From: Howard C. Berkowitz (hcb@xxxxxxxxxxxx)
Date: Tue Jun 18 2002 - 10:12:11 GMT-3
Let me respond, then, with what I consider to be real-world learning
advice as opposed to real-world operational practice. There's a
saying in medicine "when you hear hoofbeats, the smart money is on
horses, not zebras."
BGP is a complex protocol, and I know the way I learned it...which
wasn't an overnight process. My insight came when I first focused on
the reason the features are there (what problem do they solve), and
refining my understanding with looking at RIPE-181/RPSL and routing
registry data. This, IMNSHO, is the utter foundation of
understanding the protocol.
As a boy, I started experimenting in chemistry to "mix things and see
what would happen." I didn't learn much by this, and indeed did
manage to injure myself and others. Once I studied the underlying
theory, I could often tell what would happen without needing to
perform the experiment, or would perform the experiment and then test
to see if my results matched theory.
It's a similar situation with complex routing protocols. Just
experimenting with tricky ways to turn knobs isn't really going to
improve your understanding, unless you run into the EXACT scenario on
a test. Learning the principles will allow you to generalize to
scenarios you've never seen before.
I studied tae kwon do for a while, and indeed did learn how to break
a one-inch board with my hand. I then asked myself how likely it was
that I would ever be attacked by a one-inch board, and then focused
on ways to disable the person holding the board. Much easier on my
hands.
At 10:33 AM +0300 6/18/02, Abidin Kahraman wrote:
>My point of view, the question was not a real world sample. I`ve thought we
>can change nex-hop of the subnet..When you do it, R2 is receiving changed
>subnet but it is not putting in to the BPG table, because the next-hop is
>different than original..I think prepend and community is not an issue for
>this question, if you try my config in your lab you will see one of your
>advertised routes not coming to R2..I`ve never seen like this case in the
>real world..I think this is only tricky question for understanding of
>routing protocols..like BPG..
>
>Abidin.
>
>-----Original Message-----
>From: Howard C. Berkowitz [mailto:hcb@gettcomm.com]
>Sent: Tuesday, June 18, 2002 12:06 AM
>To: ccielab@groupstudy.com
>Subject: Re: BGP no-filter
>
>(sending to the list for general information)
>
>My understanding was that R1 and R2 are in different AS. If they are
>in the same AS, NO-ADVERTISE would be the appropriate well-known
>community.
>
>I'm really starting to wonder where the original question came from,
>as it certainly doesn't reflect the way one should use BGP in the
>real world...whatever that may have to do with the CCIE lab.
>
>
>At 3:22 PM -0400 6/17/02, Lance wrote:
>>No-export does not prevent R2 from installing the route. It only prevents
>>R2 from exporting the route to another AS.
>>At least that is how I understand it, Ive been wrong before.
>>
>>----- Original Message -----
>>From: "Howard C. Berkowitz" <hcb@gettcomm.com>
>>To: "\mit Askan (TK-Network Gvz|mleri )" <umit.askan@probil.com.tr>;
>><ccielab@groupstudy.com>
>>Sent: Monday, June 17, 2002 2:34 PM
>>Subject: RE: BGP no-filter
>>
>>
>>> I'm copying this to the list so others can benefit.
>>>
>>>
>>> >this is a question for preparing the lab. I couldn't find how can I
>>> >solve.
>>> >But Bhisham's answer agrees with all the rules.
>>> >if you prepend R2's AS to the 10.10.20.0 route
>>> >R2 won't take it because of the BGP process rules.
>>>
>>> The point is that you are describing something that the NO-EXPORT
>>> community is specifically intended to solve.
>>>
>>> AS path prepending is not part of the current BGP standard, and
>>> indeed there is a Cisco knob to disable it in the decision process.
>>> It will be part of the new draft standard, but there are definitely
>>> implementations that won't understand it -- especially Cisco or
>>> others that are configured to follow the strict IETF algorithm.
>>>
>>> If your topology changes and the second AS is no longer adjacent, AS
> >> path prepending may not work any longer, so you've created a
>>> potential long-term maintenance vulnerability.
>>>
>>> Again, this is a case of using best current practice in the real
>>> world, rather than using any protocol feature that seems to meet the
>>> need. I really would find it hard to believe Cisco would prefer AS
>>> path prepending to NO-EXPORT, because NO-EXPORT is a supported Cisco
>>> feature.
>>>
>>> >Best Regards
>>> >umit
>>> >
>>> >-----Original Message-----
>>> >From: Howard C. Berkowitz [mailto:hcb@gettcomm.com]
>>> >Sent: Monday, June 17, 2002 20:31
>>> >To: Ccie (E-mail)
>>> >Subject: Re: BGP no-filter
>>> >
>>> >
>>> >At 3:59 PM +0300 6/17/02, \mit As8kan (TK-Network Gvz|mleri) wrote:
>>> >>Hi,
>>> >>
>>> >>I have got a problem like that :
>>> >>
>>> >>network 10.10.10.0 R1-------EBGP--------R2
>>> >>network 10.10.20.0
>>> >>
>>> >>I want to see only 10.10.10.0 at R2 bgp table. But if you look to the
>>> >>R1's advertised routes to R2, you will see 10.10.10.0 and 10.10.20.0.
>>> >>You can't do anything on R2 for that routes.
>>> >>
>>> >
>>> >I'm assuming R1 learns 10.10.20.0 through an IGP, static route, or
>>> >direct connection. Is there some reason that you can't tag it with
>>> >the well-known BGP community, NO-EXPORT, when it enters BGP? The
>>> >purpose of that community is to keep the route inside your AS.
>>> >--
>>> >"What Problem are you trying to solve?"
>>> >***send Cisco questions to the list, so all can benefit -- not
>>> >directly to me***
>>>
>>************************************************************************
>>> >********
>>> >Howard C. Berkowitz hcb@gettcomm.com
>>> >Chief Technology Officer, GettLab/Gett Communications
>>> >http://www.gettlabs.com
>>> >Technical Director, CertificationZone.com
>>> >http://www.certificationzone.com
> >> >"retired" Certified Cisco Systems Instructor (CID) #93005
This archive was generated by hypermail 2.1.4 : Tue Jul 02 2002 - 08:12:36 GMT-3