RE: Verifying BGP MED when we don't have access to an AS

From: Baety Wayne SrA 18 CS/SCBX (Wayne.Baety@kadena.af.mil)
Date: Sun Apr 20 2003 - 21:15:35 GMT-3

• Next message: Umair Hoodbhoy: "RE: Verifying BGP MED when we don't have access to an AS"
• Previous message: Imran Shahid: "Multicast Static Route."
• Maybe in reply to: Umair Hoodbhoy: "Verifying BGP MED when we don't have access to an AS"
• Next in thread: Umair Hoodbhoy: "RE: Verifying BGP MED when we don't have access to an AS"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

if you enable (d)CEF you can use that to account for the traffic
destined to a particular network and verify if your results are
working.

show ip cef a.b.c.d

for that matter, you could also use ip accounting w/o having to enable
cef...

configure them on both routers (r1,r2) to give compartive results

-----Original Message-----
From: Umair Hoodbhoy [mailto:umair@cisco.com]
Sent: Monday, April 21, 2003 7:16 AM
To: ccielab@groupstudy.com
Subject: Verifying BGP MED when we don't have access to an AS

Hi all,

The Problem:
AS 666 is multihomed to another ISP which owns AS 999. R1 and R2 (IBGP
neighbors) are in AS666 while R3 and R4 (also IBGP neighbors) are in
AS999. I'm pretty lousy at art, but here's an attempt with ASCII art:

AS666 AS999
R1 ---------- R3
| |
| |
R2 ---------- R4

This is simplified of course and in reality there are other networks in
either AS. The question is make all attempts to access a particular
network X in AS666 from AS999 go through R2.

The Solution:
Okay, it sounds very simple, all you have to do is tweak MED on the
R1->R3 and R2->R4 EBGP links. The problem is how to verify that the
solution works. According to Doyle II, Halabi, and CCO (Doc CD + Tech
Tips), you just do a 'show ip bgp neighbor a.b.c.d routes' on R3 or R4
and you'll see the metric bumped up. But what if you don't have access
to those routers? I'm wondering how they do it in the real world between
ISPs. By just doing a 'show ip bgp neighbor a.b.c.d advertised' on R1
and R2 doesn't reflect the altered MED. Sure you can do a 'debug ip bgp
updates out' and see the metric set in the outgoing update but it
doesn't give a nice comparative indication like the 'show ip bgp
neighbor a.b.c.d advertised' output does. Moreover, the question was to
make sure that all attempts to access a particular network X in AS666
from AS999 go through R2. The way I see it, since you don't have access
to the other ISP's routers, you can't really verify. Is that correct?

Am also interested to know how folks manage this in the real world of
ISPs. TIA.

-- Umair

• Next message: Umair Hoodbhoy: "RE: Verifying BGP MED when we don't have access to an AS"
• Previous message: Imran Shahid: "Multicast Static Route."
• Maybe in reply to: Umair Hoodbhoy: "Verifying BGP MED when we don't have access to an AS"
• Next in thread: Umair Hoodbhoy: "RE: Verifying BGP MED when we don't have access to an AS"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Thu May 01 2003 - 13:35:59 GMT-3