RE: BGP peer establishment

From: Volkov, Dmitry (IDS Canada) (dmitry_volkov@ca.ml.com)
Date: Fri Jul 04 2003 - 16:45:47 GMT-3

> -----Original Message-----
> From: Brian McGahan [mailto:brian@cyscoexpert.com]
> Sent: Friday, July 04, 2003 2:18 PM
> To: 'Scott Morris'; 'Donny MATEO'; 'Volkov, Dmitry (IDS Canada)'
> Cc: ccielab@groupstudy.com; nobody@groupstudy.com
> Subject: RE: BGP peer establishment
>
>
> Not necessarily. As long as one side of the connection has a
> longer match than 0.0.0.0/0 adjacency can be established. Take the

I think this side (with longer match) should no be blocked by firewall.
In my case I had R5(172.50.50.5)---------(.1)pix(.10)--------(172.50.10.1)R1
R5 inside (had default route), R1 outside (had specific route)
TCP 179 session from R5 to R1 had to establish BGP peering
R5 did't try TCP 179 because of default route.

r5#deb ip bgp out
BGP debugging is on
01:19:08: BGP: 172.50.10.1 multihop open delayed 19152ms (no route)

Does anybody know fundamental explanation - why BGP TCP connection is not
established
from source with def route to the neigbor ? is it cisco specific ?

