Re: BGP Re-advertise default route - Page 2

dano2112 · ‎07-31-2018

Hello,

I have a L3 switch that is doing BGP peering with two other routers, RouterA and RouterB. I am learning a default route (via BGP) from RouterA and devices that use my L3 switch as their default gateway are able to reach the Internet without issue.

Now, I am trying to "re-advertise" the default route I am learning from RouterA and push that into the BGP routing table running on RouterB. On my L3 switch, if I go into my BGP routing instance and configure "default-information originate", and then if I do "show ip bgp neighbor RouterB advertised-routes", I see a default route being pushed to RouterB. But, the tech that manages RouterB says he doesn't see a default route come in from my L3 switch. If I configure a static 0.0.0.0 route on my L3 switch and then do "redistribute static" in my BGP routing process, RouterB starts to pick up the default route from my L3 switch but at the same time, I create a routing loop between my L3 switch and RouterA and so I lose my Internet connection.

I'm hoping someone can help me sort this out.

Thank you!

Daniel

dano2112 · ‎08-01-2018

Hi Rick

Yes, that makes perfect sense. And he did send me the output from "show ip neighbors <My L3 switch IP> received routes" from his device and there is a route showing up that would include the IP address for RouterA so his device should know how to reach that network (through my L3 switch). As you, Jon, and others have suggested, I am thinking his device must be filtering out the default route and I'm trying to work with him some more to explore that possibility.

Thank you for all of your input thus far!

Meheretab Mengistu · ‎08-01-2018

You said the following on the original post: If I configure a static 0.0.0.0 route on my L3 switch and then do "redistribute static" in my BGP routing process, RouterB starts to pick up the default route from my L3 switch but at the same time, I create a routing loop between my L3 switch and RouterA and so I lose my Internet connection. It seems to me that there is no filter on RouterB side of the configuration.

It would be very helpful for us to look at the BGP configurations.

HTH,

Meheretab

HTH,
Meheretab

Richard Burts · ‎07-31-2018

No problem that you are not up to speed on BGP. It can be complicated. It is very helpful to know that the AS number you use is different from the number you use for A and for B. In that case both would be EBGP. To help us understand could you post your BGP configuration? mask out sensitive information like public IP addresses and post the rest of the config.

HTH

Rick

HTH

Rick

dano2112 · ‎07-31-2018

Hi Rick,

This setup is a bit complex to explain in words so I may end up posting a basic diagram along with my BGP config but I'll see if I can provide a brief summary here as I'm somewhat time constrained.

RouterA is part of an MPLS network that connects two of our branch offices (Site1, where my L3 switch sites and Site2, our DR office) with a 50Mbps private link and provides those same two offices with access to the Internet. So from the office where my L3 switch sits, RouterA is the gateway for both the Internet and to Site2. Meanwhile, all of our offices (Sites 1-5) have a connection into another MPLS network and so at Site1 where my L3 switch sits, RouterB is the gateway device into that second MPLS network (this second MPLS network only provides private connections and does not provide any Internet services). As it stands currently, Sites 3, 4, and 5, which all sit on the second MPLS network, are not able to reach the Internet and it was determined earlier today the reason they can't reach the Internet is because the default route info isn't reaching those routers. Our overall goal here is to allow Sites 3, 4, and 5 to reach the Internet via our Site1 with the L3 switch. So yes, in terms of Sites 3, 4, and 5, we would like to use Site1 as a transit system to allow those three sites to access the Internet.

Jon Marshall · ‎07-31-2018

If this is all EBGP then each device should set itself as the next hop IP when advertising to an EBGP peer and so if the EBGP peerings are up then they should know how to reach the next hops.

If the tech for router B does a “sh ip bgp” does he see the default route ?

Could you get the BGP configuraton for your switch and router B ?

Jon

dano2112 · ‎08-01-2018

I sent him a note to see if I can get that output from "show ip bgp" from his device. I am on the go today but if we can't get this resolved, I will post my config soon and I'll see if I can get him to send me his BGP config as well.

