IP routing with BGP

Problem 1: Did not receive prefix advertised by BGP peer.
R2#sh ip bgp summary BGP router identifier 2.2.2.2, local AS number 2 BGP table version is 1, main routing table version 1
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd 192.168.12.1 4 1 44 43 1 0 0 00:36:08 0

R2 did not receive prefix advertised by R1 via BGP.

R1#sh run | sec router bgp router bgp 1 bgp log-neighbor-changes network 1.1.1.1 mask 255.255.255.255 neighbor 192.168.12.2 remote-as 2 R1#

R1#sh ip route | begin Gate Gateway of last resort is not set
1.0.0.0/8 is variably subnetted, 2 subnets, 2 masks C 1.1.1.0/27 is directly connected, Loopback1 L 1.1.1.1/32 is directly connected, Loopback1 192.168.12.0/24 is variably subnetted, 2 subnets, 2 masks C 192.168.12.0/24 is directly connected, Ethernet0/0 L 192.168.12.1/32 is directly connected, Ethernet0/0 R1#

This is due to incorrect subnet mask defined in router bgp. When you advertised prefix in BGP the subnet mask must be exactly matched.

R1#conf t Enter configuration commands, one per line. End with CNTL/Z. R1(config)#router bgp 1 R1(config-router)#no network 1.1.1.1 mask 255.255.255.255 R1(config-router)#network 1.1.1.0 mask 255.255.255.224 R1(config-router)#

Let’s verify R2’s BGP status

R2>sh ip bgp summary BGP router identifier 2.2.2.2, local AS number 2 BGP table version is 2, main routing table version 2 1 network entries using 144 bytes of memory 1 path entries using 80 bytes of memory 1/1 BGP path/bestpath attribute entries using 152 bytes of memory 1 BGP AS-PATH entries using 24 bytes of memory 0 BGP route-map cache entries using 0 bytes of memory 0 BGP filter-list cache entries using 0 bytes of memory BGP using 400 total bytes of memory BGP activity 1/0 prefixes, 1/0 paths, scan interval 60 secsNeighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd 192.168.12.1 4 1 64 62 2 0 0 00:53:23 1 R2>

R2>sh ip bgp BGP table version is 2, local router ID is 2.2.2.2 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter, x best-external, a additional-path, c RIB-compressed, Origin codes: i - IGP, e - EGP, ? - incomplete RPKI validation codes: V valid, I invalid, N Not foundNetwork Next Hop Metric LocPrf Weight Path *> 1.1.1.0/27 192.168.12.1 0 0 1 i R2>
The best path is selected and installed into routing table
R2>sh ip route bgp | begin Gate Gateway of last resort is not set1.0.0.0/27 is subnetted, 1 subnets B 1.1.1.0 [20/0] via 192.168.12.1, 00:01:58 R2>

Problem 2: R1 and R5 could not see routes advertised in BGP

R1 could not get the routes advertised by R5 (5.5.5.5/32) and R5 could not get the routes advertised by R1 (1.1.1.0/27).

The problem is that only R1 and R2 have formed BGP peers and shared routes advertised by R1, and R4 and R5 have formed BGP peers and shared routes advertised by R5. There is no internal BGP (iBGP) formed between R2 and R4.

iBGP is necessary for route advertised by eBGP to transit from one Autonomous System (AS) to another AS.
R2(config)#router bgp 2 R2(config-router)#neighbor 4.4.4.4 remote-as 2 R2(config-router)#neighbor 4.4.4.4 update-source lo2 R4(config)#router bgp 2 R4(config-router)#neighbor 2.2.2.2 remote R4(config-router)#neighbor 2.2.2.2 remote-as 2 R4(config-router)#neighbor 2.2.2.2 update-source lo4 R4(config-router)#end

R2#sh ip bgp summary | in Nei|4.4.4.4 Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd 4.4.4.4 4 2 18 18 2 0 0 00:12:06 1 R2# R4#sh ip bgp summary | in Neig|2.2.2.2 Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd 2.2.2.2 4 2 19 19 2 0 0 00:12:56 1 R4#
As can be seen the neighborship is formed and prefix is shared.

Problem 2.1: BGP routes not in routing table

Although R2 and R4 have formed iBGP neighbors and provides means to let the prefix advertised to be received as shown in show ip bgp summary command. R1 and R5 still do not have routes of each other in their own routing table.

R2 and R4 also do not have 5.5.5.5 and 1.1.1.1 found in their own routing table respectively.

R2#sh ip bgp | begin Net Network Next Hop Metric LocPrf Weight Path *> 1.1.1.0/27 192.168.12.1 0 0 1 i * i 5.5.5.5/32 192.168.45.5 0 100 0 3 i R2#
Although 5.5.5.5/32 is received by R2 it is not put into its routing table, a router only puts the best route into its own routing table.

As shown in the show ip bgp command the next hop to reach 5.5.5.5 is via 192.168.45.5, but R2 has no knowledge of this route!
R2#sh ip route 192.168.45.5 % Network not in table R2#

The situation is the same for R4
R4#sh ip bgp | beg Net Network Next Hop Metric LocPrf Weight Path * i 1.1.1.0/27 192.168.12.1 0 100 0 1 i *> 5.5.5.5/32 192.168.45.5 0 0 3 i R4#
R4 does not know how to reach 192.168.12.1 and hence 1.1.1.0/27 prefix though is received, is not installed into its own routing table.
R4#sh ip route 192.168.12.1 % Network not in table R4#

The solution can be R2 advertise 192.168.12.2 via OSPF and R4 advertise 192.168.45.4 via OSPF
R2(config)#router ospf 1 R2(config-router)#network 192.168.12.2 0.0.0.0 area 0 R2(config-router)#end R4(config)#router ospf 1 R4(config-router)#network 192.168.45.4 0.0.0.0 area 0

Or to use the bgp neighbor x.x.x.x next-hop-self command.
R2(config)#router bgp 2 R2(config-router)#neighbor 4.4.4.4 next-hop-self R2(config-router)#end R4(config-router)#router bgp 2 R4(config-router)#neighbor 2.2.2.2 next-hop-self

BGP does not change the next hop by default.

R2#sh ip bgp | in Net|5.5.5.5 Network Next Hop Metric LocPrf Weight Path *>i 5.5.5.5/32 4.4.4.4 0 100 0 3 i R2#sh ip route bgp | beg Gate|5.5.5.5 Gateway of last resort is not set

1.0.0.0/27 is subnetted, 1 subnets
B 1.1.1.0 [20/0] via 192.168.12.1, 02:33:04
5.0.0.0/32 is subnetted, 1 subnets
B 5.5.5.5 [200/0] via 4.4.4.4, 00:03:15
R2#
R4#sh ip bgp | in Net|1.1.1.
Network Next Hop Metric LocPrf Weight Path
*>i 1.1.1.0/27 2.2.2.2 0 100 0 1 i
R4#show ip route bgp | beg Gate
Gateway of last resort is not set

1.0.0.0/27 is subnetted, 1 subnets
B 1.1.1.0 [200/0] via 2.2.2.2, 00:06:26
5.0.0.0/32 is subnetted, 1 subnets
B 5.5.5.5 [20/0] via 192.168.45.5, 02:39:22
R4#

As shown above the next hop address to reach 1.1.1.0/27 and 5.5.5.5/32 are updated.

