Bgp + ccip
ep_ricablancajr
Member Posts: 15 ■□□□□□□□□□
Hello Everyone,
I'm new in BGP world and I just started practicing it. I've created my ISP(Doming) with 1 upstream(COGENT) and 1 customer.
I have a little issue on this setup.
Problem:
Upstream(COGENT) can reach/ping the customer (150.1.1.1) however customer is not able to ping the loopbacks of COGENT.
Overview:
COGENT to ISP(BGP)
ISP to CE(BGP)
OSPF as IGP
I use loopback to form BGP neighbor relationship between R1 and R2
Appreciate all your inputs and explanations for my better understanding.
Regards,
Eduardo
**************
COGENT
**************
!
interface Loopback0
ip address 1.1.2.1 255.255.255.0
!
interface Loopback1
ip address 1.1.3.1 255.255.255.0
!
interface Loopback2
ip address 1.1.4.1 255.255.255.0
!
interface Loopback3
ip address 1.1.5.1 255.255.255.0
!
interface Serial1/0
ip address 17.9.1.1 255.255.255.252
serial restart-delay 0
!
router bgp 174
no synchronization
bgp log-neighbor-changes
redistribute connected route-map FILTER_LOOPBACKS
neighbor 17.9.1.2 remote-as 500
neighbor 17.9.1.2 description CONNECTION->DOMING
no auto-summary
!
ip forward-protocol nd
!
!
no ip http server
no ip http secure-server
!
ip access-list standard LOOPBACKS
permit 1.1.0.0 0.0.255.255
!
!
route-map FILTER_LOOPBACKS permit 10
match ip address LOOPBACKS
!
!
****************
R1
**********
!
interface Loopback0
ip address 1.1.1.1 255.255.255.0
!
interface Serial1/0
ip address 17.9.1.2 255.255.255.252
serial restart-delay 0
!
interface Serial1/1
ip address 10.1.1.1 255.255.255.252
ip ospf hello-interval 1
ip ospf dead-interval 3
serial restart-delay 0
!
router ospf 1
log-adjacency-changes
network 1.1.1.1 0.0.0.0 area 0
network 10.1.1.1 0.0.0.0 area 0
network 17.9.1.2 0.0.0.0 area 0
!
router bgp 500
no synchronization
bgp log-neighbor-changes
neighbor 2.2.2.2 remote-as 500
neighbor 2.2.2.2 description CONNECTION->R2
neighbor 2.2.2.2 update-source Loopback0
neighbor 17.9.1.1 remote-as 174
neighbor 17.9.1.1 description CONNECTION->COGENT
neighbor 17.9.1.1 remove-private-as
no auto-summary
!
==============
R2
==============
!
interface Loopback0
ip address 2.2.2.2 255.255.255.0
!
interface Serial1/0
ip address 150.1.0.1 255.255.255.252
serial restart-delay 0
!
interface Serial1/1
ip address 10.1.1.2 255.255.255.252
ip ospf hello-interval 1
ip ospf dead-interval 3
serial restart-delay 0
!
router ospf 1
log-adjacency-changes
passive-interface Serial1/0
network 2.2.2.2 0.0.0.0 area 0
network 10.1.1.2 0.0.0.0 area 0
network 150.1.0.1 0.0.0.0 area 0
!
router bgp 500
no synchronization
bgp log-neighbor-changes
neighbor 1.1.1.1 remote-as 500
neighbor 1.1.1.1 description CONNECTION->R1
neighbor 1.1.1.1 update-source Loopback0
neighbor 150.1.0.2 remote-as 64512
neighbor 150.1.0.2 description CONNECTION->CE
neighbor 150.1.0.2 default-originate
no auto-summary
!
================
CE
================
!
interface FastEthernet0/0
ip address 150.1.1.1 255.255.255.0
duplex auto
speed auto
!
interface Serial1/0
ip address 150.1.0.2 255.255.255.252
serial restart-delay 0
!
router bgp 64512
no synchronization
bgp log-neighbor-changes
network 150.1.1.0 mask 255.255.255.0
neighbor 150.1.0.1 remote-as 500
neighbor 150.1.0.1 description CONNECTION->DOMING
no auto-summary
!
I'm new in BGP world and I just started practicing it. I've created my ISP(Doming) with 1 upstream(COGENT) and 1 customer.
I have a little issue on this setup.
Problem:
Upstream(COGENT) can reach/ping the customer (150.1.1.1) however customer is not able to ping the loopbacks of COGENT.
Overview:
COGENT to ISP(BGP)
ISP to CE(BGP)
OSPF as IGP
I use loopback to form BGP neighbor relationship between R1 and R2
Appreciate all your inputs and explanations for my better understanding.
Regards,
Eduardo
**************
COGENT
**************
!
interface Loopback0
ip address 1.1.2.1 255.255.255.0
!
interface Loopback1
ip address 1.1.3.1 255.255.255.0
!
interface Loopback2
ip address 1.1.4.1 255.255.255.0
!
interface Loopback3
ip address 1.1.5.1 255.255.255.0
!
interface Serial1/0
ip address 17.9.1.1 255.255.255.252
serial restart-delay 0
!
router bgp 174
no synchronization
bgp log-neighbor-changes
redistribute connected route-map FILTER_LOOPBACKS
neighbor 17.9.1.2 remote-as 500
neighbor 17.9.1.2 description CONNECTION->DOMING
no auto-summary
!
ip forward-protocol nd
!
!
no ip http server
no ip http secure-server
!
ip access-list standard LOOPBACKS
permit 1.1.0.0 0.0.255.255
!
