Tuesday, August 4, 2020

BGP Next Hop Attribute



Let's see the behavior of next hop for advertised prefixes over eBGP.
First, let's advertise Loopback0 on R2 so that R8 is receiving at least one prefix from R2.

 
R2(config)#router bgp 65100
R2(config-router)#neighbor 172.16.28.8 remote-as 65089
R2(config-router)#network 10.2.2.2 mask 255.255.255.255
R2(config-router)#end
R2#

R8 is receiving prefix 10.2.2.2/32:



On R8 we can use another, fancy way to extract what prefixes are learned from a direct neighbor AS 65100 like so:

show ip bgp regex ^65100_

 

Now, on to configuring R1 and R2 iBGP peering.

R2 Configuration:

R2(config)#router bgp 65100
R2(config-router)#neighbor 172.16.123.1 remote-as 65100
R2(config-router)#end
R2#

R1 Configuration:

 
R1(config)#router bgp 65100
R1(config-router)#bgp router-id 10.1.1.1
R1(config-router)#neighbor 172.16.123.2 remote-as 65100
R1(config-router)#network 10.1.1.1 mask 255.255.255.255
R1(config-router)#end
R1#

First let's take a peek at R8 BGP table.

 All looks good. The next hop is 172.16.28.2 which is reachable via direct link.

What about R1 BGP table?
R1 shows 11 prefixes received. However, in the above output there is no '>' (greater than) symbol next to the asterisk. The '>' symbol indicates the best path that is currently missing for all prefixes advertised by R8. As a result of that, none of the prefixes listed will be installed in the routing table.

 Notice the 'next-hop-value' for these prefixes!

 
R1#show ip route 172.16.28.8
% Subnet not in table
R1#
R1#
R1#show ip bgp 10.8.0.0
BGP routing table entry for 10.8.0.0/28, version 0
Paths: (1 available, no best path)
  Not advertised to any peer
  Refresh Epoch 1
  65089
    172.16.28.8 (inaccessible) from 172.16.123.2 (10.2.2.2)
      Origin IGP, metric 0, localpref 100, valid, internal
R1

The next hop is preserved in eBGP advertisements (R8's interface IP address that is used for peering with R2). And it is not reachable. That is why, BGP prefixes won't get installed in the routing table.

R1#show ip route bgp
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
       + - replicated route, % - next hop override

Gateway of last resort is not set

      10.0.0.0/32 is subnetted, 2 subnets
B        10.2.2.2 [200/0] via 172.16.123.2, 00:12:00
R1#

There are a few ways of dealing with this issue.

Method 1

Use 'next-hop-self' Command on R2 for peer R1. It is the recommended command on the router that connects eBGP with iBGP peers.
 
router bgp 65100
 bgp router-id 10.2.2.2
 bgp log-neighbor-changes
 network 10.2.2.2 mask 255.255.255.255
 neighbor 172.16.28.8 remote-as 65089
 neighbor 172.16.123.1 remote-as 65100
 neighbor 172.16.123.1 next-hop-self
R2(config-router)#

The result on R1 is this:




R1 finds next-hop-ip reachable (direct link).
Removing this command and trying a second method.


R2(config)#router bgp 65100
R2(config-router)#no neighbor 172.16.123.1 next-hop-self
R2(config-router)#

After a 15 or so seconds the '>' best path shows up in the BGP table on R1:


And the prefixes will be installed in the routing table on R1:


Remove configuration in BGP process:

no neighbor 172.16.123.1 next-hop-self


Method 2

Change 'next-hop' attribute using route-map.


route-map NEXT_HOP permit 10
 set ip next-hop 172.16.123.2
!
router bgp 65100
 bgp router-id 10.2.2.2
 bgp log-neighbor-changes
 network 10.2.2.2 mask 255.255.255.255
 neighbor 172.16.28.8 remote-as 65089
 neighbor 172.16.123.1 remote-as 65100
 neighbor 172.16.123.1 route-map NEXT_HOP out

Remove the configuration and try the third method.

