Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
452
Views
5
Helpful
3
Replies

Funny BGP output - Next-hop is self

olorunloba
Level 5
Level 5

‎06-28-2006 06:37 AM

I have the following bgp output on an ASBR, in an InterAS setup. The funny thing is that the next-hop for some of the prefixes is set to itself. See below

Route Distinguisher: 82:1

*>i2.2.2.0/24 10.1.1.3 0 100 0 ?

*> 7.7.7.0/24 172.16.111.2 0 100 200 65002 1 ?

*>i8.8.8.0/24 10.1.1.2 2 100 0 ?

*>i10.82.1.0/30 10.1.1.2 1786 100 0 ?

*>i10.82.1.0/24 10.1.1.2 0 100 0 ?

*> 13.1.1.0/24 172.16.111.2 0 100 200 65002 1 ?

*> 38.2.1.0/24 172.16.111.1 0 100 200 65002 1 ?

*> 38.3.1.0/24 172.16.111.2 0 100 200 65002 1 ?

*> 138.1.1.0/24 172.16.111.2 0 100 200 65002 1 ?

*> 153.46.1.0/24 172.16.111.2 0 100 200 65002 1 ?

*> 153.46.2.0/24 172.16.111.2 0 100 200 65002 1 ?

*> 153.46.3.0/24 172.16.111.2 0 100 200 65002 1 ?

*> 153.46.4.0/24 172.16.111.2 0 100 200 65002 1 ?

*> 153.46.100.0/22 172.16.111.2 0 100 200 65002 1 ?

*> 172.16.30.0/24 172.16.111.1 0 100 200 65002 1 ?

*>i192.168.100.0 10.1.1.2 65 100 0 ?

*> 213.112.65.0 172.16.111.2 0 100 200 65002 1 ?

*> 213.112.66.0 172.16.111.2 0 100 200 65002 1 ?

*> 213.112.67.0 172.16.111.2 0 100 200 65002 1 ?

*> 213.112.68.0 172.16.111.2 0 100 200 65002 1 ?

*> 213.112.69.0 172.16.111.2 0 100 200 65002 1 ?

*> 213.112.70.0 172.16.111.2 0 100 200 65002 1 ?

All the routes from AS 1 are coming from the same CE. There is on config to change the next-hop anywhere. There is no special config for any prefix. 172.16.111.1 is the IP address of the interface connecting it to AS 100. 172.16.111.2 is its neighbor in AS 100. Can anybody explain this?

Labels:
0 Helpful
3 Replies 3

mheusinger
Level 10
Level 10

‎06-28-2006 06:49 AM

Hello,

are you sure the sending ASBR does not modify the BGP next hop?

Can you post the relevant config?

Can you post the output from

show bgp v u a 13.1.1.0

show bgp v u a 38.2.1.0

Did you issue a "clear bgp v u 172.16.111.2 in"? to refresh the VPNv4 BGP table?

Regards, Martin

0 Helpful

olorunloba
Level 5
Level 5
In response to mheusinger

‎06-28-2006 08:27 AM

Ok, I've moved forward. Setting next-hop self on the 172.16.112.1 seems to resolve the issue. However, on an eBGP session, I do not think this is required.

The other question is why all the prefixes are not affected. I realised that the prefixes affected are those that in the global routing table. So why will the router set the next-hop to itself when the prefix is in the global table.

These are the relevant configs, without the next-hop self

ASBR1-RACK1#sh run | beg router bgp

router bgp 100

no synchronization

no bgp default route-target filter

bgp log-neighbor-changes

network 0.0.0.0

network 101.101.101.0 mask 255.255.255.0

neighbor 172.16.111.1 remote-as 65001

neighbor 172.16.111.1 advertise-map def non-exist-map ASBR2

neighbor 172.16.111.1 password iementor

neighbor 172.16.113.2 remote-as 200

no auto-summary

!

address-family vpnv4

neighbor 172.16.111.1 activate

neighbor 172.16.111.1 send-community both

neighbor 172.16.113.2 activate

neighbor 172.16.113.2 send-community both

exit-address-family

!

