05-03-2022 04:22 AM
hi,
Does anyone know when was the following command's meaning changed in IOSXE -
next-hop-unchanged
Documentation says following ( which seem to be pointing that the nexthop will remain unchanged for ebgp )-
To enable an external BGP (eBGP) peer that is configured as multihop to propagate the next hop unchanged
However, the actual CLI shows -
next-hop-unchanged Propagate next hop unchanged for iBGP paths to this neighbor
Issue seen in -
Cisco IOS XE Software, Version 17.03.04a
Cisco IOS Software [Amsterdam], Virtual XE Software (X86_64_LINUX_IOSD-UNIVERSALK9-M), Version 17.3.4a, RELEASE SOFTWARE (fc3)
Similar outputs from IOSXR CLI (Cisco IOS XR Software, Version 7.4.1) seem to indicate that the command is for the ebgp peers-
next-hop-unchanged - Do not overwrite next hop before advertising to eBGP peers
05-03-2022 04:44 AM - edited 05-03-2022 04:44 AM
After read this doc. can you more elaborate why you are confuse ??
05-03-2022 04:49 AM - edited 05-03-2022 04:53 AM
In an external BGP (eBGP) session, by default, the router changes the next hop attribute of a BGP route (to its own address) when the router sends out a route.
The BGP Next Hop Unchanged feature allows BGP to send an update to an eBGP multihop peer with the next hop attribute unchanged.
It can be used only between eBGP peers configured as multihop.
It can be used in a variety of scenarios between two autonomous systems.
One scenario is when multiple autonomous systems are connected that share the same IGP, or at least the routers have another way to reach each other’s next hops (which is why the next hop can remain unchanged).
05-03-2022 05:53 PM
hi All,
Sorry if my post was not clear. The cisco documentation is quite clear where it says that the next-hop-unchanged command will not change the bgp next-hop for the routes that are being advertised to the ebgp peers. However, the IOS code is not behaving that way. If you guys have access to the IOSXE software version ( Version 17.03.04a ), you would notice that the behavior has been changed to following -
next-hop-unchanged Propagate next hop unchanged for iBGP paths to this neighbor ( i have now included an image which shows the CLI output ).
When i tested the feature on IOSXE, i could very well see that the the next hop of the routes that are being advertised to ebgp peer changes even when i use the command next-hop-unchanged.
eg - If i have three routers all in different AS as shown below -
R1 - AS1
R2 - AS2
R3 - AS3
and the connection between them is as follows -
R1 ---- R2 --- R3
The R2 router is changing the next hop to itself when it advertises routes learnt from R3 to R1 and vice versa. This is seen even when i use the command next-hop-unchanged.
This feature ( next-hop-unchanged )seem to be broken in IOSXE as the code is not following what the general cisco documentation says. If you notice in the attached pic, you will see a change in description for next-hop-self too. I think these two commands ( next-hop-self and next-hop-unchanged ) are broken in the code ( bug ) that needs to be fixed.
05-03-2022 06:31 PM
R1 ---- R2 --- R3
R1 is AS1
R3 is AS2
So R1 is multi hop to R3
next hop unchanged <- work only with multi hop.
now how we check this
connect to R1 another Router R4
config Static route in R1 toward R4 <- here the next-hop for static route will be R4
use next-hop unchanged
see the result in R3
this how I understand this command.
for iBGP this command by default there and if I am right using NO making iBGP behave same as eBGP.
05-04-2022 01:25 AM
hi MHM,
thanks for your reply.
I can confirm that the feature ( next-hop-unchanged ) is not working on IOSXE.
R3 is configured to advertise one of the loopback ip towards R2 via ebgp session. R2 is configured to advertise the routes it learnt from R3 towards R1 via ebgp session using next-hop-unchanged in vpnv4 address family. However, R2 still uses its ip as the next hop ( rather than preserving the next hop advertised by R3. )
This scenario ( requirement of preserving next-hop ) is commonly seen in Inter AS Option C setup between RRs of two different AS.
The other place where you would see this use case would be in DC setup with eBGP being run as IGP.
05-04-2022 03:35 AM
may be you are right, but still one point,
next-hop unchanged with multi hop,
can you add Rx between R2 and R1 and config eBGP multi hop and then check next-hop unchanged.
05-04-2022 05:06 AM
yes, it does not work. The actual topology is what you are expecting. The setup has two more AS in between
R1 in AS1 --- Router A in AS A --- Router B in AS B ---- R2 in AS2 ----- Router C in AS C ------ Router D in AS D ---- R3 in AS3
All routers are in their own AS. Each one is forming ebgp session with its adjacent neighbour
R1 --- R2 -- R3 are forming ebgp session on top of the above defined sessions. R1 -- R2 --- R3 are overlay ebgp sessions.
To get this working, i definately need ebgp multihop on all the routers. To make R2 reflect the routes between R1 and R3, i need the next-hop-unchanged command on R2.