Now the R1 and R5 should have the each other’s advertised routes.
R1>sh ip route bgp | beg Gate Gateway of last resort is not set
5.0.0.0/32 is subnetted, 1 subnets B 5.5.5.5 [20/0] via 192.168.12.2, 00:05:41 R5>sh ip route bgp | beg Gate Gateway of last resort is not set1.0.0.0/27 is subnetted, 1 subnets B 1.1.1.0 [20/0] via 192.168.45.4, 00:08:52 R5>

Problem 3: R1 and R5 could not reach each other’s advertised prefix
R1>sh ip route bgp | beg Gate Gateway of last resort is not set5.0.0.0/32 is subnetted, 1 subnets B 5.5.5.5 [20/0] via 192.168.12.2, 00:05:41 R1>ping 5.5.5.5 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 5.5.5.5, timeout is 2 seconds: ..... Success rate is 0 percent (0/5) R1> R5>sh ip route bgp | beg Gate Gateway of last resort is not set1.0.0.0/27 is subnetted, 1 subnets B 1.1.1.0 [20/0] via 192.168.45.4, 00:08:52 R5>ping 1.1.1.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 1.1.1.1, timeout is 2 seconds: ..... Success rate is 0 percent (0/5) R5>

Let’s traceroute and see which router has dropped the traffic.
R1#traceroute 5.5.5.5 numeric Type escape sequence to abort. Tracing the route to 5.5.5.5 VRF info: (vrf in name/id, vrf out name/id) 1 192.168.12.2 1 msec 0 msec 1 msec 2 * * * 3 R1#
The problem is with R3!

R3#sh ip route | beg Gate Gateway of last resort is not set2.0.0.0/32 is subnetted, 1 subnets O 2.2.2.2 [110/11] via 192.168.23.2, 03:30:14, Ethernet0/1 3.0.0.0/32 is subnetted, 1 subnets C 3.3.3.3 is directly connected, Loopback3 4.0.0.0/32 is subnetted, 1 subnets O 4.4.4.4 [110/11] via 192.168.34.4, 03:27:50, Ethernet0/2 192.168.23.0/24 is variably subnetted, 2 subnets, 2 masks C 192.168.23.0/24 is directly connected, Ethernet0/1 L 192.168.23.3/32 is directly connected, Ethernet0/1 192.168.34.0/24 is variably subnetted, 2 subnets, 2 masks C 192.168.34.0/24 is directly connected, Ethernet0/2 L 192.168.34.3/32 is directly connected, Ethernet0/2 R3#
R3 has no idea where to route 1.1.1.1 or 5.5.5.5 because these two networks not in its routing table.

Two solutions:

Redistribute BGP into OSPF; 1 prefix is fine… but if there are 600k prefixes then I think R3 cannot take it!
Make R3 to be iBGP as well! Talk the same language buddy!

R3(config)#router bgp 2 R3(config-router)#neighbor 2.2.2.2 remote-as 2 R3(config-router)#neighbor 2.2.2.2 update-source lo3 R3(config-router)#neighbor 4.4.4.4 remote-as 2 R3(config-router)#neighbor 4.4.4.4 update-source lo3 R3(config-router)#end R2(config)#router bgp 2 R2(config-router)#neighbor 3.3.3.3 remote-as 2 R2(config-router)#neighbor 3.3.3.3 update-source lo2 R2(config-router)#neighbor 3.3.3.3 next-hop-self R2(config-router)#end R4(config)#router bgp 2 R4(config-router)#neighbor 3.3.3.3 remote-as 2 R4(config-router)#neighbor 3.3.3.3 update-source lo4 R4(config-router)#neighbor 3.3.3.3 next-hop-self R4(config-router)#end

R3#sh ip bgp | beg Net Network Next Hop Metric LocPrf Weight Path *>i 1.1.1.0/27 2.2.2.2 0 100 0 1 i *>i 5.5.5.5/32 4.4.4.4 0 100 0 3 i R3#sh ip route bgp | beg Gate Gateway of last resort is not set1.0.0.0/27 is subnetted, 1 subnets B 1.1.1.0 [200/0] via 2.2.2.2, 00:01:30 5.0.0.0/32 is subnetted, 1 subnets B 5.5.5.5 [200/0] via 4.4.4.4, 00:01:30 R3#

So I think R1 should be able to reach 5.5.5.5 and R5 to reach 1.1.1.1?
R1>ping 5.5.5.5 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 5.5.5.5, timeout is 2 seconds: ..... Success rate is 0 percent (0/5) R1> R5>ping 1.1.1.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 1.1.1.1, timeout is 2 seconds: ..... Success rate is 0 percent (0/5) R5>

HUH?!

