RE: BGP Synchronization rule

From: Sawal, Vijay (Vijay.Sawal@xxxxxxxxx)
Date: Sun Jul 30 2000 - 13:40:27 GMT-3

• Next message: John Conzone: "NTP authentication"
• Previous message: Boaz Ri: "OT - ISP CCIE lab equipment!"
• Maybe in reply to: Fred Nielsen: "BGP Synchronization rule"
• Next in thread: pkm@xxxxxxxxxx: "Re: BGP Synchronization rule"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

   
Once the eBGP route is in the RIB you don't have anyway to tell if there is
a route from the IGP that would take it's place because of the
administrative distance of eBGP in reference to the IGP.. So you don't have
any way to flag the iBGP route as synchronized.

So that you do not have to have the BGP and IGP in a non-synchronized state
on the routers you can fix it by modifying the administrative distance on
all of the routers running eBGP. Modifying the admin distance so that eBGP >
IGP works. If the ibgp route goes away, the igp route should also go away
(since we are synchronised and all ebgp learned routes are redistributed
into igp). Therefore ebgp will take over. Only in rare circumstances do you
ever want to prefer EBGP routes over what's in your IGP, right? If you
carefully filter, then you should never learn your own routes via EBGP, but
not everyone bothers to do this filtering. Changing the distance is an easy
way to circumvent the problem.

distance 200 200 200

Vijay

-----Original Message-----
From: Geatti [mailto:geatti@home.com]
Sent: Sunday, July 30, 2000 1:09 PM
To: ccielab@groupstudy.com; asafayan@msdinc.com
Subject: RE: BGP Synchronization rule

Fred,
The sync rule basically says in order to advertise a route it needs to be
in the RIB (Routing information base) and the routing table. Turning sync
off via the "no sync" command will allow you to advertise a given route
without it being learned via IGP first. Now most people would say, why on
earth would you want to redistribute all the routes learned via EBGP into
IGP, that would be crazy yeah? And you would be right. Running no sync with
IBGP routers is the way to go.
However to run no sync you must meet one of the following criteria....
a. you must be fully meshed IBGP within your AS. OR
b. you are a stub network - not transit.

The reason for the sync rule is to prevent a packet arriving into your AS
destined for another AS (meaning you are transit) getting to a router within
your AS that does not know what to do with it. If you are running sync with
IGP this would not matter as you would have a IGP route to the external
destination. If you are not in sync as soon as your packet hits the router
it won't know how to handle it, doesn't have an IGP route to the destination
nor is it running IBGP, it won't have a route to that external AS, the
packet is dropped.
The sync rule says that IGP must be synchronized with BGP routes, this is
not practical in most cases. Therefore make sure that when you use no sync
on all routers within you AS that you are fully meshed via IBGP or using
something like route reflectors to make appear so. If you are fully meshed
via IBGP there is no need to be sync.

Sync does require you to have an exact match I believe, 10.0.0.0 /8 does not
catch 10.10.10.0 /24 and 10.5.0.0 /16. An exact match is necessary.

Hope this is of some help
Marco
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com]On Behalf Of Fred
Nielsen
Sent: Saturday, July 29, 2000 8:51 PM
To: ccielab@groupstudy.com
Subject: BGP Synchronization rule

I would like to hear the opinions of the group on the synchronization rule,
which states *something* like: a BGP router will not forward an externally
learned route to another external peer until the route is also present in
that router's IGP as well.

The Halabi book touches on this, but didn't spend enough time for me to
really understand the intent behind the rule, other than to prevent routing
loops inside an AS. Because many typical configurations out there do not
redist BGP routes into IGP's, you see the "no synchronization" command
employed fairly often. Why is sync turned on by default in the IOS? Is it
part of the specification perhaps?

Also, referring to "external peer" above, this really means separate router
entities running IBGP within an AS, right? Not between EBGP peers, where
the rule doesn't apply..

And one more question, does the IGP route have to match precisely, or can a
less specific route do the trick? In other words, can the presence of
10.0.0.0/8 in the IGP allow BGP to forward a 10.1.0.0/16 route?

Hoping all this makes sense.
------
Fred Nielsen [ fred_nielsen@hotmail.com <mailto:fred_nielsen@hotmail.com> ]
------

• Next message: John Conzone: "NTP authentication"
• Previous message: Boaz Ri: "OT - ISP CCIE lab equipment!"
• Maybe in reply to: Fred Nielsen: "BGP Synchronization rule"
• Next in thread: pkm@xxxxxxxxxx: "Re: BGP Synchronization rule"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 08:23:59 GMT-3