Solved: Received BGP routes not being inserted into RIB

tmikelson · ‎09-24-2014

Neighbor_2 is an ASA 5585. It has an established internal BGP session with Neighbor_1, a 4900M. The ASA receives 14394 prefixes from the 4900M but none make it into the RIB. 1)"sh bgp rib-failure" has no output 2)"sh route" just displays the two connected and local routes 3)"sh bgp" displays all 14394 prefixes Attached is a diagram and output from the various show commands.

Akash Agrawal · ‎09-24-2014

Hi,

Dont have much idea on firewall but sharing observation after having first look

On node "neighbor_2" interface ip address is 192.168.0.1 and bgp peer address is 192.168.0.2 but somehow i am seeing router-id also set as 192.168.0.2, which should be router-id of bgp peer. Please if this is causing issue.

NEIGHBOR_2/pri/act# sh bgp

BGP table version is 7, local router ID is 192.168.0.2

NEIGHBOR_2/pri/act# sh bgp sum
BGP router identifier 192.168.0.1, local AS number 20

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
192.168.0.2 4 20 20998 152 5 0 0 02:43:29 14394

Also please share output of command "show ip bgp <prefix>" . Any prefix would be ok

--Pls dont forget to rate helpful posts--

Regards,

Akash

View solution in original post

Akash Agrawal · ‎09-24-2014

Hi,

Dont have much idea on firewall but sharing observation after having first look

On node "neighbor_2" interface ip address is 192.168.0.1 and bgp peer address is 192.168.0.2 but somehow i am seeing router-id also set as 192.168.0.2, which should be router-id of bgp peer. Please if this is causing issue.

NEIGHBOR_2/pri/act# sh bgp

BGP table version is 7, local router ID is 192.168.0.2

NEIGHBOR_2/pri/act# sh bgp sum
BGP router identifier 192.168.0.1, local AS number 20

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
192.168.0.2 4 20 20998 152 5 0 0 02:43:29 14394

Also please share output of command "show ip bgp <prefix>" . Any prefix would be ok

--Pls dont forget to rate helpful posts--

Regards,

Akash

tmikelson · ‎09-25-2014

Akash,

That was a typo, it has been corrected. Here is the output from "show ip bgp 1.2.4.0/24"

itdsrvfwl04/pri/act# sh bgp 1.2.4.0/24
BGP routing table entry for 1.2.4.0/24, version 0
Paths: (1 available, no best path)
Not advertised to any peer
AS_1 AS_2 AS_3 AS_4 AS_5 AS_6 AS_7 AS_7 AS_8
172.12.0.1 from 192.168.0.1 (192.168.0.1)
Origin IGP, metric 20, localpref 200, valid, internal, not synchronized

Akash Agrawal · ‎09-25-2014

Hi,

Two things you can check

1. Next-hop (172.12.0.1) should be there in routing table through IGP/static/connected.

2. "no synchronization" should be enabled. In recent ios it is enabled by default but in the provided output i am seeing message "not synchronized"

itdsrvfwl04/pri/act# sh bgp 1.2.4.0/24
BGP routing table entry for 1.2.4.0/24, version 0
Paths: (1 available, no best path)
Not advertised to any peer
AS_1 AS_2 AS_3 AS_4 AS_5 AS_6 AS_7 AS_7 AS_8
172.12.0.1 from 192.168.0.1 (192.168.0.1)
Origin IGP, metric 20, localpref 200, valid, internal, not synchronized

Q. What is synchronization, and how does it influence BGP routes installed in the IP routing table?

A. If your AS passes traffic from another AS to a third AS, BGP should not advertise a route before all routers in your AS learn about the route via IGP. BGP waits until IGP propagates the route within the AS and then advertises it to external peers. A BGP router with synchronization enabled does not install iBGP learned routes into its routing table if it is not able to validate those routes in its IGP. Issue the no synchronization command under router bgp in order to disable synchronization. This prevents BGP from validating iBGP routes in IGP. Refer to BGP Case Studies: Synchronization for a more detailed explanation.

Regards,

akash

tmikelson · ‎09-25-2014

Akash,

I needed to change the specific host route "route OUTSIDE 172.12.0.1 255.255.255.255 192.168.0.2" to a static route to the network "route OUTSIDE 172.12.0.0 255.255.255.252 192.168.0.2". Not sure why it did not work with a route to the specific host address but now the RIB is populated with all the iBGP routes.

I also added the "no synchronization" command.