router bgp 65001

no synchronization

no bgp default route-target filter

bgp log-neighbor-changes

network 11.11.11.0 mask 255.255.255.0

neighbor 10.1.1.254 remote-as 65001

neighbor 10.1.1.254 update-source Loopback0

neighbor 172.16.100.2 remote-as 1111

neighbor 172.16.100.2 password iementor

neighbor 172.16.111.2 remote-as 100

neighbor 172.16.111.2 password iementor

no auto-summary

!

address-family vpnv4

neighbor 10.1.1.254 activate

neighbor 10.1.1.254 next-hop-self

neighbor 10.1.1.254 send-community both

neighbor 172.16.111.2 activate

neighbor 172.16.111.2 send-community both

exit-address-family

!

PE1-RACK1#sh ip bgp vpn all 38.2.1.0

BGP routing table entry for 1:1:38.0.0.0/8, version 57

Paths: (1 available, best #1, table Internet)

Advertised to non peer-group peers:

10.1.1.254 172.16.111.2

1540

172.16.200.2 from 172.16.200.2 (210.112.4.1)

Origin incomplete, metric 0, localpref 100, valid, external, best

Extended Community: RT:1:1,

mpls labels in/out 50/nolabel

BGP routing table entry for 82:1:38.2.1.0/24, version 154

Paths: (1 available, best #1, no table)

Advertised to non peer-group peers:

10.1.1.254

100 200 65002 1

172.16.111.1 from 172.16.111.2 (101.101.101.101)

Origin incomplete, localpref 100, valid, external, best

Extended Community: RT:82:1,

mpls labels in/out 96/118

PE1-RACK1#sh ip bgp vpn all 13.1.1.0

BGP routing table entry for 1:1:0.0.0.0/0, version 51

Paths: (1 available, best #1, table Internet)

Advertised to non peer-group peers:

10.1.1.254 172.16.111.2

1540

172.16.200.2 from 172.16.200.2 (210.112.4.1)

Origin IGP, localpref 100, valid, external, best

Extended Community: RT:1:1,

mpls labels in/out 42/nolabel

BGP routing table entry for 82:1:13.1.1.0/24, version 139

Paths: (1 available, best #1, no table)

Advertised to non peer-group peers:

10.1.1.254

100 200 65002 1

172.16.111.2 from 172.16.111.2 (101.101.101.101)

Origin incomplete, localpref 100, valid, external, best

Extended Community: RT:82:1,

mpls labels in/out 95/117

PE1-RACK1#

PE1-RACK1#sh ip route 38.2.1.0

Routing entry for 38.2.1.0/24

Known via "ospf 1", distance 110, metric 20, type extern 2, forward metric 3

Last update from 12.2.1.1 on ATM1/0.10, 00:19:15 ago

Routing Descriptor Blocks:

* 12.2.1.1, from 210.112.4.1, 00:19:15 ago, via ATM1/0.10

Route metric is 20, traffic share count is 1

PE1-RACK1#sh ip route 13.1.1.0

% Network not in table

PE1-RACK1#

0 Helpful

romccallum
Level 4
Level 4

‎06-29-2006 05:14 AM

Hi mate i thought i would post what we discussed already on email to let everyone else know who may encounter this issue. I believe this is a bug and not the way things are supposed to work. I will draw your scenario out differently to make it easier for people to understand.

P-->PE1(ABSR1-AS99)-->PE2(ASBR2-AS66)-->P-->PE3-->VRFA

OK so the link between P and PE1 of AS99 has ip address of 1.1.1.1/30 - within VRFA router there is a loopback interface which has the IP address of 1.1.1.1/30.

In this circumstance there is no way that the route from VRFA will ever be announced via PE1.WHY?? Because PE1 has that route already within its own global routing table. I have seen this on many occassions while studying for my CCIE SP and have always put it down to crappy software that i am using. Its got to be a bug otherwise there will be quite a few SP's out there who will get caught out with this when it comes time for MPLS global domination ;-). Hope this helps.

Oh and as there seems to be a new fashion for point scoring - please rate all posts.

Customers Also Viewed These Support Documents