BGP: Route reflector

Split horizon
Split horizon rule is to prevent routing loop. In iBGP a router which learns prefixes from a BGP speaker will not advertise to BGP speaker, this makes a full mesh iBGP peering necessary in order for other BGP speakers to know the route.

The number of TCP sessions can be calculated with this formula n(n-1)/2 where n is the number of BGP speaker. Let say if there are 10 BGP speakers the number of TCP sessions needed in a full mesh peering is 45.

Without route reflector

Without route reflector these scenarios will occur in ibgp peering:

1. R6 learns the route of R7 and R8. If iBGP peering is not fully meshed, R8 only knows the route advertised by R6 and will not receive route advertised by R7. R7 will not receive route advertised by R8 but only receives route advertised by R6.

2. In order for R7 and R8 to know each other route, in a situation without route reflector, R7 must also peer with R8. R7 and R8 will require to have an additional iBGP tcp session.

Route reflector
In order to reduce the number of TCP sessions as the network grow, route reflector can be used. Route reflector bypass the split horizon rule, route learned from one BGP speaker will be advertised to another BGP speaker, the BGP speakers however will peer to route reflector only.

With route reflector, R7 and R8 only require to peer with R6, where R6 is the route reflector. R7 and R8 only require one iBGP TCP session to R6. R7 and R8 will learn each other routes through R6.


R8-CLIENT#sh ip route bgp
     172.31.0.0/24 is subnetted, 4 subnets
B       172.31.7.0 [200/0] via 7.7.7.7, 00:30:52
B       172.31.6.0 [200/0] via 6.6.6.6, 00:30:28
B       172.31.9.0 [20/0] via 9.9.9.9, 00:27:54
     10.0.0.0/30 is subnetted, 2 subnets
B       10.1.1.0 [200/0] via 7.7.7.7, 00:27:49
R8-CLIENT#

Line 3 and 7 are routes advertised by R7-CLIENT.

R7-CLIENT#show ip route bgp
     172.31.0.0/24 is subnetted, 4 subnets
B       172.31.6.0 [200/0] via 6.6.6.6, 00:32:36
B       172.31.9.0 [20/0] via 9.9.9.9, 00:29:01
B       172.31.8.0 [200/0] via 8.8.8.8, 00:39:23
     10.0.0.0/30 is subnetted, 2 subnets
B       10.1.1.4 [200/0] via 8.8.8.8, 00:30:09
R7-CLIENT#

Line 3 and 7 are routes advertised by R8-CLIENT.

Without route reflector R7-CLIENT and R8-CLIENT must peer to each other in order to receive each other’s route.

In BGP the most important thing to remember is the BGP speakers must have reachability to one another.

Entire lab configurations


RR-R6#sh running-config 
Building configuration...

Current configuration : 1624 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname RR-R6
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
memory-size iomem 5
ip cef
!
!
!
!
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
!         
multilink bundle-name authenticated
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
archive   
 log config
  hidekeys
! 
!
!
!
!
!
!
!
interface Loopback0
 ip address 6.6.6.6 255.255.255.255
 ip router isis cyruslab
!
interface Loopback6
 ip address 172.31.6.1 255.255.255.0
!
interface FastEthernet0/0
 no ip address
 shutdown
 duplex auto
 speed auto
!         
interface Serial0/0
 bandwidth 2000
 ip address 192.168.1.1 255.255.255.252
 ip router isis cyruslab
 clock rate 2000000
!
interface FastEthernet0/1
 no ip address
 shutdown
 duplex auto
 speed auto
!
interface Serial0/1
 bandwidth 2000
 ip address 192.168.1.9 255.255.255.252
 ip router isis cyruslab
 clock rate 2000000
!
interface Serial0/2
 no ip address
 shutdown
 clock rate 2000000
!         
router isis cyruslab
 net 49.0001.0000.0000.0006.00
!
router bgp 65000
 no synchronization
 bgp log-neighbor-changes
 network 172.31.6.0 mask 255.255.255.0
 neighbor 7.7.7.7 remote-as 65000
 neighbor 7.7.7.7 update-source Loopback0
 neighbor 7.7.7.7 route-reflector-client
 neighbor 8.8.8.8 remote-as 65000
 neighbor 8.8.8.8 update-source Loopback0
 neighbor 8.8.8.8 route-reflector-client
 no auto-summary
!
ip forward-protocol nd
!
!
ip http server
no ip http secure-server
!
!
!         
!
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
!
line con 0
 logging synchronous
line aux 0
line vty 0 4
!
!
end
          
RR-R6#


R7-CLIENT#sh run 
Building configuration...

