cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1049
Views
2
Helpful
15
Replies

iBGP has external routes in routing table but no ping, Any suggest

Kulwinder-sk
Level 1
Level 1

Hello There,

I am unable to ping 31.225.16.1 loopback of internet router as it is advertising in bgp from r30 as it is connected with r29 with ebgp and r29 and r39 back to back connected along with ibgp.

 Please see my configs.

r29 and r30 > ibgp

r29 connected to internet with asn2000 ebgp 

hostname R-29
interface Loopback0
ip address 10.2.255.29 255.255.255.255
ip ospf 1 area 0
!
interface GigabitEthernet1
ip address 10.2.90.1 255.255.255.252
ip ospf 1 area 0
negotiation auto
no keepalive
!
interface GigabitEthernet4
ip address 31.225.23.2 255.255.255.252
negotiation auto
!
router ospf 1
router-id 10.2.255.29
prefix-suppression
!
router bgp 65002
bgp router-id 10.2.255.29
bgp log-neighbor-changes
no bgp default ipv4-unicast
neighbor 10.2.255.30 remote-as 65002
neighbor 10.2.255.30 update-source Loopback0
neighbor 31.225.23.1 remote-as 2000
!
address-family ipv4
neighbor 10.2.255.30 activate
neighbor 10.2.255.30 next-hop-self
neighbor 31.225.23.1 activate
exit-address-family

hostname R-30

interface Loopback0
ip address 10.2.255.30 255.255.255.255
ip ospf 1 area 0
!
interface GigabitEthernet1
ip address 10.2.90.2 255.255.255.252
ip ospf 1 area 0
negotiation auto
no keepalive
!
router ospf 1
router-id 10.2.255.30
prefix-suppression
!
router bgp 65002
bgp router-id 10.2.255.30
bgp log-neighbor-changes
no bgp default ipv4-unicast
neighbor 10.2.255.29 remote-as 65002
neighbor 10.2.255.29 update-source Loopback0
neighbor 100.255.190.1 remote-as 1000
!
address-family ipv4
neighbor 10.2.255.29 activate
neighbor 10.2.255.29 next-hop-self
neighbor 100.255.190.1 activate
exit-address-family

hostname internet

interface Loopback0
ip address 31.225.16.1 255.255.255.255

!

interface GigabitEthernet0/3
ip address 31.225.23.1 255.255.255.252
duplex auto
speed auto
media-type rj45
!
router bgp 2000
bgp router-id 31.225.16.1
bgp log-neighbor-changes
neighbor 31.225.23.2 remote-as 65002
!
address-family ipv4
network 31.225.16.1 mask 255.255.255.255
redistribute connected
neighbor 31.225.23.2 activate
exit-address-family

 

1 Accepted Solution

Accepted Solutions

*>i 31.225.16.1/32 10.2.255.29 0 100 0 2000 i 
*>i 31.225.23.0/30 10.2.255.29 0 100 0 2000 ?
r> 100.255.190.0/30 100.255.190.1 0 0 1000 ? 
*> 100.255.190.4/30 100.255.190.1 0 1000 ?

NOW the ping to 31.255.16.1 
source 10.2.255.29
destination  31.225.16.1/32

the 10.2.255.29 not learn reachable from destination router.

you can add LO in router then advertise it via BGP then ping use this LO.

MHM

View solution in original post

15 Replies 15

if I am correct use next-hop-self between ibgp peer 

MHM

Hi, 

Thanks for your advised but I used already next-hop-self between ibgp peers.

to know if this issue of next-hop-self (under bgp not under address-family) do
show ip bgp 
check the next-hop if it reachable via RIB 

MHM

as per your suggestion please see below "show ip bgp" and next-hop-self not allowing me to do under bgp, policy command not allowing without address family .

