The Hebe-Jebes (Or He-B-Gps) : Understanding The Roles of Ebgp, Ibgp and An Igp

The Hebe-jebes (or He-B-GPs):
Understanding the Roles of EBGP,

IBGP and an IGP
Using Lab 7-4, IBGP, Next Hop and Synchronization
Rick Graziani
Cabrillo College
Rick.Graziani@cabrillo.edu
STEAL MY
STUFF!
Username = cisco
www.cabrillo.edu/~rgraziani Password = perlman
©
Topology
Topology
• ITA routers need to
receive IPv4 networks
from both ISPs.
• SanJose1 and
SanJose3 will only
include ITA networks
172.16.2.0/24 and
172.16.4.0/24 in its
BGP. updates to the
ISP routers.
• Both ISPs need to be
able to reach ITA
LANs
©
EIGRP
Configuring EIGRP
SanJose1(config)# router eigrp 1
SanJose1(config-router)# eigrp router-id 1.1.1.1
SanJose1(config-router)# network 172.16.0.0
SanJose2(config)# router eigrp 1

SanJose2(config-router)# eigrp router-id 2.2.2.2
SanJose3(config)# router eigrp 1 • Loopback interfaces

SanJose3(config-router)# eigrp router-id 3.3.3.3 are also advertised.
• Beginning with IOS
15, the default is
• What is the role of an IGP (EIGRP)? no auto-summary
©
Role of EIGRP
• Provides complete
reachability for ITA
routers within the AS.
• Example, for IBGP
peering purposes…
• R4 has a route in its
routing table to reach
the serial interface on
R2 and …
• R2 has a route in its
routing table to reach
the serial interface on
R4
©
EBGP
Configuring EBGP
• What is the role of an EBGP?
• Share network/prefix information
between AS’s.
ISP1(config)# router bgp 65100

ISP1(config-router)# bgp router-id 1.0.0.0
ISP1(config-router)# network 10.1.0.0 mask 255.255.0.0
ISP1(config-router)# neighbor 192.168.1.2 remote-as 65000
SanJose1(config)# router bgp 65000

SanJose1(config-router)# bgp router-id 1.1.1.1
SanJose1(config-router)# neighbor 192.168.1.1 remote-as 65100
SanJose1(config-router)# neighbor 172.17.4.1 remote-as 65000 !IBGP
SanJose1(config-router)# neighbor 172.17.4.1 update-source Loopback0 !IBGP
SanJose1(config-router)# network 172.16.2.0 mask 255.255.255.0 ©
Configuring IBGP
• What is the role of an IBGP?
• Share network/prefix information learned
from EBGP to IBGP routers in the same
AS.
• Note: Internal networks are also shared
but may not be needed to be reached via
IBGP because of IGP (EIGRP).
SanJose1(config-router)# neighbor 172.17.4.1 update-source Loopback0 • Peering via
SanJose1(config-router)# network 172.16.2.0 mask 255.255.255.0 loopbacks
allow multi-
SanJose3(config)# router bgp 65000 path
reachability
SanJose3(config-router)# neighbor 172.17.2.1 update-source Loopback0 ©
SanJose3(config-router)# network 172.16.4.0 mask 255.255.255.0
Examining SanJose1’s
BGP Table
• What does BGP know and is it reachable?
• IBGP has an AD of 200
• EIGRP has an AD of 90
SanJose1# show ip bgp
<codes omitted>
Network Next Hop Metric LocPrf Weight Path

*> 10.1.0.0/16 192.168.1.1 < Reachable via 0 next-hop 0 65100 i
*> 172.16.2.0/24 0.0.0.0 0
< 0.0.0.0 indicates 32768
originating this i
route
r>i 172.16.4.0/24 172.17.4.1 0 (i) learned
< (r) RIB failure, 100 via IBGP
0 i
SanJose1#
SanJose1# show ip bgp rib-failure
Network Next Hop RIB-failure RIB-NH Matches
172.16.4.0/24 172.17.4.1 Higher admin distance n/a
SanJose1# ©
EIGRP
Routing Table EBGP
• What does the routing table show us?

