Résolu : Re: Relation BGPne marche pas - Page 4

Baptiste · ‎11-05-2023

Bonjour,

Je souhaite faire une infra BGP avec RPKI voici l'infra.

Le routeur C1_B arrive a pinger le 213.111.0.2 mais pas la 192.168.2.1.

Voici la conf bgp du routeur c1_B

!
router bgp 40001
bgp log-neighbor-changes
bgp rpki server tcp 192.168.102.39 port 3323 refresh 600
neighbor 192.168.1.1 remote-as 40001
neighbor 192.168.102.39 remote-as 40001
neighbor 213.111.0.2 remote-as 40002
neighbor 213.111.0.2 update-source GigabitEthernet0/3
!
address-family ipv4
network 192.168.1.0
network 213.111.0.0
neighbor 192.168.1.1 activate
neighbor 192.168.1.1 route-map rtmp-rpki in
neighbor 192.168.102.39 activate
neighbor 192.168.102.39 route-map rtmp-rpki in
neighbor 213.111.0.2 activate
exit-address-family
!

Conf routeur BGP C2_B :

router bgp 40002
bgp log-neighbor-changes
network 192.168.2.0
network 213.111.0.0 mask 255.255.192.0
neighbor 192.168.2.2 remote-as 40002
neighbor 213.111.0.1 remote-as 40001
neighbor 213.111.0.1 update-source GigabitEthernet0/0

Merci d'avance

Baptiste

Baptiste · ‎12-05-2023

M02@rt37
C2_B :

C2_B(config)#do sh ip bgp neighbors

BGP neighbor is 192.168.2.2, remote AS 40002, internal link

BGP version 4, remote router ID 200.0.1.1

BGP state = Established, up for 00:01:24

Last read 00:00:26, last write 00:00:14, hold time is 180, keepalive interval is 60 seconds

Neighbor sessions:

1 active, is not multisession capable (disabled)

Neighbor capabilities:

Route refresh: advertised and received(new)

Four-octets ASN Capability: advertised and received

Address family IPv4 Unicast: advertised and received

Enhanced Refresh Capability: advertised and received

Multisession Capability:

Stateful switchover support enabled: NO for session 1

Message statistics:

InQ depth is 0

OutQ depth is 0

Sent Rcvd

Opens: 1 1

Notifications: 0 0

Updates: 2 2

Keepalives: 2 3

Route Refresh: 0 0

Total: 5 6

Default minimum time between advertisement runs is 0 seconds

For address family: IPv4 Unicast

Session: 192.168.2.2

BGP table version 3, neighbor version 3/0

Output queue size : 0

Index 2, Advertise bit 0

2 update-group member

Slow-peer detection is disabled

Slow-peer split-update-group dynamic is disabled

Interface associated: (none)

Sent Rcvd

Prefix activity: ---- ----

Prefixes Current: 2 1 (Consumes 80 bytes)

Prefixes Total: 2 1

Implicit Withdraw: 0 0

Explicit Withdraw: 0 0

Used as bestpath: n/a 0

Used as multipath: n/a 0

Outbound Inbound

Local Policy Denied Prefixes: -------- -------

Total: 0 0

Number of NLRIs in the update sent: max 2, min 0

Last detected as dynamic slow peer: never

Dynamic slow peer recovered: never

Refresh Epoch: 1

Last Sent Refresh Start-of-rib: never

Last Sent Refresh End-of-rib: never

Last Received Refresh Start-of-rib: never

Last Received Refresh End-of-rib: never

Sent Rcvd

Refresh activity: ---- ----

Refresh Start-of-RIB 0 0

Refresh End-of-RIB 0 0

Address tracking is enabled, the RIB does have a route to 192.168.2.2

Connections established 2; dropped 1

Last reset 00:01:25, due to Router ID changed of session 1

Transport(tcp) path-mtu-discovery is enabled

Graceful-Restart is disabled

Connection state is ESTAB, I/O status: 1, unread input bytes: 0

Connection is ECN Disabled, Mininum incoming TTL 0, Outgoing TTL 255

Local host: 192.168.2.1, Local port: 31304

Foreign host: 192.168.2.2, Foreign port: 179

Connection tableid (VRF): 0

Maximum output segment queue size: 50

Enqueued packets for retransmit: 0, input: 0 mis-ordered: 0 (0 bytes)

Event Timers (current time is 0xD657A20):

Timer Starts Wakeups Next

Retrans 4 0 0x0

TimeWait 0 0 0x0

AckHold 4 1 0x0

SendWnd 0 0 0x0

KeepAlive 0 0 0x0

GiveUp 0 0 0x0

PmtuAger 1 0 0xD6D56C4

DeadWait 0 0 0x0

Linger 0 0 0x0

ProcessQ 0 0 0x0

iss: 158484237 snduna: 158484415 sndnxt: 158484415

irs: 498479643 rcvnxt: 498479836

sndwnd: 16207 scale: 0 maxrcvwnd: 16384

rcvwnd: 16192 scale: 0 delrcvwnd: 192

SRTT: 413 ms, RTTO: 3205 ms, RTV: 2792 ms, KRTT: 0 ms

minRTT: 0 ms, maxRTT: 1000 ms, ACK hold: 200 ms

uptime: 84764 ms, Sent idletime: 14108 ms, Receive idletime: 14108 ms

Status Flags: active open

Option Flags: nagle, path mtu capable

IP Precedence value : 6

Datagrams (max data segment is 1460 bytes):

Rcvd: 8 (out of order: 0), with data: 5, total data bytes: 192

Sent: 9 (retransmit: 0, fastretransmit: 0, partialack: 0, Second Congestion: 0), with data: 4, total data bytes: 177

Packets received in fast path: 0, fast processed: 0, slow path: 0

fast lock acquisition failures: 0, slow path: 0

TCP Semaphore 0x31D2BB84 FREE

BGP neighbor is 213.111.0.1, remote AS 40001, external link

BGP version 4, remote router ID 0.0.0.0

BGP state = Idle

Neighbor sessions:

0 active, is not multisession capable (disabled)

Stateful switchover support enabled: NO

Default minimum time between advertisement runs is 30 seconds

For address family: IPv4 Unicast

BGP table version 3, neighbor version 1/3

Output queue size : 0

Index 0, Advertise bit 0

Slow-peer detection is disabled

Slow-peer split-update-group dynamic is disabled

Interface associated: (none)

Sent Rcvd

Prefix activity: ---- ----

Prefixes Current: 0 0

Prefixes Total: 0 0

Implicit Withdraw: 0 0

Explicit Withdraw: 0 0

Used as bestpath: n/a 0

Used as multipath: n/a 0

Outbound Inbound

Local Policy Denied Prefixes: -------- -------

Total: 0 0

Number of NLRIs in the update sent: max 0, min 0

Last detected as dynamic slow peer: never

Dynamic slow peer recovered: never

Refresh Epoch: 1

Last Sent Refresh Start-of-rib: never

Last Sent Refresh End-of-rib: never

Last Received Refresh Start-of-rib: never

Last Received Refresh End-of-rib: never

Sent Rcvd

Refresh activity: ---- ----

Refresh Start-of-RIB 0 0

Refresh End-of-RIB 0 0

Address tracking is enabled, the RIB does have a route to 213.111.0.1

Connections established 0; dropped 0

Last reset never

Transport(tcp) path-mtu-discovery is enabled

Graceful-Restart is disabled

No active TCP connection

MHM Cisco World · ‎12-05-2023

What issue here can you make your post in English?

Thanks

Baptiste · ‎12-05-2023

@MHM Cisco World
Hello,

I want to make a BGP infra with RPKI.

I would like to make these two AS communicate but the router C1_B does not manage to know the network 192.168.2.0/24 and conversely with the router C2_B.

Router C1_B pings 213.111.0.2 but not 192.168.2.1.

Here is the bgp configuration of router C1_B:

router bgp 40001
 bgp log-neighbor-changes
 neighbor 192.168.1.1 remote-as 40001
 neighbor 213.111.0.2 remote-as 40002
 neighbor 213.111.0.2 update-source GigabitEthernet0/0
 !
 address-family ipv4
  network 192.168.1.0
  network 213.111.0.0
  neighbor 192.168.1.1 activate
  neighbor 213.111.0.2 activate
 exit-address-family

Here is the bgp configuration of router C2_B:

router bgp 40002
 bgp log-neighbor-changes
 network 192.168.2.0
 network 213.111.0.0
 neighbor 192.168.2.2 remote-as 40002
 neighbor 213.111.0.1 remote-as 40001
 neighbor 213.111.0.1 update-source GigabitEthernet0/1

Here is the error message from the C2_B routeut:

*Sep 24 16:08:51.248 : %BGP-5-NBR_RESET : Neighbor 213.111.0.1 active reset (Peer closed the session)
*Sep 24 16:08:51.248 : %BGP_SESSION-5-ADJCHANGE : neighbor 213.111.0.1 IPv4 Unicast topology base removed from session Peer closed the session

thank you in advance for your help

Baptiste · ‎12-05-2023

When we do a sh ip route on the routeut C1_B we can see that it can't learn the network 192.168.2.0.
ip ro
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
a - application route
+ - replicated route, % - next hop override, p - overrides from PfR

Gateway of last resort is not set

100.0.0.0/32 is subnetted, 3 subnets
C 100.0.3.1 is directly connected, Loopback0
O 100.0.4.1 [110/2] via 192.168.1.1, 03:27:46, Vlan10
O 100.0.5.1 [110/2] via 192.168.1.3, 03:27:46, Vlan10
192.168.1.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.1.0/24 is directly connected, Vlan10
L 192.168.1.2/32 is directly connected, Vlan10
213.111.0.0/24 is variably subnetted, 2 subnets, 2 masks
C 213.111.0.0/24 is directly connected, Vlan20
L 213.111.0.1/32 is directly connected, Vlan20

M02@rt37 · ‎12-05-2023

@Baptiste ,

Ajoute

neighbor 213.111.0.2 activate

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.

Baptiste · ‎12-05-2023

Voici la configuration qui marche :

router bgp 40001
 bgp log-neighbor-changes
 bgp rpki server tcp 192.168.102.39 port 3323 refresh 600
 neighbor 192.168.1.1 remote-as 40001
 neighbor 192.168.102.39 remote-as 40001
 neighbor 213.111.0.2 remote-as 40002
 neighbor 213.111.0.2 update-source GigabitEthernet0/3
 !
 address-family ipv4
  network 192.168.1.0
  network 213.111.0.0
  neighbor 192.168.1.1 activate
  neighbor 192.168.102.39 activate
  neighbor 192.168.102.39 route-map rpki in
  neighbor 213.111.0.2 activate
 exit-address-family

Jimena Saez · ‎12-05-2023

Je suis heureuse de constater que vous avez réussi ! Félicitations à tous les trois...

Relation BGPne marche pas

Liens rapides