I was looking at BGP tutorial and the author said that we do not advertise WAN links in BGP, is that correct and if so how can a remote AS access the subnets of this AS when there is no reachability info for the wan links.
what they mean is: let's say you have a WAN link where one side has IP address 22.214.171.124/30, and the other side has IP address 126.96.36.199/30, you do not need to advertise this network in BGP (network 188.8.131.52 mask 255.255.255.252) for the two sides to connect and establish a BGP neighborship. It happens automatically on directly connected links.
Bgp establishes neighbor adjacency
By neighbor manual configuration of
Neighbor ip address on the Same subnet
and remote AS or use of loop back ip address
using eBGP multi hop 2 -254.
BGP is a border gate way protocol
connecting to other Autonomous networks.
I am not sure what text your referring to however it sounds like they may be suggesting in a dual ISP wan ebgp peering scenario not to advertise WAN Links (prefixes) associated with one ISP to another ISP as this could make your own bgp router(s) become a transit path for either ISP and create suboptimal routing..
so what he was trying to implement was 3 AS(as1,as2,as3) connected in a linear fashion. and was redistributing his connected loopbacks in AS3 into bgp. but then used route maps to take the wan links off saying we do not advertise wan links. the other problem im having is i can see those loopback in AS3 being advertised to AS1(*>routes), but i cannot ping these loopback host addresses. and i am thinking the reason behind this is the lack of information about the wan links. can someone elaborate.
Let me take a slightly different approach to answering the question. First let me clarify what I believe that original post is about. When we are dealing with BGP it might be helpful to distinguish types of subnets that might be involved: there are target subnets and these are the subnets where hosts are connected that we need to be able to reach (think customer inside subnets). And there are transit subnets and these are the subnets that connect the BGP peers but do not have any hosts that need to be reachable.
I believe that the point of the original post was that in configuring BGP we do need to advertise target subnets and generally do not need to advertise transit subnets. And I believe that in general this is true.
Let me suggest an example which may help to explain this point. The original post mentions as1, as2, and as3. So let me suggest this topology:
as1 has a customer router C1 which has loopback interface 184.108.40.206. router C1 connects to the edge router E12 (connects as1 to as2). The link between as1 and as2 is 220.127.116.11 at E12 and connects to 18.104.22.168 at E21 which is the edge router for as2. In as2 is customer router C2 which has loopback interface 22.214.171.124. C2 connects to edge router E23 which has IP 126.96.36.199 and connects to 188.8.131.52 on E32 which is the edge router for as3. as3 has customer router C3 which has loopback interface 184.108.40.206.
We will assume that there are appropriate subnets providing connectivity within each as and that an appropriate routing protocol is running in each as so that the customer routers can determine to which edge router they should send their traffic. I am not going to supply those details since they do not really matter in what we need to discuss.
The original poster asks about how as3 can advertise its target subnet (220.127.116.11) without advertising its transit networks. Let me explain it in this way:
- C3 which has the loopback advertises it in its IGP to E32.
- the IGP on E32 receives the advertisement and creates an entry in the routing table for 18.104.22.168.
- E32 has a network statement for the loopback and sends a EBGP advertisement for 22.214.171.124 to E23. (E32 does not advertise the transit network 126.96.36.199 - and does not need to because both routers know this is how they reach the neighbor AS)
- E23 receives the EBGP advertisement and creates an entry in its BGP table with the target subnet, the originating AS#, and the advertising router.
- E23 sends an IBGP advertisement to E21. E23 does not advertise the transit network because E21 does not need to know about 188.8.131.52 and only needs to know how to reach E23.
- E21 receives the IBGP advertisement and creates an entry in its BGP table with the target subnet, the originating AS#, and the advertising router (which was E23).
- E21 sends an EBGP advertisement to E12 for network 184.108.40.206 with an as path of as2,as3 and itself as the advertising router. E21 does not send any advertisement for either of the transit networks (220.127.116.11 or 18.104.22.168) E12 already knows that 22.214.171.124 is how it reaches the advertising router and has no need to know about 126.96.36.199
- E12 receives the BGP advertisement for 188.8.131.52 and creates an entry in its BGP table with the target subnet, the as path, and the advertising router.
- E12 then advertises into the IGP that network 184.108.40.206 is reachable through E12.
- If C1 wants to access 220.127.116.11 it will use its routing entry and forward the packet to E12. (no need for any transit network information here)
- E12 receives the packet and looks in its table and sees that it needs to forward to E23. (no need for any transit network information here)
- E23 receives the packet and looks in its table and sees that it needs to forward to E32. It does not need any entry in its table for the transit network, since the transit network is known from the neighbor negotiation.
- E32 receives the packet and looks in its table and finds that it needs to forward to C3.
In this way the target subnets are advertised in BGP while the transit subnets are not advertised in BGP. I believe this is the main point of the original post.
yes you describe the scenarios perfectly, but why can i not ping the loopback/32 in as3 from as1. i can see them as best routes in as1. and i am not advertising wan links any where.
could be due to your route-maps -can you post ?
AS77 looks like they dont have any ibgp peering between each other, is that correct?
Can you post the bgp and route tables in that ASN for thsoe rtrs
here is the config for router R4. i dont think it matters if the routers are ibpg neighbor. i had a similar scenario with one router in the middle AS and i was still having the same issue. i know its a simple mistake im making.both r4 r6 are configured similarly
Youve posted the only bgp table and not the route table for R4 for AS77.
Now from AS5500 the next hop towards AS77 for the prefixes you’ve posted route via R6 not R4.
So to be able to assist further we need to understand how the current routing path for all prefixes between AS5500 and AS711-911 Can you share the below output from these rtrs, include this information into a file and attach to this post please.
sh ip bgp
sh ip protocols
sh ip route
here is the output from R4. the same reachability issues existed without the Rmaps.
Gateway of last resort is not set
18.104.22.168/32 is subnetted, 1 subnets
B 22.214.171.124 [20/0] via 10.1.37.2, 00:00:25
126.96.36.199/32 is subnetted, 1 subnets
B 188.8.131.52 [20/0] via 10.1.37.2, 00:00:25
10.0.0.0/24 is subnetted, 2 subnets
C 10.1.24.0 is directly connected, Serial2/0
C 10.1.37.0 is directly connected, Serial2/1
184.108.40.206/32 is subnetted, 1 subnets
B 220.127.116.11 [20/0] via 10.1.37.2, 00:01:10
18.104.22.168/32 is subnetted, 1 subnets
B 22.214.171.124 [20/0] via 10.1.37.2, 00:01:09
Network Next Hop Metric LocPrf Weight Path
*> 126.96.36.199/32 10.1.37.2 0 0 911 i
*> 188.8.131.52/32 10.1.37.2 0 0 911 i
*> 184.108.40.206/32 10.1.37.2 0 911 711 i
*> 220.127.116.11/32 10.1.37.2 0 911 711 i
R4#show ip pro
Routing Protocol is "bgp 777"
Outgoing update filter list for all interfaces is not set
Incoming update filter list for all interfaces is not set
IGP synchronization is disabled
Automatic route summarization is disabled
Address FiltIn FiltOut DistIn DistOut Weight RouteMap
Maximum path: 1
Routing Information Sources:
Gateway Distance Last Update
10.1.37.2 20 00:01:21
Distance: external 20 internal 200 local 200
show arp= no output