BGP Synchronization

konstantinos_dimos · January 13, 2023, 11:12pm

i can not make R2 to pss the access-list, i tried many things prefix-list, access standard , extended…
any suggestion?
thnx in advance!

R1
router bgp 1
 bgp router-id 1.1.1.1
 bgp log-neighbor-changes
 network 1.1.1.1 mask 255.255.255.255
 neighbor 2.2.2.2 remote-as 2
 neighbor 2.2.2.2 ebgp-multihop 2
 neighbor 2.2.2.2 update-source Loopback0
!
ip forward-protocol nd
!
!
no ip http server
ip route 2.2.2.2 255.255.255.255 192.168.12.2


R2

router ospf 1
 router-id 2.2.2.2
 redistribute bgp 2 subnets route-map prefix-loop
 network 2.2.2.2 0.0.0.0 area 0
 network 192.168.23.0 0.0.0.255 area 0
!
router bgp 2
 synchronization
 bgp router-id 2.2.2.2
 bgp log-neighbor-changes
 neighbor 1.1.1.1 remote-as 1
 neighbor 1.1.1.1 ebgp-multihop 2
 neighbor 1.1.1.1 update-source Loopback0
 neighbor 4.4.4.4 remote-as 2
 neighbor 4.4.4.4 update-source Loopback0
 neighbor 4.4.4.4 next-hop-self
!
ip forward-protocol nd
!
!
no ip http server
ip route 1.1.1.1 255.255.255.255 192.168.12.1
!
ipv6 ioam timestamp
!
route-map prefix-loop permit 10
 match ip address 110
!
!
access-list 110 permit ip host 1.1.1.1 any log


R3

router ospf 1
 router-id 3.3.3.3
 network 3.3.3.3 0.0.0.0 area 0
 network 192.168.23.0 0.0.0.255 area 0
 network 192.168.34.0 0.0.0.255 area 0

R4
router ospf 1
 router-id 4.4.4.4
 network 4.4.4.4 0.0.0.0 area 0
 network 192.168.34.0 0.0.0.255 area 0
!
router bgp 2
 synchronization
 bgp router-id 4.4.4.4
 bgp log-neighbor-changes
 neighbor 2.2.2.2 remote-as 2
 neighbor 2.2.2.2 update-source Loopback0
 neighbor 2.2.2.2 next-hop-self
 neighbor 5.5.5.5 remote-as 3
 neighbor 5.5.5.5 ebgp-multihop 2
 neighbor 5.5.5.5 update-source Loopback0
!
ip forward-protocol nd
!
!
no ip http server
ip route 5.5.5.5 255.255.255.255 192.168.45.5
!

R5
router bgp 3
 bgp router-id 3.3.3.3
 bgp log-neighbor-changes
 network 5.5.5.5 mask 255.255.255.255
 neighbor 4.4.4.4 remote-as 2
 neighbor 4.4.4.4 ebgp-multihop 2
 neighbor 4.4.4.4 update-source Loopback0
!
ip forward-protocol nd
!
!
no ip http server
ip route 4.4.4.4 255.255.255.255 192.168.45.4

lagapidis · January 18, 2023, 6:19am

Hello Konstantinos

So what you are trying to do here is to make sure that R2 will redistribute the 1.1.1.0/24 prefix into OSPF, so that R4 will have it in its IGP (which is OSPF). This satisfies the synchronization rule and allows the BGP route to 1.1.1.0/24 to be installed in the routing table.

I’m not completely sure why it’s not working for you just from the information you have shared. You will need to troubleshoot the redistribution of the route into OSPF. One thing that comes to mind is the fact that you are redistributing 1.1.1.1/32. Is that what you have configured on your R1 loopback interface? In the lesson, it’s 1.1.1.1/24 and the network command is advertising 1.1.1.0 0.0.0.255. This may have something to do with it.

If not, troubleshoot redistribution and see why the network is not being shared to R4. You can take a look at these lessons to help you out:

I hope this has been helpful!

Laz

konstantinos_dimos · January 26, 2023, 3:54pm

as u mentioned it should be running fine, although when i change the loopbacks to 1.1.1.0/24 instead 1.1.1.1/32 it runs. Yes the network commands area the same as loopbacks on bgp configuration. I suggest there will be a problem with bgp router- , maybe sthing is wrong from the same protocol and i

bind the 1.1.1.1 to update loopback bgp neighborship
define bgp router- 1.1.1.1
make static routes to this prefix
i advertsise the 1.1.1.1/32 host as network.
Do u have any in ur mind ? Do u have mmet any other same case?

lagapidis · February 1, 2023, 8:00am

Hello Konstantinos

Remember that the network command in BGP must match the address and subnet mask exactly as it exists in the routing table. Check out what’s in the routing table for that loopback address. If it does not match, then it won’t work.

I hope this has been helpful!

Laz

davidilles · December 25, 2023, 1:27pm

Hello, everyone.

If I understand the rule correctly, as Rene said, this was the “solution” to scenarios where we didn’t run iBGP on all routers in our transit AS.

So if the prefix is validated via an IGP, the assumption here is that even R3 (who isn’t running BGP) is running that IGP and knows about the route, so no traffic will be blackholed, right?

Thank you.

David

lagapidis · January 8, 2024, 5:17am

Hello David

Yes, that is correct. This is a feature that is meaningful when there are some routes within our AS that are not running BGP. However, this approach is declining in use, and the best practice is to ensure that there is a full mesh of iBGP peerings between routers in an AS.

Yes. R4 refuses to install the BGP route unless there is an IGP route installed in the routing table for that prefix. This ensures that this route is known within the IGP domain, and thus any routers not running iBGP will be able to route it.

I hope this has been helpful!

Laz