Method 3

Advertise link (IP) between R2 and R8 using an IGP protocol (for instance EIGRP/OSPF/IS-IS, etc).
R1 EIGRP Configuration:
 
router eigrp 100
 network 172.16.123.1 0.0.0.0
 eigrp router-id 10.1.1.1

R2 EIGRP Configuration:

router eigrp 100
 network 172.16.28.2 0.0.0.0
 network 172.16.123.2 0.0.0.0
 eigrp router-id 10.2.2.2

That does the trick as well. R1 learns how to reach next-hop 172.16.28.8 via EIGRP.

R1#show ip route 172.16.28.8
Routing entry for 172.16.28.0/24
  Known via "eigrp 100", distance 90, metric 307200, type internal
  Redistributing via eigrp 100
  Last update from 172.16.123.2 on Ethernet0/0.123, 00:04:23 ago
  Routing Descriptor Blocks:
  * 172.16.123.2, from 172.16.123.2, 00:04:23 ago, via Ethernet0/0.123
      Route metric is 307200, traffic share count is 1
      Total delay is 2000 microseconds, minimum bandwidth is 10000 Kbit
      Reliability 255/255, minimum MTU 1500 bytes
      Loading 1/255, Hops 1
R1#

And the last method would be to redistribute connected network 172.16.28.0 into IGP protocol.
at
Labels: ,

BGP Network Statement



As of now, there are a number of Loopback interfaces in R8's configuration.
These loopback subnets have different mask length to illustrate an important point: BGP can only advertise the networks/subnets with exact mask found in the routing table. Also, if the network/mask pair of the interface being advertised is not a classful network, the keyword 'mask' mast be present as shown below BGP configuration. All below interfaces are subnets of class A network. 


interface Loopback0
 ip address 10.8.8.8 255.255.255.255
!
interface Loopback10
 ip address 10.8.0.1 255.255.255.240
!
interface Loopback11
 ip address 10.8.0.17 255.255.255.240
!
interface Loopback12
 ip address 10.8.0.33 255.255.255.240
!
interface Loopback13
 ip address 10.8.0.49 255.255.255.240
!
interface Loopback14
 ip address 10.8.80.1 255.255.255.0
!
interface Loopback15
 ip address 10.8.81.1 255.255.255.0
!
interface Loopback16
 ip address 10.8.82.1 255.255.255.0
!
interface Loopback17
 ip address 10.8.83.1 255.255.255.0

 Here's the R8 Configuration that advertises those prefixes:

R8(config)#router bgp 65089
R8(config-router)#network 10.8.8.8 mask 255.255.255.255
R8(config-router)#network 10.8.0.0 mask 255.255.255.240
R8(config-router)#network 10.8.0.16 mask 255.255.255.240
R8(config-router)#network 10.8.0.32 mask 255.255.255.240
R8(config-router)#network 10.8.0.48 mask 255.255.255.240
R8(config-router)#network 10.8.80.0 mask 255.255.255.0  
R8(config-router)#network 10.8.81.0 mask 255.255.255.0
R8(config-router)#network 10.8.82.0 mask 255.255.255.0
R8(config-router)#network 10.8.83.0 mask 255.255.255.0
R8(config-router)#

First a quick check in the BGP routing table of R8 reveals the following:



There are three things that are important to notice. They all indicate that the prefixes have been advertised into BGP on the local router:
  1. Next Hop is 0.0.0.0.
  2. In the 'Path', there is no AS numbers.
  3. The 'Weight' attribute takes default 32768 value.
R2 shows the AS 65089 originating prefixes. The local AS number is 65100. 

 Let's add one more loopback on R8 with a class C network and advertise this one into BGP as well. Notice, there is no 'mask' keyword as the network/mask pair are both class C.

interface Loopback18
 ip address 198.51.100.1 255.255.255.0

BGP prefix advertisement is going to be this:

 
R8(config)#router bgp 65089
R8(config-router)#network 198.51.100.0

The alternative way of advertising subnets/networks would be to redistribute them into BGP. I will practice that a bit later.

at
Labels: ,
Subscribe to: Posts (Atom)

Cisco Is Easy - Main

  Cisco Basics (CCNA level)  Lessons: Watch Video Tutorials on Youtube 01 - Connecting to Cisco Console Port with MINICOM 02 - Navigatin...