As you can see from Topology, the NBMA routers are all running iBGP, while our outlying router are running eBGP – It just got real!
Now I know what you are thinking, “What if the physical interface connected to the Remote BGP peer goes down? What then smart guy? Just lose the Adjacency of that neighbor???”
That is an excellent question! We use loopback interfaces as neighbors as they will never go to a “down” state unless administratively shut down or the router goes offline (which then we have bigger problems).
Now when I say neighbors, I mean the IP address used in the neighbor statement, that the Peer will send / receive updates and Hellos from. I’m still waiting to see the significance of the RID in BGP, but this is for making the actual neighbor interface a loopback running over physical interface(s).
However, lets demonstrate between R1 and R5 what happens using their loopbacks to create an Adjacency:
First I remove the neighbor configs:
R1(config-router)#no neighbor 172.12.15.5 remote-as 500
R1(config-router)#
ASR#5
[Resuming connection 5 to r5 … ]
*Apr 9 21:22:15.767: %BGP-5-ADJCHANGE: neighbor 172.12.15.1 Down Peer closed the session
*Apr 9 21:22:15.767: %BGP_SESSION-5-ADJCHANGE: neighbor 172.12.15.1 IPv4 Unicast topology base removed from session Peer closed the session
R5#
R5#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R5(config)#router bgp 500
R5(config-router)#no nei 172.12.15.1 remote-as 100
R5(config-router)#
Now I use the loopbacks in place of the interface IP addresses:
R5(config-router)#nei 1.1.1.1 remote-as 100
R5(config-router)#
ASR#1
[Resuming connection 1 to r1 … ]
*Mar 31 00:41:04.368: %BGP-5-ADJCHANGE: neighbor 172.12.15.5 Down Neighbor deleted
R1(config-router)#
R1(config-router)#nei 5.5.5.5 remote-as 500
R1(config-router)#
I waited a bit but nothing is happening there, as we are still missing some commands to get this thing going as can be seen coming up.
One important BGP note on this topic is that BGP does not consider a loopback interface to be directly connected (even if they are on a common subnet), and also requires a static route to reach the remote loopback to form that neighbor relationship, so we will need a static route on both routers so they know how to reach the now configured neighbors by loopback:
R1(config)#ip route 5.5.5.5 255.255.255.255 172.12.15.5
R1(config)#
ASR#5
[Resuming connection 5 to r5 … ]
R5(config)#ip route 1.1.1.1 255.255.255.255 172.12.15.1
So I wanted awhile and no Adjacencies were forming, so I did some verification commands for reachability and such, and found an interesting piece of information:
R5(config)#do ping 1.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 1.1.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms
R5(config)#
R5(config)#do sh ip bgp summ
BGP router identifier 5.5.5.5, local AS number 500
BGP table version is 1, main routing table version 1
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
1.1.1.1 4 100 0 0 1 0 0 never Idle
R5(config)#
So even with reachability to the interface and the neighbor statement configured properly, it is sitting in Idle status, which is not what we want happening (even though we now see the Neighbor as R1’s loopback which is a small victory).
The two commands we will need to deploy in addition to static routes, is “ebgp multi-hop” and “update-source loopback” which will then allow the Peering to complete and Idle to hopefully turn over to Established:
R1(config)#router bgp 100
R1(config-router)#neighbor 5.5.5.5 ?
activate Enable the Address Family for this Neighbor
advertise-map specify route-map for conditional advertisement
advertisement-interval Minimum interval between sending BGP routing updates
allowas-in Accept as-path with my AS present in it
capability Advertise capability to the peer
default-originate Originate default route to this neighbor
description Neighbor specific description
disable-connected-check One-hop away EBGP peer using loopback address
distribute-list Filter updates to/from this neighbor
dmzlink-bw Propagate the DMZ link bandwidth
ebgp-multihop Allow EBGP neighbors not on directly connected
networks
fall-over session fall on peer route lost
filter-list Establish BGP filters
inherit Inherit a template
local-as Specify a local-as number
maximum-prefix Maximum number of prefixes accepted from this peer
next-hop-self Disable the next hop calculation for this neighbor
next-hop-unchanged Propagate the iBGP paths’s next hop unchanged for
this neighbor
password Set a password
peer-group Member of the peer-group
prefix-list Filter updates to/from this neighbor
remote-as Specify a BGP neighbor
remove-private-as Remove private AS number from outbound updates
route-map Apply route map to neighbor
route-reflector-client Configure a neighbor as Route Reflector client
send-community Send Community attribute to this neighbor
shutdown Administratively shut down this neighbor
soft-reconfiguration Per neighbor soft reconfiguration
timers BGP per neighbor timers
translate-update Translate Update to MBGP format
transport Transport options
ttl-security BGP ttl security check
unsuppress-map Route-map to selectively unsuppress suppressed
routes
update-source Source of routing updates
version Set the BGP version to match a neighbor
weight Set default weight for routes from this neighbor
R1(config-router)#neighbor 5.5.5.5 ebgp
R1(config-router)#neighbor 5.5.5.5 ebgp-multihop ?
<1-255> maximum hop count
<cr>
R1(config-router)#neighbor 5.5.5.5 ebgp-multihop 2
R1(config-router)#
ASR#5
[Resuming connection 5 to r5 … ]
R5(config)#router bgp 500
R5(config-router)#neighbor 1.1.1.1 ebgp-multihop 2
R5(config-router)#do sh ip bgp summ
BGP router identifier 5.5.5.5, local AS number 500
BGP table version is 1, main routing table version 1
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
1.1.1.1 4 100 0 0 1 0 0 never Idle
R5(config-router)#
So we are still hanging idle there, however I left that monster output to highlight the second command we are missing, “update-source”. Now this is what tells the router which interface the neighbor will get its updates from, so we need to specify the loopback interface being used which will be the loopback local to the router this command is being configured on :
R5(config-router)#nei 1.1.1.1 update-source loopback 5
R5(config-router)#
ASR#1
[Resuming connection 1 to r1 … ]
R1(config-router)#
*Mar 31 01:36:02.675: %BGP-5-ADJCHANGE: neighbor 5.5.5.5 Up
R1(config-router)#nei 5.5.5.5 upd
R1(config-router)#nei 5.5.5.5 update-source loo
R1(config-router)#nei 5.5.5.5 update-source loopback 1
So as can be seen, the loopback needs to be the local loopback as the source to the remote loopback address for it to take, I got a few errors playing with this. Another good thing to note, is that R5 showed the BGP Neighbor status back as up before I could even configure it on R5.
Now for some verification:
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
5.5.5.5 4 500 5 5 1 0 0 00:01:36 0
172.12.123.2 4 100 83 83 1 0 0 01:19:55 0
172.12.123.3 4 100 126 126 1 0 0 02:03:58 0
R1(config-router)#
ASR#5
[Resuming connection 5 to r5 … ]
*Apr 9 22:17:14.551: %BGP-5-ADJCHANGE: neighbor 1.1.1.1 Up
R5(config-router)#do sh ip bgp summ
BGP router identifier 5.5.5.5, local AS number 500
BGP table version is 1, main routing table version 1
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
1.1.1.1 4 100 5 6 1 0 0 00:01:59 0
R5(config-router)#
R5(config-router)#do sh ip bgp nei
BGP neighbor is 1.1.1.1, remote AS 100, external link
BGP version 4, remote router ID 1.1.1.1
BGP state = Established, up for 00:06:15
This is an oddity to me that the 0 in State seems to indicate an Established connection, while the other states will show “Idle” or “Active” while they are waiting to Peer but once Peered it just shows a 0. Very odd.
I also highlighted the “uptime” for the Adjacency between R1 and R3, so now I get a ticket timer to remind me how long I’ve been staring at the screen for while studying, bleh.
With that, I will wr mem around the network, and next up is Route Advertisement with BGP!
The DEVNET GRIND! 