hi All,

Sorry if my post was not clear. The cisco documentation is quite clear where it says that the next-hop-unchanged command will not change the bgp next-hop for the routes that are being advertised to the ebgp peers. However, the IOS code is not behaving that way. If you guys have access to the IOSXE software version ( Version 17.03.04a ), you would notice that the behavior has been changed to following - 

next-hop-unchanged  Propagate next hop unchanged for iBGP paths to this neighbor ( i have now included an image which shows the CLI output ).

When i tested the feature on IOSXE, i could very well see that the the next hop of the routes that are being advertised to ebgp peer changes even when i use the command next-hop-unchanged.

eg - If i have three routers all in different AS as shown below -

R1 - AS1

R2 - AS2

R3 - AS3

and the connection between them is as follows - 

R1 ---- R2 --- R3 

The R2 router is changing the next hop to itself when it advertises routes learnt from R3 to R1 and vice versa. This is seen even when i use the command next-hop-unchanged.

This feature ( next-hop-unchanged )seem to be broken in IOSXE as the code is not following what the general cisco documentation says. If you notice in the attached pic, you will see a change in description for next-hop-self too. I think these two commands ( next-hop-self and next-hop-unchanged ) are broken in the code ( bug ) that needs to be fixed.

R1 ---- R2 --- R3

R1 is AS1
R3 is AS2 
So R1 is multi hop to R3
next hop unchanged <- work only with multi hop.

now how we check this 
connect to R1 another Router R4 
config Static route in R1 toward R4 <- here the next-hop for static route will be R4
use next-hop unchanged 
see the result in R3 
this how I understand this command.


for iBGP this command by default there and if I am right using NO making iBGP behave same as eBGP.

hi MHM, 

thanks for your reply. 

I can confirm that the feature ( next-hop-unchanged ) is not working on IOSXE.

R3 is configured to advertise one of the loopback ip towards R2 via ebgp session. R2 is configured to advertise the routes it learnt from R3 towards R1 via ebgp session using next-hop-unchanged in vpnv4 address family. However, R2 still uses its ip as the next hop ( rather than preserving the next hop advertised by R3. )

This scenario ( requirement of preserving next-hop ) is commonly seen in Inter AS Option C setup between RRs of two different AS.

The other place where you would see this use case would be in DC setup with eBGP being run as IGP.

may be you are right, but still one point, 
next-hop unchanged with multi hop, 
can you add Rx between R2 and R1 and config eBGP multi hop and then check next-hop unchanged.

yes, it does not work.  The actual topology is what you are expecting. The setup has two more AS in between 

R1 in AS1 --- Router A in AS A --- Router B in AS B ---- R2 in AS2 ----- Router C in AS C ------ Router D in AS D ---- R3 in AS3

All routers are in their own AS. Each one is forming ebgp session with its adjacent neighbour

R1 --- R2 -- R3 are forming ebgp session on top of the above defined sessions. R1 -- R2 --- R3 are overlay ebgp sessions.

To get this working, i definately need ebgp multihop on all the routers. To make R2 reflect the routes between R1 and R3, i need the next-hop-unchanged command on R2.

I this setup, R2 is acting like a RR. but since RR does not work for ebgp, the next-hop-unchanged command is needed.

you use two BGP 
one overly and other underlay ??
NO use any IGP as underlay and use BGP only as overlay.

Hi @shreerampardhy ,

The "next-hop-unchanged" feature is normally used for InterAS VPNv4/VPNv6. What address family are you configuring between R1, R2 and R3?

Regards,

hi Harold,

Its VPNV4 address family between R1, R2 and R3. If you check the CLI help for the command the IOSXE has changed it from the standard cisco  documentation. 

