Solved: BGP best path criteria?

Talha Ansari · ‎07-10-2011

If a bgp running router learns a particular network from a EBGP peer and advertises the network to one IBGP peer which has synchronisation turned on then in this case will the network be considered as best path in the bgp table if this IBGP router is learning the same route from an IGP?

I m testing this in a lab but I m not able to see the network seen as best path in the bgp table even if the IBGP peer learns the network via IGP. Yet if I use static route with higher AD on this IBGP peer for the network then I m able to see the BGP best path for this network.

Regards,

Talha

Giuseppe Larosa · ‎07-11-2011

Hello Talha,

to see BGP synchronization in effect you would need another router connected to R3 with an eBGP session with R3

let's suppose you have:

R1-- eBGP---R2 --- iBGP--- R3 --- eBGP---R4

the BGP synchronization rule influences if R3 is going to advertise a prefix learned via iBGP from R2 to R4 or not.

with BGP sync enabled R3 looks for a matching IGP entry and with default settings the iBGP route is not installed in the IP routing table.

the difference is that if the route is not present in IGP the advertisement is not sent to R4 to avoid a a possible black hole in side the AS to which R2, R3 belong.

This was a possible real issue because iBGP sessions can be setup between not connected as they use TTL=255 by default. If a router only speaking IGP is in the middle it may not be able to route traffic with destination 1.1.1.0/24 if the prefix is not present in the IGP database.

This is the background.

About the absence of RIB failure we can only note that with BGP sync on we are asking for a check in the IGP for the same prefix. So the flags are a little different no RIB failure is shown, the route is valid and this is the important point and it should also be the best BGP path.

when you add the static route with AD 100 you are adding a route that is not in the IGP and this leads to RIB failure.

I agree that it should show valid, best unless the best is missing to indicate that the route is not installed in the IP routing table. But this is misleading.

Also in real world we use iBGP on loopback addresses that are usually /32 host routes.

It is also best practice to set BGP router-id = OSPF router-id.

Hope to help

Giuseppe

View solution in original post

Giuseppe Larosa · ‎07-11-2011

Hello Talha,

>> what should be done on R3 so that it prefers the IBGP route with synchronisation turned on.... or is it not possible at all?

BGP synchronization concept requires the presence of an IGP route for the same prefix and this implies the IGP route has better AD with default settings.

So my guess is that it is not possible to have the iBGP route preferred over the IGP route.

the target is to ensure that there are no black holes inside the AS, it is an old concept that it not useful anymore in modern networks.

For example if MPLS is used routers in the core can be unaware of IP destination of traffic that is label switched without creating a black hole.

Hope to help

Giuseppe

View solution in original post

Reza Sharifi · ‎07-10-2011

Hi Talha,

Please refer to this document. BGP synchronization is disable starting IOS 12.2.

If BGP synchronization is enabled, there must be a match for the prefix in the IP routing table in order for an internal BGP (iBGP) path to be considered a valid path. BGP synchronization is enabled by default in Cisco IOS® Software. If the matching route is learned from an Open Shortest Path First (OSPF) neighbor, its OSPF router ID must match the BGP router ID of the iBGP neighbor. Most users prefer to disable synchronization with use of the

no synchronization

BGP subcommand.

http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a0080094431.shtml

HTH

Reza

Giuseppe Larosa · ‎07-10-2011

Hello Talha,

BGP best path criteria provides a selection of best BGP path in the BGP table.

this is a different table then the IP routing table.

You check BGP best path using

show ip bgp A.B.C.D

you check ip routing table

with

show ip route A.B.C.D

if BGP synchronization is on and the BGP peer learns the route from an IGP the end result is the IGP route is preferred and installed in the BGP table for its lower AD. if you use a static route with AD > 200 you will see the iBGP route installed in the IP routing table.

but again this is a different aspect.

As noted by Reza now default settiing is to have synchronization disabled.

Actually, importing BGP routes into IGP is not feasible anymore given the size of internet full table.

Besides this, a modern network using MPLS takes advantage of the use of BGP for advertising services and can minimize the database of the IGP in use

Hope to help

Giuseppe

Talha Ansari · ‎07-11-2011

Hi all.. thanks for your replies...

I understand that at most places it is preferred to turn off the BGP synchronisation and by default I think it is disabled on cisco IOS.

But I wanted to test this synchronisation rule so I simply used 3 routers R1, R2 and R3 and connected them in line.

R1 and R2 shares EBGP neighborship and R2 and R3 shares IBGP.

Configured loopbacks on all three routers and advertised all links and loopbacks in all three routers in OSPF area 0.

Only R1's loopback(1.1.1.0/24) is advertised in OSPF and as well as BGP.

R2 receives this network through OSPF and BGP but EBGP route ends up in the routing table as its AD is lower than OSPF.

This network is then forwarded from R2 to R3 via OSPF and BGP. But since this is IBGP route with higher AD the OSPF route is preferred. I noticed that in the 'sh ip bgp' this route was shown as rib-failure as BGP route was not preferred. Hence tweaking the BGP AD fixed this. So Far so Good.

By the time I did the above the steps the synchronisation was disabled on all routers. After the above steps I enabled synchronisation on R3 only and expected that the network (1.1.1.0 /24) should end up in the routing table but this didn't happen.

R3#sh ip bgp
BGP table version is 2, local router ID is 3.3.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path
* i1.1.1.0/24 120.10.12.1 0 100 0 10 i

The BGP route simply stayed cold and never showed up as best path. Later I configured a static route on R3 :

ip route 1.1.1.0 255.255.255.0 120.10.23.2 100

This replaces the OSPF route and the bgp table on R3 shows as rib-failure which is correct as the static route is of lower AD. But I fail to understand why I m not able to see Rib-Failure when OSPF route is present in the routing table even if it has a lower AD then the IBGP route. I m attaching the diagram and the configuration.

Regards,

Talha.

Giuseppe Larosa · ‎07-11-2011

Hello Talha,

to see BGP synchronization in effect you would need another router connected to R3 with an eBGP session with R3

let's suppose you have:

R1-- eBGP---R2 --- iBGP--- R3 --- eBGP---R4

the BGP synchronization rule influences if R3 is going to advertise a prefix learned via iBGP from R2 to R4 or not.

with BGP sync enabled R3 looks for a matching IGP entry and with default settings the iBGP route is not installed in the IP routing table.

the difference is that if the route is not present in IGP the advertisement is not sent to R4 to avoid a a possible black hole in side the AS to which R2, R3 belong.

This was a possible real issue because iBGP sessions can be setup between not connected as they use TTL=255 by default. If a router only speaking IGP is in the middle it may not be able to route traffic with destination 1.1.1.0/24 if the prefix is not present in the IGP database.

This is the background.

About the absence of RIB failure we can only note that with BGP sync on we are asking for a check in the IGP for the same prefix. So the flags are a little different no RIB failure is shown, the route is valid and this is the important point and it should also be the best BGP path.

when you add the static route with AD 100 you are adding a route that is not in the IGP and this leads to RIB failure.

I agree that it should show valid, best unless the best is missing to indicate that the route is not installed in the IP routing table. But this is misleading.

Also in real world we use iBGP on loopback addresses that are usually /32 host routes.

It is also best practice to set BGP router-id = OSPF router-id.

Hope to help

Giuseppe

Talha Ansari · ‎07-11-2011

Hi Giuseppe,

Thanks for your response... it did clear some of my concepts.. yet I still need to know exactly what should be done on R3 so that it prefers the IBGP route with synchronisation turned on.... or is it not possible at all? I tried to play with AD but no luck.

Regards,

Talha.

Giuseppe Larosa · ‎07-11-2011

Hello Talha,

>> what should be done on R3 so that it prefers the IBGP route with synchronisation turned on.... or is it not possible at all?

BGP synchronization concept requires the presence of an IGP route for the same prefix and this implies the IGP route has better AD with default settings.

So my guess is that it is not possible to have the iBGP route preferred over the IGP route.

the target is to ensure that there are no black holes inside the AS, it is an old concept that it not useful anymore in modern networks.

For example if MPLS is used routers in the core can be unaware of IP destination of traffic that is label switched without creating a black hole.

Hope to help

Giuseppe