03-10-2012 06:01 PM - edited 03-04-2019 03:37 PM
Hello,
I have a question regarding eBGP routes and rib-failure. I have two CE routers that I manage. They are peering with two PE routers. OSPF and iBGP is running between the two CE routers. BGP is being redistributed into OSPF as well on the CEs. I am using prefix lists to filter incoming routes on the CEs from the PEs.
CE2 is receiving all routes from PE2 without a problem but CE1 has all the received-routes in rib-failure. When I run a show ip route, the OSPF routes on CE1 are being perfered that it is getting from CE2. It appears the routes are only being seen in iBGP and since OSPF has a lower AD the routes show in rib-failure in BGP. So CE1 is not adding the eBGP routes to the route table.
When I run a show ip bpg neighbor recieved-routes command on CE1 for PE1, the recieved-routes show in rib-failure as well. Does this mean that PE1 is sending rib-failure routes to CE1?
CE01#sh ip bgp neighbors 10.10.249.233 received-routes
BGP table version is 197067, local router ID is 10.10.127.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
r 10.10.16.0/28 10.10.249.233 0 1234 12345 i
r 10.12.0.0/17 10.10.249.233 0 1234 12345 i
r 10.13.116.0/22 10.10.249.233 0 1234 12345 i
r 10.13.120.0/22 10.10.249.233 0 1234 12345 i
r 10.13.124.0/23 10.10.249.233 0 1234 12345 i
r 10.14.128.0/24 10.10.249.233 0 1234 12345 i
r 10.23.64.0/20 10.10.249.233 0 1234 12345 i
r 10.23.80.0/20 10.10.249.233 0 1234 12345 i
r 10.23.96.0/24 10.10.249.233 0 1234 12345 12346 i
CE01#sh ip route 10.10.16.0
Routing entry for 10.10.16.0/28
Known via "ospf 1", distance 110, metric 10
Tag 1234, type extern 2, forward metric 1
Last update from 10.10.98.245 on Vlan98, 22:31:17 ago
Routing Descriptor Blocks:
* 10.10.98.245, from 10.10.127.2, 22:31:17 ago, via Vlan98
Route metric is 10, traffic share count is 1
Route tag 1234
CE02#sh ip route 10.10.16.0
Routing entry for 10.10.16.0/28
Known via "bgp 11111", distance 20, metric 0
Tag 1234, type external
Redistributing via ospf 1
Advertised by ospf 1 metric 10 subnets route-map BGP_TO_OSPF
Last update from 10.10.249.237 22:33:10 ago
Routing Descriptor Blocks:
* 10.10.249.237, from 10.10.249.237, 22:33:10 ago
Route metric is 0, traffic share count is 1
AS Hops 2
Route tag 1234
MPLS label: none
Solved! Go to Solution.
03-12-2012 12:18 AM
Hi,
so your router CE1 is receiving the same prefix 10.10.16.0/28 three times then:
1) from the eBGP neighbor with local-preference = 150 (AD = 20)
2) from CE2 via iBGP with local-preference = 200 (AD = 200)
3) from CE2 via OSPF (AD = 110)
So from BGP protocol point of view, the router compares 1) and 2). As 2) has better BGP attributes (higher local-preference), it's the best route within BGP.
There is only one route for the prefix within OSPF, so 3) is the best route within OSFP.
Then the router has to choose the best route among all routing protocols to put to the RIB.
The OSPF route has AD =110, while 2) is an iBGP route, i.e., AD = 200.
So the OSPF route gets to the RIB.
And you can see the BGP prefixes (both iBGP and eBGP) failed to get to the RIB.
So if you want to get the eBGP route to the RIB on CE1, you need to make it the best withing BGP first.
You could assign a higher weight to it, e.g.
neighbor 10.10.249.233 weight 35000
would make it.
In this case, all eBGP prefixes would win within BGP on CE1.
And as AD = 20 for eBGP, they would beat OSPF prefixes and get to the RIB finally.
And as the weight attribute is local only and is not advertised to the BGP neighbors, no change would happen in CE2 routing.
Is this what you need?
Sure there are other possibilities: not running iBGP between the routers while there is also OSPF with BGP prefixes redistributed, e.g.
But only you know what is really necessary in your network.
HTH,
Milan
03-10-2012 08:08 PM
What does sh ip bgp rib-failure say, BTW you are looking at recv-routes, what does show ip bgp nei X.X.X.X routes say?
03-10-2012 08:30 PM
Hi. Thanks.
bgp rib-failure shows "Higher admin distance"
CE01#sh ip bgp rib-failure
Network Next Hop RIB-failure RIB-NH Matches
10.10.16.0/28 10.10.127.2 Higher admin distance n/a
But it shows the next hop of CE2 and not PE1.
Show ip bgp nei routes show rib-failure as well:
CE01#sh ip bgp neighbors 10.10.249.233 routes
BGP table version is 197159, local router ID is 10.10.127.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
r 10.10.16.0/28 10.10.249.233 150 0 1234 12345 i
r 10.12.0.0/17 10.10.249.233 150 0 1234 12345 i
r 10.13.116.0/22 10.10.249.233 150 0 1234 12345 i
r 10.13.120.0/22 10.10.249.233 150 0 1234 12345 i
r 10.13.124.0/23 10.10.249.233 150 0 1234 12345 i
r 10.14.128.0/24 10.10.249.233 150 0 1234 12345 i
r 10.23.64.0/20 10.10.249.233 150 0 1234 12345 i
03-10-2012 08:47 PM
That (Higher Admin Distance) means your IGP route is preferred, because EIGRP (90) or OSPF (110) or IS-IS(115) or RIP (120) or STATIC(default: 1) routes are always preferred than iBGP (200) routes, this is common, is there a redistribution going on?
sh ip route, instead of sh ip bgp is your best bet to find out why CE2 is preferred over PE1.