> following scenario:
>
> R1-16.0.0.0/8---R6---26.0.0.0/8---R2
>
> R1 is in AS 1, R2 is in AS 2. They are transitting R6 to peer.
> The only route that R1 has to the 26.0.0.0/8 subnet is a
> default, while
> R2 has a longer match to 16.0.0.0/8.
>
> R1#sh run | b router bgp
> router bgp 1
> bgp log-neighbor-changes
> network 1.1.1.1 mask 255.255.255.255
> neighbor 26.0.0.2 remote-as 2
> neighbor 26.0.0.2 ebgp-multihop 255
> !
> ip route 0.0.0.0 0.0.0.0 16.0.0.6
>
> R2#sh run | b router bgp
> router bgp 2
> bgp log-neighbor-changes
> network 2.2.2.2 mask 255.255.255.255
> neighbor 16.0.0.1 remote-as 1
> neighbor 16.0.0.1 ebgp-multihop 255
> !
> ip route 16.0.0.0 255.0.0.0 26.0.0.6
>
> R1#sh ip bgp sum | b Neighbor
> Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down
> State/PfxRcd
> 26.0.0.2 4 2 11 11 3 0 0 00:06:32
> 1
>
> R2#sh ip bgp sum | b Neighbor
> Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down
> State/PfxRcd
> 16.0.0.1 4 1 12 12 3 0 0 00:07:10
> 1
>
> R1#sh ip bgp
> BGP table version is 3, local router ID is 16.0.0.1
> Status codes: s suppressed, d damped, h history, * valid, > best, i -
> internal
> Origin codes: i - IGP, e - EGP, ? - incomplete
>
> Network Next Hop Metric LocPrf Weight Path
> *> 1.1.1.1/32 0.0.0.0 0 32768 i
> *> 2.2.2.2/32 26.0.0.2 0 0 2 i
>
> R2#sh ip bgp
> BGP table version is 3, local router ID is 26.0.0.2
> Status codes: s suppressed, d damped, h history, * valid, > best, i -
> internal
> Origin codes: i - IGP, e - EGP, ? - incomplete
>
> Network Next Hop Metric LocPrf Weight Path
> *> 1.1.1.1/32 16.0.0.1 0 0 1 i
> *> 2.2.2.2/32 0.0.0.0 0 32768 i
>
> R1#sh ip route
> Codes: C - connected, S - static, I - IGRP, R - RIP, M -
> mobile, B - BGP
> D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
> N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
> E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
> i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS
> inter area
> * - candidate default, U - per-user static route, o - ODR
> P - periodic downloaded static route
>
> Gateway of last resort is 16.0.0.6 to network 0.0.0.0
>
> C 16.0.0.0/8 is directly connected, FastEthernet0/6
> 1.0.0.0/32 is subnetted, 1 subnets
> C 1.1.1.1 is directly connected, Loopback0
> 2.0.0.0/32 is subnetted, 1 subnets
> B 2.2.2.2 [20/0] via 26.0.0.2, 00:06:08
> S* 0.0.0.0/0 [1/0] via 16.0.0.6
> R1#
>
> R2#sh ip route
> Codes: C - connected, S - static, I - IGRP, R - RIP, M -
> mobile, B - BGP
> D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
> N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
> E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
> i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS
> inter area
> * - candidate default, U - per-user static route, o - ODR
> P - periodic downloaded static route
>
> Gateway of last resort is not set
>
> S 16.0.0.0/8 [1/0] via 26.0.0.6
> 1.0.0.0/32 is subnetted, 1 subnets
> B 1.1.1.1 [20/0] via 16.0.0.1, 00:06:55
> 2.0.0.0/32 is subnetted, 1 subnets
> C 2.2.2.2 is directly connected, Loopback0
> C 26.0.0.0/8 is directly connected, FastEthernet0/6
>
>
> As you can see from the above output, as long as one side has a
> longer match than 0, BGP adjacency can be established.
>
> HTH,
>
> Brian McGahan, CCIE #8593
> Director of Design and Implementation
> brian@cyscoexpert.com
>
> CyscoExpert Corporation
> Internetwork Consulting & Training
> Toll Free: 866.CyscoXP
> Fax: 847.674.2625
>
>
> > -----Original Message-----
> > From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf
> Of
> > Scott Morris
> > Sent: Friday, July 04, 2003 8:57 AM
> > To: 'Donny MATEO'; 'Volkov, Dmitry (IDS Canada)'
> > Cc: ccielab@groupstudy.com; nobody@groupstudy.com
> > Subject: RE: BGP peer establishment
> >
> > There must be a non-default route to reach the other side. So
> anything
> > other than a 0/0 route will work.
> >
> > Scott
> >
> > -----Original Message-----
> > From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf
> Of
> > Donny MATEO
> > Sent: Friday, July 04, 2003 1:58 AM
> > To: Volkov, Dmitry (IDS Canada)
> > Cc: 'ccielab@groupstudy.com'; nobody@groupstudy.com
> > Subject: Re: BGP peer establishment
> >
> >
> > If I remember correctly there was an old thread discussing this. The
> > conclusion is something like BGP need specific route to establish
> > peering. Not sure if there is anymore information as to why
> and so on.
> >
> > Donny
> >
> >
> >
> >
> >
> > "Volkov, Dmitry
> >
> > (IDS Canada)" To:
> > "'ccielab@groupstudy.com'" <ccielab@groupstudy.com>
> >
> > <dmitry_volkov@ca cc:
> >
> > .ml.com> Subject: BGP peer
> > establishment
> > Sent by:
> >
> > nobody@groupstudy
> >
> > .com
> >
> >
> >
> >
> >
> > 07/04/2003 06:22
> >
> > AM
> >
> > Please respond to
> >
> > "Volkov, Dmitry
> >
> > (IDS Canada)"
> >
> >
> >
> >
> >
> >
> >
> >
> >
> > R5(172.50.50.5)---------(.1)pix(.10)--------(172.50.10.1)R1
> >
> > R5 can ping R1; R5 uses default route to reach R1. R5 can not
> establish
> > BGP peering with R1 until I put static route - more specific than
> > 0.0.0.0 0.0.0.0 - WHY ?
> >
> > r5#sh ip bgp sum
> > BGP router identifier 60.5.5.5, local AS number 55
> > BGP table version is 1, main routing table version 1
> >
> > Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down
> > State/PfxRcd
> > 172.50.10.1 4 65 0 0 0 0 0 never
> > Active
> >
> > r5#sh ip ro
> > <snip>
> > R* 0.0.0.0/0 [120/1] via 172.50.50.1, 00:00:06, FastEthernet0/0
> >
> > r5#conf t
> > Enter configuration commands, one per line. End with CNTL/Z.
> > r5(config)#ip route 172.50.10.1 255.255.255.255 172.50.50.1
> >
> > 00:55:02: %BGP-5-ADJCHANGE: neighbor 172.50.10.1 Up bgp ev
> >
> > r5#sh ip bgp sum
> > BGP router identifier 60.5.5.5, local AS number 55
> > BGP table version is 1, main routing table version 1
> >
> > Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down
> > State/PfxRcd
> > 172.50.10.1 4 65 5 5 1 0 0 00:02:01
> > 0
> > r5# sh ip ro
> > <snip>
> >
> > S 172.50.10.1/32 [1/0] via 172.50.50.1
> > R* 0.0.0.0/0 [120/1] via 172.50.50.1, 00:00:13, FastEthernet0/0
> >
> > r5#
> > router bgp 55
> > bgp log-neighbor-changes
> > neighbor 172.50.10.1 remote-as 65
> > neighbor 172.50.10.1 ebgp-multihop 2
> > r1#
> > router bgp 65
> > bgp log-neighbor-changes
> > neighbor 172.50.50.5 remote-as 55
> > neighbor 172.50.50.5 ebgp-multihop 2
> >
> > Thank You,
> >
> > Dmitry Volkov
> > CCIE # 10292
> >
> >
> >
> ______________________________________________________________
> _________
> > You are subscribed to the GroupStudy.com CCIE R&S Discussion Group.
> >
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
> >
> >
> >
> >
> >
> >
> > This message is for information purposes only and its content
> > should not be construed as an offer, or solicitation of an offer, to
> buy
> > or sell any banking or financial instruments or services and no
> > representation or warranty is given in respect of its accuracy,
> > completeness or fairness. The material is subject to change without
> > notice. You should take your own independent tax, legal and other
> > professional advice in respect of the content of this message. This
> > message may contain confidential or legally privileged material and
> may
> > not be copied, redistributed or published (in whole or in part)
> without
> > our prior written consent. This email may have been intercepted,
> > partially destroyed, arrive late, incomplete or contain
> viruses and no
> > liability is accepted by any member of the Credit Agricole Indosuez
> > group as a result. If you are not the intended recipient of this
> > message, please immediately notify the sender and delete
> this message
> > from your computer.
> >
> >
> >
> ______________________________________________________________
> _________
> > You are subscribed to the GroupStudy.com CCIE R&S Discussion Group.
> >
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
> >
> >
> >
> ______________________________________________________________
> _________
> > You are subscribed to the GroupStudy.com CCIE R&S Discussion Group.
> >
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html

This archive was generated by hypermail 2.1.4 : Wed Aug 06 2003 - 06:52:24 GMT-3