I this setup, R2 is acting like a RR. but since RR does not work for ebgp, the next-hop-unchanged command is needed.
05-04-2022 05:10 AM
you use two BGP
one overly and other underlay ??
NO use any IGP as underlay and use BGP only as overlay.
05-04-2022 08:20 AM
Hi @shreerampardhy ,
The "next-hop-unchanged" feature is normally used for InterAS VPNv4/VPNv6. What address family are you configuring between R1, R2 and R3?
Regards,
05-04-2022 02:32 PM
hi Harold,
Its VPNV4 address family between R1, R2 and R3. If you check the CLI help for the command the IOSXE has changed it from the standard cisco documentation.
=========================================
Documentation says following ( which seem to be pointing that the nexthop will remain unchanged for ebgp )-
To enable an external BGP (eBGP) peer that is configured as multihop to propagate the next hop unchanged
However, the actual CLI help shows -
next-hop-unchanged - Propagate next hop unchanged for iBGP paths to this neighbor
==============================
05-04-2022 06:25 PM - edited 05-04-2022 06:34 PM
Hi @shreerampardhy ,
The "next-hop-unchanged" feature works for InterAS scenarios, where prefixes are received from iBGP and sent via eBGP to the other AS. eBGP received prefixes will have their next hop changed despite the "next-hop-unchanged" being applied. It will not work in your scenario, as R2 receives prefixes via eBGP and send them via eBGP.
This is exactly what the following line from the "show bgp vpnv4 uni all nei x.x.x.x" states:
NEXT_HOP of the iBGP path propagated unchanged to this neighbor
Regards,
05-04-2022 09:48 PM
Many thanks for the update Harold. I will have a look at this again. Interesting to see how IOSXR, IOSXR differ in their behavior.
I had tried with IOSXE and IOSXR. The feature worked for XR and not for IOSXE. Anyways, i will give it a try again and see how it goes.
05-05-2022 06:55 PM
hi Harold,
I have tried it again on IOSXE and IOSXR both.
IOXR works as expected without any issues. With all three routers in different AS as shown below, R3 was able to reflect routes with next-hop-unchanged
R1 -- R3 --- R2
Following was the configuration done on R3 -
router bgp 3
bgp router-id 1.1.1.3
address-family vpnv4 unicast
retain route-target all
!
neighbor-group RR_CLIENTS
ebgp-multihop 255
update-source Loopback0
address-family vpnv4 unicast
route-policy BGP_IN in
route-policy BGP_OUT out
next-hop-unchanged
!
neighbor 1.1.1.1
remote-as 1
use neighbor-group RR_CLIENTS
!
neighbor 1.1.1.2
remote-as 2
use neighbor-group RR_CLIENTS
!
!
================================
RP/0/RP0/CPU0:XR3#show bgp vpnv4 unicast
Fri May 6 01:31:10.360 UTC
BGP router identifier 1.1.1.3, local AS number 3
BGP generic scan interval 60 secs
Non-stop routing is enabled
BGP table state: Active
Table ID: 0x0 RD version: 0
BGP main routing table version 3
BGP NSR Initial initsync version 3 (Reached)
BGP NSR/ISSU Sync-Group versions 0/0
BGP scan interval 60 secs
Status codes: s suppressed, d damped, h history, * valid, > best
i - internal, r RIB-failure, S stale, N Nexthop-discard
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 1:1
*> 11.11.11.11/32 1.1.1.1 0 0 1 i
*> 12.12.12.12/32 1.1.1.2 0 0 2 i
Processed 2 prefixes, 2 paths
RP/0/RP0/CPU0:XR3#
On R1,
RP/0/RP0/CPU0:XR1#show bgp vpnv4 unicast
Fri May 6 01:34:18.118 UTC
BGP router identifier 1.1.1.1, local AS number 1
BGP generic scan interval 60 secs
Non-stop routing is enabled
BGP table state: Active
Table ID: 0x0 RD version: 0
BGP main routing table version 7
BGP NSR Initial initsync version 4 (Reached)
BGP NSR/ISSU Sync-Group versions 0/0
BGP scan interval 60 secs
Status codes: s suppressed, d damped, h history, * valid, > best
i - internal, r RIB-failure, S stale, N Nexthop-discard
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 1:1 (default for vrf ONE)
*> 11.11.11.11/32 0.0.0.0 0 32768 i
* 12.12.12.12/32 1.1.1.2 0 3 2 i
Processed 2 prefixes, 2 paths
RP/0/RP0/CPU0:XR1#
As seen here, the next-hop for the route 12.12.12.12 is seen as 1.1.1.2 which is the loopback ip on R2. R3 was able to preserve the next-hop for the reflected route. I can try that for Nexus too to see what it does. But i feel that there is a gap here between what IOSXE has been coded with and what is expected out of this command.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide