Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1197
Views
0
Helpful
9
Replies

Creating iBGP Mesh

Vinayaka Raman
Level 1
Level 1

‎10-26-2011 08:22 AM - edited ‎03-04-2019 02:03 PM

MPLS 1 and 2 are running eBGP with the PE routers.

I wanted to extend the BGP to the downstream core\distriubtion layer. A full mesh between all of them (MPLS 1 and 2, VSS, N7K1 and N7k2)

N7k1 and N7k2 share a VDC.

If i traceroute from the MPLS 1 to MPLS 2 loopback..it routes via service provider cloud. But i wanted iBGP neighbhorship to be through the

LAN..

So now to create a iBGP mesh,

should i create another loopback on MPLS1 and 2 ?

an SVI on N7k1, 2 and VSS (all in same vlan)

Static routes to for BGP to establisgh neighbhorship as I am planning not to advertise this vlan through IGP because it routes via WAN.

Can you give me some tips ? Please feel free to query more.

Regards Vinayak
Labels:
Preview file
97 KB
0 Helpful
9 Replies 9

Edison Ortiz
Hall of Fame
Hall of Fame

‎10-26-2011 08:37 AM

You don't need to create another loopback.

If DC1 advertises its loopback to the MPLS Cloud, this prefix should be dropped by DC2 because it contains its own AS.

iBGP means both DCs have the same Autonomous System, right?

I'm assuming you don't have the same AS on both DCs at this moment since your traceoute is taking the MPLS Cloud path -or- you implemented allowas-in?

0 Helpful

Vinayaka Raman
Level 1
Level 1
In response to Edison Ortiz

‎10-26-2011 08:49 AM

right now only eBGP is configured...

on DC1 the config is

router bgp 65457

neighbhor dc2_loopback remote-as 65500

on DC2 the config is

router bgp 65457

neighbhor dc1_loopback remote-as 65500

Regards Vinayak
0 Helpful

Vinayaka Raman
Level 1
Level 1
In response to Vinayaka Raman

‎10-26-2011 08:57 AM

few more questions I have is

for each iBGP neighbhor statement on MPLS 1 and 2, i should be having a next hop self..??

should i have next hop self elsewhere also ?

After iBGP mesh, Will the N7k1, N7k2 and VSS , will see only iBGP routes from the MPLS 1 and 2 ...there will not be any eBGP routes ..is that correct ?

Regards Vinayak
0 Helpful

Edison Ortiz
Hall of Fame
Hall of Fame
In response to Vinayaka Raman

‎10-26-2011 12:39 PM

When doing iBGP, the next-hop-self is a best practice.

N7K1 K2 and VSS will see all BGP routes, that is eBGP and iBGP learned routes unless you filtering them per neighbor basis.

0 Helpful

Edison Ortiz
Hall of Fame
Hall of Fame
In response to Vinayaka Raman

‎10-26-2011 11:54 AM

I don't understand your configuration snippet.

router bgp 65457

neighbhor dc2_loopback remote-as 65500

on DC2 the config is

router bgp 65457

neighbhor dc1_loopback remote-as 65500

How the remote DC loopback address be in 65500?

Per the configuration, both routers are running 65457.

Is your MPLS Provider doing as-override?

Per your diagram, it looks like you have a physical connection between DCs that don't use the MPLS. Use that for your BGP peering and tell the MPLS Provider to remove the as-override. BGP loop prevention will block routes coming from the remote DC and your traceroute will remain internal. You should advertise your loopbacks in OSPF within the iBGP mesh.

0 Helpful

Kishore Chennupati
Level 7
Level 7
In response to Vinayaka Raman

‎10-26-2011 04:20 PM

Hi Vinayaka,

on DC1 the config is 
router bgp 65457
neighbhor dc2_loopback remote-as 65500
on DC2 the config is 
router bgp 65457
neighbhor dc1_loopback remote-as 65500

This doesn't sound right to me.  The config should be something like below assuming you have both routers in the same AS which is 65457

DC1 Config should be

router bgp 65457

neighbor dc2_loopback remote-as 65457 update source dc1_loopback

neighbor dc2_loopback remote-as 65457 next-hop-self

DC2  config should be

router bgp 65457

neighbor dc1_loopback remote-as 65457 update source dc2_loopback

neighbor dc1_loopback remote-as 65457 next-hop-self

Make sure that the loopbacks are reachable to each other via IGP. Ping them from each other to ensure they are reachable and no packet loss etc.

HTH

Regards

Kishore

0 Helpful

Kishore Chennupati
Level 7
Level 7

‎10-28-2011 06:15 AM

Hi vinayaka,

just wondering how did u go with this? DId you read my post and check the configs?

Regards

Kishore

0 Helpful

Vinayaka Raman
Level 1
Level 1
In response to Kishore Chennupati

‎10-29-2011 03:14 AM

We have droppped the idea of extending iBGP mesh towards core\distribution.

sorry for the late response,,

however, the config is porsted above is not correct...I will post the exact config what is prepared in a while..

Regards Vinayak
0 Helpful

Vinayaka Raman
Level 1
Level 1
In response to Kishore Chennupati

‎11-01-2011 08:19 AM

We are running eBGP with local as 65457 and remote as 65000

65457 is the local AS for all the CE routers including data centers

65000 is the remote as for all the PE routers including data center

and yes we have as-override configured at service provider end..

so the configuration at

MPLS@DC1

router bgp 65457

neighbhor remote-as 65000

MPLS@DC2

router bgp 65457

neighbhor remote-as 65000

the loopback interface of DC1 and 2 are advertised in the BGP..

when i say traceroute on DC1, it routes via MPLS..

We had plans to extend the BGP to the core\distribution devices..listed in the figure...

So we planned to create

a SVI interface on Nexus 1 and 2 and VSS..all are in the same subnet..

a loopback on DC1 and one on DC2...

static route from DC1 pointing to N7k1 &2 for reachability

static route from DC2 pointing to N7k1 &2 for reachability

and define with neighbhor commands and next-hop self

Regards Vinayak
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card