Current configuration : 1756 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R7-CLIENT
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
memory-size iomem 5
ip cef
!
!
!
!
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
!         
multilink bundle-name authenticated
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
archive   
 log config
  hidekeys
! 
!
!
!
!
!
!
!
interface Loopback0
 ip address 7.7.7.7 255.255.255.255
 ip router isis cyruslab
!
interface Loopback7
 ip address 172.31.7.1 255.255.255.0
!
interface FastEthernet0/0
 no ip address
 shutdown
 duplex auto
 speed auto
!         
interface Serial0/0
 bandwidth 2000
 ip address 192.168.1.2 255.255.255.252
 ip router isis cyruslab
 clock rate 2000000
!
interface FastEthernet0/1
 no ip address
 shutdown
 duplex auto
 speed auto
!
interface Serial0/1
 bandwidth 2000
 ip address 192.168.1.5 255.255.255.252
 ip router isis cyruslab
 clock rate 2000000
!
interface Serial0/2
 bandwidth 2000
 ip address 10.1.1.1 255.255.255.252
 clock rate 2000000
!         
router isis cyruslab
 net 49.0001.0000.0000.0007.00
 is-type level-1
!
router bgp 65000
 no synchronization
 bgp log-neighbor-changes
 network 10.1.1.0 mask 255.255.255.252
 network 172.31.7.0 mask 255.255.255.0
 neighbor 6.6.6.6 remote-as 65000
 neighbor 6.6.6.6 update-source Loopback0
 neighbor 6.6.6.6 next-hop-self
 neighbor 9.9.9.9 remote-as 65100
 neighbor 9.9.9.9 ebgp-multihop 2
 neighbor 9.9.9.9 update-source Loopback0
 no auto-summary
!
ip forward-protocol nd
ip route 9.9.9.9 255.255.255.255 10.1.1.2
!
!
ip http server
no ip http secure-server
!
!
!
!
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
!
line con 0
 exec-timeout 0 0
 logging synchronous
line aux 0
line vty 0 4
!
!
end

R7-CLIENT#


R8-CLIENT#sh run 
Building configuration...

Current configuration : 1757 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R8-CLIENT
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
memory-size iomem 5
ip cef
!
!
!
!
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
!         
multilink bundle-name authenticated
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
archive   
 log config
  hidekeys
! 
!
!
!
!
!
!
!
interface Loopback0
 ip address 8.8.8.8 255.255.255.255
 ip router isis cyruslab
!
interface Loopback8
 ip address 172.31.8.1 255.255.255.0
!
interface FastEthernet0/0
 no ip address
 shutdown
 duplex auto
 speed auto
!         
interface Serial0/0
 bandwidth 2000
 ip address 192.168.1.10 255.255.255.252
 ip router isis cyruslab
 clock rate 2000000
!
interface FastEthernet0/1
 no ip address
 shutdown
 duplex auto
 speed auto
!
interface Serial0/1
 bandwidth 2000
 ip address 192.168.1.6 255.255.255.252
 ip router isis cyruslab
 clock rate 2000000
!
interface Serial0/2
 bandwidth 2000
 ip address 10.1.1.5 255.255.255.252
 clock rate 2000000
!         
router isis cyruslab
 net 49.0001.0000.0000.0008.00
 is-type level-1
!
router bgp 65000
 no synchronization
 bgp log-neighbor-changes
 network 10.1.1.4 mask 255.255.255.252
 network 172.31.8.0 mask 255.255.255.0
 neighbor 6.6.6.6 remote-as 65000
 neighbor 6.6.6.6 update-source Loopback0
 neighbor 6.6.6.6 next-hop-self
 neighbor 9.9.9.9 remote-as 65100
 neighbor 9.9.9.9 ebgp-multihop 2
 neighbor 9.9.9.9 update-source Loopback0
 no auto-summary
!
ip forward-protocol nd
ip route 9.9.9.9 255.255.255.255 10.1.1.6
!
!
ip http server
no ip http secure-server
!
!
!
!
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
!
line con 0
 exec-timeout 0 0
 logging synchronous
line aux 0
line vty 0 4
!
!
end

R8-CLIENT# 


EXTERNAL-R9#sh run 
Building configuration...

Current configuration : 1567 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname EXTERNAL-R9
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
memory-size iomem 5
ip cef
!
!
!
!
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
!         
multilink bundle-name authenticated
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
archive   
 log config
  hidekeys
! 
!
!
!
!
!
!
!
interface Loopback0
 ip address 9.9.9.9 255.255.255.255
!
interface Loopback9
 ip address 172.31.9.1 255.255.255.0
!
interface FastEthernet0/0
 no ip address
 shutdown
 duplex auto
 speed auto
!
interface Serial0/0
 bandwidth 2000
 ip address 10.1.1.2 255.255.255.252
 clock rate 2000000
!
interface FastEthernet0/1
 no ip address
 shutdown
 duplex auto
 speed auto
!
interface Serial0/1
 bandwidth 2000
 ip address 10.1.1.6 255.255.255.252
 clock rate 2000000
!
interface Serial0/2
 no ip address
 shutdown
 clock rate 2000000
!
router bgp 65100
 no synchronization
 bgp log-neighbor-changes
 network 172.31.9.0 mask 255.255.255.0
 neighbor 7.7.7.7 remote-as 65000
 neighbor 7.7.7.7 ebgp-multihop 2
 neighbor 7.7.7.7 update-source Loopback0
 neighbor 8.8.8.8 remote-as 65000
 neighbor 8.8.8.8 ebgp-multihop 2
 neighbor 8.8.8.8 update-source Loopback0
 no auto-summary
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 10.1.1.5
ip route 0.0.0.0 0.0.0.0 10.1.1.1
!
!
ip http server
no ip http secure-server
!
!
!
!
!
!
!         
control-plane
!
!
!
!
!
!
!
!
!
!
line con 0
 exec-timeout 0 0
 logging synchronous
line aux 0
line vty 0 4
!
!
end

EXTERNAL-R9#
This entry was posted in BGP, Route and tagged , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s