From: alsontra@hotmail.com
Date: Fri Feb 13 2004 - 18:59:53 GMT-3
IMHO,
At first, I thought the of the idea of raising the admin distance on BGP was
a rather "shotgun" approach to solving many problems related to BGP admin
distance known issues. However, now that I have spent what seems like an
eternity working with this protocol, I feel that the BGP admin distance
should never be lower than an IGP distance for the same route. I have yet to
see a scenarios that needs the admin distance of BGP to be lower than the
IGP admin distance to work properly. And in those case where your told not
use the bgp distance command, I feel your knowledge of BGP and IGP admin
distance is being tested. In the real world, I think most would agree that
using the default admin distance for BGP could be problematic.
I've spent many hours thinking this through, and I agree with others on this
list that think that Cisco should set the default admin distance to 190 200
200 or 200 200 200. If your IGP has the same route as BGP, it means one of
two things:
1. You've configure your IGP this way for some specific reason and want to
prefer the IGP route.
2. You've misconfigured BGP or a neighboring AS is misconfigured.
Regarding the Lab Examination, I agree with you. Its probably best give the
proctor what he or she wants.
Alsontra
----- Original Message -----
From: "Michael Snyder" <msnyder@revolutioncomputer.com>
To: <ccielab@groupstudy.com>
Cc: <alsontra@hotmail.com>; "'Bob Sinclair'" <bsinclair@netmasterclass.net>
Sent: Friday, February 13, 2004 11:27 AM
Subject: RE: A very good use for the bgp distance command.
> Hi Bob,
>
> `I wonder if perhaps the same
> result could be achieved with the BACKDOOR command?`
>
> I've never had good results with the backdoor command.
>
> Maybe I should try to learn to use it correctly again.
>
> ----------------------------------------------------------
>
> Hello Alsontra,
>
> `Why can you just add "distance bgp 190 200 200" to all bgp running
> routers. Wouldn't this be the simplest solution? Why write
> access-lists?`
>
>
> It works, but is the proctor going to give you points for a shotgun
> approach? I think you need to demonstrate with a narrow scope that you
> know why you are doing it.
>
>
> -----Original Message-----
> From: Bob Sinclair [mailto:bsinclair@netmasterclass.net]
> Sent: Friday, February 13, 2004 10:37 AM
> To: Michael Snyder; ccielab@groupstudy.com
> Subject: Re: A very good use for the bgp distance command.
>
> Michael,
>
> Good catch on that and a great explanation. I wonder if perhaps the
> same
> result could be achieved with the BACKDOOR command? It changes the AD
> of an
> EBGP route to 200 so that an igp-learned route is preferred.
>
> Bob Sinclair
> CCIE #10427, CISSP, MCSE
> www.netmasterclass.net
>
>
> ----- Original Message -----
> From: "Michael Snyder" <msnyder@revolutioncomputer.com>
> To: <ccielab@groupstudy.com>
> Sent: Thursday, February 12, 2004 10:01 PM
> Subject: A very good use for the bgp distance command.
>
>
> > I just got doing this in a practice lab tonight. Thought I would post
> a
> > problem from it.
> >
> > The lab has loopbacks in the format of 210.x.x.x
> >
> > 210.1.1.1/32
> > 210.2.2.2/32
> > 210.4.4.4/24 (version 1 rip)
> > 210.5.5.5/32
> > etc.
> >
> > All my bgp neighbors use loopback peering. Example 210.1.1.1 peers to
> > 210.2.2.2
> >
> > router bgp 64513
> > no synchronization
> > bgp router-id 210.5.5.5
> > bgp log-neighbor-changes
> > bgp confederation identifier 200
> > bgp confederation peers 64512
> > neighbor internal peer-group
> > neighbor internal remote-as 64513
> > neighbor internal update-source Loopback0
> > neighbor internal route-reflector-client
> > neighbor 210.2.2.2 peer-group internal
> > neighbor 210.4.4.4 peer-group internal
> > neighbor 210.6.6.6 remote-as 64512
> > neighbor 210.6.6.6 ebgp-multihop 4
> > neighbor 210.6.6.6 update-source Loopback0
> > neighbor 210.7.7.7 remote-as 700
> > neighbor 210.7.7.7 ebgp-multihop 3
> > neighbor 210.7.7.7 update-source Loopback0
> > no auto-summary
> >
> > Here's the rub, one of the requirements is to advertise the loopback
> > networks into bgp.
> >
> > I'm using igp to reach my bgp neighbors! As soon as I put the
> loopback
> > subnets into bgp, they will go down.
> >
> > Why? `B 210.8.8.8 [20/0] via 210.7.7.7, 00:02:05` Because the
> > external AS's will place routes in the routing tables with the admin
> > distance of 20.
> >
> > This is just a classic bgp landmine.
> >
> > Solution, as soon as I saw the requirement I added the following
> > commands to every router.
> >
> > access-list 80 permit 210.0.0.0 0.255.255.255
> >
> > router bgp xxxx
> > distance 180 210.0.0.0 0.255.255.255 80
> > end
> >
> > In English, any bgp routing updates coming from any loopback networks
> > (which is all my neighbors) set the routes that match access-list 80
> > (which also is my loopback networks) to the admin distance of 180
> (which
> > is higher than my highest igp eigrp external 170 admin distance)
> >
> > One note, the distance command uses wildcards, not masks. The ios
> help
> > is wrong.
This archive was generated by hypermail 2.1.4 : Fri Mar 05 2004 - 07:13:49 GMT-3