Re: Routing issue / BGP / routing

axelhauguel · ‎07-28-2021

Hello all,

I'have mount a new BGP session with amazon and I receives the prefixes :

edge01.par9k(config)# sh ip bgp neighbors 37.49.236.118 routes received 

Peer 37.49.236.118 routes for address family IPv4 Unicast:
BGP table version is 35542558, Local Router ID is 193.38.250.1
Status: s-suppressed, x-deleted, S-stale, d-dampened, h-history, *-valid, >-best
Path type: i-internal, e-external, c-confed, l-local, a-aggregate, r-redist, I-injected
Origin codes: i - IGP, e - EGP, ? - incomplete, | - multipath, & - backup, 2 - best2

   Network            Next Hop            Metric     LocPrf     Weight Path
*>e2.255.191.0/24     37.49.236.118         1000                     0 16509 i
*>e3.2.8.0/24         37.49.236.118         1000                     0 16509 i
*>e3.2.9.0/24         37.49.236.118         1000                     0 16509 i
*>e3.2.10.0/24        37.49.236.118         1000                     0 16509 i
*>e3.2.11.0/24        37.49.236.118         1000                     0 16509 i
*>e3.2.12.0/24        37.49.236.118         1000                     0 16509 i
*>e3.2.13.0/24        37.49.236.118         1000                     0 16509 i
*>e3.2.14.0/24        37.49.236.118         1000                     0 16509 i
*>e3.2.15.0/24        37.49.236.118         1000                     0 16509 i
*>e3.3.6.0/24         37.49.236.118         1000                     0 16509 i
*>e3.3.7.0/24         37.49.236.118         1000                     0 16509 i
*>e3.3.8.0/24         37.49.236.118         1000                     0 16509 i
*>e3.3.9.0/24         37.49.236.118         1000                     0 16509 i
*>e3.3.10.0/24        37.49.236.118         1000                     0 16509 i
*>e3.3.11.0/24        37.49.236.118         1000                     0 16509 i
*>e3.3.12.0/24        37.49.236.118         1000                     0 16509 i
*>e3.3.13.0/24        37.49.236.118         1000                     0 16509 i
*>e3.3.14.0/24        37.49.236.118         1000                     0 16509 i
*>e3.3.15.0/24        37.49.236.118         1000                     0 16509 i
*>e3.5.64.0/21        37.49.236.118         1000                     0 16509 i
*>e3.5.64.0/24        37.49.236.118         1000                     0 16509 i
*>e3.5.65.0/24        37.49.236.118         1000                     0 16509 i
*>e3.5.66.0/24        37.49.236.118         1000                     0 16509 i
*>e3.5.67.0/24        37.49.236.118         1000                     0 16509 i
*>e3.5.68.0/24        37.49.236.118         1000                     0 16509 i
*>e3.5.69.0/24        37.49.236.118         1000                     0 16509 i
*>e3.5.70.0/24        37.49.236.118         1000                     0 16509 i
*>e3.5.71.0/24        37.49.236.118         1000                     0 16509 i
*>e3.5.72.0/23        37.49.236.118         1000                     0 16509 i
*>e3.5.72.0/24        37.49.236.118         1000                     0 16509 i
*>e3.5.134.0/23       37.49.236.118         1000                     0 16509 i
*>e3.5.134.0/24       37.49.236.118         1000                     0 16509 i
*>e3.5.135.0/24       37.49.236.118         1000                     0 16509 i
*>e3.5.136.0/22       37.49.236.118         1000                     0 16509 i
*>e3.5.136.0/24       37.49.236.118         1000                     0 16509 i
*>e3.5.137.0/24       37.49.236.118         1000                     0 16509 i
*>e3.5.138.0/24       37.49.236.118         1000                     0 16509 i
*>e3.5.139.0/24       37.49.236.118         1000                     0 16509 i
*>e3.5.216.0/22       37.49.236.118         1000                     0 16509 i
*>e3.5.216.0/24       37.49.236.118         1000                     0 16509 i
*>e3.5.217.0/24       37.49.236.118         1000                     0 16509 i
*>e3.5.218.0/24       37.49.236.118         1000                     0 16509 i
*>e3.5.220.0/22       37.49.236.118         1000                     0 16509 i
*>e3.5.220.0/24       37.49.236.118         1000                     0 16509 i
*>e3.5.221.0/24       37.49.236.118         1000                     0 16509 i
*>e3.5.222.0/24       37.49.236.118         1000                     0 16509 i
*>e3.5.224.0/22       37.49.236.118         1000                     0 16509 i
*>e3.5.224.0/24       37.49.236.118         1000                     0 16509 i
*>e3.5.225.0/24       37.49.236.118         1000                     0 16509 i
*>e3.5.226.0/24       37.49.236.118         1000                     0 16509 i
*>e3.5.228.0/22       37.49.236.118         1000                     0 16509 i
*>e3.5.228.0/24       37.49.236.118         1000                     0 16509 i
*>e3.5.229.0/24       37.49.236.118         1000                     0 16509 i
*>e3.5.230.0/24       37.49.236.118         1000                     0 16509 i
*>e3.5.244.0/22       37.49.236.118         1000                     0 16509 i
*>e3.5.244.0/24       37.49.236.118         1000                     0 16509 i