=========================================

Documentation says  following ( which seem to be pointing that the nexthop will remain unchanged for ebgp )- 

To enable an external BGP (eBGP) peer that is configured as multihop to propagate the next hop unchanged

However, the actual CLI help shows - 

next-hop-unchanged -  Propagate next hop unchanged for iBGP paths to this neighbor

==============================

Hi @shreerampardhy ,

The "next-hop-unchanged" feature works for InterAS scenarios, where prefixes are received from iBGP and sent via eBGP to the other AS. eBGP received prefixes will have their next hop changed despite the "next-hop-unchanged" being applied. It will not work in your scenario, as R2 receives prefixes via eBGP and send them via eBGP.

This is exactly what the following line from the "show bgp vpnv4 uni all nei x.x.x.x" states:

NEXT_HOP of the iBGP path propagated unchanged to this neighbor

Regards,

Many thanks for the update Harold. I will have a look at this again. Interesting to see how IOSXR, IOSXR differ in their behavior. 

I had tried with IOSXE and IOSXR. The feature worked for XR and not for IOSXE. Anyways, i will give it a try again and see how it goes.

hi Harold,

I have tried it again on IOSXE and IOSXR both. 

IOXR works as expected without any issues. With all three routers in different AS as shown below, R3 was able to reflect routes with next-hop-unchanged

R1 -- R3 --- R2

Following was the configuration done on R3 - 

router bgp 3
bgp router-id 1.1.1.3
address-family vpnv4 unicast
retain route-target all
!

neighbor-group RR_CLIENTS
ebgp-multihop 255
update-source Loopback0
address-family vpnv4 unicast
route-policy BGP_IN in
route-policy BGP_OUT out
next-hop-unchanged
!

neighbor 1.1.1.1
remote-as 1
use neighbor-group RR_CLIENTS
!
neighbor 1.1.1.2
remote-as 2
use neighbor-group RR_CLIENTS
!
!

================================

RP/0/RP0/CPU0:XR3#show bgp vpnv4 unicast
Fri May 6 01:31:10.360 UTC
BGP router identifier 1.1.1.3, local AS number 3
BGP generic scan interval 60 secs
Non-stop routing is enabled
BGP table state: Active
Table ID: 0x0 RD version: 0
BGP main routing table version 3
BGP NSR Initial initsync version 3 (Reached)
BGP NSR/ISSU Sync-Group versions 0/0
BGP scan interval 60 secs

Status codes: s suppressed, d damped, h history, * valid, > best
i - internal, r RIB-failure, S stale, N Nexthop-discard
Origin codes: i - IGP, e - EGP, ? - incomplete
Network                      Next Hop           Metric   LocPrf      Weight   Path
Route Distinguisher: 1:1
*> 11.11.11.11/32         1.1.1.1              0                              0            1 i
*> 12.12.12.12/32         1.1.1.2              0                              0            2 i

Processed 2 prefixes, 2 paths
RP/0/RP0/CPU0:XR3#

On R1, 

RP/0/RP0/CPU0:XR1#show bgp vpnv4 unicast
Fri May 6 01:34:18.118 UTC
BGP router identifier 1.1.1.1, local AS number 1
BGP generic scan interval 60 secs
Non-stop routing is enabled
BGP table state: Active
Table ID: 0x0 RD version: 0
BGP main routing table version 7
BGP NSR Initial initsync version 4 (Reached)
BGP NSR/ISSU Sync-Group versions 0/0
BGP scan interval 60 secs

Status codes: s suppressed, d damped, h history, * valid, > best
i - internal, r RIB-failure, S stale, N Nexthop-discard
Origin codes: i - IGP, e - EGP, ? - incomplete
Network                      Next Hop               Metric LocPrf Weight Path
Route Distinguisher: 1:1 (default for vrf ONE)
*> 11.11.11.11/32       0.0.0.0                       0                32768  i
* 12.12.12.12/32          1.1.1.2                      0                           3 2 i

Processed 2 prefixes, 2 paths
RP/0/RP0/CPU0:XR1#

As seen here, the next-hop for the route 12.12.12.12 is seen as 1.1.1.2 which is the loopback ip on R2. R3 was able to preserve the next-hop for the reflected route. I can try that for Nexus too to see what it does. But i feel that there is a gap here between what IOSXE has been coded with and what is expected out of this command.