From: Tshon (tshon@xxxxxxxxxxx)
Date: Sat Mar 16 2002 - 05:52:12 GMT-3
Ok you're right. Show us the final.
Jaeheon Yoo wrote:
>Tshon,
>
>Route Reflector is not allowed to modify the attributes of the reflected IBGP
routes, which include the NEXT_HOP attributes. In addition, R1 doesn't reflect
IBGP routes learned from one of spoke routers to the other spoke router because
their next hops are inaccessible without next-hop-self command on R2, R3.
>
>And you're right, two spoke routers don't form any direct OSPF or BGP neighbor
relationships. But still if there's no frame map statement for the other spoke
router, R2 can't reach R3 nor the other way.
>It's because OSPF considers the whole frame relay domain as one broadcast doma
in.
>So, when R2 want to send a packet to R3, it want to send a packet directly to
R3 without the help of R1.
>If there's no frame map statement for R3, you will have a 'encapsulation faile
d' error message.
>You can check this by debug ip packet on R3.
>So you need a frame map statement for R3 on R2, for R2 on R3.
>If you don't want this behavior, you can set OSPF network type to point-to-mul
tipoint.
>
>Internet Routing Architectures, 2nd E., p.267 about Route Reflector's behavior
>
>Jaeheon
>
>----- Original Message -----
>From: "Tshon" <tshon@netzero.net>
>To: "Jaeheon Yoo" <kghost@chollian.net>
>Cc: "ccielab" <ccielab@groupstudy.com>
>Sent: Saturday, March 16, 2002 11:06 AM
>Subject: Re: BGP Route Reflector Problem
>
>
>>You are still missing what I keep telling you.
>>
>>R1
>>neighbor 152.1.10.10 next-hop-self
>>neighbor 152.1.10.11 next-hop-self
>>
>>Jaeheon Yoo wrote:
>>
>>>Hi, Tshon
>>>
>>>This is a typical hub and spoke situation.
>>>I believe there's no problem with 2 frame map statements on spoke routers(R2
, R3)
>>>Without the second frame map statement for the other spoke router, there's n
o ip reachability between the two spoke routers. (I think that "broadcast" keyw
ord for the other spoke router is useless here)
>>>
>>>The problem is with next-hop reachability, I guess.
>>>
>>>From the OSPF configuration on each spoke router, we can infer that there's
no routing information about 'DMZs' on R1(hub), where OSPF is the only IGP.
>>
>>>152.1.11.0/30, 152.1.12.0/30, 152.1.12.8/30
>>>
>>>There're two solutions here.
>>>1. apply next-hop-self statement to a neighbor for the hub on each spoke rou
ter.
>>>
>>>R2:
>>>router bgp 100
>>>no synchronization
>>>neighbor 152.1.10.9 remote-as 100
>>>neighbor 152.1.10.9 next-hop-self
>>>
>>>R3:
>>>router bgp 100
>>>no synchronization
>>>neighbor 152.1.10.9 remote-as 100
>>>neighbor 152.1.10.9 next-hop-self
>>>
>>>
>>>2. include DMZs or 'redistribute connected subnets' in OSPF routing process
on each spoke router.
>>>
>>>http://www.cisco.com/warp/public/459/25.shtml
>>>Internet Routing Architect, 2nd E., pp.174-175
>>>
>>>Hope this helps,
>>>Jaeheon
>>>
>>>----- Original Message -----
>>>From: "Tshon" <tshon@netzero.net>
>>>To: "Bruce Williams" <bruce@williamsnetworking.com>
>>>Cc: <sandyccie@yahoo.com>; "Ccielab@Groupstudy. Com" <ccielab@groupstudy.com
>
>>>Sent: Saturday, March 16, 2002 7:49 AM
>>>Subject: Re: BGP Route Reflector Problem
>>>
>>>
>>>>Remove the other frame map statements, your router is looking for the
>>>>device locally on the network and it is not, due to NBMA.
>>>>all you need on R2 & R3 is one frame map statement to R1.
>>>>then you need to apply the neighbor next-hop-self command to both
>>>>neighbors on R1.
>>>>
>>>>Bruce Williams wrote:
>>>>
>>>>>Here is the Route Reflector Config:
>>>>>
>>>>>Trying r1 (192.168.1.5, 2001)... Open
>>>>>
>>>>>R1#sh run
>>>>>Building configuration...