For exemple, I take this prefix : 3.5.244.0/24

edge01.par9k(config)# sh bgp ip unicast 3.5.244.0/24
BGP routing table information for VRF default, address family IPv4 Unicast
BGP routing table entry for 3.5.244.0/24, version 35367905
Paths: (3 available, best #3)
Flags: (0x8008001a) (high32 00000000) on xmit-list, is in urib, is best urib route, is in HW

  Path type: external, path is valid, received and used, not best reason: AS Path, no labeled nexthop
  AS-Path: 49434 1299 16509 , path sourced external to AS
    100.64.70.5 (metric 0) from 100.64.70.5 (193.178.0.1)
      Origin IGP, MED not set, localpref 100, weight 0
      Community: 1299:30000 49434:101 49434:201 49434:301 49434:1000 49434:1005 

  Path type: external, path is valid, received and used, not best reason: newer EBGP path, no labeled nexthop
  AS-Path: 16509 , path sourced external to AS
    37.49.237.166 (metric 0) from 37.49.237.166 (52.95.60.167)
      Origin IGP, MED 1000, localpref 100, weight 0

  Advertised path-id 1
  Path type: external, path is valid, received and used, is best path, no labeled nexthop, in rib
  AS-Path: 16509 , path sourced external to AS
    37.49.236.118 (metric 0) from 37.49.236.118 (52.46.95.71)
      Origin IGP, MED 1000, localpref 100, weight 0

  Path-id 1 advertised to peers:
    185.171.202.199    185.171.202.204    185.171.202.230

edge01.par9k(config)#

We see, the best path is from my network to amazon directly.

But if I traceroute, the traffic is not sent to amazon :

                                                    My traceroute  [v0.92]
pve (185.171.202.126)                                                                                2021-07-28T17:25:09+0200
Keys:  Help   Display mode   Restart statistics   Order of fields   quit
                                                                                     Packets               Pings
 Host                                                                              Loss%   Snt   Last   Avg  Best  Wrst StDev
 1. 193.38.250.1                                                                    0.0%     5    0.6   0.5   0.4   0.6   0.1
 2. 100.64.70.5                                                                     0.0%     5    0.7   0.7   0.7   0.7   0.0
 3. 193.178.0.64                                                                   25.0%     5    0.9   0.9   0.8   0.9   0.1
 4. prs-b3-link.ip.twelve99.net                                                     0.0%     5    0.8   1.0   0.8   1.2   0.1
 5. amazon-svc077642-lag003863.c.telia.net                                          0.0%     5    3.1   6.3   1.0  19.3   7.4
 6. 52.46.95.136                                                                    0.0%     5    1.3   1.6   1.2   2.0   0.3
 7. 52.93.16.145                                                                    0.0%     5    0.7   0.8   0.7   1.1   0.2
 8. ???
 9. 54.239.45.9                                                                     0.0%     5    7.6   9.5   7.6  16.3   3.8
10. ???
11. ???
12. ???
13. ???
14. ???
15. ???
16. 54.239.101.26                                                                   0.0%     4    7.9   8.5   7.9  10.1   1.1
17. 52.94.35.7                                                                      0.0%     4    8.6   8.2   8.0   8.6   0.3
18. 52.94.35.14                                                                     0.0%     4    9.0   8.9   8.7   9.0   0.1
19. 15.230.158.35                                                                   0.0%     4    7.8   8.1   7.8   8.7   0.4
20. 15.230.158.26                                                                   0.0%     4    8.5   8.9   8.5   9.3   0.4
21. ???

