From: dusth@comcast.net
Date: Sun Nov 13 2005 - 02:18:41 GMT-3
Thanks for a recomandation. I will lab it up see how bgp behave.Dustin
-------------- Original message --------------
> Danny,
>
> If you think through setting the bgp next hop to 4.4.4.4, you will notice
> that, somewhere along the line it will not work, even if the access-list
> only allow bgp traffic. The policy map will still go to the routing table to
> know the interface to send the 4.4.4.4 traffic to; that interface will not
> be tunnel14, it will be some other IGP learned route or another interface.
> Remember that, the GRE protocol asked the routing table that same question
> before it was able to setup its tunnel14, and the response it got from the
> IGP table will not have been, 'to reach 4.4.4.4, go through interface
> tunnel14'. There is nothing in the policy route that indicates that the
> interface to reach 4.4.4.4 changed after the GRE tunnel came up.
>
> Using a ip local policy-map & route-map, then setting the next hop to
> 'interface tunnel14' would have been the preferred solution, but for some
> reason that is not working in my lab.
>
> The solution that will work is to set the tunnel source to a local interface
> (eg ethernet or serial, must be advertised by IGP) & the tunnel destination
> ip to the remote router's local interface (advertised by IGP). Then let IGP
> advetise the loopback0 of both routers and do a bgp neighbor peering using
> the loopback0 ip address of the other router and also using the bgp multihop
> option, this worked for me even without the multihop option.
>
> I was able to lab the above solution and it works.
>
> HTH
>
>
>
> ----- Original Message -----
> From: "Danny Cox"
> To:
> Cc:
> Sent: Saturday, November 12, 2005 9:15 AM
> Subject: Re: BGP and Tunnel
>
>
> > On 11/11/05, dusth@comcast.net wrote:
> > > Hi all, I need some clarification on how does bgp know to traverse
> inside the tunnel and what parameter of the tunnel interface tell that for
> bgp end points? I do not have access to the lab right now so I can not
> verify the config.
> > > Here is the example:
> > > r1:
> > > interface tunnel 14
> > > ip unnumber loopback 0
> > > tunnel source 1.1.1.1
> > > tunnel destination 4.4.4.4
> > > bgp 10
> > > nei 4.4.4.4 remote-as 10
> > > nei 4.4.4.4 update-source loopback0
> > > Does the ip unnumber of the tunnel or the tunnel source & destination
> tell router that bgp traffic need to traverse inside the tunnel?
> >
> > As Leigh said in another post, this won't work because the BGP traffic
> > will just follow the route given by the IGP. If you manage to get the
> > IGP to indicate that it should go down the tunnel, then that's the
> > route which GRE will try to use and the tunnel will be like a snake
> > eating its own tail.
> >
> > On the other hand, if you use policy routing you can do this. Set the
> > next-hop to be 4.4.4.4 for BGP traffic only, specified using a route
> > map and an ACL. That way the GRE traffic will follow the IGP route,
> > but BGP traffic will go down the tunnel.
> >
> > Hope that helps?
> > cheers
> > Danny
> >
> > _______________________________________________________________________
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Thu Dec 01 2005 - 09:12:06 GMT-3