SanJose1# show ip route
<Only BGP and EIGRP routes are shown>
10.0.0.0/16 is subnetted, 1 subnets

B 10.1.0.0 [20/0] via 192.168.1.1, 00:14:14
172.16.0.0/16 is variably subnetted, 7 subnets, 3 masks
D 172.16.1.4/30 [90/2681856] via 172.16.1.2, 00:30:41, Serial0/0/1
D 172.16.3.0/24 [90/2172416] via 172.16.1.2, 00:30:41, Serial0/0/1
D 172.16.4.0/24 [90/2684416] via 172.16.1.2, 00:29:42, Serial0/0/1
D 172.17.3.0/24 [90/2297856] via 172.16.1.2, 00:30:41, Serial0/0/1
D 172.17.4.0/24 [90/2809856] via 172.16.1.2, 00:29:42, Serial0/0/1
SanJose1# ping 10.1.0.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.0.1, timeout is 2 seconds:
!!!!! ©
Examine and troubleshoot IBGP next hop
reachability on SanJose3
EIGRP
Routing Table
• Why doesn’t SanJose3 have the 10.1.0.0/16
prefix from SanJose1 in its routing table? It’s
IBGP peering with SanJose1…
• Notice 192.168.1.0/30 is NOT in the routing
table either.
?
SanJose3# show ip route
<Only BGP and EIGRP routes are shown>

D 172.16.1.0/30 [90/2681856] via 172.16.1.5, 01:00:03, Serial0/0/0
D 172.16.2.0/24 [90/2684416] via 172.16.1.5, 01:00:03, Serial0/0/0
D 172.16.3.0/24 [90/2172416] via 172.16.1.5, 01:00:03, Serial0/0/0
D 172.17.2.0/24 [90/2809856] via 172.16.1.5, 01:00:03, Serial0/0/0
Loopbacks
D 172.17.3.0/24 [90/2297856] via 172.16.1.5, 01:00:03, Serial0/0/0
SanJose3# ©
Examining SanJose3’s BGP Table
EIGRP
• Why doesn’t SanJose3 have the 10.1.0.0 prefix from
SanJose1 in its routing table?
• Remember, prefixes learned via EBGP are advertised
into IBGP with the next-hop address unchanged.
• SanJose3 needs to be able to reach the next hop or
the route is not added to the routing table.
?
• Solutions:
• Advertise next-hop (192.168.1.0) AS 65000
• SanJose1 modifies makes itself the next-hop
when advertising EBGP routes using IBGP
<Codes omitted>

* i 10.1.0.0/16 192.168.1.1 0
< NOT reachable 100 0 65100 isi not in routing table
because next-hop
r>i 172.16.2.0/24 172.17.2.1 0 (i) learned
0 i
*> 172.16.4.0/24 0.0.0.0 0 32768 i
< 0.0.0.0 indicates originating this route ©
SanJose3#
Next-hop-self
• SanJose1 will use it’s loopback0

address as the next hop address in its
BGP updates
• SanJose3 will use it’s loopback0
address as the next hop address in its
BGP updates

SanJose1(config-router)# neighbor 172.17.4.1 next-hop-self

SanJose3(config-router)# neighbor 172.17.2.1 next-hop-self ©
Re-examining SanJose3’s
EIGRP
BGP Table Next hop
• Notice that the next hop address has

been changed to SanJose1’s loopback0
address 172.17.2.1 which is reachable
because it being advertised in EIGRP

updates from SanJose1.

<Codes omitted>

*>i 10.1.0.0/16 172.17.2.1 0 because
< Reachable 100 new 0 65100 is
next-hop i in routing table
r>i 172.16.2.0/24 172.17.2.1 0 (i) learned
0 i
*> 172.16.4.0/24 0.0.0.0 0
< 0.0.0.0 indicates 32768
originating this i
route
SanJose3# ©
EIGRP
Routing Table
?
• SanJose3 installs the 10.1.0.0 prefix
learned from SanJose1.
• Is 10.1.0.0 reachable?
SanJose3# show ip route bgp

B 10.1.0.0 [200/0] via 172.17.2.1, 00:03:17
SanJose3#
©
Routing Table
• Nope.
• Maybe because SanJose3 is not
advertising the source address
(172.16.1.4/30) of the ping?
• Remember, ITA is only advertising
172.16.2.0/24 and 172.16.4.0/24.

B 10.1.0.0 [200/0] via 172.17.2.1, 00:03:17
SanJose3#
SanJose3# ping 10.1.0.1
U.U.U
Success rate is 0 percent (0/5)
SanJose3# ©
Routing Table
• Nope.
• Maybe the problem lies with
SanJose2?

<Only BGP routes are shown>
It’s not you,
it’s me.
B 10.1.0.0 [200/0] via 172.17.2.1, 00:03:17
SanJose3#
SanJose3# ping 10.1.0.1 source gig 0/0
U.U.U
Success rate is 0 percent (0/5) ©
SanJose3#
Examine the behavior of BGP
synchronization being disabled
BGP and Routing Table
• SanJose3 has the 10.1.0.0 in its BGP and
IP routing tables because it learned the
route via IBGP from SanJose1 and …
• It now has a valid next hop address to
SanJose1 for the route.
• But 10.1.0.0 is unreachable.
*>i 10.1.0.0/16 172.17.2.1 0 100 0 65100 i
r>i 172.16.2.0/24 172.17.2.1 0 100 0 i
*> 172.16.4.0/24 0.0.0.0 0 32768 i

B 10.1.0.0 [200/0] via 172.17.2.1, 00:03:17
U.U.U ©
SanJose3#
Examining SanJose2’s BGP
and Routing Table
• SanJose2 does not have any knowledge
of the 10.1.0.0/16 network.
SanJose2# show ip route 10.1.0.0
SanJose2#
©
Examining SanJose2’s BGP
and Routing Table
• SanJose3 still has a IBGP route for this
network because the default BGP
behavior is no synchronization.
• Beginning with IOS 12.2(8)T, the default
BGP behavior is no synchronization.
• The BGP synchronization rule states that
a router will not include in its routing
table nor advertise routes learned by
IBGP unless that route is directly I am using NO synchronization
connected or learned from an IGP. by default. I have an IBGP route
NOT to 10.1.0.0 and even if my
IBGP IGP (EIGRP) => routing table doesn’t have an
included
SanJose3# show ip route bgp in routing IGP (EIGRP) route, I will include
the route in my routing table.
table
And I would send this route to
B 10.1.0.0 [200/0] via 172.17.2.1, 00:03:17
SanJose3#
ISP2.  ©
Enable Synchronization
• With synchronization enabled, SanJose3
will not include the BGP route to
10.1.0.0/16 in its routing table unless it
already knows about it via EIGRP.
• If SanJose3 had the 10.1.0.0/16 network
in its IP routing table as an EIGRP route, it
would would mean other routers in the
domain, SanJose2, would most likely have
this route also. I have an IBGP route to
SanJose3(config)# router bgp 65000 10.1.0.0 but I do not have an
SanJose3(config-router)# synchronization IGP (EIGRP) route in my
routing table.
Network Next Hop Metric LocPrf So, I willPath
Weight NOT include it in my
* i 10.1.0.0/16 172.17.2.1 0 routing table
100 because
0 65100 i I am
r>i 172.16.2.0/24 172.17.2.1 0 100 0 i
using “synchronization”.
*> 172.16.4.0/24 0.0.0.0 0 32768 i
SanJose3# show ip route bgp And, I will not send this route
SanJose3# to ISP2.  ©
Back to No Synchronization
• Re-enable default, no synchronization
Hey, I’m still clueless… help!
I am using NO
synchronization again. I have
SanJose3(config)# router bgp 65000 an IBGP route to 10.1.0.0 and
SanJose3(config-router)# no synchronization even if my routing table
doesn’t have an IGP (EIGRP)
route, I will include the route
10.0.0.0/16 is subnetted, 1 subnets in my routing table.
B 10.1.0.0 [200/0] via 172.17.2.1, 00:03:17 And I would send this route
SanJose3#
to ISP2.  ©
Configure and verify full-mesh IBGP on all
ITA transit routers
Two Options Option 1 EIGRP
• Option 1: Redistribute BGP routes BGP
into IGP (EIGRP)
• When synchronization was
the default
• Undesirable… why?
• All routers in ITA would receive
these routes... Even those not Option 2
in the transit path EIGRP
• We only need our transit BGP
routers to have these routes. BGP
• Option2: Enable full-mesh IBGP -
IBGP
on all routers in transit path
• Why no synchronization can
be the default.
BGP ©
Configure full-mesh IBGP on
all transit routers
• Remember, default is no synchronization IBGP

