isp#sh run | beg router
router bgp 200
bgp log-neighbor-changes
network 192.168.100.0
neighbor 192.168.1.2 remote-as 64512
neighbor 192.168.1.6 remote-as 64512
sj1#sh run | beg router
router eigrp 64512
network 172.16.0.0
!
router bgp 64512
bgp log-neighbor-changes
network 172.16.0.0
neighbor 172.16.32.1 remote-as 64512
neighbor 172.16.32.1 update-source Loopback0
neighbor 192.168.1.5 remote-as 200
ip route 172.16.0.0 255.255.0.0 Null0
sj2#sh run | beg router
router eigrp 64512
network 172.16.0.0
!
router bgp 64512
bgp log-neighbor-changes
network 172.16.0.0
neighbor 172.16.64.1 remote-as 64512
neighbor 172.16.64.1 update-source Loopback0
neighbor 192.168.1.1 remote-as 200
!
ip route 172.16.0.0 255.255.0.0 Null0
isp#sh ip bgp
BGP table version is 3, local router ID is 192.168.100.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
* 172.16.0.0 192.168.1.2 0 0 64512 i
*> 192.168.1.6 0 0 64512 i
*> 192.168.100.0 0.0.0.0 0 32768 i
isp#clear ip bgp *
isp#
*Aug 27 07:25:20: %BGP-5-ADJCHANGE: neighbor 192.168.1.2 Down User reset
BGP table version is 3, local router ID is 192.168.100.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
* 172.16.0.0 192.168.1.2 0 0 64512 i
*> 192.168.1.6 0 0 64512 i
*> 192.168.100.0 0.0.0.0 0 32768 i
isp#clear ip bgp *
isp#
*Aug 27 07:25:20: %BGP-5-ADJCHANGE: neighbor 192.168.1.2 Down User reset
BGP table version is 3, local router ID is 192.168.100.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
* 172.16.0.0 192.168.1.6 0 0 64512 i
*> 192.168.1.2 0 0 64512 i
*> 192.168.100.0 0.0.0.0 0 32768 i
the best path changed because sj1 was set up first, then sj2, then bgp was cleared to enforce the better router id, which for bgp is the lower rid...
isp#sh ip bgp neigh | inc BGP
BGP neighbor is 192.168.1.2, remote AS 64512, external link
BGP version 4, remote router ID 172.16.32.1
BGP state = Established, up for 00:07:44
BGP table version 3, neighbor version 3/0
BGP neighbor is 192.168.1.6, remote AS 64512, external link
BGP version 4, remote router ID 172.16.64.1
BGP state = Established, up for 00:07:44
BGP table version 3, neighbor version 3/0
all of which i mentioned in the earlier post of the same lab, which i now mention again because the theme of today is... AGAIN
i'm on vacation this week... and this is my vacation... this is it... and i am very happy about it because nobody can bother me... not even you...
so i've now saved the configs up to this point, which i didn't do yesterday... i had saved only up to the topology and interface configuration... i had to rebuild the eigrp and bgp shit... was i angry? no... why? because i had to build bgp AGAIN and that is good... and i am on vacation... double plus good... bgp and i have come to an agreement... i configure it, and it exhibits expected behaviors... BECAUSE I SAID SO...
router bgp 200
netw 192.168.1.0 mask 255.255.255.252
netw 192.168.1.4 mask 255.255.255.252
isp#sh ip bgp
BGP table version is 5, local router ID is 192.168.100.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
* 172.16.0.0 192.168.1.6 0 0 64512 i
*> 192.168.1.2 0 0 64512 i
*> 192.168.1.0/30 0.0.0.0 0 32768 i
*> 192.168.1.4/30 0.0.0.0 0 32768 i
*> 192.168.100.0 0.0.0.0 0 32768 i
bgp now advertises the internal links... this is important for igp type folks because... WE LIKE TO PING EVERYTHING...
sj2#sh ip route | excl L | incl loop
Gateway of last resort is not set172.16.0.0/16 is variably subnetted, 6 subnets, 3 masks
S 172.16.0.0/16 is directly connected, Null0
C 172.16.1.0/24 is directly connected, Serial1/0
C 172.16.32.0/24 is directly connected, Loopback0
D 172.16.64.0/24 [90/2297856] via 172.16.1.1, 01:19:26, Serial1/0
192.168.1.0/24 is variably subnetted, 3 subnets, 2 masks
C 192.168.1.0/30 is directly connected, Serial1/3
B 192.168.1.4/30 [20/0] via 192.168.1.1, 00:07:32
B 192.168.100.0/24 [20/0] via 192.168.1.1, 00:45:17
self love...
for an explanation on this, go to this disaster...
http://insearchofthecert.blogspot.com/2012/08/bgp-6-3-cont-again.html
sj2#sh ip bgp
BGP table version is 8, local router ID is 172.16.32.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*> 172.16.0.0 0.0.0.0 0 32768 i
* i 172.16.64.1 0 100 0 i
r i 192.168.1.0/30 192.168.1.5 0 100 0 200 i
r> 192.168.1.1 0 0 200 i
* i 192.168.1.4/30 192.168.1.5 0 100 0 200 i
*> 192.168.1.1 0 0 200 i
* i 192.168.100.0 192.168.1.5 0 100 0 200 i
*> 192.168.1.1 0 0 200 i
notice the one's are best...
those friggin r's... i defer to ivan the terrible below...
http://blog.ioshints.info/2007/12/what-is-bgp-rib-failure.html
The RIB failure feature was introduced in IOS release 12.2T; prior to that, the BGP routes with higher administrative distance than other route sources were silently ignored (similar to all other routing protocols).