>>>>>
>>>>>Current configuration:
>>>>>!
>>>>>version 12.0
>>>>>service timestamps debug uptime
>>>>>service timestamps log uptime
>>>>>no service password-encryption
>>>>>!
>>>>>hostname R1
>>>>>!
>>>>>no logging console
>>>>>!
>>>>>ip subnet-zero
>>>>>no ip domain-lookup
>>>>>!
>>>>>!
>>>>>!
>>>>>interface Loopback0
>>>>>ip address 152.1.10.1 255.255.255.255
>>>>>no ip directed-broadcast
>>>>>ip ospf interface-retry 0
>>>>>!
>>>>>interface Ethernet0
>>>>>ip address 152.1.8.1 255.255.255.192
>>>>>no ip directed-broadcast
>>>>>ip ospf cost 65
>>>>>ip ospf interface-retry 0
>>>>>ip ospf hello-interval 120
>>>>>ip ospf priority 10
>>>>>!
>>>>>interface Ethernet1
>>>>>ip address 152.1.9.1 255.255.255.128
>>>>>no ip directed-broadcast
>>>>>ip ospf interface-retry 0
>>>>>ip ospf priority 0
>>>>>!
>>>>>interface Serial0
>>>>>no ip address
>>>>>no ip directed-broadcast
>>>>>encapsulation frame-relay
>>>>>no ip mroute-cache
>>>>>!
>>>>>interface Serial0.1 multipoint
>>>>>ip address 152.1.10.9 255.255.255.248
>>>>>no ip directed-broadcast
>>>>>ip ospf network non-broadcast
>>>>>ip ospf interface-retry 0
>>>>>ip ospf hello-interval 120
>>>>>frame-relay interface-dlci 100
>>>>>frame-relay interface-dlci 200
>>>>>!
>>>>>interface Serial1
>>>>>no ip address
>>>>>no ip directed-broadcast
>>>>>shutdown
>>>>>!
>>>>>router ospf 1
>>>>>passive-interface Loopback0
>>>>>network 152.1.8.0 0.0.0.127 area 1
>>>>>network 152.1.9.0 0.0.0.127 area 2
>>>>>network 152.1.10.1 0.0.0.0 area 0
>>>>>network 152.1.10.8 0.0.0.7 area 0
>>>>>neighbor 152.1.10.11
>>>>>neighbor 152.1.10.10
>>>>>!
>>>>>router bgp 100
>>>>>no synchronization
>>>>>neighbor 152.1.10.10 remote-as 100
>>>>>neighbor 152.1.10.10 route-reflector-client
>>>>>neighbor 152.1.10.11 remote-as 100
>>>>>neighbor 152.1.10.11 route-reflector-client
>>>>>!
>>>>>ip classless
>>>>>!
>>>>>!
>>>>>line con 0
>>>>>exec-timeout 0 0
>>>>>transport input none
>>>>>line aux 0
>>>>>line vty 0 4
>>>>>login
>>>>>!
>>>>>end
>>>>>
>>>>>Here is one client:
>>>>>
>>>>>R3#sh run
>>>>>Building configuration...
>>>>>
>>>>>Current configuration:
>>>>>!
>>>>>version 12.0
>>>>>service timestamps debug uptime
>>>>>service timestamps log uptime
>>>>>no service password-encryption
>>>>>!
>>>>>hostname R3
>>>>>!
>>>>>no logging console
>>>>>!
>>>>>ip subnet-zero
>>>>>no ip domain-lookup
>>>>>!
>>>>>!
>>>>>!
>>>>>!
>>>>>!
>>>>>!
>>>>>!
>>>>>interface Loopback0
>>>>>ip address 152.1.10.3 255.255.255.255
>>>>>no ip directed-broadcast
>>>>>ip ospf interface-retry 0
>>>>>!
>>>>>interface BRI0/0
>>>>>no ip address
>>>>>no ip directed-broadcast
>>>>>shutdown
>>>>>!
>>>>>interface Ethernet0/0
>>>>>ip address 152.1.8.62 255.255.255.192
>>>>>no ip directed-broadcast
>>>>>ip ospf interface-retry 0
>>>>>ip ospf hello-interval 120
>>>>>ip ospf priority 0
>>>>>!
>>>>>interface Ethernet0/1
>>>>>no ip address
>>>>>no ip directed-broadcast
>>>>>shutdown
>>>>>!