Jon Marshall · ‎07-31-2018

One other point.

If you are receiving default from router A why are you trying to originate the route on your switch ?

Why not just pass on the default route ?

Jon

dano2112 · ‎08-01-2018

This is definitely a fair question and it could just stem from my ignorance with BGP. Lol On my L3 switch, when I do "show ip bgp neighbors <RouterB_IP> advertised routes", I see the default route show up at the top of the list. But, since that route isn't making it over to RouterB, I just assumed I had to originate on my switch to make it work.

So I do think now that maybe RouterB is somehow filtering out the default route I am sending him. I am trying to work with him some more to see if I can confirm that.

Thank you very much for all of your input thus far!

MikeO5422 · ‎07-31-2018

Awesome, although we will still need to know more about the BGP ASNs for each site. Some people put their MPLS clouds in one AS, some people make every site a different AS.

Please let us know the ASN of each of these sites including router a, router b, and your l3 switch. Posting configs is always good if you can do it. Also, does site 2 (DR site) peer with router B?

MikeO5422 · ‎07-31-2018

Are these eBGP or iBGP peering relationships? What are you advertising as the next hop from from your L3 switch to Router B? Without seeing any configuration/technical details, my first thought would be to ensure your next hop is set correct and reachable from router B.

dano2112 · ‎07-31-2018

Hi Mike,

Like I was just telling Jon in my reply to him, I have been doing routing stuff a long time but BGP is still fairly new to me. Is there an easy way to determine if this is eBGP vs. iBGP? If I do "show ip bgp neighbor <RouterA_IP> received-routes", the majority of them have "i" listed under the Origin column while some of them have "?" listed.

As for the next-hop, I am just trying to let my L3 switch receive the default route/next-hop info from RouterA and then pass that right on over to RouterB using BGP. So in my BGP process, I do have "default-information originate" configured and if I do "show ip bgp neighbor <RouterB_IP> advertised-routes", I see the following at the top of the output:

Network Next Hop Metric LocPref Path Origin
------------------- -------------------------------- ---------- ---------- ------------- ------
0.0.0.0/0 <RouterA_IP> 65400... ?

So it seems like RouterB should be seeing something but the guy keeps telling me he doesn't see a default route show up from my L3 switch. RouterB should know how to reach the subnet where RouterA_IP sits but I will have him confirm that.

MikeO5422 · ‎07-31-2018

Looks like you guys got it sorted. Geez you guys are fast!

If everything is eBGP then some type of filtering is likely going on that is blocking the default route OR it doesn't meet the criteria to be added to the BGP table on router B...most likely its being filtered. Your co-worker can run a "debug ip bgp updates" (and maybe some others) to help determine what is happening with the default route.

EDIT - Also yes, if you can post your config we can take a closer look.

dano2112 · ‎08-01-2018

All,

Attached is a basic diagram showing the topology and a snippet of the BGP config from my L3 switch. I requested the BGP config from the tech who manages RouterB but he has not responded yet.

Thank you for taking a look!

Daniel

MikeO5422 · ‎08-02-2018

The info is great but unfortunately I think router B's config is what we really need, the ASNs here are good to see though. From that we can find out if there are any filters and see what peering (internal or external) router B has with the other spokes.

When you post the config for router B be sure to include any route-maps that are applied to neighbors and their associated objects (ACLs, prefix lists, etc). It may also be valuable to post "show ip bgp 0.0.0.0" and "show ip route" on router B.

I am still struggling with the idea that the default route is tagged with the no export community when its handed to you. But I would think if that was the case it would not show up in your advertised routes command output...."show ip bgp 0.0.0.0" output on your router will suffice to eliminate that possibility.

Meheretab Mengistu · ‎08-02-2018

Daniel,

Could you share the output of "sh ip bgp 0.0.0.0" from your L3 Switch?

HTH,
Meheretab