From: Peter van Oene (pvo@usermail.com)
Date: Sat Feb 14 2004 - 12:19:19 GMT-3
At 04:59 PM 2/13/2004, alsontra@hotmail.com wrote:
>IMHO,
>
>At first, I thought the of the idea of raising the admin distance on BGP was
>a rather "shotgun" approach to solving many problems related to BGP admin
>distance known issues. However, now that I have spent what seems like an
>eternity working with this protocol, I feel that the BGP admin distance
>should never be lower than an IGP distance for the same route. I have yet to
>see a scenarios that needs the admin distance of BGP to be lower than the
>IGP admin distance to work properly. And in those case where your told not
>use the bgp distance command, I feel your knowledge of BGP and IGP admin
>distance is being tested. In the real world, I think most would agree that
>using the default admin distance for BGP could be problematic.
>
>I've spent many hours thinking this through, and I agree with others on this
>list that think that Cisco should set the default admin distance to 190 200
>200 or 200 200 200. If your IGP has the same route as BGP, it means one of
>two things:
For what its worth, Juniper pref's IBGP and EBGP equally with an internal
tie break between them.
>1. You've configure your IGP this way for some specific reason and want to
>prefer the IGP route.
>2. You've misconfigured BGP or a neighboring AS is misconfigured.
>
>Regarding the Lab Examination, I agree with you. Its probably best give the
>proctor what he or she wants.
>
>Alsontra
>
>
>
>
>----- Original Message -----
>From: "Michael Snyder" <msnyder@revolutioncomputer.com>
>To: <ccielab@groupstudy.com>
>Cc: <alsontra@hotmail.com>; "'Bob Sinclair'" <bsinclair@netmasterclass.net>
>Sent: Friday, February 13, 2004 11:27 AM
>Subject: RE: A very good use for the bgp distance command.
>
>
> > Hi Bob,
> >
> > `I wonder if perhaps the same
> > result could be achieved with the BACKDOOR command?`
> >
> > I've never had good results with the backdoor command.
> >
> > Maybe I should try to learn to use it correctly again.
> >
> > ----------------------------------------------------------
> >
> > Hello Alsontra,
> >
> > `Why can you just add "distance bgp 190 200 200" to all bgp running
> > routers. Wouldn't this be the simplest solution? Why write
> > access-lists?`
> >
> >
> > It works, but is the proctor going to give you points for a shotgun
> > approach? I think you need to demonstrate with a narrow scope that you
> > know why you are doing it.
> >
> >
> > -----Original Message-----
> > From: Bob Sinclair [mailto:bsinclair@netmasterclass.net]
> > Sent: Friday, February 13, 2004 10:37 AM
> > To: Michael Snyder; ccielab@groupstudy.com
> > Subject: Re: A very good use for the bgp distance command.
> >
> > Michael,
> >
> > Good catch on that and a great explanation. I wonder if perhaps the
> > same
> > result could be achieved with the BACKDOOR command? It changes the AD
> > of an
> > EBGP route to 200 so that an igp-learned route is preferred.
> >
> > Bob Sinclair
> > CCIE #10427, CISSP, MCSE
> > www.netmasterclass.net
> >
> >
> > ----- Original Message -----
> > From: "Michael Snyder" <msnyder@revolutioncomputer.com>
> > To: <ccielab@groupstudy.com>
> > Sent: Thursday, February 12, 2004 10:01 PM
> > Subject: A very good use for the bgp distance command.
> >
> >
> > > I just got doing this in a practice lab tonight. Thought I would post
> > a
> > > problem from it.
> > >
> > > The lab has loopbacks in the format of 210.x.x.x
> > >
> > > 210.1.1.1/32
> > > 210.2.2.2/32
> > > 210.4.4.4/24 (version 1 rip)
> > > 210.5.5.5/32
> > > etc.
> > >
> > > All my bgp neighbors use loopback peering. Example 210.1.1.1 peers to
> > > 210.2.2.2
> > >
> > > router bgp 64513
> > > no synchronization
> > > bgp router-id 210.5.5.5
> > > bgp log-neighbor-changes
> > > bgp confederation identifier 200
> > > bgp confederation peers 64512
> > > neighbor internal peer-group
> > > neighbor internal remote-as 64513
> > > neighbor internal update-source Loopback0
> > > neighbor internal route-reflector-client
> > > neighbor 210.2.2.2 peer-group internal
> > > neighbor 210.4.4.4 peer-group internal
> > > neighbor 210.6.6.6 remote-as 64512
> > > neighbor 210.6.6.6 ebgp-multihop 4
> > > neighbor 210.6.6.6 update-source Loopback0
> > > neighbor 210.7.7.7 remote-as 700
> > > neighbor 210.7.7.7 ebgp-multihop 3
> > > neighbor 210.7.7.7 update-source Loopback0
> > > no auto-summary
> > >
> > > Here's the rub, one of the requirements is to advertise the loopback
> > > networks into bgp.
> > >
> > > I'm using igp to reach my bgp neighbors! As soon as I put the
> > loopback
> > > subnets into bgp, they will go down.
> > >
> > > Why? `B 210.8.8.8 [20/0] via 210.7.7.7, 00:02:05` Because the
> > > external AS's will place routes in the routing tables with the admin
> > > distance of 20.
> > >
> > > This is just a classic bgp landmine.
> > >
> > > Solution, as soon as I saw the requirement I added the following
> > > commands to every router.
> > >
> > > access-list 80 permit 210.0.0.0 0.255.255.255
> > >
> > > router bgp xxxx
> > > distance 180 210.0.0.0 0.255.255.255 80
> > > end
> > >
> > > In English, any bgp routing updates coming from any loopback networks
> > > (which is all my neighbors) set the routes that match access-list 80
> > > (which also is my loopback networks) to the admin distance of 180
> > (which
> > > is higher than my highest igp eigrp external 170 admin distance)
> > >
> > > One note, the distance command uses wildcards, not masks. The ios
> > help
> > > is wrong.
>
>_______________________________________________________________________
>Please help support GroupStudy by purchasing your study materials from:
>http://shop.groupstudy.com
>
>Subscription information may be found at:
>http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Fri Mar 05 2004 - 07:13:49 GMT-3