>>>>>interface Serial1/0
>>>>>ip address 152.1.10.11 255.255.255.248
>>>>>no ip directed-broadcast
>>>>>encapsulation frame-relay
>>>>>ip ospf interface-retry 0
>>>>>ip ospf hello-interval 120
>>>>>ip ospf priority 0
>>>>>no ip mroute-cache
>>>>>no fair-queue
>>>>>frame-relay map ip 152.1.10.9 200 broadcast
>>>>>frame-relay map ip 152.1.10.10 200 broadcast
>>>>>no frame-relay inverse-arp
>>>>>!
>>>>>interface Serial1/1
>>>>>ip address 152.1.12.9 255.255.255.252
>>>>>no ip directed-broadcast
>>>>>clockrate 63960
>>>>>!
>>>>>interface Serial1/2
>>>>>ip address 152.1.12.1 255.255.255.252
>>>>>no ip directed-broadcast
>>>>>clockrate 63960
>>>>>!
>>>>>interface Serial1/3
>>>>>ip address 152.1.20.1 255.255.255.252
>>>>>no ip directed-broadcast
>>>>>clockrate 63960
>>>>>!
>>>>>router eigrp 1
>>>>>redistribute ospf 1 metric 10000 10 255 1 1500
>>>>>passive-interface Ethernet0/0
>>>>>passive-interface Serial1/0
>>>>>passive-interface Serial1/1
>>>>>passive-interface Serial1/2
>>>>>network 152.1.0.0
>>>>>distribute-list 7 out Serial1/3
>>>>>!
>>>>>router ospf 1
>>>>>passive-interface Loopback0
>>>>>network 152.1.8.0 0.0.0.127 area 1
>>>>>network 152.1.10.3 0.0.0.0 area 0
>>>>>network 152.1.10.8 0.0.0.7 area 0
>>>>>!
>>>>>router bgp 100
>>>>>no synchronization
>>>>>neighbor 152.1.10.9 remote-as 100
>>>>>neighbor 152.1.12.2 remote-as 200
>>>>>neighbor 152.1.12.2 distribute-list 1 out
>>>>>neighbor 152.1.12.10 remote-as 200
>>>>>neighbor 152.1.12.10 distribute-list 1 out
>>>>>!
>>>>>ip classless
>>>>>!
>>>>>access-list 1 deny 0.0.0.0
>>>>>access-list 2 permit any
>>>>>access-list 7 deny 152.1.20.16 0.0.0.15
>>>>>access-list 7 permit any
>>>>>!
>>>>>!
>>>>>line con 0
>>>>>exec-timeout 0 0
>>>>>transport input none
>>>>>line aux 0
>>>>>line vty 0 4
>>>>>login
>>>>>!
>>>>>end
>>>>>
>>>>>Here is the other client:
>>>>>
>>>>>R2#sh run
>>>>>Building configuration...
>>>>>
>>>>>Current configuration:
>>>>>!
>>>>>version 12.0
>>>>>service timestamps debug uptime
>>>>>service timestamps log uptime
>>>>>no service password-encryption
>>>>>!
>>>>>hostname R2
>>>>>!
>>>>>no logging console
>>>>>!
>>>>>ip subnet-zero
>>>>>no ip domain-lookup
>>>>>!
>>>>>!
>>>>>!
>>>>>interface Loopback0
>>>>>ip address 152.1.10.2 255.255.255.255
>>>>>no ip directed-broadcast
>>>>>ip ospf interface-retry 0
>>>>>!
>>>>>interface Ethernet0
>>>>>ip address 152.1.9.126 255.255.255.128
>>>>>no ip directed-broadcast
>>>>>ip ospf interface-retry 0
>>>>>!
>>>>>interface Serial0
>>>>>ip address 152.1.10.10 255.255.255.248
>>>>>no ip directed-broadcast
>>>>>encapsulation frame-relay
>>>>>ip ospf interface-retry 0
>>>>>ip ospf hello-interval 120
>>>>>ip ospf priority 0
>>>>>no ip mroute-cache
>>>>>no fair-queue
>>>>>frame-relay map ip 152.1.10.9 100 broadcast
>>>>>frame-relay map ip 152.1.10.11 100 broadcast
>>>>>no frame-relay inverse-arp
>>>>>!
>>>>>interface Serial1
>>>>>ip address 152.1.11.1 255.255.255.252
>>>>>no ip directed-broadcast
>>>>>clockrate 64000
>>>>>!
