Issuing redistribute bgp command under IGP routers only redistribute EBGP routes into the IGP. In order to redistribute iBGP learnt routes into IGP redistribute bgp internal command should be used.
To avoid routing loops and IGP routes to preempt iBGP routes, it's recommended to increase the IGP AD to a value higher than iBGP AD (200).
Showing posts with label BGP. Show all posts
Showing posts with label BGP. Show all posts
Thursday, 28 February 2013
BGP RIB-failure and bgp suppress-inactive
RIB-failure means although the BGP route is valid (reachable next-hop) it's not being installed in the routing table. One of the main reasons for that behaviour is to have an exact match for that route already installed in the routing table with a better administrative distance, which in case of iBGP learnt routes any IGP has better AD.
Such routes with RIB-failure are advertised to BGP peers by default as the hidden command, no bgp suppress-inactive exists under router bgp. If bgp suppress-inactive command those routes will no longer be advertised to BGP peers.
Such routes with RIB-failure are advertised to BGP peers by default as the hidden command, no bgp suppress-inactive exists under router bgp. If bgp suppress-inactive command those routes will no longer be advertised to BGP peers.
BGP Decision Process and AS_CONFED_SET
Entire AS_CONFED_SET counts as single entry when comparing AS_PATH length.
Saturday, 23 February 2013
EBGP Session from Loopback without Increasing TTL
Instead of using neighbor ebgp-multihop, the neighbor disable-connected-check command is used to disable the connection verification process for eBGP peering sessions that are reachable by a single hop but are configured on a loopback interface or otherwise configured with a non-directly connected IP address.
http://www.cisco.com/en/US/docs/ios/12_3t/ip_route/command/reference/ip2_n1gt.html#wp1109875
http://www.cisco.com/en/US/docs/ios/12_3t/ip_route/command/reference/ip2_n1gt.html#wp1109875
Enforce Specific Router to Establish BGP Session
Normally the router which has the lowest IP address is responsible to establish the BGP session to remote TCP port 179. However as defined in RFC 4271 (A Border Gateway Protocol 4) - BGP Connection Collision Detection Mechanism - the session originated from the device with higher BGP rouer-id is maintained and the other session is dropped.
To enforce a router to always become the BGP Client (establish TCP session from a high number TCP port to TCP 179), configure loopback addresses in neighbour command and set update-source on the router that you wish to always become client.
To enforce a router to always become the BGP Client (establish TCP session from a high number TCP port to TCP 179), configure loopback addresses in neighbour command and set update-source on the router that you wish to always become client.
Saturday, 8 December 2012
BGP Backdoor
Can be used to favour IGP routes instead of eBGP routes when both exist in the routing table as the default AD for eBGP route is lower than any IGP route.
network <network address> backdoor
The specified network address is treated as a local entry, but not advertised as a normal network entry.
http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a00800c95bb.shtml#bgpbackdoor
network <network address> backdoor
The specified network address is treated as a local entry, but not advertised as a normal network entry.
http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a00800c95bb.shtml#bgpbackdoor
Saturday, 27 October 2012
4-Byte AS-PATH
The new AS number is 4-bytes and split into two 2-byte values, in X.Y syntax. The support for the 4-byte AS is advertised via BGP capability negotiation. In order to ensure interoperability with existing BGP peers that do not support 4-byte AS, encoding of BGP OPEN message is reserved and 4-byte AS support is exchanged between the BGP peers via the capability field.
When BGP attempts to establish a session with its peer, the OPEN message may include an optional parameter, called Capabilities. A NEW speaker will include the NEW (4-byte AS) capability when it attempts to OPEN a session with its peer. An OLD speaker should simply ignore the NEW capability advertised by its peer and continue to operate in OLD mode, as detailed in RFC 3392.
If the NEW speaker advertises and receives the 4-byte AS capability from its peer, it will just encode the 4-byte AS number in its AS_PATH or AGGREGATOR attributes when exchanging information with this peer.
If the NEW speaker does not receive the 4-byte AS capability from a particular peer, it indicates this peer is an OLD speaker. Two new attributes are introduced, namely AS4_PATH and AS4_AGGREGATOR. Both attributes are optional transitive. These new attributes use the same encoding as the original ASPATH and AGGREGATOR except the AS Number used is 4-bytes instead of 2-bytes. The NEW speaker will substitute a reserved 2-byte AS number (called AS_TRANS with AS # 23456) for each 4-byte AS so that ASPATH and AGGREGATOR is still 2-byte in length and ASPATH length is still preserved, and at the same time insert the new AS4_PATH and AS4_AGGREGATOR, which will contain the 4-byte encoded copy of the attributes. The NEW speaker will then advertise ASPATH and/or AGGREGATOR together with the AS4_PATH and/or AS4_AGGREGATOR. The OLD speaker that receives these new attributes will preserve and blindly pass them along even though it does not understand them. Subsequent NEW speakers will merge the ASPATH and/or AGGREGATOR with the AS4_PATH and/or AS4_AGGREGATOR to retrieve the original 4-byte AS information without losing any attribute contents, as illustrated in the Figure 1.
http://www.cisco.com/web/about/security/intelligence/4byte-as.html
Sunday, 26 August 2012
Multiple BGP AS on Cisco Router
When you need to have BGP sessions from an AS number different that the one configured with router bgp as-number. As Cisco doesn't support multiple instances of BGP like the way juniper supports it.
neighbor ip-address local-as as-number [no-prepend [replace-as [dual-as]]]
no-prepend: Does not prepend the local autonomous system number to any routes received from the eBGP neighbor.
replace-as: Prepends only the local autonomous-system number to the AS_PATH attribute. The autonomous system number from the local BGP routing process is not prepended.
http://www.cisco.com/en/US/tech/tk365/technologies_configuration_example09186a00800949cd.shtml
neighbor ip-address local-as as-number [no-prepend [replace-as [dual-as]]]
no-prepend: Does not prepend the local autonomous system number to any routes received from the eBGP neighbor.
replace-as: Prepends only the local autonomous-system number to the AS_PATH attribute. The autonomous system number from the local BGP routing process is not prepended.
http://www.cisco.com/en/US/tech/tk365/technologies_configuration_example09186a00800949cd.shtml
Subscribe to:
Posts (Atom)