BGP and Traffic propagation

Lee Smitherman · ‎02-24-2011

Hi,

I seem to really be missing point that I cannot get my head around, but sure you guys can clear this up for me. With protocols such as OSPF and RIP etc neighbors are right next to each other. And the routing tables on each device has the route to the destination say 3-4 hops away. The 1st router does not alter the layer 3 header but in the layer 2 header it changes the destination Mac to the next hop router, and so on....all fine.

However with BGP im slightly lost. An eBGP session for example can neighbor up with another EBGP router in a different AS 2-3 hops away. The First eBGP router will have a route in its routing table (via BGP) to a network behind the second BGP Router, however the IGP on the routers between the eBGP wont have this route in their tables. How does the packet get to its detination?

With regards to this statement below:-

EBGP Multihop
Used when to EBGP speakers cannot be directly connected. Its configuration must include static routes or must enable an IGP so that the neighbors can reach each other. If you have multiple physical connections between EBGP neighbors, using a loopback interface and static routes to the loopback interface allows you to load balance the traffic between the multiple connections.

Q - Ok so the IGP between the eBGP neighbors 3 hops away will allow the Neighbors(BGP) to communicate and exchange routes, but What im missing is when a packet hits the first BGP router, it will have a BGP entry that the network is behing the other BGP network 3 hops away, so the BGP router sends the packet on its merry way via the first hop(non BGP router), however its routing table does not have a route to the network behind the second BGP router so its dropped?

Im studying MPLS at the moment with VPNv4 addressing and would like to get this solid in my head.

Reza Sharifi · ‎02-24-2011

Q - Ok so the IGP between the eBGP neighbors 3 hops away will allow the Neighbors(BGP) to communicate and exchange routes, but What im missing is when a packet hits the first BGP router, it will have a BGP entry that the network is behing the other BGP network 3 hops away, so the BGP router sends the packet on its merry way via the first hop(non BGP router), however its routing table does not have a route to the network behind the second BGP router so its dropped?

In your case, for eBGP to work correctly, you have to have full IGP connectivity between all 3 routers in the middle, if not the peering will not be established. For your IGP, you can use Static, OSPF, ISIS, etc...

So for example if you have 5 routers daisy chained together and router 1 is in one end and router 5 is in the other end and these 2 routers need to peer BGP, you have to have full IGP conectivity between router 2, 3, and 4

HTH

Reza

Lee Smitherman · ‎02-24-2011

Hi Reza,

thanks for the reply, however I probably didnt make it clear whats stumping me.

With your reply below, I get the fact that in order for the eBGP session to form over the 3 or x amount of hops each eBGP router must be able to connect to each other, probably via their Loopback interfaces which must be in the IGP, however lets say the First BGP Router in AS1 is Router A, this must traverse routers 1,2 and 3 get form a eBGP session with the other BGP Router in AS2, lets call this B. Routers 1,2,3 will have reachability information for A and B so the session can work and will work and BGP tables will populate. However lets say Router B has a network Z attached which it will advertise to A only via BGP, routers 1,2 and 3 running ospf or eigrp will know nothing of network Z. When I send a packet to BGP Router A, this will have a route to Network Z via router B, however when the packet leaves A it will hit router 1, this router is only running OSPForEIGRP, it does not have a route to Z, so the packets dropped?

milan.kulik · ‎02-24-2011

Hi,

what you are talking here about is called BGP synchronization feature.

See http://www.cisco.com/en/US/customer/tech/tk365/technologies_tech_note09186a00800c95bb.shtml#synch

for details.

Generally: Yes, you need either to redistribute eBGP to your IGP or involve default route (or multiple summary/aggregate routes) to ensure the traffic will reach your BGP routers correctly.

Or to use something more sophisticated (like MPLS) in your backbone.

HTH,

Milan

Kishore Chennupati · ‎02-24-2011

Hi,

As Milan suggested its called " BGP Synchronizaton rule"

Synchronization was used in yesteryears when the BGP tables were not large enough. This is not done these days . You dont redistribute eBGP into IGP in Service Providers networks expecially. It will consume heaps of resources on the router as you will have large BGP, IGP,RIB and FIB's and also becomes a security issue.

" BGP full mesh" was used to overcome the synchronization rule where all the routers speak BGP in the AS. The IOS these days , the rule is disabled by default.

Milan,

Or to use something more sophisticated (like MPLS) in your backbone.

What did you mean by using this in context to Synchronisation rule? Could you please explain as I might be missing something here.

Regards.

Please rate if helpful.

milan.kulik · ‎02-25-2011

Hi Kishore,

what I meant was:

When you implement MPLS VPNs in your backbone, the P routers don't need to know the complete routing table used by the end devices.

They only need to know how to route to the PE routers.

In some cases this might help.

BR,

Milan

Kishore Chennupati · ‎02-25-2011

Hi Milan,

Kool. I was thinking you were talking something about native MPLS and BGP sync rule which I never heard of. Hence, my query

All good now.

Regards

Lee Smitherman · ‎02-25-2011

Hi,

Thanks so much for the replies above, finding this an interesting topic.

I get the feeling im missing something fundamental but maybe a network would never be designed in this way but sure ive seen examples.

Please see the attached Image and my logic for steps 1,2 and 3.

Without the whole BGP Table being available in the IGP I dont see how the packets will traverse correctly. Router 2 simply doesnt have the route. Now if we were using MPLS Label switching, I can see how that would work in this example, as the Labels target the BGP next hop which will be in the IGP, however in Basic IP packet routing outside MPLS, all the routers have to go on is the layer 3 dst IP.

So I can only conclude as mentioned above the whole BGP table needs to be advertised into the IGP for this example to work! which to me seems pointless using BGP and the IGP may not be able to handle it.

As a side note, I though with BGP Sync is an issue where Router B in the attached example will not advertise Network X unless its in its IGP(on the inside).

Thanks, Lee.

lgijssel · ‎02-25-2011

What you are pointing at is a classical problem (or feature) of BGP.

It is the reason why you are advised to have your BGP speakers directly adjacent at layer 3.

On the other hand, it provides implicit control about which destinations are forwarded (transit traffic) over your AS.

I know you can do this with BGP also but it may be used as a second layer to stop unintended transit traffic.

regards,

Leo

Lee Smitherman · ‎02-28-2011

thanks Leo and all.

So can conclude on this one then, that its bad design(well, not optimal) to have eBGP sessions over multiple hops because you will need to redist BGP into the IGP which is not really desirable.

I was wondering if I was missing some BGP magic that I was over looking, in the same way MPLS operates by Targeting the eBGP peer as the destination in the MPLS Label.

Thanks, Lee.