Solved: Help me in BGP concepts

Amr Ali · ‎01-22-2014

Dear All,

I hope every one in a good condition , kindly i need an assistance as i am a beginner in CCNP routing so i need to understand many of things , i have uploaded a topology made by GNS3 which had done by me but i need to understand why R1 can't ping R5

Thanks for Help

paul driver · ‎01-23-2014

Hello

Try this:

R4

##

router ospf 1

network 10.1.45.1 0.0.0.0 area 0

redistribute bgp 5500 subnets

router bgp 5500

redistribute ospf 1 match internal external 1 external 2

neighbor 1.1.1.1 next hop-self

res

Paul

Please don't forget to rate any posts that have been helpful.

Thanks.

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

View solution in original post

John Blakley · ‎01-23-2014

Amr,

I loaded up your gns topology this morning, and you actually had a couple of things going on so I'll break them down. Along with what I stated last night, you should have added the network statement to R5 and on R4 the next-hop-self statement for R1.

Paul stated correctly that you needed to redistribute ospf into bgp. After redistributing ospf on R4, R5 knows how to get to R1 via R4's loopback, and it does a recursive lookup to get to 4.4.4.4 it will go to R2 or R3 which is where the traffic is dropped. Being that R4 has a connected route, it doesn't redistribute that route into bgp, so advertising the network into ospf via the network command or redistribute connected would resolve the issue. You can do a one way redistribution from ospf into bgp and it would still work fine.

HTH,
John

*** Please rate all useful posts ***

HTH, John *** Please rate all useful posts ***

View solution in original post

John Blakley · ‎01-24-2014

"i need to understand why i must provide BGP with another routing protocol like OSPF or EIGRP to complete routing"

Well, you don't. You can have just BGP in your environment and it will work fine, or you can run an IGP like ospf or eigrp all over the place and it will work fine as well. The primary difference is that BGP was designed to be able to hold hundreds of thousands of routes if you have enough memory to hold a full routing table. An igp on the other hand was designed to route internal subnets, so you wouldn't, in general, have hundreds of thousands of routes. An IGP can't handle the same amount of routes that bgp can.

"i need to know when i must use cmd # Network at BGP & cmd # Neighbour"

Network command under bgp allows for you to advertise the specific network. The network needs to be in the routing table in order to advertise though, and bgp needs an exact match. 10.10.10.10/32 is not the same as 10.10.10.0/24 under bgp. BGP would need "network 10.10.10.10 mask 255.255.255.255" in order to advertise the 10.10.10.10/32 address. The neighbor command tells bgp who to connect to to share those addresses with by peering up with them. BGP works on a unicast address and has a direct connection to another peer. By default bgp has a ttl of 1, which means that it has to be a directly connected peer. You can disable that check though if you're peering with someone on the other side of a next hop or a loopback address.

"why we have used cmd # Network at R5 only and didn't use it at any other router "

R5 was running BGP, but wasn't advertising anything. Technically, I'd have to lab this up again when I get back home to test it, but you probably didn't need it after all and here's why. R5 was connected directly to R4 10.1.45.0, so R4 knew how to get to R5 and vice versa. The problem is that R1 thought to get to 10.1.45.0, it needed to go to 4.4.4.4. 4.4.4.4 went to R2 or R3, but R2 or R3 didn't know about 10.1.45.0 and dropped the packet. So, in reality, you could have kept your peering with R1 --> R4 --> R5 and only advertise the 10.1.45.0 in ospf on R4. You would still have to redistribute into BGP so R5 would know how to get to your other subnets unless you wanted to advertise a default route to R5 from R4.

HTH,
John

*** Please rate all useful posts ***

HTH, John *** Please rate all useful posts ***

View solution in original post

John Blakley · ‎01-22-2014

It would be easier if you posted your configs and a screenshot of your topology. Can you post those?

HTH,
John

*** Please rate all useful posts ***

HTH, John *** Please rate all useful posts ***

Amr Ali · ‎01-22-2014

Dear John ,

Here your Request

---------------

R5

#sh

R5#show run

R5#show running-config

Building configuration...

Current configuration : 1180 bytes

!

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname R5

!

boot-start-marker

boot-end-marker

!

no aaa new-model

memory-size iomem 5

no ip icmp rate-limit unreachable

ip cef

ip tcp synwait-time 5

!

no ip domain lookup

!

interface FastEthernet0/0

no ip address

shutdown

duplex auto

speed auto

!

interface FastEthernet0/1

no ip address

shutdown

duplex auto

speed auto

!

interface Serial1/0

ip address 10.1.45.2 255.255.255.252

serial restart-delay 0

!

interface Serial1/1

no ip address

shutdown

serial restart-delay 0

!

interface Serial1/2

no ip address

shutdown

serial restart-delay 0

!

interface Serial1/3

no ip address

shutdown

serial restart-delay 0

!

router bgp 6500

no synchronization

bgp log-neighbor-changes

neighbor 10.1.45.1 remote-as 5500

no auto-summary

!

no ip http server

no ip http secure-server

!

control-plane

!

line con 0

exec-timeout 0 0

privilege level 15

logging synchronous

line aux 0

exec-timeout 0 0

privilege level 15

logging synchronous

line vty 0 4

login

!

end

--------------------

R4

!

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname R4

!

boot-start-marker

boot-end-marker

!

enable password amr

!

no aaa new-model

memory-size iomem 5

no ip icmp rate-limit unreachable

ip cef

ip tcp synwait-time 5

!

no ip domain lookup

!

interface Loopback4

ip address 4.4.4.4 255.255.255.255

!

interface FastEthernet0/0

no ip address

shutdown

duplex auto

speed auto

!

interface FastEthernet0/1

no ip address

shutdown

duplex auto

speed auto

!

interface Serial1/0

ip address 10.1.45.1 255.255.255.252

serial restart-delay 0

!

interface Serial1/1

ip address 10.1.24.2 255.255.255.252

serial restart-delay 0

!

interface Serial1/2

ip address 10.1.34.2 255.255.255.252

serial restart-delay 0

!

interface Serial1/3

no ip address

shutdown

serial restart-delay 0

!

router ospf 1

log-adjacency-changes

network 4.4.4.4 0.0.0.0 area 0

network 10.1.24.0 0.0.0.3 area 0

network 10.1.34.0 0.0.0.3 area 0

!

router bgp 5500

no synchronization

bgp log-neighbor-changes

neighbor 1.1.1.1 remote-as 5500

neighbor 1.1.1.1 update-source Loopback4

neighbor 10.1.45.2 remote-as 6500

no auto-summary

!

no ip http server

no ip http secure-server

!

control-plane

!

line con 0

exec-timeout 0 0

privilege level 15

logging synchronous

line aux 0

exec-timeout 0 0

privilege level 15

logging synchronous

line vty 0 4

password amr

login

!

end

----------------

R3

!

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname R3

!

boot-start-marker

boot-end-marker

!

enable password amr

!

no aaa new-model

memory-size iomem 5

no ip icmp rate-limit unreachable

ip cef

ip tcp synwait-time 5

!

no ip domain lookup

!

interface FastEthernet0/0

no ip address

shutdown

duplex auto

speed auto

!

interface FastEthernet0/1

no ip address

shutdown

duplex auto

speed auto

!

interface Serial1/0

ip address 10.1.13.2 255.255.255.252

serial restart-delay 0

!

interface Serial1/1

ip address 10.1.34.1 255.255.255.252

serial restart-delay 0

!

interface Serial1/2

no ip address

shutdown

serial restart-delay 0

!

interface Serial1/3

no ip address

shutdown

serial restart-delay 0

!

router ospf 1

log-adjacency-changes

network 10.1.13.0 0.0.0.3 area 0

network 10.1.34.0 0.0.0.3 area 0

!

no ip http server

no ip http secure-server

!

control-plane

!

line con 0

exec-timeout 0 0

privilege level 15

logging synchronous

line aux 0

exec-timeout 0 0

privilege level 15

logging synchronous

line vty 0 4

password amr

login

!

end

----------

R2

!

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname R2

!

boot-start-marker

boot-end-marker

!

enable password amr

!

no aaa new-model

memory-size iomem 5

no ip icmp rate-limit unreachable

ip cef

ip tcp synwait-time 5

!

no ip domain lookup

!

interface FastEthernet0/0

no ip address

shutdown

duplex auto

speed auto

!

interface FastEthernet0/1

no ip address

shutdown

duplex auto

speed auto

!

interface Serial1/0

ip address 10.1.24.1 255.255.255.252

serial restart-delay 0

!

interface Serial1/1

ip address 10.1.12.2 255.255.255.252

serial restart-delay 0

!

interface Serial1/2

no ip address

shutdown

serial restart-delay 0

!

interface Serial1/3

no ip address

shutdown

serial restart-delay 0

!

router ospf 1

log-adjacency-changes

network 10.1.12.0 0.0.0.3 area 0

network 10.1.24.0 0.0.0.3 area 0

!

no ip http server

no ip http secure-server

!

control-plane

!

line con 0

exec-timeout 0 0

privilege level 15

logging synchronous

line aux 0

exec-timeout 0 0

privilege level 15

logging synchronous

line vty 0 4

password amr

login

!

end

---------

R1

!

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname R1

!

boot-start-marker

boot-end-marker

!

enable password amr

!

no aaa new-model

memory-size iomem 5

no ip icmp rate-limit unreachable

ip cef

ip tcp synwait-time 5

!

no ip domain lookup

!

interface Loopback1

ip address 1.1.1.1 255.255.255.255

!

interface FastEthernet0/0

no ip address

shutdown

duplex auto

speed auto

!

interface FastEthernet0/1

no ip address

shutdown

duplex auto

speed auto

!

interface Serial1/0

ip address 10.1.12.1 255.255.255.252

serial restart-delay 0

!

interface Serial1/1

ip address 10.1.13.1 255.255.255.252

serial restart-delay 0

!

interface Serial1/2

no ip address

shutdown

serial restart-delay 0

!

interface Serial1/3

no ip address

shutdown

serial restart-delay 0

!

router ospf 1

log-adjacency-changes

network 1.1.1.1 0.0.0.0 area 0

network 10.1.12.0 0.0.0.3 area 0

network 10.1.13.0 0.0.0.3 area 0

!

router bgp 5500

no synchronization

bgp log-neighbor-changes

neighbor 4.4.4.4 remote-as 5500

neighbor 4.4.4.4 update-source Loopback1

no auto-summary

!

no ip http server

no ip http secure-server

!

control-plane

!

line con 0

exec-timeout 0 0

privilege level 15

logging synchronous

line aux 0

exec-timeout 0 0

privilege level 15

logging synchronous

line vty 0 4

password amr

login

!

end

-----------

John Blakley · ‎01-22-2014

Can you post "show ip bgp" from R5 and R1?

HTH,
John

*** Please rate all useful posts ***

HTH, John *** Please rate all useful posts ***

John Blakley · ‎01-22-2014

Actually, on R5 you're not advertising any networks for R1 to get back to. You'll need to advertise the serial interface to R4:

R5:

router bgp 6500

network 10.1.45.0 mask 255.255.255.252

I see a logical peering from R1 - R4 with ibgp and from R4 - R5 with ebgp. For iBGP connections, the ibgp router doesn't modify the next hop. If R1 doesn't have a route to the advertising router on the other side of the ibgp neighbor, it won't be able to get to it. On R4, you would need to change your peering to R1 like:

R4:

router bgp 5500

neighbor 1.1.1.1 next-hop-self

Okay, it's late here, so I may have confused you even more...apologies if I did.

HTH,
John

*** Please rate all useful posts ***

HTH, John *** Please rate all useful posts ***

Amr Ali · ‎01-22-2014

Dear John ,

Sorry for inconvenience but i have tried your cmds

R5:

router bgp 6500

network 10.1.45.0 mask 255.255.255.252

R4:

router bgp 5500

neighbor 1.1.1.1 next-hop-self

R1:

router bgp 5500

neighbor 4.4.4.4 next-hop-self

but still can't ping so what's the issue here

Amr Ali · ‎01-22-2014

hello all ,

Can any one help

Cheers

fadyawad1 · ‎01-22-2014

kindly post the sh ip bgp summ from R5 and R1

thanks,

Fady

Amr Ali · ‎01-22-2014

Dear Fady,

@ R5

R5#show ip bgp summary

BGP router identifier 10.1.45.2, local AS number 6500

BGP table version is 1, main routing table version 1

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd

10.1.45.1 4 5500 4 4 1 0 0 00:01:12 0

@R4

R4#show ip bgp su

R4#show ip bgp summary

BGP router identifier 4.4.4.4, local AS number 5500

BGP table version is 1, main routing table version 1

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd

1.1.1.1 4 5500 5 5 1 0 0 00:02:11 0

10.1.45.2 4 6500 5 5 1 0 0 00:02:06 0

R4#

@R1

R1#sh ip bg su

R1#sh ip bg summary

BGP router identifier 1.1.1.1, local AS number 5500

BGP table version is 1, main routing table version 1

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd

4.4.4.4 4 5500 11 11 1 0 0 00:08:45 0

R1#

the bgp neighbourship is running well , but no network advertised as i didn't use cmd #network at all , i need someone can correct my configuration which i have posted to see where is the error

Best Regards

Dinesh Kumar Mariappan · ‎01-23-2014

use redistribute ospf 1 under bgp 5500

Router bgp 5500

resdistibute ospf 1

paul driver · ‎01-23-2014

Hello

Try this:

R4

##

router ospf 1

network 10.1.45.1 0.0.0.0 area 0

redistribute bgp 5500 subnets

router bgp 5500

redistribute ospf 1 match internal external 1 external 2

neighbor 1.1.1.1 next hop-self

res

Paul

Please don't forget to rate any posts that have been helpful.

Thanks.

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

John Blakley · ‎01-23-2014

Amr,

I loaded up your gns topology this morning, and you actually had a couple of things going on so I'll break them down. Along with what I stated last night, you should have added the network statement to R5 and on R4 the next-hop-self statement for R1.

Paul stated correctly that you needed to redistribute ospf into bgp. After redistributing ospf on R4, R5 knows how to get to R1 via R4's loopback, and it does a recursive lookup to get to 4.4.4.4 it will go to R2 or R3 which is where the traffic is dropped. Being that R4 has a connected route, it doesn't redistribute that route into bgp, so advertising the network into ospf via the network command or redistribute connected would resolve the issue. You can do a one way redistribution from ospf into bgp and it would still work fine.

HTH,
John

*** Please rate all useful posts ***

HTH, John *** Please rate all useful posts ***

paul driver · ‎01-23-2014

Hello John

If router 5 advertised anything else other than it connect subnet into bgp then R1 would not able reach it as the opsf core routers would not know how to reach the prefixes, hence my suggested mutual redistribution with bgp in ospf also?

res

Paul

Please don't forget to rate any posts that have been helpful.

Thanks.

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

John Blakley · ‎01-23-2014

Paul,

That would be correct, but the original post only requested to be able to ping R5 from R1. You're correct that if there were other networks involved on R5, redistribution would be necessary, but in this case the only thing that needs to be done is for R4 to advertise its connected network so R3 knows how to get to it. Right now, R1 is sending traffic destined to R5 via the loopback for R4 (4.4.4.4). R1 has to do a recursive lookup and send it to R2 or R3, but then R2 or R3 drop the traffic because they didn't know about 10.45.1.0/30. In this case, redistributing bgp wouldn't help because R4 sees that has a connected route and has a rib failure for bgp because it's connected route is better than what R5 is advertising. Because of the rib failure, R4 has to advertise the subnet that connects to R5, like you suggested originally or by redistributing connected routes. The problem with redistributing the connected route would be that now ospf would have a type-5 lsa that really doesn't need to be.

HTH,
John

*** Please rate all useful posts ***

HTH, John *** Please rate all useful posts ***

Amr Ali · ‎01-24-2014

Dear Paul & John

I am very Thankful for your help & efforts , it's now working very well , but now i need to understand these cmds

# redistribute bgp 5500 subnets

# redistribute ospf 1 match internal external 1 external 2

also i need to know what is the meaning of " match internal external 1 external 2 " plus i need to understand why i must provide BGP with another routing protocol like OSPF or EIGRP to complete routing & i need to know when i must use cmd # Network at BGP & cmd # Neighbour & the difference bet. them & why we have used cmd # Network at R5 only and didn't use it at any other router

Thanks for your time & Help

Regards - amr