>>>>>router ospf 1
>>>>>passive-interface Loopback0
>>>>>network 152.1.9.0 0.0.0.127 area 2
>>>>>network 152.1.10.2 0.0.0.0 area 0
>>>>>network 152.1.10.8 0.0.0.7 area 0
>>>>>!
>>>>>router bgp 100
>>>>>no synchronization
>>>>>network 152.1.9.0 mask 255.255.255.128
>>>>>neighbor 152.1.10.9 remote-as 100
>>>>>neighbor 152.1.11.2 remote-as 300
>>>>>neighbor 152.1.11.2 route-map localonly in
>>>>>!
>>>>>ip classless
>>>>>ip as-path access-list 1 permit ^300$
>>>>>ip ospf name-lookup
>>>>>!
>>>>>route-map localonly permit 10
>>>>>match as-path 1
>>>>>!
>>>>>!
>>>>>line con 0
>>>>>exec-timeout 0 0
>>>>>transport input none
>>>>>line aux 0
>>>>>line vty 0 4
>>>>>login
>>>>>!
>>>>>end
>>>>>
>>>>>Please email me if you see why the Route Reflector is not reflection route
s
>>>>>to either client. It is receiving routes from both, but it is not sending
>>>>>them along to the other client.
>>>>>
>>>>>Thanks,
>>>>>
>>>>>Bruce
>>>>>mailto:bruce@williamsnetworking.com
>>>>>
>>>>>
>>>>>-----Original Message-----
>>>>>From: Sandro Ciffali [mailto:sandyccie@yahoo.com]
>>>>>Sent: Friday, March 15, 2002 2:47 PM
>>>>>To: Bruce Williams; Bruce. Lawrence. Williams@Verizon. Com;
>>>>>ccielab@groupstudy.com
>>>>>Subject: Re: BGP Route Reflector Problem
>>>>>
>>>>>
>>>>>could u post entire configs??
>>>>>
>>>>>sandro
>>>>>--- Bruce Williams <bruce@williamsnetworking.com>
>>>>>wrote:
>>>>>
>>>>>>I am having a problem with Lab 2 in the "CCIE Lab
>>>>>>Practice Kit" by Hutnik
>>>>>>and Satterlee. I have three IBGP routers that have
>>>>>>connectivity through a
>>>>>>frame cloud:
>>>>>>
>>>>>>152.1.10.9 is the Route Refletor
>>>>>>152..1.10.10 and 152.1.10.11 are the clients. When I
>>>>>>do a show ip bgp
>>>>>>neighbors" on the route reflector the other two
>>>>>>routers are established as
>>>>>>route reflector clients, but for some reason the
>>>>>>route reflector is not
>>>>>>reflecting routes from one client to the other.
>>>>>>Please check out these brief
>>>>>>configs of the three routers and tell me if I am
>>>>>>missing something.
>>>>>>
>>>>>>Here is the BGP config of the route reflector:
>>>>>>
>>>>>>router bgp 100
>>>>>>no synchronization
>>>>>>network 152.1.9.0 mask 255.255.255.128
>>>>>>neighbor 152.1.10.10 remote-as 100
>>>>>>neighbor 152.1.10.10 route-reflector-client
>>>>>>neighbor 152.1.10.11 remote-as 100
>>>>>>neighbor 152.1.10.11 route-reflector-client
>>>>>>
>>>>>>Here is the config for the two route-reflector
>>>>>>clients:
>>>>>>
>>>>>>router bgp 100
>>>>>>no synchronization
>>>>>>neighbor 152.1.10.9 remote-as 100
>>>>>>neighbor 152.1.12.2 remote-as 200
>>>>>>neighbor 152.1.12.2 distribute-list 1 out
>>>>>>neighbor 152.1.12.10 remote-as 200
>>>>>>neighbor 152.1.12.10 distribute-list 1 out
>>>>>>
>>>>>>router bgp 100
>>>>>>no synchronization
>>>>>>network 152.1.9.0 mask 255.255.255.128
>>>>>>neighbor 152.1.10.9 remote-as 100
>>>>>>neighbor 152.1.11.2 remote-as 300
>>>>>>neighbor 152.1.11.2 route-map localonly in
>>>>>>
>>>>>>Bruce Williams
>>>>>>
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:57:10 GMT-3