Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4606
Views
0
Helpful
4
Replies

BGP allowas-in and split horizon problem.

aselioscisco
Level 1
Level 1

‎03-13-2013 03:21 PM - edited ‎03-04-2019 07:17 PM

Hi,

I need some help. I can't understand why R2 advertises back the same networks to the neighbor from that received.

My topology is:

R1 is in AS1, R2 is in AS2 and R3 is in AS3, I've eBGP R1-R2, and eBGP R2-R3.

R1 and R3 has configured allowas-in to permit routes with their own AS.

The problem is with eBGP Updates. The router R1 advertise 1.1.1.1/32 to R2, and R2 sent back to R1 the same route 1.1.1.1/32.

I think that should not happen according the BGP split horizon rules. R2 should not advertise those networks who learned from R1, unless R2 has a route with better metric.

The same behavior happens between R2 and R3.

Thanks in advance.

All the router had the same IOS: c7200-is-mz.123-14.T1.bin

R1 Configuration

-------------------------

R1#sh run | sec router

router bgp 1

no synchronization

bgp log-neighbor-changes

network 1.1.1.1 mask 255.255.255.255

neighbor 172.28.1.1 remote-as 2

neighbor 172.28.1.1 allowas-in 10

neighbor 172.28.1.1 soft-reconfiguration inbound

no auto-summary

R1#

R2 Configuration

-------------------------

router bgp 2

no synchronization

bgp log-neighbor-changes

neighbor 172.28.1.2 remote-as 1

neighbor 172.28.1.2 soft-reconfiguration inbound

neighbor 172.28.2.2 remote-as 3

neighbor 172.28.2.2 soft-reconfiguration inbound

no auto-summary

R2#

R3 Configuration

-------------------------

router eigrp 200

redistribute connected

redistribute bgp 3 metric 100000 10 255 100 1500

network 192.168.3.0 0.0.0.3

no auto-summary

router bgp 3

no synchronization

bgp log-neighbor-changes

redistribute connected

redistribute eigrp 200

neighbor 172.28.2.1 remote-as 2

neighbor 172.28.2.1 allowas-in 10

neighbor 172.28.2.1 soft-reconfiguration inbound

no auto-summary

R3#

R1 BGP Table, Advertised Route, Received Routes

R1#sh ip bgp

BGP table version is 6, local router ID is 1.1.1.1

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

              r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path

*  1.1.1.1/32       172.28.1.1                             0 2 1 i

*>                  0.0.0.0                  0         32768 i

*> 3.3.3.3/32       172.28.1.1                             0 2 3 ?

*> 4.4.4.4/32       172.28.1.1                             0 2 3 ?

*> 172.28.2.0/30    172.28.1.1                             0 2 3 ?

*> 192.168.3.0/30   172.28.1.1                             0 2 3 ?

R1#

R1#sh ip bgp neighbors 172.28.1.1 advertised-routes

BGP table version is 6, local router ID is 1.1.1.1

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

              r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path

*> 1.1.1.1/32       0.0.0.0                  0         32768 i

Total number of prefixes 1

R1#

R1#sh ip bgp neighbors 172.28.1.1 received-routes

BGP table version is 6, local router ID is 1.1.1.1

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

              r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path

*  1.1.1.1/32       172.28.1.1                             0 2 1 i

*> 3.3.3.3/32       172.28.1.1                             0 2 3 ?

*> 4.4.4.4/32       172.28.1.1                             0 2 3 ?

*> 172.28.2.0/30    172.28.1.1                             0 2 3 ?

*> 192.168.3.0/30   172.28.1.1                             0 2 3 ?

Total number of prefixes 5

R1#

R2 BGP Table, Advertised Route, Received Routes

R2#sh ip bgp

BGP table version is 7, local router ID is 172.28.2.1

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

              r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path

*> 1.1.1.1/32       172.28.1.2               0             0 1 i

*> 3.3.3.3/32       172.28.2.2               0             0 3 ?

*> 4.4.4.4/32       172.28.2.2          156160             0 3 ?

r> 172.28.2.0/30    172.28.2.2               0             0 3 ?

*> 192.168.3.0/30   172.28.2.2               0             0 3 ?

R2#

R2#

R2 Received routes from R1

R2#sh ip bgp neighbors 172.28.1.2 received-routes

BGP table version is 7, local router ID is 172.28.2.1

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

              r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path

*> 1.1.1.1/32       172.28.1.2               0             0 1 i

Total number of prefixes 1

R2#

R2 Advertised routes to R1

R2#sh ip bgp neighbors 172.28.1.2 advertised-routes

BGP table version is 7, local router ID is 172.28.2.1

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

              r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path

*> 1.1.1.1/32       172.28.1.2               0             0 1 i

*> 3.3.3.3/32       172.28.2.2               0             0 3 ?

*> 4.4.4.4/32       172.28.2.2          156160             0 3 ?

r> 172.28.2.0/30    172.28.2.2               0             0 3 ?

*> 192.168.3.0/30   172.28.2.2               0             0 3 ?