Problem 4: R1 and R5 cannot reach each other’s advertised prefix despite via transit AS that has all iBGP routers.

I turn on debug ip packet on R1 and R5; Found something interesting on R1’s debug.
R1# *Sep 10 14:22:50.160: IP: tableid=0, s=192.168.45.5 (Ethernet0/0), d=1.1.1.1 (Loopback1), routed via RIB *Sep 10 14:22:50.160: IP: s=192.168.12.1 (local), d=192.168.45.5, len 56, unroutable R1#u all All possible debugging has been turned off R1#
It says 192.168.45.5 is unroutable!

R5#sh ip route | b Ga Gateway of last resort is not set

1.0.0.0/27 is subnetted, 1 subnets B 1.1.1.0 [20/0] via 192.168.45.4, 01:04:37 5.0.0.0/32 is subnetted, 1 subnets C 5.5.5.5 is directly connected, Loopback5 192.168.45.0/24 is variably subnetted, 2 subnets, 2 masks C 192.168.45.0/24 is directly connected, Ethernet0/0 L 192.168.45.5/32 is directly connected, Ethernet0/0 R5# R5#sh run | s r b router bgp 3 bgp log-neighbor-changes network 5.5.5.5 mask 255.255.255.255 neighbor 192.168.45.4 remote-as 2 R5#
So let’s try advertise 192.168.45.0/24 via BGP on R4?
R4(config)#router bgp 2 R4(config-router)#network 192.168.45.0 mask 255.255.255.0 R4(config-router)#end

Also from R5’s debug:
R5# *Sep 10 14:28:09.544: IP: tableid=0, s=192.168.12.1 (Ethernet0/0), d=5.5.5.5 (Loopback5), routed via RIB *Sep 10 14:28:09.544: IP: s=192.168.12.1 (Ethernet0/0), d=5.5.5.5, len 100, rcvd 4 *Sep 10 14:28:09.544: IP: s=192.168.12.1 (Ethernet0/0), d=5.5.5.5, len 100, stop process pak for forus packet *Sep 10 14:28:09.544: IP: s=5.5.5.5 (local), d=192.168.12.1, len 100, unroutable R5#
the network 192.168.12.0/24 also unreachable, so let’s advertise the 192.168.21.0/24 route on R2
R2(config)#router bgp 2 R2(config-router)#network 192.168.12.0 mask 255.255.255.0 R2(config-router)#end

Finally!
R1#ping 5.5.5.5 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 5.5.5.5, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/3 ms R1# R1#sh ip bgp | beg Net Network Next Hop Metric LocPrf Weight Path *> 1.1.1.0/27 0.0.0.0 0 32768 i *> 5.5.5.5/32 192.168.12.2 0 2 3 i r> 192.168.12.0 192.168.12.2 0 0 2 i *> 192.168.45.0 192.168.12.2 0 2 i R5#ping 1.1.1.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 1.1.1.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms R5#
R5#sh ip bgp | beg Net Network Next Hop Metric LocPrf Weight Path *> 1.1.1.0/27 192.168.45.4 0 2 1 i *> 5.5.5.5/32 0.0.0.0 0 32768 i *> 192.168.12.0 192.168.45.4 0 2 i r> 192.168.45.0 192.168.45.4 0 0 2 i R5#

IP routing with BGP

Published by cyruslab

Leave a Reply Cancel reply

Share this:

Like this:

Related

Published by cyruslab

Leave a Reply Cancel reply