SanJose2(config-router)# neighbor 172.17.2.1 update-source Loopback0

SanJose1(config-router)# neighbor 172.17.3.1 next-hop-self

SanJose3(config-router)# neighbor 172.17.3.1 next-hop-self ©
Peering Relationships
ISP1# show bgp summary IBGP

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State PfxRcd
192.168.1.2 4 65000 20 21 18 0 0 00:14:25 2
SanJose1# show bgp summary

172.17.3.1 4 65000 18 18 4 0 0 00:12:12 0
172.17.4.1 4 65000 19 18 4 0 0 00:12:12 1
192.168.1.1 4 65100 18 18 4 0 0 00:12:12 1

172.17.2.1 4 65000 20 20 9 0 0 00:14:30 2
172.17.4.1 4 65000 68 66 9 0 0 00:53:14 1

172.17.2.1 4 65000 20 22 10 0 0 00:14:35 2
©
172.17.3.1 4 65000 66 68 10 0 0 00:53:19 0
Examining SanJose2 – No
longer clueless
I now have a route via
IBGP to 10.1.0.0.
I don’t have to be the
missing link any more!

*>i 10.1.0.0/16 172.17.2.1 0 100 0 65100 i
r>i 172.16.2.0/24 172.17.2.1 0 100 0 i
r>i 172.16.4.0/24 172.17.4.1 0 100 0 i

B 10.1.0.0 [200/0] via 172.17.2.1, 00:06:53
©
Let’s look at SanJose3 again

*>i 10.1.0.0/16 172.17.2.1 0 100 0 65100 i
r>i 172.16.2.0/24 172.17.2.1 0 100 0 i
*> 172.16.4.0/24 0.0.0.0 0 32768 i

B 10.1.0.0 [200/0] via 172.17.2.1, 00:54:55
SanJose3#
!!!!!
SanJose3#
ISP1# ping 172.16.4.1 source gig 0/0

!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 80/83/84 ms
ISP1# ©
STEAL MY
STUFF!
Username = cisco
www.cabrillo.edu/~rgraziani Password = perlman

The Hebe-Jebes (Or He-B-Gps) : Understanding The Roles of Ebgp, Ibgp and An Igp

Hochgeladen von

Dokumentinformationen

Originaltitel

Copyright

Verfügbare Formate

Dieses Dokument teilen

Dokument teilen oder einbetten

Freigabeoptionen

Stufen Sie dieses Dokument als nützlich ein?

Sind diese Inhalte unangemessen?

Copyright:

Verfügbare Formate

The Hebe-Jebes (Or He-B-Gps) : Understanding The Roles of Ebgp, Ibgp and An Igp

Hochgeladen von

Copyright:

Verfügbare Formate

The Hebe-jebes (or He-B-GPs):

Understanding the Roles of EBGP,

SanJose2(config)# router eigrp 1

SanJose3(config)# router eigrp 1 • Loopback interfaces

ISP1(config)# router bgp 65100

SanJose1(config)# router bgp 65000

Network Next Hop Metric LocPrf Weight Path

• What does the routing table show us?

10.0.0.0/16 is subnetted, 1 subnets

172.16.0.0/16 is variably subnetted, 7 subnets, 3 masks

Network Next Hop Metric LocPrf Weight Path

• SanJose1 will use it’s loopback0

SanJose1(config)# router bgp 65000

SanJose3(config)# router bgp 65000

• Notice that the next hop address has

SanJose3# show ip bgp

Network Next Hop Metric LocPrf Weight Path

SanJose3# show ip route bgp

10.0.0.0/16 is subnetted, 1 subnets

10.0.0.0/16 is subnetted, 1 subnets

SanJose3# show ip route bgp

10.0.0.0/16 is subnetted, 1 subnets

SanJose2# show ip route 10.1.0.0

• Re-enable default, no synchronization

Hey, I’m still clueless… help!

SanJose2(config)# router bgp 65000

SanJose1(config)# router bgp 65000

SanJose3(config)# router bgp 65000

ISP1# show bgp summary IBGP

SanJose1# show bgp summary

SanJose2# show bgp summary

SanJose3# show bgp summary

Network Next Hop Metric LocPrf Weight Path

SanJose2# show ip route bgp

10.0.0.0/16 is subnetted, 1 subnets

SanJose3# show ip bgp

10.0.0.0/16 is subnetted, 1 subnets

ISP1# ping 172.16.4.1 source gig 0/0

Das könnte Ihnen auch gefallen