Thursday, March 25, 2010

INE Workbook Vol 1 BGP

There is a difference between the 'neighbor ebgp-multihop x' and the 'neighbor disable-connected-check'.The disable connected check prevents cases where the EBGP session between two routers is routed over another transit router. This is useful when creating a neighbor relationship based on the loopback interface of two routers, but they are still directly connected. The TTL is still one but it does not count the loopback interface as a hop. When compared to ebgp multihop, the disable-connected-check can reduce redundant routing information in the BGP table.

Here is the output from the BGP table when using ebgp-multihop. Since R5 has multiple hops to R4 (directly connected and across the frame-relay to R1).


R5(config-router)#do sh ip bgp
BGP table version is 11, local router ID is 150.1.5.5
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
   Network          Next Hop            Metric LocPrf Weight Path
*  28.119.16.0/24   150.1.4.4                              0 100 54 i
*>                  155.1.0.1                              0 100 54 i
*  28.119.17.0/24   150.1.4.4                              0 100 54 i
*>                  155.1.0.1                              0 100 54 i
*  112.0.0.0        150.1.4.4                              0 100 54 50 60 i
*>                  155.1.0.1                              0 100 54 50 60 i
*  113.0.0.0        150.1.4.4                              0 100 54 50 60 i
*>                  155.1.0.1                              0 100 54 50 60 i
*  114.0.0.0        150.1.4.4                              0 100 54 i
*>                  155.1.0.1                              0 100 54 i
*  115.0.0.0        150.1.4.4                              0 100 54 i
*>                  155.1.0.1                              0 100 54 i
*  116.0.0.0        150.1.4.4                              0 100 54 i
*>                  155.1.0.1                              0 100 54 i
*  117.0.0.0        150.1.4.4                              0 100 54 i
*>                  155.1.0.1                              0 100 54 i
*  118.0.0.0        150.1.4.4                              0 100 54 i
   Network          Next Hop            Metric LocPrf Weight Path
*>                  155.1.0.1                              0 100 54 i
*  119.0.0.0        150.1.4.4                              0 100 54 i
*>                  155.1.0.1                              0 100 54 i
R5(config-router)#
Here is the output using disable-connected-check instead. You will notice that there is only one next-hop listed because the TTL is still 1, disregarding the local "hop" to the loopback interface. Now we can't route from R5 F/R - R1 Ethernet - R4 Ethernet because the TTL would be expired.

R5#sh ip bgp
 BGP table version is 31, local router ID is 150.1.5.5
 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
               r RIB-failure, S Stale
 Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
 *> 28.119.16.0/24   150.1.4.4                              0 100 54 i
 *> 28.119.17.0/24   150.1.4.4                              0 100 54 i
 *> 112.0.0.0        150.1.4.4                              0 100 54 50 60 i
 *> 113.0.0.0        150.1.4.4                              0 100 54 50 60 i
 *> 114.0.0.0        150.1.4.4                              0 100 54 i
 *> 115.0.0.0        150.1.4.4                              0 100 54 i
 *> 116.0.0.0        150.1.4.4                              0 100 54 i
 *> 117.0.0.0        150.1.4.4                              0 100 54 i
 *> 118.0.0.0        150.1.4.4                              0 100 54 i
 *> 119.0.0.0        150.1.4.4                              0 100 54 i




I've learned exactly what the r in the 'sh ip bgp' output means. I knew it meant RIB failure, but not sure why. It simply means that the bgp route cannot be installed in the routing table, most likely due to the presence of a lower AD route in the route table. By default, 'r' routes will be advertised to other bgp neighbors. This can be disabled by enabling 'bgp suppress-inactive'.


IGP's do not by default redistribute iBGP learned routes. IGPs will only redistribute eBGP learned routes by default. To enable redistribute of iBGP learned routes, you need to add 'bgp redistribute-internal' to the BGP process. Now when routes go from BGP -> IGP, internal routes will be included. But now remember!! The AD for iBGP routes is 200, making it highly unlikely to be used when compared to IGPs. eBGP AD is 20, making it the most preferred when compared to conventional IGPs. So, to prevent loops, you need to change the distance of iBGP or your IGP.


When using auto-summary, you need to do one of two things. One, make sure there is a compatible 'network' statement that is a subset of the summary network. You can also configure redistribute. When you redistribute connected, the redistribute networks are automatically summarized.


Well, this has become a large post, so I will post BGP part II in the coming days. Enjoy!
Posted by at

1 comment:

  1. InderJune 5, 2010 at 2:14 AM

    Nice one mate but 1 thing to add, this command basically disables BGP verification check which checks to see if neighbor ip configured is part of one of it's directly connected network segments or not.
    Cheers
    Inder

    ReplyDelete

Subscribe to: Post Comments (Atom)