop-self

res

Paul

Please don't forget to rate any posts that have been helpful.

Thanks.

Please don't forget to rate any posts that have been helpful. Thanks.

Re: Help me in BGP concepts

Amr,

I loaded up your gns topology this morning, and you actually had a couple of things going on so I'll break them down. Along with what I stated last night, you should have added the network statement to R5 and on R4 the next-hop-self statement for R1.

Paul stated correctly that you needed to redistribute ospf into bgp. After redistributing ospf on R4, R5 knows how to get to R1 via R4's loopback, and it does a recursive lookup to get to 4.4.4.4 it will go to R2 or R3 which is where the traffic is dropped. Being that R4 has a connected route, it doesn't redistribute that route into bgp, so advertising the network into ospf via the network command or redistribute connected would resolve the issue. You can do a one way redistribution from ospf into bgp and it would still work fine.

HTH,
John

*** Please rate all useful posts ***

HTH, John *** Please rate all useful posts ***

Re: Help me in BGP concepts

Hello John

If router 5 advertised anything else other than it connect subnet into bgp then R1 would not able reach it as the opsf core routers would not know how to reach the prefixes, hence my suggested mutual  redistribution with  bgp in ospf also?

res

Paul

Please don't forget to rate any posts that have been helpful.

Thanks.

Please don't forget to rate any posts that have been helpful. Thanks.

Re: Help me in BGP concepts

Paul,

That would be correct, but the original post only requested to be able to ping R5 from R1. You're correct that if there were other networks involved on R5, redistribution would be necessary, but in this case the only thing that needs to be done is for R4 to advertise its connected network so R3 knows how to get to it. Right now, R1 is sending traffic destined to R5 via the loopback for R4 (4.4.4.4). R1 has to do a recursive lookup and send it to R2 or R3, but then R2 or R3 drop the traffic because they didn't know about 10.45.1.0/30. In this case, redistributing bgp wouldn't help because R4 sees that has a connected route and has a rib failure for bgp because it's connected route is better than what R5 is advertising. Because of the rib failure, R4 has to advertise the subnet that connects to R5, like you suggested originally or by redistributing connected routes. The problem with redistributing the connected route would be that now ospf would have a type-5 lsa that really doesn't need to be.

HTH,
John

*** Please rate all useful posts ***

HTH, John *** Please rate all useful posts ***
New Member

Re: Help me in BGP concepts

Dear Paul & John

I am very Thankful for your help & efforts , it's now working very well , but now i need to understand these cmds

# redistribute bgp 5500 subnets

# redistribute ospf 1 match internal external 1 external 2

also i need to know what is the meaning of " match internal external 1 external 2 " plus  i need to understand why i must provide BGP with another routing  protocol like OSPF or EIGRP to complete routing & i need to know  when i must use cmd # Network at BGP & cmd # Neighbour & the difference bet. them & why we have used cmd # Network at R5 only and didn't use it at any other router

Thanks for your time & Help

Regards - amr

Re: Help me in BGP concepts

By default, intra-area and inter-area routes are redistributed when doing redistribution, so in order to get everything (external routes), you specify external type-1 and external -type 2. "Match internal" matches inter and intra area routes which is the default.

Redistribute bgp 5500 subnets tells ospf to redistribute bgp routes from the as 5500. The "subnets" keyword tells OSPF to pull all routes even if not classful. By default, it will only redistribute classful subnets.

HTH,
John

*** Please rate all useful posts ***

HTH, John *** Please rate all useful posts ***
New Member

Re: Help me in BGP concepts

thanks john for help

This is the rest of my post as i need to understand these notes" plus  i need to understand why i must provide BGP  with another routing  protocol like OSPF or EIGRP to complete routing  & i need to know  when i must use cmd # Network at BGP & cmd #  Neighbour & the difference bet. them & why we have used cmd #  Network at R5 only and didn't use it at any other router "

Thanks for your time & Help

Regards - amr

Re: Help me in BGP concepts

"i need to understand why i must provide BGP  with another routing  protocol like OSPF or EIGRP to complete routing"

Well, you don't. You can have just BGP in your environment and it will work fine, or you can run an IGP like ospf or eigrp all over the place and it will work fine as well. The primary difference is that BGP was designed to be able to hold hundreds of thousands of routes if you have enough memory to hold a full routing table. An igp on the other hand was designed to route internal subnets, so you wouldn't, in general, have hundreds of thousands of routes. An IGP can't handle the same amount of routes that bgp can.

"i need to know  when i must use cmd # Network at BGP & cmd #  Neighbour"

Network command under bgp allows for you to advertise the specific network. The network needs to be in the routing table in order to advertise though, and bgp needs an exact match. 10.10.10.10/32 is not the same as 10.10.10.0/24 under bgp. BGP would need "network 10.10.10.10 mask 255.255.255.255" in order to advertise the 10.10.10.10/32 address. The neighbor command tells bgp who to connect to to share those addresses with by peering up with them. BGP works on a unicast address and has a direct connection to another peer. By default bgp has a ttl of 1, which means that it has to be a directly connected peer. You can disable that check though if you're peering with someone on the other side of a next hop or a loopback address.

"why we have used cmd #  Network at R5 only and didn't use it at any other router "

R5 was running BGP, but wasn't advertising anything. Technically, I'd have to lab this up again when I get back home to test it, but you probably didn't need it after all and here's why. R5 was connected directly to R4 10.1.45.0, so R4 knew how to get to R5 and vice versa. The problem is that R1 thought to get to 10.1.45.0, it needed to go to 4.4.4.4. 4.4.4.4 went to R2 or R3, but R2 or R3 didn't know about 10.1.45.0 and dropped the packet. So, in reality, you could have kept your peering with R1 --> R4 --> R5 and only advertise the 10.1.45.0 in ospf on R4. You would still have to redistribute into BGP so R5 would know how to get to your other subnets unless you wanted to advertise a default route to R5 from R4.

HTH,
John

*** Please rate all useful posts ***

HTH, John *** Please rate all useful posts ***
New Member

Re: Help me in BGP concepts

Dear John ,

Thank you so much for your amazing knowledge , last thing i need to compare between cmd # network in OSPF & in BGP , in addition i need to understand what does it mean by " RIB Failure " & what is it's cure as i have added an extra Router R6 to the topology & it can ping normally R1 but when i used cmd # show ip bgp   at R1 i found all networks had a RIB Failure so when i used cmd # show ip bgp rib failure   the reason was Higher Admin Distance although R1 can ping any other networks and working normallytopology.png

Cheers - amr

Re: Help me in BGP concepts

Amr,

A rib failure for the reason that you're seeing with "higher admin distance" means that there router has a better route than what BGP can provide. In your case on R4, anything learned from R5 will have an AD of 20 due to ebgp. Anything on R1 learned from R4 via bgp will have an AD of 200 and anything on R1 learned from ospf will have an AD of 110. So if you have a route that OSPF matches, for example 10.1.45.0, you would have a rib failure. (If I remember right, I think you can see this on R4 for the 10.45.1.0/24 network that R5 advertises.) R4 would show a rib failure because 10.45.1.0 is a connected network for it being an AD cost of 0. Does that make sense? There's nothing wrong with rib failures and  you'll see them in production networks. If you were learning an ospf route of 1.1.1.0/24 and a bgp route of 1.1.1.0/24, the bgp route would have a rib failure due to high admin distance, but if the ospf route were to go away for some reason, the bgp route would be entered into the routing table.

HTH,
John

*** Please rate all useful posts ***

HTH, John *** Please rate all useful posts ***
606
Views
20
Helpful
19
Replies
CreatePlease login to create content