BGP - network convergence

NicoleMNicoleM Registered Users Posts: 8 ■□□□□□□□□□
in CCNA & CCENT
So, if you have multiple entry points into your network, and you lose an entry point, will BGP automatically tell another entry point to start advertising the route to provide a path into your network from the down link? If so, how do you stop this from happening?

We lost a 10M pipe, and from the looks of the bonded T-s receive going through the roof, it appeared that BGP did exactly above, and if that happens again, I need to make it stop.

Any insight is much appreciated.
· Share on FacebookShare on Twitter

Comments

  • Forsaken_GAForsaken_GA Member Posts: 4,024
    NicoleM wrote: »
    So, if you have multiple entry points into your network, and you lose an entry point, will BGP automatically tell another entry point to start advertising the route to provide a path into your network from the down link? If so, how do you stop this from happening?

    We lost a 10M pipe, and from the looks of the bonded T-s receive going through the roof, it appeared that BGP did exactly above, and if that happens again, I need to make it stop.

    Any insight is much appreciated.

    BGP doesn't do much automatically, it does what you tell it. If you advertised that link into BGP, then your other router would have learned it, and in turn, advertised it to their external peers. If there's a prefix you don't want going out the other link, you need to filter it. Either filter it from being learned on the other border router, or filter it from that border routers updates to it's external peers, whichever is more appropriate in your case.
    · Share on FacebookShare on Twitter
  • NicoleMNicoleM Registered Users Posts: 8 ■□□□□□□□□□
    Well, maybe something else is happening. I'm still studying for ICND 2, so... my experience and knowledge is limited.

    The two border routers are not directly connected to one another externally, only internally via the rest of the network, so... ya... any other ideas of what may have happened? The two outside pipes are different providers, but the bonded t-s are an internet connection. I'm at a loss as to what made my bonded t-s receive go through the roof, and as a result, I lost my links for my operations. Maybe it was a coincidence, but I don't buy into coincidence for this.
    · Share on FacebookShare on Twitter
  • billyrbillyr Member Posts: 186
    Your two border routers do not have to be directly connected to each other internally. They can actually form IBGP peer relationships across your other routers even if the other routers are not running BGP. BGP is pretty cool once you get to grips with it, but I'd advise leaving well alone if you are not sure.

    Have a look at filtering as suggested by Forsaken.
    · Share on FacebookShare on Twitter
  • Forsaken_GAForsaken_GA Member Posts: 4,024
    NicoleM wrote: »
    Well, maybe something else is happening. I'm still studying for ICND 2, so... my experience and knowledge is limited.

    The two border routers are not directly connected to one another externally, only internally via the rest of the network, so... ya... any other ideas of what may have happened? The two outside pipes are different providers, but the bonded t-s are an internet connection. I'm at a loss as to what made my bonded t-s receive go through the roof, and as a result, I lost my links for my operations. Maybe it was a coincidence, but I don't buy into coincidence for this.

    Well, without seeing the network layout and the router configurations, I can only guess. But if your border routers are peering internally via iBGP, then unless you've filtered them, whatever routes you're announcing out the 10m pipe are also going to the other border router. If T border route is peering externally via BGP with a service provider, then the routes it learns from the 10m pipe are going to be announced to that provider as well.

    So unless you've tied the announcement of the other routes to being dependent on the 10m link being up, when that link goes down, the only other available path is through your T's. That's where the traffic will come in. If you were to set it up so that the 10m border router withdrew that advertisement when the 10m link went down, you'd avoid that.

    However, if you never want to use the T's as a backup link for the traffic going out over the 10m link, you're better off filtering the route from ever being announced in the first place.
    · Share on FacebookShare on Twitter
  • NicoleMNicoleM Registered Users Posts: 8 ■□□□□□□□□□
    i can see i'm not currently advertising the same routes on my t's as on my 10M pipe. i used the command:

    show ip bgp neighbors X.X.X.X advertised-routes

    however, being unfamiliar with bgp, i can only assume, since i lost my 10M access, that the one border router told the other, hey, advertise this. so, i know you can't KNOW for sure, but that's what happened, correct? with iBGP? and then when the 10M pipe came back up, it told him, ok, no need to advertise now? does it work that way?

    so, ok, now to learn how to filter or stop the 10m border router from telling the t's border router. Thank you much! :)

    at least if you confirm my suspiscions, then i sorta knew what was happening.

    learning this heading in backwards is kinda fun. in a painful sort of way.
    · Share on FacebookShare on Twitter
  • Forsaken_GAForsaken_GA Member Posts: 4,024
    Well, BGP doesn't say 'hey, this link went down, I need you, the other guy, to start advertising it', unless you've purposely configured it that way. So if you're certain that your T routers aren't advertising those routes, then something else is going on.

    If you want to PM your prefixes, I'll check and see how they appear from the outside.
    · Share on FacebookShare on Twitter
  • NicoleMNicoleM Registered Users Posts: 8 ■□□□□□□□□□
    how do i check? i can always jump off my corporate network and do it from a plain ole ISP connection. or do i need bgp to do it?

    and how do i tell if those who came before me purposely configured it that way?
    · Share on FacebookShare on Twitter
  • Forsaken_GAForsaken_GA Member Posts: 4,024
    NicoleM wrote: »
    how do i check? i can always jump off my corporate network and do it from a plain ole ISP connection. or do i need bgp to do it?

    and how do i tell if those who came before me purposely configured it that way?

    Oh, no need for that, just google for BGP looking glass, most of the major service providers will have one, and it allows you to query their bgp table, so you can see how your routes look from their perspective. I usually use the level3 one, when I'm not using my own routers

    As far as telling if it was configured that way.... you have to look at the configuration, which means you have to do a whole lot more studying on BGP. :)

    If you're required to work with BGP as part of your daily duties, do yourself a huge favor and pickup a copy of Internet Routing Architectures by Sam Halabi.
    · Share on FacebookShare on Twitter
  • NicoleMNicoleM Registered Users Posts: 8 ■□□□□□□□□□
    Thank you. I'll keep plugging away until I figure it out.

    I have just ordered the book, do you recommend any more?


    more: Ok, so the fact that I don't see a list of IP addresses, and instead, my ASN, does that mean we are telling them routes to everything?
    · Share on FacebookShare on Twitter
Sign In or Register to comment.