Question on BGP

I am in a router that is two hops away to the edge of the AS. How would I get to another AS through the edge router that is two hops away. I've tried to set it up, but the router still can't get to the other AS.

Find more posts tagged with

Save $250 on 2025 certification boot camps from Infosec!

Book now with code EOY2025

Button

Comments

Drakonblayde

Post your configs

keenon

do u have diagram?

sputnic68

Unfortunitly I can't post any configs because I needed to move onto the next lab. How would I go about posting a picture?

keenon

sure does

Webmaster

Send it to webmaster @ techexams.net and I will place it on our server, and add it to your initial post in this topic (if is not copyright protected of course).

sputnic68

Ok I sent it! I'll describe what is happening and when the diagram in on the post it will make more sense.

The problem I'm having is that r1 cannot get to r6 and r2 cannot get to r5, but they can get to any other router in or out of the AS that they are in. It seems that when it is two hops away from the edge router that I want to exit, it can't get to it. I thought that having the edge routers advertise themselves as the next-hop-self to r1 and r2 would fix the problem. Anyone know what could be going on?

Drakonblayde

at a guess, your configuration is wrong hehe

Unfortunatley, without what you are using for your configs, and a simple network diagram to see what you're trying to accomplish, it's hard to pinpoint exactly where. BGP is a behemoth and hard to figure out what's wrong on a bare bones explanation.

Webmaster

Ok I sent it! I'll describe what is happening and when the diagram in on the post it will make more sense.

I haven't received it yet, but will post it when I do.

Drakonblayde is right though, configs are kinda essential when solving Cisco issues

sputnic68

Well, I fixed it! On one of the internal routers I didn't have the no sync so no routes were being installed in the table for the other ASs. Duh, just a stupid mistake. Your not kidding BGP is a behemoth to work with, that is why I'm brushing up on it before I go into the CIT exam. I've got a pretty comples network set up with many subnets so it is quite a challenge.

sputnic68

Next time I'll be sure to post configs!!!

Yozh

Not much of BGP on the CIT......

sputnic68

I've heard different. I guess it depends on what pool of questions you get. What topics where really stong on your test?

sputnic68

I'm having one more problem. I cannot get to r5 from r6 and vice versa. I'm posting the configs to see if anyone can help me out.

Here are the configs:

r1#sh run
Building configuration...

Current configuration:
!
version 12.0
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname r1
!
enable secret 5 $1$/pF1$.TiyzTt.4lIDBs/Hjn/fA/
!
username Eciadmin password 0 Santa;Fe9
username r2 password 0 nick
!
!
!
!
memory-size iomem 6
ip subnet-zero
ip host r5 10.1.1.2
ip host r4 10.2.2.2
ip host r3 192.168.2.2
ip host r2 192.168.4.2
ip host r1 192.168.4.1
!
!
!
!
interface Loopback0
ip address 2.2.2.2 255.255.255.255
no ip directed-broadcast
!
interface Ethernet0/0
ip address 192.168.4.2 255.255.255.0
no ip directed-broadcast
!
interface Serial0/0
ip address 192.168.5.1 255.255.255.252
no ip directed-broadcast
encapsulation ppp
no ip mroute-cache
ppp authentication chap
!
router eigrp 100
network 2.2.2.2 0.0.0.0
network 192.168.4.0
network 192.168.5.0
no auto-summary
!
router bgp 77
no synchronization
network 2.2.2.2 mask 255.255.255.255
neighbor 1.1.1.1 remote-as 77
neighbor 1.1.1.1 update-source Loopback0
neighbor 3.3.3.3 remote-as 77
neighbor 3.3.3.3 update-source Loopback0
neighbor 4.4.4.4 remote-as 77
neighbor 4.4.4.4 update-source Loopback0
!
ip classless
no ip http server
!
!
line con 0
password 19mcis96
login
transport input none
line aux 0
line vty 0 4
password 19mcis96
login
!
end

r2#sh run
Building configuration...

Current configuration:
!
version 12.0
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname r2
!
!
username r1 password 0 nick
!
!
!
!
ip subnet-zero
!
!
!
!
interface Loopback0
ip address 3.3.3.3 255.255.255.255
no ip directed-broadcast
!
interface Ethernet0/0
no ip address
no ip directed-broadcast
shutdown
!
interface Serial0/0
ip address 192.168.5.2 255.255.255.252
no ip directed-broadcast
encapsulation ppp
no ip mroute-cache
ppp authentication chap
!
interface Serial0/1
ip address 192.168.5.5 255.255.255.252
no ip directed-broadcast
!
router eigrp 100
network 3.3.3.3 0.0.0.0
network 192.168.5.0
no auto-summary
!
router bgp 77
network 3.3.3.3 mask 255.255.255.255
neighbor 1.1.1.1 remote-as 77
neighbor 1.1.1.1 update-source Loopback0
neighbor 2.2.2.2 remote-as 77
neighbor 2.2.2.2 update-source Loopback0
neighbor 4.4.4.4 remote-as 77
neighbor 4.4.4.4 update-source Loopback0
!
ip classless
no ip http server
!
!
line con 0
transport input none
line aux 0
line vty 0 4
login
!
end

r3#sh run
Building configuration...

