Trying to Understand this

Steven Williams · ‎02-10-2014

R1169063#show ip bgp neighbors 152.162.63.101 received-routes | inc 10.70.

*> 10.70.20.0/23 152.162.63.101 0 65000 64705 ?

*> 10.70.30.0/23 152.162.63.101 0 65000 64704 ?

*> 10.70.40.0/23 152.162.63.101 0 65000 64701 ?

*> 10.70.60.0/23 152.162.63.101 0 65000 64708 ?

*> 10.70.70.0/23 152.162.63.101 0 65000 64702 ?

*> 10.70.80.0/23 152.162.63.101 0 65000 64703 ?

*> 10.70.89.0/24 152.162.63.101 0 65000 64714 i

*> 10.70.100.0/23 152.162.63.101 0 65000 64714 ?

*> 10.70.110.0/23 152.162.63.101 0 65000 64712 i

*> 10.70.120.0/23 152.162.63.101 0 65000 64714 ?

*> 10.70.130.0/24 152.162.63.101 0 65000 64712 i

*> 10.70.131.0/24 152.162.63.101 0 65000 64712 i

*> 10.70.140.0/23 152.162.63.101 0 65000 64712 i

*> 10.70.150.0/23 152.162.63.101 0 65000 64712 ?

I am very confused....But maybe this tells me something about my network.

10.70.100.0/23 and 10.70.120.0/23 are TWO different physical locations....so does this tell me that in order to get to both sites I have to go through almost like a hub router?

Jon Marshall · ‎02-10-2014

Steven

All routes are being seen with the same next hop IP.

All this means is that you router is peering with another BGP router that is receiving routes for remote networks that could be at different sites. Imagine a setup where you have multiple sites connected together with a provider network MPLS or not. At each site you have a router that peers with a provider router. The provider routers will have routes to all your sites but because at each site you are only peering with a provider router you only see that router as the next hop IP.

So i suspect you are looking at a BGP table on a router managed by your company that is peering with a provider router and receving from that router all your remote networks. The next hop IP of all routes is the provider router and the provider is then responsible for routing any traffic to the correct destination.

If this is not the case then please clarify.

Jon

Steven Williams · ‎02-10-2014

jon -

Each route has the same next AS65000, which is the MPLS VPN. But then when looking at the next AS path 64714 exists for 3 different subnets, 10.70.89.0/24 and 10.70.120.0/23 are in the same physical location, but 10.70.100.0/23 is a totally different location in another country....so why is the second AS path the same?

Jon Marshall · ‎02-10-2014

Steven

Perhaps you have used the same AS for those two sites. Note to be able to do this on those routers you would need to see -

router bgp

neighbor x.x.x.x allowas-in 1

where x.x.x.x is the next hop IP address of the peer router.

Jon

Steven Williams · ‎02-10-2014

I have verified that each router at each site is NOT using the same AS.

Jon Marshall · ‎02-10-2014

Are you sure that that route is not being advertised from both sites and it is picking the wrong one ?

Jon

Steven Williams · ‎02-10-2014

yup verified this with the advertised routes command...Im pretty confused.

Jon Marshall · ‎02-10-2014

So each site has it's own connection to the MPLS network and each site uses BGP to advertise routes to the provider router ?

Jon

Steven Williams · ‎02-10-2014

Correct!

Jon Marshall · ‎02-10-2014

And the router you are on is at a different site from both of the others ?

And you have logged onto both remote routers and done a "sh ip bgp ... advertised-routes" and only seen them advertising what they should be ?

Have you tried tracerouting to them to see what path they take ?

Jon

Steven Williams · ‎02-10-2014

The router I see the output from is completely separate, yes.

Yes, I have confirmed the advertised routes.

Traceroute from what device to where?

Jon Marshall · ‎02-10-2014

Ideally from a device in the site you are in to IPs in both those networks and see if they take the same path.

Also if possible can you post BGP config for the two remote sites ?

Jon

Steven Williams · ‎02-10-2014

Holy Batman Jon....my eyes need some checking...these two sites are using the same AS number....Is this even possible? I know they are TWO physically different locations.

NEXUS5K001# traceroute 10.70.100.15
traceroute to 10.70.100.15 (10.70.100.15), 30 hops max, 40 byte packets
1 10.170.199.6 (10.170.199.6) (AS 64707) 1.054 ms 2.085 ms 2.718 ms
2 152.162.63.101 (152.162.63.101) (AS 64707) 6.05 ms 7.615 ms 6.498 ms
3 68.139.102.141 (68.139.102.141) (AS 65000) 126.792 ms 126.596 ms 126.212 ms
[Label=21129 E=0 TTL=255 S=1]
4 68.138.118.202 (68.138.118.202) (AS 65000) 123.325 ms 123.99 ms 123.354 ms
5 10.70.100.15 (10.70.100.15) (AS 64714) 124.188 ms 126.23 ms 123.9 ms

NEXUS5K001# traceroute 10.70.120.15
traceroute to 10.70.120.15 (10.70.120.15), 30 hops max, 40 byte packets
1 10.170.199.6 (10.170.199.6) (AS 64707) 2.963 ms 1.523 ms 2.012 ms
2 152.162.63.101 (152.162.63.101) (AS 64707) 6.412 ms 5.864 ms 7.695 ms
3 68.139.102.141 (68.139.102.141) (AS 65000) 127.751 ms 126.723 ms 125.727 ms
[Label=21130 E=0 TTL=255 S=1]
4 68.139.102.142 (68.139.102.142) (AS 65000) 123.083 ms 123.061 ms 123.191 ms
5 10.70.120.15 (10.70.120.15) (AS 64714) 122.927 ms 122.942 ms 122.846 ms
NEXUS5K001#

I mean you cant configure another BGP process or even override a current one as it tells you cant within the IOS. So this is not an easy mistake.

Jon Marshall · ‎02-10-2014

It's possible yes. In fact the only issue with using the same AS in two sites is that they will drop routes received from each other as they see their own AS in the AS PATH but you can override this with "allowas-in"

From your local routers perspective it is not an issue as it using a different AS number.

I thought though that you had verified that the two sites were using different AS numbers ?

Perhaps some configs and a quick topology explanation would help us sort this out.

Jon

Steven Williams · ‎02-10-2014

Ok side road....They will drop routes learned from each other due to the rule of iBGP neighbors.No iBGP neighbor will advertise routes it learns from another iBGP neighbor....

But these two sites being differnet, this could cause an issue. correct? So what is allowas-in for? what kind of attribute is this? Well-known? etc, etc.