cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Cisco Community Designated VIP Class of 2020

184
Views
10
Helpful
6
Replies
Highlighted
Beginner

Changing BGP Nexthop for ipv6 labeled-unicast

Hi,

I'm using a a ASR9901 running 64 bit 6.6.3.

For a IPv6 RTBH service (using 6PE) I'd like to change the BGP NH from ::ffff:z.x.c.v to ::ffff:192.168.1.1 (where z.x.c.v is the mpls loopback and ::ffff.192.168.1.1 have a static route pointing to null 0)  on a ibgp session.

It's possible to change a ipv6 unicast ibgp & ebgp session but as I stated not for a ipv6 labeled unicast session, maybe that not suppose to work, anybody knows ?

 

PS I have tested with and without " ibgp policy out enforce-modifications"

 

Rgds

Jonas

 

 

 

6 REPLIES 6
Cisco Employee

Re: Changing BGP Nexthop for ipv6 labeled-unicast

hi Jonas,

 

if the next-hop address is all you want to change, you should be able to do that with the route policy:

 

if next-hop in <some_prefix_set> then

 set next-hop <something>

endif

 

Did you give it a try?

/Aleksandar

Beginner

Re: Changing BGP Nexthop for ipv6 labeled-unicast

Hi Aleksandar, yes I have been elaborat with the RPL with different NH's

Let me continue in the answer to Harold (below), thanks for your reply//Jonas

Cisco Employee

Re: Changing BGP Nexthop for ipv6 labeled-unicast

For 6PE, the next hop needs to be IPv4. Anything else will not work and will return the following error message.

 

%ROUTING-BGP-4-POLICY_NHOP_WRONGAFI

 

Therefore in your case, use "set next-hop 192.168.1.1" in the route-policy and the static route 192.168.1.1 to null 0.

 

Regards,

Harold Ritter
Sr. Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México
Beginner

Re: Changing BGP Nexthop for ipv6 labeled-unicast

Hi Harold, thanks for your reply.

actually I have been testing different configuration in the route-policy

Ive got a setup in the lab looks like:

Arbor PI----------ASR9901------P-router----PE

Arbor TMS---/

 

Arbor PI <----ibgp--->ASR9901<---ibgp---->RR<------ibgp----->PE

Abor adv. one ipv4 address and one ipv6 address to the ASR9K with NH "192.168.1.1" and "::ffff:192.168.1.1"

ASR9901 and PE has static routes for both NH's to null 0.

Ipv4 has been OK all the time (NH in PE is "192.168.1.1" for the prefix thats going to be blackholed,

I think I actually only tried to set BGP NH to "192.168.1.1" ingress in the ASR9901 on the peering to Arbor and it did not work

I tried to set NH to "::ffff:192.168.1.1" egress to the RR but the PE received the route with NH "::ffff:ASR9901 ldp loobback"

Now I tried what you suggested and its working!

 

non RTBH prefix

PE> show route x:x:x:x::102/128 detail | match "protocol next"
Protocol next hop: ::ffff:x.x.x.x   # ldp loopback on the 9901

 

RTBH prefix

PE> show route x:x:x:x::104/128 detail | match "protocol next"

Protocol next hop: ::ffff:192.0.2.1  # this is now working

 

Most of the testing I did before was without " ibgp policy out enforce-modifications"

Also with and without that command I did not get the error messages as you wrote :

%ROUTING-BGP-4-POLICY_NHOP_WRONGAFI

would that be a commit error or a syslog error ?

 

Also is " ibgp policy out enforce-modifications" a must or will it work without?

I will try it out in the lab

 

again thank you for your reply!

//Jonas

 

 

 

Beginner

Re: Changing BGP Nexthop for ipv6 labeled-unicast

Hi, just f.y.i

ibgp policy out enforce-modifications is mandatory (as its ibgp), retested with and without.

it's generating a syslog messages telling the route-polucy can not change the NH.

 

I will do more testing as I'm mixing mixing ipv4/6 prefix where some will be blackholed (null0) and some will be redirected the the sink router.

Cisco Employee

Re: Changing BGP Nexthop for ipv6 labeled-unicast

ibgp policy out enforce-modifications is mandatory on the route reflector, but is not if you apply the policy inbound on the edge device.

 

Regards,

Harold Ritter
Sr. Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México
CreatePlease to create content
Content for Community-Ad
August's Community Spotlight Awards