Current configuration : 4691 bytes
!
version 12.1
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname r3
!
enable secret 5 $1$VBu6$OppoBxa9U8LJ3zBIREZpn1
!
username Eciadmin password 0 Santa;Fe9
ip subnet-zero
ip routing
!
ip host r1 10.1.1.1 10.2.2.1 192.168.4.1
ip host r2 192.168.4.2
ip host r3 192.168.2.2
ip host r4 10.2.2.2
ip host r5 10.1.1.2
!
spanning-tree mode pvst
spanning-tree extend system-id
!
!
!
!
!
interface Loopback0
ip address 1.1.1.1 255.255.255.255
!
interface FastEthernet0/45
no switchport
ip address 192.168.2.1 255.255.255.0
!
interface FastEthernet0/47
no switchport
ip address 192.168.4.1 255.255.255.0
!
interface FastEthernet0/48
no switchport
ip address 10.1.1.1 255.255.255.0
!
interface Vlan1
no ip address
shutdown
!
router eigrp 100
passive-interface FastEthernet0/45
network 1.1.1.1 0.0.0.0
network 10.0.0.0
network 192.168.2.0
network 192.168.4.0
no auto-summary
no eigrp log-neighbor-changes
!
router bgp 77
no synchronization
bgp log-neighbor-changes
network 192.168.2.0
network 192.168.4.0
network 192.168.5.0
neighbor 2.2.2.2 remote-as 77
neighbor 2.2.2.2 update-source Loopback0
neighbor 2.2.2.2 next-hop-self
neighbor 3.3.3.3 remote-as 77
neighbor 3.3.3.3 update-source Loopback0
neighbor 3.3.3.3 next-hop-self
neighbor 10.1.1.2 remote-as 65
neighbor 10.2.2.2 remote-as 75
neighbor 192.168.2.2 remote-as 77
!
ip classless
ip http server
!
!
line con 0
session-timeout 5
password 19mcis96
login
line vty 0 4
session-timeout 5
password 19mcis96
login
line vty 5 15
session-timeout 5
password 19mcis96
login
!
!
end

r4#sh run
Building configuration...

Current configuration : 1443 bytes
!
version 12.2
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname r4
!
enable secret 5 $1$H6X1$6Yptl3VNesEcz38X6cNmv0
!
username Eciadmin password 0 Santa;Fe9
ip subnet-zero
!
!
ip host r5 10.1.1.2
ip host r4 10.2.2.2
ip host r3 192.168.2.2
ip host r2 192.168.4.2
ip host r1 192.168.2.1
!
!
!
!
interface Loopback0
ip address 4.4.4.4 255.255.255.255
!
interface FastEthernet0/0
ip address 192.168.2.2 255.255.255.0
duplex auto
speed auto
!
interface Serial0/0
ip address 192.168.5.6 255.255.255.252
!
interface FastEthernet0/1
ip address 10.2.2.1 255.255.255.0
duplex auto
speed auto
!
router eigrp 100
passive-interface FastEthernet0/0
network 4.4.4.4 0.0.0.0
network 10.0.0.0
network 192.168.2.0
network 192.168.5.0
no auto-summary
!
router bgp 77
no synchronization
bgp log-neighbor-changes
network 192.168.2.0
network 192.168.4.0
network 192.168.5.0 mask 255.255.255.252
network 192.168.5.4 mask 255.255.255.252
neighbor 2.2.2.2 remote-as 77
neighbor 2.2.2.2 update-source Loopback0
neighbor 2.2.2.2 next-hop-self
neighbor 3.3.3.3 remote-as 77
neighbor 3.3.3.3 update-source Loopback0
neighbor 3.3.3.3 next-hop-self
neighbor 10.1.1.2 remote-as 65
neighbor 10.2.2.2 remote-as 75
neighbor 192.168.2.1 remote-as 77
no auto-summary
!
ip classless
ip http server
!
!
line con 0
password 19mcis96
login
line aux 0
line vty 0 4
password 19mcis96
login
!
end

r5#sh run
Building configuration...

Current configuration : 3972 bytes
!
version 12.1
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname r5
!
enable secret 5 $1$iDJu$Y.jiJyTV7OnK6xaLGfgol0
!
username Eciadmin password 0 Santa;Fe9
ip subnet-zero
ip routing
!
ip host r1 10.1.1.1
ip host r2 192.168.4.2
ip host r3 192.168.2.2
ip host r4 10.2.2.2
ip host r5 10.1.1.2
!
spanning-tree mode pvst
spanning-tree extend system-id
!
!
!
!
!
interface FastEthernet0/48
no switchport
ip address 10.1.1.2 255.255.255.0
!
interface Vlan1
no ip address
shutdown
!
router bgp 65
bgp log-neighbor-changes
neighbor 10.1.1.1 remote-as 77
!
ip classless
ip http server
!
!
line con 0
session-timeout 5
password 19mcis96
login
line vty 0 4
session-timeout 5
password 19mcis96
login
line vty 5 15
session-timeout 5
password 19mcis96
login
!
!
end

r6#sh run
Building configuration...

Current configuration : 3972 bytes
!
version 12.1
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname r6
!
enable secret 5 $1$oXkC$yGze9EPQfHmEKp93Fh3J./
!
username Eciadmin password 0 Santa;Fe9
ip subnet-zero
ip routing
!
ip host r5 10.1.1.2
ip host r4 10.2.2.2
ip host r2 192.168.4.2
ip host r1 192.168.2.1
ip host r3 10.2.2.1
!
spanning-tree mode pvst
spanning-tree extend system-id
!
!
!
!
!
!
interface FastEthernet0/48
no switchport
ip address 10.2.2.2 255.255.255.0
!
interface Vlan1
no ip address
shutdown
!
router bgp 75
bgp log-neighbor-changes
neighbor 10.2.2.1 remote-as 77
!
ip classless
ip http server
!
!
line con 0
session-timeout 5
password 19mcis96
login
line vty 0 4
session-timeout 5
password 19mcis96
login
line vty 5 15
session-timeout 5
password 19mcis96
login
!
!
end

tunerX

Routers 3 and 4 have neighbor statements for both AS 65 and AS 75. Router 5 would need another neighbor statement for router 4. Router 6 would need another neighbor statement for router 3.

In router 5 add the following statements
neighbor 192.168.2.2 remote-as 77
neighbor 192.168.2.2 ebgp-multihop

In router 6 add the following statements
neighbor 192.168.2.1 remote-as 77
neighbor 192.168.2.1 ebgp-multihop

In router 3
neighbor 10.2.2.1 ebgp-multihop

In router 4
neighbor 10.1.1.1 ebgp-multihop

This isn't your problem though. What are you trying to accomplish with the above? It is kind of redundant and you will get RIB errors in your BGP table.

Your problem is that R5 does now know how to get to R6 and R6 does not know how to get to R5. You are missing network statements for the R3-R5 network and the R4-R6 network. Add those statements into BGP and everything should work. Based on your configs R6 will not have an entry for the 10.1.1.0 network and R5 will not have an entry for the 10.2.2.0 network.

sputnic68

Thanks tunerX! I'll give that a try. I was trying to create a fully meshed ibgp connected to two other ASs.

tunerX

I made a little typo.

In router 3
neighbor 10.2.2.2 ebgp-multihop

In router 4
neighbor 10.1.1.2 ebgp-multihop

From your configs you have Router 5 peering with router 3 and 4. You also have router 6 peering with 3 and 4. This wouldn't be a bad thing if router 5 and 6 both had direct connections to both routers 3 and 4. Instead you have router 4 establishing a TCP connection over router 3 to get to 5, and router 3 establishing a TCP connection over router 4 to get to 6.

With a setup like this you will get multiple entries for many of the same routes but the next hop address will still be only a single address. BGP 12.2 and above will show a status of "r" when you do a "show ip bgp" . This means that the route is in the table but but it does not agree with the local IP routing table logic for next hops and least cost.

sputnic68

Still having trouble. r5 doesnot have the route to 10.2.2.2 and r6 doesn't have a route to 10.1.1.2. I go to routers 3 and 4 and they both have routes to 10.2.2.0 network and 10.1.1.0 network. How would I accomplish this with just two routers in AS 77 and both are just running BGP instead of running fully meshed bgp with eigrp? Thanks for all your help!!!

tunerX

You need to have a network statement for the 10 network in router 3 and 4. Your configs do not have them listed for BGP. EIGRP has the networks in their routing table.

show ip bgp summary - to check for neighbor relationships
show ip bgp - to check the bgp routing table

Add this config to R3
network 10.1.1.0 mask 255.255.255.0
no auto-summary

Add this config to R4
network 10.2.2.0 mask 255.255.255.0
no auto-summary