R-30#show ip bgp
BGP table version is 14, local router ID is 10.2.255.30
Network Next Hop Metric LocPrf Weight Path
*>i 31.225.16.1/32 10.2.255.29 0 100 0 2000 i
*>i 31.225.23.0/30 10.2.255.29 0 100 0 2000 ?
r> 100.255.190.0/30 100.255.190.1 0 0 1000 ?
*> 100.255.190.4/30 100.255.190.1 0 1000 ?
*> 100.255.190.12/30
Thanks

*>i 31.225.16.1/32 10.2.255.29 0 100 0 2000 i <<- if you ping this prefix then use source with ping command, the source must be reachable by destination to reply back to ping
*>i 31.225.23.0/30 10.2.255.29 0 100 0 2000 ?
r> 100.255.190.0/30 100.255.190.1 0 0 1000 ? <<- r meaning that this prefix is failed to add to RIB, RIB have best path to this prefix via other IGP or static route
*> 100.255.190.4/30 100.255.190.1 0 1000 ?

I really appreciate your prompt response,

i have tried to ping via source but couldn't reach, i have placed routing table also and some ping . and that rib failure is not serious concern but thanks for your suggestion on that. any other suggestions most welcome, 

R-30#ping 31.225.16.1 source lo0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 31.225.16.1, timeout is 2 seconds:
Packet sent with a source address of 10.2.255.30
.....
Success rate is 0 percent (0/5)

R-30#ping 31.225.16.1 source gigabitEthernet 1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 31.225.16.1, timeout is 2 seconds:
Packet sent with a source address of 10.2.90.2
....
Success rate is 0 percent (0/4)

R-30#ping 10.2.255.29
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.2.255.29, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms

R-30#show ip route bgp

Gateway of last resort is not set

31.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
B 31.225.16.1/32 [200/0] via 10.2.255.29, 02:02:51
B 31.225.23.0/30 [200/0] via 10.2.255.29, 02:02:51
100.0.0.0/8 is variably subnetted, 4 subnets, 2 masks
B 100.255.190.4/30 [20/0] via 100.255.190.1, 02:07:41
B 100.255.190.12/30 [20/0] via 100.255.190.1, 02:07:41
R-30#

B 31.225.16.1/32 [200/0] via 10.2.255.29, 02:02:51 <<- this /32 is VPN client ?
if Yes then 
1- do traceroute to 31.225.16.1 to check routing issue 

2- check if there is any ACL drop the ping to client 

MHM

no ACL, no VPN, 31.225.16.1 is loopback of internet router

nothing is there simply ebgp neighborship.

show ip route 10.2.255.29 longest <<- share this 

I attached toplogy snapshot also for understanding.

 

R-30#show ip route 10.2.255.29
Routing entry for 10.2.255.29/32
Known via "ospf 1", distance 110, metric 2, type intra area
Last update from 10.2.90.1 on GigabitEthernet1, 01:28:45 ago
Routing Descriptor Blocks:
* 10.2.90.1, from 10.2.255.29, 01:28:45 ago, via GigabitEthernet1
Route metric is 2, traffic share count is 1

*>i 31.225.16.1/32 10.2.255.29 0 100 0 2000 i 
*>i 31.225.23.0/30 10.2.255.29 0 100 0 2000 ?
r> 100.255.190.0/30 100.255.190.1 0 0 1000 ? 
*> 100.255.190.4/30 100.255.190.1 0 1000 ?

NOW the ping to 31.255.16.1 
source 10.2.255.29
destination  31.225.16.1/32

the 10.2.255.29 not learn reachable from destination router.

you can add LO in router then advertise it via BGP then ping use this LO.

MHM

yes brother, its pinging now, i didn't advertise lo0 in IBGP and that lo0 was only in OSPF  so that was the reason destination don't know the r30's loopbck. now i adervsite loopbcks also in ibgp its working but now rib failure 

R-30#ping 31.225.16.1 source lo0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 31.225.16.1, timeout is 2 seconds:
Packet sent with a source address of 10.2.255.30
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 2/2/4 ms
R-30#show ip bgp rib-failure
Network Next Hop RIB-failure RIB-NH Matches
10.2.255.29/32 10.2.255.29 Higher admin distance n/a
R-30#

You are so so welcome 

Have a nice day 

MHM

Hello @Kulwinder-sk ,

the RIB failure is not a real issue it just means that an OSPF route with a lower AD is present for the same prefix

Hope to help

Giuseppe

 

Review Cisco Networking for a $25 gift card