eigrp is added as per the earlier post... add bgp...
sj1
router bgp 64512
neigh 172.16.32.1 remote-as 64512
neigh 172.16.32.1 update-source lo0
this uses bgp between the customers? and lo0 as the source of update information...
sj2
router bgp 64512
neigh 172.16.64.1 remote-as 64512
neigh 172.16.64.1 update-source lo0
note adjacency change, and further verify...
sj2#
*Aug 26 06:17:06: %BGP-5-ADJCHANGE: neighbor 172.16.64.1 Up
*Aug 26 06:17:07: %SYS-5-CONFIG_I: Configured from console by console
sj2#sh ip bgp neigh
BGP neighbor is 172.16.64.1, remote AS 64512, internal link
BGP version 4, remote router ID 172.16.64.1
BGP state = Established, up for 00:00:30
set up the isp...
router bgp 200
neigh 192.168.1.6 remote-as 64512
neigh 192.168.1.2 remote-as 64512
netw 192.168.100.0
the neighbor is the physical link to each customer; the lo does not use the mask statement because it is on a classful boundary, unlike the previous post...
the update source is not used here because these links are poin-to-point and cannot get update information elsewhere, unlike the dual bgp/eigrp links between sj1 and sj2...
verify...
isp#sh ip bgp neigh
BGP neighbor is 192.168.1.2, remote AS 64512, external link
BGP version 4, remote router ID 0.0.0.0
BGP state = Idle
BGP neighbor is 192.168.1.2, remote AS 64512, external link
BGP version 4, remote router ID 0.0.0.0
BGP state = Idle
BGP version 4, remote router ID 0.0.0.0
BGP state = Idle
peer the sj1 link...
sj1
ip route 172.16.0.0 255.255.0.0 null0
router bgp 64512
neigh 192.168.1.5 remote-as 200
netw 172.16.0.0
good, what i thought would happen, happend...
isp#sh ip bgp neigh 192.168.1.6
BGP neighbor is 192.168.1.6, remote AS 64512, external link
BGP version 4, remote router ID 172.16.64.1
BGP state = Established, up for 00:05:08
the finite state machine is established, the rid of sj1 is it's highest loopback (only loopback) and it remains an external link... now about that null0 route...
look at the routing table on the isp..
isp#sh ip route
Gateway of last resort is not set
B 172.16.0.0/16 [20/0] via 192.168.1.6, 00:30:09
now examine the route table on sj1...
sj1#sh ip route | excl L | incl loop
Gateway of last resort is not set172.16.0.0/16 is variably subnetted, 6 subnets, 3 masks
S 172.16.0.0/16 is directly connected, Null0
C 172.16.1.0/24 is directly connected, Serial1/0
D 172.16.32.0/24 [90/2297856] via 172.16.1.2, 12:16:05, Serial1/0
C 172.16.64.0/24 is directly connected, Loopback0
192.168.1.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.1.4/30 is directly connected, Serial1/2
B 192.168.100.0/24 [20/0] via 192.168.1.5, 00:45:12
what i see is that any packets destined for 172.16.1, 32, or 64.0 will be forwarded and packets destined for any other 172.16 network will be dropped... shorter prefixes than those explicitly determined will not be allowed...
maybe this will help clarify:
http://ciscostudy.blogspot.com/2006_03_16_archive.html
Recall how BGP will not advertise a prefix indicated in the network statement unless there is an exact route to the prefix. However, your router may only have routes to subnets of that prefix. To get BGP to advertise that route all you need to do is to add a static route to Null0 for that exact prefix you wish to advertise. The static route gets added to the routing table and that causes BGP to now advertise that prefix. Again, because of the longest prefix match semantics packets for valid subnets in that prefix will have a more specific entry in the routing table and so will be correctly routed. Packets for subnets of that prefix that do not exist will indeed match the static route to Null0 and get dropped but then that will be the correct behavior.
moving on...
ip route 172.16.0.0 255.255.0.0 null0
router bgp 64512
neigh 192.168.1.1 remote-as 200
netw 172.16.0.0
again, we're advertising the 172.16. network, but we want to limit forwarding to only longer prefixes...
sj2#sh bgp summ
BGP router identifier 172.16.32.1, local AS number 64512
BGP table version is 9, main routing table version 9
2 network entries using 288 bytes of memory
4 path entries using 320 bytes of memory
4/2 BGP path/bestpath attribute entries using 544 bytes of memory
1 BGP AS-PATH entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 1176 total bytes of memory
BGP activity 3/1 prefixes, 8/4 paths, scan interval 60 secs
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
172.16.64.1 4 64512 27 28 9 0 0 00:20:58 2
192.168.1.1 4 200 7 6 9 0 0 00:01:17 1
sj2#
after adding the sj2 peer, then clearing bgp, the lower rid determines best path selection all else equal...
isp#sh ip bgp
BGP table version is 3, local router ID is 192.168.100.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
* 172.16.0.0 192.168.1.6 0 0 64512 i
*> 192.168.1.2 0 0 64512 i
*> 192.168.100.0 0.0.0.0 0 32768 i
isp#sh ip bgp neigh
BGP neighbor is 192.168.1.2, remote AS 64512, external link
BGP version 4, remote router ID 172.16.32.1
BGP state = Established, up for 00:05:52
BGP neighbor is 192.168.1.2, remote AS 64512, external link
BGP version 4, remote router ID 172.16.32.1
BGP state = Established, up for 00:05:52
BGP version 4, remote router ID 172.16.64.1
BGP state = Established, up for 00:05:52
all pings sourced from isp's lo succeed... this is expected...
this first ping fails because it is not sourced from isp lo0... sj2's path is preferred because of the lower rid...
isp#ping 172.16.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.1.1, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
this ping succeeds because it is sourced from lo0...
isp#ping 172.16.1.1 source 192.168.100.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.1.1, timeout is 2 seconds:
Packet sent with a source address of 192.168.100.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/7/8 ms
this ping succeeds because it is the preferred path, sj2...
isp#ping 172.16.1.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.1.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/3/4 ms
No comments:
Post a Comment