Solved: Re: 2 eBGP upstreams on one router, iBGP to second but no routes - Page 2

dhdsp_2 · ‎07-09-2012

Hi everyone,

i have one router connected to 2 eBGP upstream providers - doing its job for years. After setting up iBGP to a second router (which is not connected to any eBGP yet) I was expecting to see 2 complete routing tables (sh ip bgp all) on router 2. I do not, the table only shows my own networks. So the routing entries learnt by eBGP on router1 are not transfered to router2 via iBGP.

What could be wrong here ?

Router1 (7206VXR, ip:x.x.x6)

---------------------------

router bgp 123456

no synchronization

bgp log-neighbor-changes

neighbor x.x.x.8 remote-as 123456

neighbor x.x.x.8 next-hop-self

...

Router2 (ASR1004, ip: x.x.x.8)

-----------------------------

router bgp 123456

bgp log-neighbor-changes

neighbor x.x.x.6 remote-as 123456

!

address-family ipv4

neighbor x.x.x.6 activate

neighbor x.x.x.6 next-hop-self

exit-address-family

...

TIA

Peter

dhdsp_2 · ‎07-10-2012

Hi Giuseppe,

I use the same prefix list in my route-map (see post), so this filter should already be in effect for my upstreams, right ?

So I can just delete the "distribute-list prefix My-Networks out", and the behaviour to my upstreams should not change, right ?

Thanks for your advice ! Will go check it now

Giuseppe Larosa · ‎07-10-2012

Hello Peter,

yes if the outbound route-map is like the one you have showed you should be fine, verify that all the eBGP sessions have the outbound filter applied

if it is so, you can just delete at process level

Hope to help

Giuseppe

ameya_oke · ‎07-10-2012

Hi Peter,

Finally you found the route map i was referring to

Seconded, You will be fine if you delete the DL.

Ameya Oke

dhdsp_2 · ‎07-10-2012

Yes ! That was the problem.

Thanks everyone, especially Giuseppe and Ameya.

(let me know if I should rate postings or so, I'm not sure about what that accomplishes)

dhdsp_2 · ‎07-10-2012

We do have route maps on router1, which is connected to our 2 upstreams, basically the check against an ACL and "beginning with" prefix:

route-map TO-UPSTR1 permit 50

match ip address prefix-list My-Networks set metric 0

set local-preference 200

route-map FROM-UPSTR1 permit 50

match as-path 20

set local-preference 200

(these are the networks that correspond to my own advertised networks)

ip prefix-list My-Networks seq 5 permit a.a.a.0/20

ip prefix-list My-Networks seq 10 permit b.b.b.0/24

ip prefix-list My-Networks seq 15 permit c.c.c.0/24

ip prefix-list My-Networks seq 35 permit d.d.d.0/20

ip prefix-list My-Networks seq 40 permit e.e.e.0/21

ip prefix-list My-Networks seq 200 deny 0.0.0.0/0

ip as-path access-list 20 permit ^UPSTR1_

Alessio Andreoli · ‎07-10-2012

Hi Peter,

write down a loopback on each router. With a /32 ip address on it you can do much more testing and to keep safer the BGP session

Alessio