Total number of prefixes 5

R2#

R2 Received routes from R3

R2#sh ip bgp neighbors 172.28.2.2 received-routes

BGP table version is 7, local router ID is 172.28.2.1

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

              r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path

*> 3.3.3.3/32       172.28.2.2               0             0 3 ?

*> 4.4.4.4/32       172.28.2.2          156160             0 3 ?

r> 172.28.2.0/30    172.28.2.2               0             0 3 ?

*> 192.168.3.0/30   172.28.2.2               0             0 3 ?

Total number of prefixes 4

R2#

R2 Advertised routes to R3

R2#sh ip bgp neighbors 172.28.2.2 advertised-routes

BGP table version is 7, local router ID is 172.28.2.1

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

              r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path

*> 1.1.1.1/32       172.28.1.2               0             0 1 i

*> 3.3.3.3/32       172.28.2.2               0             0 3 ?

*> 4.4.4.4/32       172.28.2.2          156160             0 3 ?

r> 172.28.2.0/30    172.28.2.2               0             0 3 ?

*> 192.168.3.0/30   172.28.2.2               0             0 3 ?

Total number of prefixes 5

R2#

R3 BGP Table, Advertised Route, Received Routes

R3#sh ip bg

BGP table version is 7, local router ID is 1.1.1.1

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

              r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path

*> 1.1.1.1/32       172.28.2.1                             0 2 1 i

*  3.3.3.3/32       172.28.2.1                             0 2 3 ?

*>                  0.0.0.0                  0         32768 ?

*  4.4.4.4/32       172.28.2.1                             0 2 3 ?

*>                  192.168.3.2         156160         32768 ?

*  172.28.2.0/30    172.28.2.1                             0 2 3 ?

*>                  0.0.0.0                  0         32768 ?

*  192.168.3.0/30   172.28.2.1                             0 2 3 ?

*>                  0.0.0.0                  0         32768 ?

R3#

R3#sh ip bgp neighbors 172.28.2.1 advertised-routes

BGP table version is 7, local router ID is 1.1.1.1

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

              r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path

*> 3.3.3.3/32       0.0.0.0                  0         32768 ?

*> 4.4.4.4/32       192.168.3.2         156160         32768 ?

*> 172.28.2.0/30    0.0.0.0                  0         32768 ?

*> 192.168.3.0/30   0.0.0.0                  0         32768 ?

Total number of prefixes 4

R3#

R3#sh ip bgp neighbors 172.28.2.1 received-routes

BGP table version is 7, local router ID is 1.1.1.1

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

              r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path

*> 1.1.1.1/32       172.28.2.1                             0 2 1 i

*  3.3.3.3/32       172.28.2.1                             0 2 3 ?

*  4.4.4.4/32       172.28.2.1                             0 2 3 ?

*  172.28.2.0/30    172.28.2.1                             0 2 3 ?

*  192.168.3.0/30   172.28.2.1                             0 2 3 ?

Total number of prefixes 5

R3#

Labels:
0 Helpful
4 Replies 4

rais
Level 7
Level 7

‎03-13-2013 04:34 PM

Is that right your R3 has router-id 1.1.1.1? BGP advertising all BGP routes to neighbor has been another thread and I think it was normal behavior.

Thanks

0 Helpful

cadet alain
VIP Alumni
VIP Alumni

‎03-14-2013 01:10 AM

Hi,

the BGP split-horizon rule states that a BGP speaker cant advertise any iBGP update to other iBGP peers, there is nothing about eBGP in this rule.As the AS_PATH is used for loop detection then even if it receives back the same prefixes it will not accept them but in your case as you are using allow as-in then you accept this update.

Regards.

Alain

Don't forget to rate helpful posts.

Don't forget to rate helpful posts.
0 Helpful

dalal.sujal
Level 1
Level 1

‎11-13-2013 12:32 PM

I would agree with Alain

allowas-in will disable the BGP loop detection. The split horizon rule is for iBGP and not for eBGP. The only way you can prevent the prefixes coming back would be using some sort of tagging or prefix lists

-Sujal

0 Helpful

barnesp
Level 1
Level 1

‎08-20-2014 03:32 AM

I agree with the previous posters.  What you could do is look at show bgp ipv4 unicast 1.1.1.1 on R2.  You will find that the prefix is associated with an update group.  An update group is an optimisation within the router BGP process to reduce the processing overhead for generating updates to peers.  If two peers have exactly the same outbound routing policy they would be in the same update group. If you looked at the update group show bgp ipv4 unicast update-group <number> you would probabably find that it would contain the peers 172.28.1.2 and 172.28.2.2.

This would mean that the 1.1.1.1 would be replicated to R1 and R3.  Without remoteas-in configured R1 would reject the prefix due the AS path containing AS1 - you can see this if you look at the output from show bgp ipv4 unicast neighbor 172.28.1.1 towards the bottom you will see the quantity of prefixes that have been rejected and why - use debug ip bgp updates if you want to see this in real time.

When remoteas-in is configured the prefix from R2 is accepted into the BGP table - however this is irrelevant as it will never become the best-path due to the weight 32768 for the local origination. If R1 peered with R4 via eBGP for example only this best path would advertised and hence nothing is broken.

HTH

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card