cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2414
Views
0
Helpful
7
Replies

BGP over GRE ISSUE

lmanavalan
Level 1
Level 1

Hi

i configured the eBGP peering over the gre tunnel interface. Peering and route exchange is all good. And I am able to advertise the router to by upstream provider.

but I am not able to access all the website so I tried to configure eBGP over multihop and it's working fine

what are th parameter I need to check to bring the bgp peering over gre

Int tu0

ip Vrf forwarding provider1

ip addr 10.1.1.1 255.255.255.252

ip tcp mss 1430

tunnel source 10.2.2.2

tunnel destination10.3.3.1

tunnel Vrf provider1

regards 

logesh

7 Replies 7

Francesco Molino
VIP Alumni
VIP Alumni

Hi

Let's assume router names are R1 and R2.

If I understood good, you have built a GRE tunnel between R1 and R2, configured ebgp peering between these 2 routers.

You are learning some routes on R1 coming from R2, let's assume 1 of those subnets is 172.16.0.0/24.

Your concern is that from R1 you aren't able to reach hosts on segment 172.16.0.0/24?

Is my understanding correct?

If my understanding is ok, the thing is that your R1 doesn't have knowledge about next-hop to reach the network 172.16.0.0/24.

In order to make that works, you need to change the next-hop and point it out to the tunnel interface.

There different ways to handle that and I will give you 1 of them.

1. Create an acl that matching your R1 AS (let's assume it's AS 100), where subnets are hosted behind the tunnel

ip as-path access-list 1 permit ^100$

!

route-map NEXTHOP permit 10

 match as-path 1

 set ip next-hop x.x.x.x   ==> Tunnel IP interface of R1

route-map NEXTHOP permit 20

!

router bgp xxx

 neigh x.x.x.x route-map NEXTHOP out ==> peering with R2 router

2. Same for R2 but AS number changes. in this example it will be AS 200

ip as-path access-list 1 permit ^200$

!

route-map NEXTHOP permit 10

 match as-path 1

 set ip next-hop x.x.x.x   ==> Tunnel IP interface of R2

route-map NEXTHOP permit 20

!

router bgp xxx

 neigh x.x.x.x route-map NEXTHOP out ==> peering with R1 router

Hope this helps and understood your issue.

Thanks

PS: please don't forget to rate and mark as correct answer if this answered your question.


Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question

Hi

Thanks for you reply.

in my case routing is all working. R2 advertise the prefix to R1 and R1 advertise to ISP. And I can reach the prefix from Internet.

my issue is the host in that prefix behind R2 is not able to open all the webpage only a few webpage. I believe the GRE Tunnel through which the eBGP peer is happening between R1and R2 is causing the issue.

i removed the tunnel created multihop bgp peer and I can access all the webpage

Thanks

Logesh

Ok sorry for my understanding. 

Based on your input, it seems that routing is the issue. 

When you have a direct peering and everything is working, do you have a traffic trace to see what are the traffic flows?

Does your bgp table and routing table is the  same with direct bgp and bgp over gre?

Maybe you're missing a network when over gre. 

Could you give some outputs?

Thanks


Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question

Hi

Everything is just the same on both multihop and bgp via gre

i think it's the fragmentation issue which is affecting the performance.

i can access webpage like Google, Microsoft etc but some webpage like speed-test having issues

Do I have to set any parameter on the tunnel configuration or on bgp neighbor configuration.

i even tried with different mss setting but still no luck

thanks

Ok. Now I get your point. You need to use ip tcp adjust-mss command. 


Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question

Hi

Thanks for your reply.

We realized the host is set up with a DNS which is pointing to the back up service provider. When we changed the DNS then all the host passing through the Tunnel eBGP peering is working fine.

Thanks for your help.

regards

Logesh

Ok, Cool you found out why it was not working.

Thanks


Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question