Question about BGP, need help
The scenario is simple:
R1 and R2 are connected via serial, in AS 5500.
R3 is in AS 777, connected to R2 via serial.
This is R1:
interface Loopback0
ip address 1.1.1.1 255.255.255.255
!
interface Serial0/0
ip address 10.1.12.1 255.255.255.252
serial restart-delay 0
!
router ospf 1
log-adjacency-changes
network 1.1.1.1 0.0.0.0 area 0
network 10.1.12.1 0.0.0.0 area 0
!
router bgp 5500
no synchronization
bgp log-neighbor-changes
neighbor 2.2.2.2 remote-as 5500
neighbor 2.2.2.2 update-source Loopback0
no auto-summary
!
This is R2:
interface Loopback0
ip address 2.2.2.2 255.255.255.255
!
interface Serial0/0
ip address 10.1.12.2 255.255.255.252
serial restart-delay 0
!
interface Serial0/1
ip address 10.1.23.1 255.255.255.252
serial restart-delay 0
!
router ospf 1
log-adjacency-changes
network 2.2.2.2 0.0.0.0 area 0
network 10.1.12.2 0.0.0.0 area 0
!
router bgp 5500
no synchronization
bgp log-neighbor-changes
neighbor 1.1.1.1 remote-as 5500
neighbor 1.1.1.1 update-source Loopback0
neighbor 1.1.1.1 next-hop-self
neighbor 10.1.23.2 remote-as 777
neighbor 10.1.23.2 ebgp-multihop 2
no auto-summary
!
and R3:
interface Loopback1
ip address 200.1.1.1 255.255.255.255
!
interface Serial0/0
ip address 10.1.23.2 255.255.255.252
serial restart-delay 0
!
router bgp 777
no synchronization
bgp log-neighbor-changes
network 200.1.1.1 mask 255.255.255.255
neighbor 10.1.23.1 remote-as 5500
no auto-summary
!
R1 sees R3's advertized 200.1.1.1 255.255.255.255 loopback network,
R1#sh ip bgp
....
*>i200.1.1.1/32 2.2.2.2
and is placing it accordingly in its routing table
with next hop being R2 (2.2.2.2).
By the same token, R2 sees 200.1.1.1 and is placing it in routing table.
The scenario is simple but i still can't ping 200.1.1.1 at all from R1 (also ican't ping R1 from R3), and i just can't figure it out what the problem is/what i missed. Any suggestions are very welcome. Please help out!
p.s.
If i redistribute connected on R1 and R2, then i can ping everything, but thats just not good practice is it?
R1 and R2 are connected via serial, in AS 5500.
R3 is in AS 777, connected to R2 via serial.
This is R1:
interface Loopback0
ip address 1.1.1.1 255.255.255.255
!
interface Serial0/0
ip address 10.1.12.1 255.255.255.252
serial restart-delay 0
!
router ospf 1
log-adjacency-changes
network 1.1.1.1 0.0.0.0 area 0
network 10.1.12.1 0.0.0.0 area 0
!
router bgp 5500
no synchronization
bgp log-neighbor-changes
neighbor 2.2.2.2 remote-as 5500
neighbor 2.2.2.2 update-source Loopback0
no auto-summary
!
This is R2:
interface Loopback0
ip address 2.2.2.2 255.255.255.255
!
interface Serial0/0
ip address 10.1.12.2 255.255.255.252
serial restart-delay 0
!
interface Serial0/1
ip address 10.1.23.1 255.255.255.252
serial restart-delay 0
!
router ospf 1
log-adjacency-changes
network 2.2.2.2 0.0.0.0 area 0
network 10.1.12.2 0.0.0.0 area 0
!
router bgp 5500
no synchronization
bgp log-neighbor-changes
neighbor 1.1.1.1 remote-as 5500
neighbor 1.1.1.1 update-source Loopback0
neighbor 1.1.1.1 next-hop-self
neighbor 10.1.23.2 remote-as 777
neighbor 10.1.23.2 ebgp-multihop 2
no auto-summary
!
and R3:
interface Loopback1
ip address 200.1.1.1 255.255.255.255
!
interface Serial0/0
ip address 10.1.23.2 255.255.255.252
serial restart-delay 0
!
router bgp 777
no synchronization
bgp log-neighbor-changes
network 200.1.1.1 mask 255.255.255.255
neighbor 10.1.23.1 remote-as 5500
no auto-summary
!
R1 sees R3's advertized 200.1.1.1 255.255.255.255 loopback network,
R1#sh ip bgp
....
*>i200.1.1.1/32 2.2.2.2
and is placing it accordingly in its routing table
with next hop being R2 (2.2.2.2).
By the same token, R2 sees 200.1.1.1 and is placing it in routing table.
The scenario is simple but i still can't ping 200.1.1.1 at all from R1 (also ican't ping R1 from R3), and i just can't figure it out what the problem is/what i missed. Any suggestions are very welcome. Please help out!
p.s.
If i redistribute connected on R1 and R2, then i can ping everything, but thats just not good practice is it?
Comments
Gateway of last resort is not set
1.0.0.0/32 is subnetted, 1 subnets
C 1.1.1.1 is directly connected, Loopback0
2.0.0.0/32 is subnetted, 1 subnets
O 2.2.2.2 [110/65] via 10.1.12.2, 00:15:21, Serial0/0
200.1.1.0/32 is subnetted, 1 subnets
B 200.1.1.1 [200/0] via 2.2.2.2, 00:00:57
10.0.0.0/30 is subnetted, 1 subnets
C 10.1.12.0 is directly connected, Serial0/0
R1 knows how to get to destination over router 2 (2.2.2.2)
Routing table of R2:
1.0.0.0/32 is subnetted, 1 subnets
O 1.1.1.1 [110/65] via 10.1.12.1, 00:17:10, Serial0/0
2.0.0.0/32 is subnetted, 1 subnets
C 2.2.2.2 is directly connected, Loopback0
200.1.1.0/32 is subnetted, 1 subnets
B 200.1.1.1 [20/0] via 10.1.23.2, 00:10:58
10.0.0.0/30 is subnetted, 2 subnets
C 10.1.12.0 is directly connected, Serial0/0
C 10.1.23.0 is directly connected, Serial0/1
And R2 knows how to get to R3.
The problem is in R3:
Gateway of last resort is not set
200.1.1.0/32 is subnetted, 1 subnets
C 200.1.1.1 is directly connected, Loopback1
10.0.0.0/30 is subnetted, 1 subnets
C 10.1.23.0 is directly connected, Serial0/0
But, assuming that AS 777 is ISP and is not suppose to know about my routes/networks, and not configuring default-route, ip route 0.0.0.0 0.0.0.0 s0/0 on both R3 and R1 (after which everything does work), is there other way to do it?
Thx a lot for helping out guys!
R1----R2
R3
OSPF Between R1 & R2
iBGP R1 & R2
eBGP R2 & R3
R3 injects 200.1.1.1
Your issues is R1 can't reach 200.1.1.1 and R1 can't reach R3 but R2 should because it is directly connected
To fix both issues R1 has a route to 200.1.1.1 via BGP but R3 does not have a route back because when you ping, the source IP address is R1 S0/0 so to fix your problem R3 needs a route to R1 s0/0 so set up a default route on R3 with a next hop of R2 s0/1 ip address or run OSPF between R2 & R3 or advertise R1 Lo0 into BGP and source your pings from that interface. Or set up NAT to translate you internal IP to the ip address of R2 s0/1. Or set up a static route
HTH
There are several ways to do this, however assuming AS 777 is my ISP or let's just say a system i don't want to share my internal info with or advertise links into, then:
a) I can't advertise my loopback addresses into BGP via network statement (i.e R1's loopback as a source address, 1.1.1.1).
b) By the same token I don't want to advertise my serial links into BGP at all! AS 777 doesn't need to know about my internal links. That's why i have IGP to distribute my loopback addresses.....
c) ....but notice i don't have OSPF running between R2 and R3 (R2 uses only its S0/0 link for OSPF), again, i don't want to advertise via OSPF on my S1/0 link to R3!
I was confused since i thought BGP would take care of this itself i, that is, chain propagate itself trough neighbor relationship so i don't have to do these things myself. I though R3 should be able to see R1 via R2.
It seems to me that the only way is , default route from R3 into AS 5500, and a static route from AS5500 to R3, which will I then redistributed into OSPF (?)
So, although you all gave valid answers, what would be the best way in your opinion to let R3 reach R1 considering i don't want to advertise information from AS5500 into AS777 ??
Hopefully that will explain it,
Thank You
Maybe I have missed something, but this is an unrealistic scenario.
Thank you al for help, much appreciated.