From: Kenneth Wygand (KWygand@customonline.com)
Date: Sat Jun 26 2004 - 18:49:22 GMT-3
Hey Art,
First of all, yes- the groupstudy list will automatically remove the diagram. However you can pretty much illustrate your diagram through pure ASCII as follows:
AS54 ----------- AS100 ----------- AS254
Let me answer your questions as it relates to the possible restrictions in any lab scenario. If the lab says to ONLY redistribute any particular interfaces on a particular router, don't do more than that. There is probably a reason why they want you to use a specific feature that needs to be used if you conform to their strict requirements. Watch out for these.
In your case, AS54 and AS254 will be forming EBGP neighbor relationships with your border routers in AS100. I'm making the assumption that you are receiving routes from both AS54 and AS254 and are -not- allowed to redistribute these into your IGP. This is important because remember how the "next hop" is advertised through EBGP sessions... it's advertised as the IP address you are peering with on the router sending the BGP network. For example, if AS54 is sending AS100 a route for 10.0.0.0/24, the next hop address for that route will be the IP address you have configured to peer with on the AS54 side. Now all that is well and good because obviously your border router knows how to get to this link because it is directly connected (or even if it's a loopback interface on AS54, it knows how to get there anyway, otherwise your BGP session would not be established in the first place!).
Here's the tricky part: When your border router in AS10 advertises the route via IGP, what does it advertise the next-hop IP address as? Well, the answer is that it keeps it the same! So your BGP speaking routers in AS100 must also know how to reach the IP address on the AS54 side that your AS100 border router is peering with. Well, if you are not allowed to redistribute BGP routes into your IGP, how can you do this? One way of doing this is adding the "next-hop-self" attribute to your AS100 border router for all IBGP peers. Then it will advertise the IP address used to peer with your IBGP peers, which in turn they must be able to reach or the IBGP session wouldn't be established in the first place!
Just keep in mind that BGP rides on top of your IGP. Never configure -any- BGP configuration until your IGP is 100% solid or else you are asking for a mess! Also remember that when it comes to redistributing or choosing which interfaces to use for your BGP peering sessions, these are the only addresses that will be used by BGP for all BGP-level connectivity and all its rules/requirements, especially for BGP Bestpath selection (next hop must be accessible - if not, do not consider it, etc). Finally, make sure all the IP addresses you use for your BGP sessions are reachable within your IGP routing domain (thus the reason to sometimes use BGP next-hop-self sometimes, as described above). BGP sets the rules at a very high level, but your IGP actually does the work of getting it from point A to point B!
Have I answered all of your questions? Does it all make a little more sense now?
Ken
-----Original Message-----
From: Art Lee [mailto:bahia111@comcast.net]
Sent: Sat 6/26/2004 3:30 PM
To: Kenneth Wygand
Cc:
Subject: Re: INE Lab 17 BGP 6.1-6.5, In general
Kenneth Wygand wrote:
Art,
Keep in mind that BGP rides on top of your existing IGP routing domain, so the addresses you peer from/to will affect the IGP path a particular packet takes to get from source to destination.
The choice of interfaces, again, is up to you if not explicitly stated. It might be more practical to select peering interfaces with consideration to the underlying IGP routes packets will take to construct the peering you set forth.
Also, the CCIE lab is results-oriented. If your solution works, you get the points. Period.
HTH,
Ken
-----Original Message-----
From: nobody@groupstudy.com on behalf of Art Lee
Sent: Fri 6/25/2004 8:57 PM
To: ccielab@groupstudy.com
Cc:
Subject: INE Lab 17 BGP 6.1-6.5, In general
On my first pass thru the peering, I used different interfaces than in
the solution. Of course, I had some adj. problems.
In general, for a lab like this with the general instructions for
setting up peering, how do you determine which interface(s)
to use for peering, especially if you have 2 choices?
I'm asking because to use the solutions for 6.8, I had to use the
solution choice of interfaces. With my original choice of peering
interfaces, I had full BGP connectivity but had to use a different
route-map solution (origin-incomplete) to get that to work.
I guess I am asking about the actual lab & how do you select the "best"
or "correct" peering interface for the task requested. I don't
understand how the peering interfaces were chosen for R1, R2, & R3, in
particular, why pick ethernet over the serial links......
Art
--
***********************
Art Lee
_______________________________________________________________________
Please help support GroupStudy by purchasing your study materials from:
http://shop.groupstudy.com <http://shop.groupstudy.com/> <http://shop.groupstudy.com/>
Subscription information may be found at:
http://www.groupstudy.com/list/CCIELab.html
Hello Kenneth,
Thanks for the above reply. One other "in general" type question:
For the diagram below, I have trouble sometimes with the correct BGP peering required to AS 100, if the following is true:
1.) The IGP in AS 100 has full reachability
2.) Sync is off
3.) AS 54 & 254 have the BB router's in them
4.) The BB routers links are not advertised by the IGP protocols in AS 100 but are connected to AS 100's border routers
5.) Sometimes you are required to redistribute connected, only loopback, on the border routers in AS 100 that connect to AS 54 &/or 254.
I guess my question is when to use network, next-hop-self, redis connected (match the interface connecting to the EBGP border routers & the loopback)? Is there a general rule of thumb as to when to use the either of the above statements? I know this is mostly dependent on the particular scenario, but do I just go for what works? What are the conditions to us what option, in gerneral?
Can I send an email like this to GroupStudy, with the jpeg diagram in it? I wasn't sure , so I am sending you a private email. I think the GroupStudy list can only accept pure Ascii, right?
--
***********************
Art Lee
bahia111@comcast.net
Digital Pixels
[GroupStudy removed an attachment of type image/jpeg which had a name of BGP.jpg]
This archive was generated by hypermail 2.1.4 : Sat Jul 03 2004 - 19:40:50 GMT-3