!
route-map FILTER_LOOPBACKS permit 10
match ip address LOOPBACKS
!
!
****************
R1
**********
!
interface Loopback0
ip address 1.1.1.1 255.255.255.0
!
interface Serial1/0
ip address 17.9.1.2 255.255.255.252
serial restart-delay 0
!
interface Serial1/1
ip address 10.1.1.1 255.255.255.252
ip ospf hello-interval 1
ip ospf dead-interval 3
serial restart-delay 0
!
router ospf 1
log-adjacency-changes
network 1.1.1.1 0.0.0.0 area 0
network 10.1.1.1 0.0.0.0 area 0
network 17.9.1.2 0.0.0.0 area 0
!
router bgp 500
no synchronization
bgp log-neighbor-changes
neighbor 2.2.2.2 remote-as 500
neighbor 2.2.2.2 description CONNECTION->R2
neighbor 2.2.2.2 update-source Loopback0
neighbor 17.9.1.1 remote-as 174
neighbor 17.9.1.1 description CONNECTION->COGENT
neighbor 17.9.1.1 remove-private-as
no auto-summary
!
==============
R2
==============
!
interface Loopback0
ip address 2.2.2.2 255.255.255.0
!
interface Serial1/0
ip address 150.1.0.1 255.255.255.252
serial restart-delay 0
!
interface Serial1/1
ip address 10.1.1.2 255.255.255.252
ip ospf hello-interval 1
ip ospf dead-interval 3
serial restart-delay 0
!
router ospf 1
log-adjacency-changes
passive-interface Serial1/0
network 2.2.2.2 0.0.0.0 area 0
network 10.1.1.2 0.0.0.0 area 0
network 150.1.0.1 0.0.0.0 area 0
!
router bgp 500
no synchronization
bgp log-neighbor-changes
neighbor 1.1.1.1 remote-as 500
neighbor 1.1.1.1 description CONNECTION->R1
neighbor 1.1.1.1 update-source Loopback0
neighbor 150.1.0.2 remote-as 64512
neighbor 150.1.0.2 description CONNECTION->CE
neighbor 150.1.0.2 default-originate
no auto-summary
!
================
CE
================
!
interface FastEthernet0/0
ip address 150.1.1.1 255.255.255.0
duplex auto
speed auto
!
interface Serial1/0
ip address 150.1.0.2 255.255.255.252
serial restart-delay 0
!
router bgp 64512
no synchronization
bgp log-neighbor-changes
network 150.1.1.0 mask 255.255.255.0
neighbor 150.1.0.1 remote-as 500
neighbor 150.1.0.1 description CONNECTION->DOMING
no auto-summary
!
Comments
-
ep_ricablancajr
Member Posts: 15 ■□□□□□□□□□
I did some research however according to them by right next hop self shouldn't be used in IGP. but i will give it a try. thanks for your input by the way.
-
ep_ricablancajr
Member Posts: 15 ■□□□□□□□□□
Aside from using next hop self, is there any other approach i can use to resolve this?
-
networker050184
Mod Posts: 11,962 Mod
Using next hop self is the prefered method for this. You want your iBGP peers pointing towrads your edge router's loopback and find their way via IGP.
You could also add the link between R1 and Cogent to your IGP as passive so the other routers in your network are able to resolve the original next hop.An expert is a man who has made all the mistakes which can be made. -
ep_ricablancajr
Member Posts: 15 ■□□□□□□□□□
Hi All,
I added the next-hop-self however the CE still can't reach to one of the loopbacks of COGENT. Did a trace and it stops at 10.1.1.1(R1) which is the point to point between R1 and R2.
Appreciate if you could enlighten me what could have caused the problem. -
lrb
Member Posts: 526
I only had a quick look over the configs but I don't recall seeing any network or redistribute statements under the global router bgp config or under the address-family ipv4 unicast.
Are you expecting these to be advertised through BGP? If you are then they should be in the BGP table:
# show bgp ipv4 unicast
If they are there, are they being advertised but filtered on the other end?
# show bgp ipv4 unicast neighbor x.x.x.x advertised-routes
If you turn soft-reconfiguration inbound on then you can also see if you are receiving the routes but filtering them out of the BGP table:
# show bgp ipv4 unicast neighbor x.x.x.x received-routes
Hope those commands help -
ep_ricablancajr
Member Posts: 15 ■□□□□□□□□□
Hi Irb,
For CE, I used network 150.1.1.0 mask 255.255.255.0 to advertise the prefix. For COGENT, i used the redistribute connted linked to route-map to filter which prefixes to be advertised.
Both COGENT and CE can see the prefixes in their routing table not sure why CE is unable to reach one of the loopbacks. but Cogent can reach the CE.
Regards, -
networker050184
Mod Posts: 11,962 Mod
Ok, so you are pinging form the CE router? If so the default source of the outgoing ping is going to be the outgoing interface address of the 150.1.0.0/30 range. If you only advertised 150.1.1.0/24 than cogent doesn't know about the 150.1.0.0/30 network and no way to return the echo reply.An expert is a man who has made all the mistakes which can be made.
-
ep_ricablancajr
Member Posts: 15 ■□□□□□□□□□
Hi Sir,
Thank you for that. Now i understand. Is there any other way I can reach to COGENT using the outgoing interface as a source? Or does CE side really have to advertise the point to point via BGP.
Appreciate your advise on whats the best practice for this.
Thanks and Regards -
networker050184
Mod Posts: 11,962 Mod
Usually what happens in the real world is you have an IP range that you IP your links out of and just advertise that range to the world via BGP.An expert is a man who has made all the mistakes which can be made.