BGP path selection trouble!

gentipasku · ‎11-07-2016

I have two internal routers using hsrp and doing BGP each to different provider.

All external traffic defaults going through Router 2 and I'm having a hard time finding the problem!!

How do I make it choose the other path, I tried adding the bgp default local preference command and it didn't make a difference:

My situation:

Provider 1 Provider 2
AS 1000 AS3000

Router1 Router2
AS 2000 HSRP,IBGP AS2000

Config as following:

Router 1

router bgp 2000
no bgp fast-external-fallover
bgp log-neighbor-changes
bgp graceful-restart restart-time 120
bgp graceful-restart stalepath-time 360
bgp graceful-restart
bgp maxas-limit 10
bgp default local-preference 200
redistribute connected
redistribute static
neighbor A remote-as 1000
neighbor A soft-reconfiguration inbound
neighbor A prefix-list local-prefix out
neighbor A route-map Allow_incoming in
neighbor B remote-as 1000
neighbor B ebgp-multihop 255
neighbor B send-community
neighbor B soft-reconfiguration inbound
neighbor B prefix-list Do_not_send_out out
neighbor B route-map Allow_incoming in
neighbor C remote-as 2000
neighbor C next-hop-self
neighbor C soft-reconfiguration inbound

ip prefix-list Do_not_send_out seq 5 deny 0.0.0.0/0
!
ip prefix-list local-prefix seq 5 permit 110.110.110.0/24
ip prefix-list local-prefix seq 10 permit 110.111.111.0/24

route-map Allow_incoming permit 10
set local-preference 700

Router 2:

router bgp 2000
bgp log-neighbor-changes
bgp graceful-restart restart-time 120
bgp graceful-restart stalepath-time 360
bgp graceful-restart
bgp maxas-limit 10
bgp default local-preference 150
redistribute connected
redistribute static
neighbor C remote-as 2000
neighbor C version 4
neighbor C next-hop-self
neighbor C soft-reconfiguration inbound
neighbor C prefix-list bogons in
neighbor C maximum-prefix 634000
neighbor D remote-as 3000
neighbor D version 4
neighbor D soft-reconfiguration inbound
neighbor D prefix-list bogons in
neighbor D prefix-list announce out
neighbor D maximum-prefix 634000

ip prefix-list local-prefix seq 1 permit 110.110.110.0/24
ip prefix-list local-prefix seq 2 permit 110.111.111.0/24

What is wrong with this config?

Pawan Raut · ‎11-08-2016

Make the router HSRP active (with higher HSRP priority) from which you want to traffic goes out.

Kindly rate for useful post

gentipasku · ‎11-08-2016

Thank you Pawan, as I mentioned above, regardless what the HSRP router active one is, the traffic still goes to Router 2, I have that manually set up for Router one to be the active one, there's got o be some BGP election process which I can't seem to figure out!

Any other ideas?

Georg Pauwen · ‎11-08-2016

Hello,

as far as I remember, BGP in HSRP is using the virtual address to establish the TCP session.

Try and configure the neighbors with:

neighbor x.x.x.x transport connection-mode passive

gentipasku · ‎11-10-2016

Hi Pawan that didn't make a difference, traffic still defaults through Router2 :(

chrihussey · ‎11-08-2016

Can you provide an output for a BGP route common to both routers? (show ip bgp x.x.x.x)

gentipasku · ‎11-08-2016

Adding an output from both routers on 4.2.2.2 and the local prefix which we advertising!

Router2#sh ip bgp 4.2.2.2
BGP routing table entry for 4.0.0.0/9, version 4597895
Paths: (1 available, best #1, table default)
Advertised to update-groups:
9
Refresh Epoch 2
21755 3257 3356, (aggregated by 3356 4.69.130.10), (received & used)
Provider2_IP_address from Provider2_IP_address (Provider2_IP_address)
Origin IGP, localpref 150, valid, external, atomic-aggregate, best
rx pathid: 0, tx pathid: 0x0
Router2#sh ip bgp Local_prefix
BGP routing table entry for Local_prefix, version 2935639
Paths: (2 available, best #2, table default)
Advertised to update-groups:
9 13
Refresh Epoch 1
Local, (received & used)
Router1_IP_address from Router1_IP_address (Router1_IP_address)
Origin incomplete, metric 0, localpref 200, valid, internal
rx pathid: 0, tx pathid: 0
Refresh Epoch 1
Local
0.0.0.0 from 0.0.0.0 (Provider2_IP_address)
Origin incomplete, metric 0, localpref 150, weight 32768, valid, sourced, best
rx pathid: 0, tx pathid: 0x0

Router1#sh ip bgp 4.2.2.2
BGP routing table entry for 4.0.0.0/9, version 255501438
Paths: (1 available, best #1, table default)
Not advertised to any peer
21755 3257 3356, (aggregated by 3356 4.69.130.10)
Router2_IP_address from Router2_IP_address (Provider2_IP_address)
Origin IGP, metric 0, localpref 150, valid, internal, atomic-aggregate, best
Router1#sh ip bgp Local_prefix
BGP routing table entry for Local_prefix, version 251518079
Paths: (2 available, best #2, table default)
Advertised to update-groups:
57 65
Local
Router2_IP_address from Router2_IP_address (Provider2_IP_address)
Origin incomplete, metric 0, localpref 150, valid, internal
Local
0.0.0.0 from 0.0.0.0 (Router1_IP_address)
Origin incomplete, metric 0, localpref 200, weight 32768, valid, sourced, best

Thank you!!!!

chrihussey · ‎11-08-2016

So it looks like R1 isn't receiving the 4.0.0.0 route from its EBGP peer and only has the route from R2. If you could find a route that both are receiving from their EBGP peers and post the results then we may be better able to figure things out.

Also, if you could also post the output of "sh ip bgp summ" from both that might help too. Clean it up as you see fit.

gentipasku · ‎11-10-2016

Hi Chris,

Thank you for your comments!

All of the routes on Router1 are originating from Router2, so can't actually find any prefix that routes from Provider1! Can't seem to force traffic on the other path?!

Does traffic from Router 1 choose to route through Router2 because it sees it as an iBGP? Tried changing the default bgp priorities and didn't help!

BGP router identifier Router2, local AS number 2000
BGP table version is 7182123, main routing table version 7182123
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
Router1 4 2000 122102 567535 7182123 0 0 5d20h 16968
NeighborD 4 3000 109020 11 7182113 0 0 00:05:17 597639

BGP router identifier Router1, local AS number 2000
BGP table version is 256923910, main routing table version 256923910
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
NeighborA 4 1000 111272 122434 256923910 0 0 11w0d 1
NeighborB 4 1000 22078 1219 256923910 0 0 18:24:51 17314
Router2 4 2000 567535 122102 256923910 0 0 5d20h 580851

chrihussey · ‎11-10-2016

So off of Router 2 you are receiving close to 600,000 routes from neighbor D (AS3000).

On Router 1 you are receiving 1 route from neighbor A (AS1000) and 17,000 routes from neighbor B. Just by sheer numbers that is probably why traffic is going out Router 2.

If you do a "sh ip bgp nei (neighbor B IP) received-routes" and take one of those routes and then do "sh ip bgp x.x.x.x" for that route and post the output of both R1 and R2 that might offer some clues.

Also, is there any reason why you have ebgp multihop 255 to neighbor B, and how is the route to that neighbor defined?