03-10-2012 09:12 PM
Exactly, the OSPF route with the 110 AD is prefered over the 200 AD of iBGP. But I don't understand why the eBGP (AD20) is not being perfered on CE1?
Yes, I am redistributing BGP into OSPF
redistribute bgp 11111 metric 10 subnets route-map BGP_TO_OSPF
Here's a sh ip route output on CE1
CE01#sh ip route 10.10.16.0
Routing entry for 10.10.16.0/28
Known via "ospf 1", distance 110, metric 10
Tag 1234, type extern 2, forward metric 1
Last update from 10.10.98.245 on Vlan98, 1d01h ago
Routing Descriptor Blocks:
* 10.10.98.245, from 10.10.127.2, 1d01h ago, via Vlan98
Route metric is 10, traffic share count is 1
Route tag 1234
03-10-2012 09:25 PM
What is the local-pref for 10.10.16.0 subnet on CE1 and CE2, I am guessing CE2 has higher local-pref than CE1 and CE1 will prefer the routes via iBGP from CE2, since your redistribute BGP into OSPF, OSPF routers are preferred. If you want to fix this, remove redistribution unless you really really want it or you know what you are doing.
03-11-2012 08:08 AM
Hi Peter,
Can you post your BGP configuration and any relevant policies?
regards,
ryan
03-11-2012 05:37 PM
Hi Ryan
I've posted the OSPF and BGP config on CE1.
I am seting the local-preference on CE1 to 150 and CE2 is 200.
Thanks
router ospf 1
log-adjacency-changes
redistribute connected subnets
redistribute bgp 11111 metric 10 subnets route-map BGP_TO_OSPF
network 10.10.98.240 0.0.0.15 area 9
router bgp 11111
no synchronization
bgp router-id 10.10.127.1
bgp log-neighbor-changes
network 10.10.98.240 mask 255.255.255.240
network 10.10.127.1 mask 255.255.255.255
network 192.168.10.0 mask 255.255.255.0
network 192.168.11.0 mask 255.255.255.0
network 192.168.12.0 mask 255.255.255.0
network 192.168.13.0 mask 255.255.255.0
network 192.168.14.0 mask 255.255.255.0
neighbor 10.10.249.233 remote-as 1234
neighbor 10.10.249.233 description PE1 Gi1/2 vrf GLB
neighbor 10.10.249.233 version 4
neighbor 10.10.249.233 soft-reconfiguration inbound
neighbor 10.10.249.233 route-map CHI-PROD-IN in
neighbor 10.10.249.233 route-map CHI-PROD-OUT out
neighbor 10.10.127.2 remote-as 11111
neighbor 10.10.127.2 description iBGP to CE02
neighbor 10.10.127.2 update-source Loopback0
neighbor 10.10.127.2 next-hop-self
neighbor 10.10.127.2 soft-reconfiguration inbound
no auto-summary
ip prefix-list CHI-IN seq 10 permit 0.0.0.0/0 le 32
!
ip prefix-list CHI-OUT seq 10 permit 192.168.10.0/24
ip prefix-list CHI-OUT seq 20 permit 192.168.11.0/24
ip prefix-list CHI-OUT seq 30 permit 192.168.12.0/24
ip prefix-list CHI-OUT seq 40 permit 192.168.13.0/24
ip prefix-list CHI-OUT seq 50 permit 192.168.14.0/24
ip prefix-list CHI-OUT seq 60 permit 10.10.98.240/28
ip prefix-list CHI-OUT seq 70 permit 10.10.127.0/24 ge 32
!
route-map CHI-PROD-OUT permit 10
match ip address prefix-list CHI-OUT
!
route-map BGP_TO_OSPF permit 10
match ip address prefix-list CHI-IN
!
route-map CHI-PROD-IN permit 10
match ip address prefix-list CHI-IN
set local-preference 150
03-12-2012 12:18 AM
Hi,
so your router CE1 is receiving the same prefix 10.10.16.0/28 three times then:
1) from the eBGP neighbor with local-preference = 150 (AD = 20)
2) from CE2 via iBGP with local-preference = 200 (AD = 200)
3) from CE2 via OSPF (AD = 110)
So from BGP protocol point of view, the router compares 1) and 2). As 2) has better BGP attributes (higher local-preference), it's the best route within BGP.
There is only one route for the prefix within OSPF, so 3) is the best route within OSFP.
Then the router has to choose the best route among all routing protocols to put to the RIB.
The OSPF route has AD =110, while 2) is an iBGP route, i.e., AD = 200.
So the OSPF route gets to the RIB.
And you can see the BGP prefixes (both iBGP and eBGP) failed to get to the RIB.
So if you want to get the eBGP route to the RIB on CE1, you need to make it the best withing BGP first.
You could assign a higher weight to it, e.g.
neighbor 10.10.249.233 weight 35000
would make it.
In this case, all eBGP prefixes would win within BGP on CE1.
And as AD = 20 for eBGP, they would beat OSPF prefixes and get to the RIB finally.
And as the weight attribute is local only and is not advertised to the BGP neighbors, no change would happen in CE2 routing.
Is this what you need?
Sure there are other possibilities: not running iBGP between the routers while there is also OSPF with BGP prefixes redistributed, e.g.
But only you know what is really necessary in your network.
HTH,
Milan
03-12-2012 05:29 PM
Hi Milan
I think you nailed it on the head! That's exactly what I was looking for. I think I will assign a higher weight to the peer.
I apprecaite your detailed answer. I will make change this week and post results. Thanks
Peter
03-16-2012 07:53 PM
Hi Milan - I assigned a higher weight to the eBGP neighbor on CE1 it worked! Thanks again. Much appreciated!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide