Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1483
Views
0
Helpful
7
Replies

Redundant BGP not routing traffic via adjacent iBGP peer

Go to solution
geoffFx
Level 1
Level 1

‎05-16-2023 04:12 PM - last edited on ‎05-23-2023 03:36 PM by Community Manager

Hi All,

Am having an issue not being able to route traffic via adjacent iBGP peer even though the route is in the table.

Topology below;

topology.png

 The red line in the above lab topology is the issue. Green lines work perfectly. The keep the diagram clean I have not included the reverse in R2 & R1 same issue R2 cannot route to R4.

Also left out AS300 topology from configs until I can work out what I am doing wrong AS100-AS200 first.

Any kind assist would be very much appreciated.

Cheers

Configs;

R3:

interface Loopback1
ip address 1.1.1.1 255.255.255.255
!
interface GigabitEthernet2
ip address 10.0.53.73 255.255.255.252

router bgp 100
bgp router-id 10.0.53.73
bgp log-neighbor-changes
neighbor 10.0.53.74 remote-as 200
!
address-family ipv4
neighbor 10.0.53.74 activate
neighbor 10.0.53.74 default-originate
neighbor 10.0.53.74 soft-reconfiguration inbound
exit-address-family

R3#sh ip bgp sum
BGP router identifier 10.0.53.73, local AS number 100
BGP table version is 5, main routing table version 5
3 network entries using 744 bytes of memory
3 path entries using 408 bytes of memory
3/2 BGP path/bestpath attribute entries using 816 bytes of memory
1 BGP AS-PATH entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 1992 total bytes of memory
BGP activity 65/62 prefixes, 67/64 paths, scan interval 60 secs

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
10.0.53.74 4 200 97 96 5 0 0 01:22:49 2

R3#sh ip bgp
BGP table version is 5, local router ID is 10.0.53.73
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
t secondary path,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

Network Next Hop Metric LocPrf Weight Path
0.0.0.0 0.0.0.0 0 i
*> 33.34.14.0/24 10.0.53.74 0 0 200 i
*> 33.34.15.0/24 10.0.53.74 0 200 i

R3#sh ip bgp nei 10.0.53.74 received-routes
BGP table version is 5, local router ID is 10.0.53.73
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
t secondary path,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

Network Next Hop Metric LocPrf Weight Path
*> 33.34.14.0/24 10.0.53.74 0 0 200 i
*> 33.34.15.0/24 10.0.53.74 0 200 i

Total number of prefixes 2

R3#sh ip bgp 33.34.15.0/24
BGP routing table entry for 33.34.15.0/24, version 4
Paths: (1 available, best #1, table default)
Not advertised to any peer
Refresh Epoch 1
200, (received & used)
10.0.53.74 from 10.0.53.74 (10.0.53.74)
Origin IGP, localpref 100, valid, external, best
rx pathid: 0, tx pathid: 0x0

R3#sh ip bgp 33.34.14.0/24
BGP routing table entry for 33.34.14.0/24, version 3
Paths: (1 available, best #1, table default)
Not advertised to any peer
Refresh Epoch 1
200, (received & used)
10.0.53.74 from 10.0.53.74 (101.97.53.74)
Origin IGP, metric 0, localpref 100, valid, external, best
rx pathid: 0, tx pathid: 0x0

R3#sh ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
a - application route
+ - replicated route, % - next hop override, p - overrides from PfR

Gateway of last resort is not set

1.0.0.0/32 is subnetted, 1 subnets
C 1.1.1.1 is directly connected, Loopback1
10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 10.0.53.72/30 is directly connected, GigabitEthernet2
L 10.0.53.73/32 is directly connected, GigabitEthernet2
33.0.0.0/24 is subnetted, 2 subnets
B 33.34.14.0 [20/0] via 10.0.53.74, 01:28:32
B 33.34.15.0 [20/0] via 10.0.53.74, 01:28:32

R3#sh ip route 33.34.15.0
Routing entry for 33.34.15.0/24
Known via "bgp 100", distance 20, metric 0
Tag 200, type external
Last update from 10.0.53.74 01:30:34 ago
Routing Descriptor Blocks:
* 10.0.53.74, from 10.0.53.74, 01:30:34 ago
Route metric is 0, traffic share count is 1
AS Hops 1
Route tag 200
MPLS label: none

R3#sh ip route 33.34.14.0
Routing entry for 33.34.14.0/24
Known via "bgp 100", distance 20, metric 0
Tag 200, type external
Last update from 10.0.53.74 01:32:31 ago
Routing Descriptor Blocks:
* 10.0.53.74, from 10.0.53.74, 01:32:31 ago
Route metric is 0, traffic share count is 1
AS Hops 1
Route tag 200
MPLS label: none

R4:

interface GigabitEthernet1
ip address 10.0.53.74 255.255.255.252
!
interface GigabitEthernet2
ip address 33.34.14.1 255.255.255.0
!
interface GigabitEthernet3
ip address 10.0.0.1 255.255.255.0
!

router bgp 200
bgp router-id 10.0.53.74
bgp log-neighbor-changes
neighbor 10.0.0.2 remote-as 200
neighbor 10.0.0.2 update-source GigabitEthernet3
neighbor 10.0.53.73 remote-as 100
neighbor 10.0.53.73 update-source GigabitEthernet1
!
address-family ipv4
network 33.34.14.0 mask 255.255.255.0
network 33.34.15.0 mask 255.255.255.0
neighbor 10.0.0.2 activate
neighbor 10.0.0.2 next-hop-self
neighbor 10.0.0.2 soft-reconfiguration inbound
neighbor 10.0.53.73 activate
neighbor 10.0.53.73 soft-reconfiguration inbound
exit-address-family

R1:

interface GigabitEthernet1
ip address 10.0.53.70 255.255.255.252
!
interface GigabitEthernet2
ip address 33.34.15.1 255.255.255.0
!
interface GigabitEthernet3
ip address 10.0.0.2 255.255.255.0

router bgp 200
bgp router-id 10.0.53.70
bgp log-neighbor-changes
neighbor 10.0.0.1 remote-as 200
neighbor 10.0.0.1 update-source GigabitEthernet3
neighbor 10.0.53.69 remote-as 100
neighbor 10.0.53.69 update-source GigabitEthernet1
!
address-family ipv4
network 33.34.14.0 mask 255.255.255.0
network 33.34.15.0 mask 255.255.255.0
neighbor 10.0.0.1 activate
neighbor 10.0.0.1 next-hop-self
neighbor 10.0.0.1 soft-reconfiguration inbound
neighbor 10.0.53.69 activate
neighbor 10.0.53.69 next-hop-self
neighbor 10.0.53.69 soft-reconfiguration inbound
exit-address-family

 

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Harold Ritter
Spotlight
Spotlight
In response to geoffFx

‎05-16-2023 06:16 PM - last edited on ‎05-23-2023 03:40 PM by Community Manager

Thanks for the additional info @geoffFx .

The issue is not with the traffic from R3 to R1, but rather with the return traffic from R1 to R3. R1 receives a default route (0/0) from R2 (ebgp) and from R4 (ibgp) and uses the path to R2, as ebgp is preferred over ibgp. Traffic back from R1 to R3 is forwarded via R2. R2 does not have a route to R3 and traffic is dropped. 

One way to fix it is to advertise a more specific route from both R3 and R2 for the local subnet to R4 and R1 respectively, as follow:

R3:

router bgp 100

address-family ipv4

network 10.0.53.72 mask 255.255.255.252

R2:

router bgp 100

address-family ipv4

network 10.0.53.68 mask 255.255.255.252

This will make sure traffic goes back the proper way.

Another way to fix it would be to provide connectivity between R3 and R2 in AS100.

Regards,

Regards,
Harold Ritter, CCIE #4168 (EI, SP)

View solution in original post

0 Helpful
7 Replies 7

Go to solution
Harold Ritter
Spotlight
Spotlight

‎05-16-2023 05:01 PM - last edited on ‎05-23-2023 03:37 PM by Community Manager

Hi @geoffFx ,

Can you be more specific about what is not working? 

Can you ping both

33.34.14.1 and 33.34.15.1 from R3

?

Regards,

Regards,
Harold Ritter, CCIE #4168 (EI, SP)
0 Helpful

Go to solution
geoffFx
Level 1
Level 1
In response to Harold Ritter

‎05-16-2023 05:29 PM - last edited on ‎05-23-2023 03:39 PM by Community Manager

Hi @Harold Ritter ,

I am only able to

ping 33.34.14.1

and that is my only issue.

R4 to ASA-15 via R1 works perfectly

R1 to ASA-14 via R4 works perfectly.

My issue is that R2 to ASA-14 and R3 to ASA-15 are both unreachable yet route table on both R3 & R2 show the correct next-hop...

R3#ping 33.34.14.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 33.134.14.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 2/9/31 ms
R3#ping 33.34.15.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 33.34.15.1, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)

Cheers

Geoff

 

0 Helpful

Go to solution
Harold Ritter
Spotlight
Spotlight
In response to geoffFx

‎05-16-2023 06:16 PM - last edited on ‎05-23-2023 03:40 PM by Community Manager

Thanks for the additional info @geoffFx .

The issue is not with the traffic from R3 to R1, but rather with the return traffic from R1 to R3. R1 receives a default route (0/0) from R2 (ebgp) and from R4 (ibgp) and uses the path to R2, as ebgp is preferred over ibgp. Traffic back from R1 to R3 is forwarded via R2. R2 does not have a route to R3 and traffic is dropped. 

One way to fix it is to advertise a more specific route from both R3 and R2 for the local subnet to R4 and R1 respectively, as follow:

R3:

router bgp 100

address-family ipv4

network 10.0.53.72 mask 255.255.255.252

R2:

router bgp 100

address-family ipv4

network 10.0.53.68 mask 255.255.255.252

This will make sure traffic goes back the proper way.

Another way to fix it would be to provide connectivity between R3 and R2 in AS100.

Regards,

Regards,
Harold Ritter, CCIE #4168 (EI, SP)
0 Helpful

Go to solution
geoffFx
Level 1
Level 1
In response to Harold Ritter

‎05-16-2023 08:03 PM

Hi @Harold Ritter,

Many thanks for your awesome assistance.

That resolved my issue.

Yes, R3 & R2 are connected at AS100, but I was trying to simulate failure of say R2 so set them up independent of each other.

With this learning on my part, I now have a further question, with reference to IX Peering at AS300, we are receiving 150K prefixes, is it possible to reflect prefixes to R4 from R1 via iBGP?

Cheers

Geoff

0 Helpful

Go to solution
Harold Ritter
Spotlight
Spotlight
In response to geoffFx

‎05-16-2023 09:23 PM - last edited on ‎05-23-2023 03:42 PM by Community Manager

Hi @geoffFx ,

I am glad to hear that it worked for you.

is it possible to reflect prefixes to R4 from R1 via iBGP?

R1 learns these routes via eBGP and will automatically advertise them to R4 by default.

Bear in mind that R1 does not change the next hop by default on the routes it advertises via iBGP, so R4 will receive the routes with the next hop set to the AS300 peer ip address. If this ip address is not reachable on R4, the routes are considered inaccessible and are not installed in the RIB.

This default behavior can be changed by using the

next-hop-self

statement on R1 towards R4, as follow:

router bgp 200

address-family ipv4 

neighbor 10.0.0.1 next-hop-self

Regards,

Regards,
Harold Ritter, CCIE #4168 (EI, SP)
0 Helpful

Go to solution
geoffFx
Level 1
Level 1
In response to Harold Ritter

‎05-17-2023 12:36 AM

Hi @Harold Ritter,

Perfect, I was worried about the eBGP taken priority. Now the fund can begin with filtering rules for IN & OUT traffic.

Many thanks for your very time and assistance resolving my issue.

Cheers 

0 Helpful

Go to solution
Harold Ritter
Spotlight
Spotlight
In response to geoffFx

‎05-17-2023 05:44 AM

You are very welcome @geoffFx and thanks for the feedback

Regards,
Harold Ritter, CCIE #4168 (EI, SP)
0 Helpful
Customers Also Viewed These Support Documents