You can display BGP routes that are not inserted in the IP routing table with the show ip bgp rib-failure command, which also explains why the BGP route was not inserted in the IP routing table.
The BGP routes that are not used due to higher administrative distance are still advertised to all BGP peers (contrary to what most other distance-vector routing protocols do), unless you configure bgp suppress-inactive (introducted in 12.2T and 12.0(26)S).
on sj1
router bgp 64512
neighb 172.16.32.1 next-hop-self
on sj2
router bgp 54512
neigh 1172.16.64.1 next-hop-self
i love next hop self...
prefer the link outbound from the sj's to use the link from sj2 to isp...
on sj1
route-map bad_link permit
set local-preference 125
exit
router bgp 64512
neighbor 192.168.1.5 route-map bad_link in
on sj2 use
route-map good_link permit
set local-preference 150
exit
router bgp 64512
neig 192.168.1.1 route-map good_link in
reset soft or hard depending on your local preference...
note sj1 goes through sj2 to get to lo0 of isp
sj1#trace 192.168.100.1
Type escape sequence to abort.
Tracing the route to 192.168.100.1
VRF info: (vrf in name/id, vrf out name/id)
1 172.16.1.2 4 msec 32 msec 4 msec
2 192.168.1.1 [AS 200] 8 msec 20 msec *
check the path another way using extended ping from sj1 target 192.168.100.1 source 172.16.64.1 and select record...
Reply to request 0 (8 ms). Received packet has options
Total option bytes= 40, padded length=40
Record route:
(172.16.1.1)
(192.168.1.2)
(192.168.1.1)
(192.168.1.5)
(192.168.1.6) <*>
(0.0.0.0)
(0.0.0.0)
(0.0.0.0)
(0.0.0.0)
End of list
and with record you'll note that it returns via 192.168.1.5 and .6... but you don't want that... you want it to come back the same way, because i told you that's what you wanted, that's why...
to remedy that we'll use multi-exit discriminator... it means what it says, discriminate between more than one exit...
on sj1
route-map bad_reply permit
set metric 75
exit
router bgp 64512
neighbor 192.168.1.5 route-map bad_reply out
on sj2
route-map good_reply permit
set local-preference 50
exit
router bgp 64512
neig 192.168.1.1 route-map good_reply out
now that's some awesome shit, man...
follow the path with record from sj1...
Reply to request 0 (16 ms). Received packet has options
Total option bytes= 40, padded length=40
Record route:
(172.16.1.1)
(192.168.1.2)
(192.168.1.1)
(192.168.1.1)
(172.16.1.2)
(172.16.1.1) <*>
(0.0.0.0)
(0.0.0.0)
(0.0.0.0)
End of list
sj1(172.16.1.1) --> sj2 (192.168.1.2) --> isp (192.168.1.1)
and it reverses the path back just like i told you you wanted it to...
local-pref prefers higher and med prefers the lower value...
a default-network for each customer router could be applied to adjust for changes in the network... the guidance is that a default-network is useful for remotely learned classful networks only... default-originate to each neighbor from the isp is the better choice...
neighbor 192.168.1.2 default-originate
neighbor 192.168.1.6 default-originate
sj1#sh ip bgp
BGP table version is 10, local router ID is 172.16.64.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*>i 0.0.0.0 172.16.32.1 0 150 0 200 i
* 192.168.1.5 125 0 200 i
* i 172.16.0.0 172.16.32.1 0 100 0 i
*> 0.0.0.0 0 32768 i
*>i 192.168.1.0/30 172.16.32.1 0 150 0 200 i
* 192.168.1.5 0 125 0 200 i
r>i 192.168.1.4/30 172.16.32.1 0 150 0 200 i
r 192.168.1.5 0 125 0 200 i
*>i 192.168.100.0 172.16.32.1 0 150 0 200 i
* 192.168.1.5 0 125 0 200 i
sj2# sh ip route | excl L | inc loop
Gateway of last resort is 192.168.1.1 to network 0.0.0.0
B* 0.0.0.0/0 [20/0] via 192.168.1.1, 00:04:23
172.16.0.0/16 is variably subnetted, 6 subnets, 3 masks
S 172.16.0.0/16 is directly connected, Null0
C 172.16.1.0/24 is directly connected, Serial1/0
C 172.16.32.0/24 is directly connected, Loopback0
D 172.16.64.0/24 [90/2297856] via 172.16.1.1, 06:51:18, Serial1/0
192.168.1.0/24 is variably subnetted, 3 subnets, 2 masks
C 192.168.1.0/30 is directly connected, Serial1/3
B 192.168.1.4/30 [20/0] via 192.168.1.1, 00:04:23
B 192.168.100.0/24 [20/0] via 192.168.1.1, 00:04:23
this was a very painful, but very important lab... i saved only up to the beginning of the bgp configuration because i will do it...
AGAIN... another day... now back to your originally scheduled programming... this has been a test of the emergency....
No comments:
Post a Comment