So, i'have checked the route :

edge01.par9k(config)# sh ip route 3.5.244.0
IP Route Table for VRF "default"
'*' denotes best ucast next-hop
'**' denotes best mcast next-hop
'[x/y]' denotes [preference/metric]
'%<string>' in via output denotes VRF <string>

3.5.244.0/24, ubest/mbest: 1/0
    *via 37.49.236.118, [20/1000], 15:59:15, bgp-212815, external, tag 16509
edge01.par9k(config)#

Gateway is correct, but traffic is not send to this gateway. I think, the traffic is send to my default gateway because router seem not have route saved.

I'have also checked the forwarding and GW is ok...

edge01.par9k(config)# show forwarding ipv4 route 3.5.244.0/24

slot  1
=======


IPv4 routes for table default/base

------------------+-----------------------------------------+----------------------+-----------------+-----------------
Prefix            | Next-hop                                | Interface            | Labels          | Partial Install 
------------------+-----------------------------------------+----------------------+-----------------+-----------------
*3.5.244.0/24        37.49.236.118                             Ethernet1/54.403    
edge01.par9k(config)#

Software
  BIOS: version 05.39
 NXOS: version 9.3(3)
  BIOS compile time:  08/30/2019
  NXOS image file is: bootflash:///nxos.9.3.3.bin
  NXOS compile time:  12/22/2019 2:00:00 [12/22/2019 16:00:37]


Hardware
  cisco Nexus9000 C93180YC-FX Chassis

What is the reason ?

Thanks !

Axel

Giuseppe Larosa · ‎07-28-2021

Hello Axel,

from what device have you performed the traceroute ?

A linux workstation or the nexus itself ?

All the show commands in the Nexus would lead to think that the new prefix is correctly installed in the routing table and in the forwarding table.

Hope to help

Giuseppe

axelhauguel · ‎07-28-2021

Hi !

I'have perform the MTR from a linux machine under the network.

> All the show commands in the Nexus would lead to think that the new prefix is correctly installed in the routing table and in the forwarding table.

Yes, but seem not working.. :((((

Axel

Giuseppe Larosa · ‎07-28-2021

Hello Axel,

>>

185.171.202.126

is this the IP address of the linux server where you did the traceroute test ?

Who is its default gateway ?

is that default gateway speaking BGP and has a session an iBGP session with the Nexus ? ( direct session otherwise the iBGP split horizon rule will make the prefix not available )

Hope to help

Giuseppe

axelhauguel · ‎07-30-2021

Hi !

> is this the IP address of the linux server where you did the traceroute test ?

Yes. 185.171.202.126 is a Linux server, gateway is 185.171.202.1 (marked as 193.38.250.1 because 185.171.202.1 is parameter as secondary IP on VLAN).

Untitled Diagram.jpg

Giuseppe Larosa · ‎07-30-2021

Hello Axel,

ok where is the Nexus9000 in the picture ?

It is directly attached to the linux server ?

it is the leftmost device or it is not present in this picture ?

Hope to help

Giuseppe

axelhauguel · ‎07-30-2021

Hi !

The Nexus 9000 is in the middle. (called "My router")