EBGP Multihop

Rohitendu,
As the statement indicates, the default behavior of BGP is to choose only one best path. In order to do this, there is a somewhat complicated best path selection process - depending on how you count, it is 13 steps long! What the maximum-path command does is to tell BGP to stop at a certain point during that best path selection process, and basically say, “if you get this far in the selection process, then consider the paths equally good and use them both.”

In reality, it is rare for this feature actually to be used, because it stops the selection process pretty deep in the list. In order for multiple paths to be used, all of the following characteristics of the path must be equal:

1. Weight
2. Local Preference
3. Local Origination Status
4. AS Path Length
5. Origin Code (i,e,?)
6. MED (metric)
7. Same IGP metric to exit points

FYI:
Here is a very detailed Cisco document that talks about BGP path selection, and how multi-path fits in:
http://www.cisco.com/c/en/us/support/docs/ip/border-gateway-protocol-bgp/13753-25.html

after I follow your guide, I have that :

S       2.2.2.0 [1/0] via 192.168.21.2
                [1/0] via 192.168.12.2

this routing table have installed in routing table since we have finished static route. then I tried BGP configuration, I got this message

%BGP-5-ADJCHANGE: neighbor 2.2.2.2 Up

but in routing table is the same, therefor what is benefit of BGP in this scenario?

Hi Rene,

I have start to study BGP, Iam understanding very well. Thanks

Bean,
I am not understanding your question. Could you try to re-phrase it?

HI Rene,

I have a scenario

R4----BGP_Peer_R1------------R3-------------BGP_Peer_R2----R5

I have configured loop back interfaces in both R4 & R5 but i couldn’t ping these from R4 & R5 (Couldn’t ping R4 loop back from R5 & vice versa) , Although i can reach R4 & R5 loop back IP’s from R1 & R2 .

Is this an expected behavior?

Ajay

Ajay,
We need more information. Could you include what autonomous system numbers you used to configure BGP in your scenario? When you say BGP_PEER_R1 (or R2), who is peering with whom (for example R1 and R2 are peers of each other only?)? Could you also indicate whether you are running any other routing protocols between any routers?

Hi Andrew,

R4—-BGP_Peer_R1————R3————-BGP_Peer_R2—-R5

R1 AS : 65000
R2 AS : 12076
In not running any IGP in between but static routes.

I can see the BGP peer has been done but i couldn’t ping the loop back IP in R5 from R4 & vice versa.

Please note loop back IP;s are reachable from R1 & R2

Since you are using static routes, have you included static routes for the R4 and R5 loopbacks in R3’s routing table? If R3 isn’t aware of the loopback networks, it will drop traffic bound for them.

Yes i did , I have done all possible way only thing left is to configure an IGP.

Ajay,
I recreated your lab, and it worked fine for me. Eventually, we might have to have you paste your full configs to find the mistake.

In the meantime, please answer the following:

1. You said that R1 and R2 can see each other as BGP peers, correct? In other words, issuing “show ip bgp summary” on each of R1 and R2 shows the other device, and each has non-zero numbers for “MsgRcvd” and “MsgSent”?
2. If you look at the routing table of both R1 and R2 via “show ip route bgp”, does each show a route for the loopback network on the “opposite” side of the network? In other words, R1 would should show R5’s loopback
3. Can you ping the loopbacks from R1, R2, and R3?
4. What static routes did you enter on both R4 and R5?

I am just reading through first time so all of this is new to me and I am doing good to just get the high level parts. However, saying all that I have started to read all of these pages of post even those I don’t understand, and I have to say Andrew and Rene you guys are intimidating on your knowledge. I figured even if I don’t understand all the posts later some of the things here may ring a bell or be in the back of my mind. Hopefully one day this stuff will start to register like the CCNA stuff did!

19 posts were merged into an existing topic: EBGP Multihop

The conversation with Hussein is very good conversation but its a bit muddled.

I think basically an example was used that was kind of special case to demonstrate perhaps some commands and partial thought process.

I also wondered about the disabled connected and the reason I wondered about the disabled connected check was that I did not think the loop back was seen as directly connected because I didn’t think the loopback was seen.

The reason I didn’t think the loopback was seen was because it counted the loopback as a hop (is that wrong word?) meaning it incremented the TTL by 1 which added up to a total of 2. so I thought once you fixed that then it could show up if you had the following commands required by BGP which I thought was the following:

R1(config)#router bgp 1
R1(config-router)#neighbor 2.2.2.2 remote-as 2
R1(config-router)#neighbor 2.2.2.2 update-source loopback 0
R1(config-router)#neighbor 2.2.2.2 ebgp-multihop 2

So to me using the disabled connected command was meaningless in regards to that. I think you was trying to point out something by using it but I don’t know what it was you was trying to get at. You finally said it was not needed and that makes sense to me in how I understand how things work. In addition, it was just where you was going with it in the first place that was not clear to me.

hope that’s clear but its hard to communicate some of these advanced granular thing as you know because even harder to try and write the lessons to convey these things I am sure.

======================================================================

Next question:

Right now I am thinking BGP unlike IGP routing protocols and also unlike static routes does not supply connectivity. Let me give some examples hopefully they help communicate my thought process.

the reason BGP works on directly connected routers is only because directly connected routes show up in the routing table minus loop back which as mentioned above has a TTL issue that has to be modified and then you can add as neighbor.

So in some ways using directly connected routers does not pound in the issue of the truth as I believe it. you have to have routes in place to run BGP over or it has to be directly connected otherwise they don’t know where to send crap because they don’t know the road to where they need to go.

This is confusing because every other thing you setup when you set it up that is the road but not with BGP as I understand it. So if not directly connected you need either a routing protocol or static routes to provide a road for BGP to run over.

Is that connect thinking? Its not really stated explicitly anywhere in the reading and perhaps because its not easy to state that in a few words as I just drummed on for half a page trying to ask the question.

If I had to sum up everything I just said in a few words it would be the following and I will quote myself(can people quote themselves?? lol)

BGP will only run over directly connected links or run over additional routing protocol or static route. In a very broad and loose sense it works a bit like a VPN running over something else, or as OSPF running over frame replay. It has to has to know where its going! BGP by itself does not provide itself a road map over Ethernet as do other IGP and static routes.

even that is not great wording because BGP runs but does not provide end to end connectivity for things to get from point A to point B.

If I used an analogy I would say:

BGP is like driving your car on a highway without any road signs or directions you simply don’t know how to get where you need to. You must use GPS(a routing protocol ) or they have to put in road signs (static routes). Once that’s done you can get to where you need to go and also know how to get back home where you started.

could add the reason you don’t need routing protocols or static routes for directly connected is basically same principle:

if you can see the store from your house you don’t need maps because you can see all the information right there both to reach it and to return from it.

I didn’t mention it my main assertions as I figured most at this level probably understood that.

Is my thinking correct on this?

Hello Brian

I’m not sure if I am answering your question, but I’m going to attempt to answer the summary question you quoted in your message. For reference, here is the quote I will be commenting on:

The interesting thing about BGP, and this is one of the major areas in which it is different from IGPs, is that in order for two BGP routers to communicate, they must have connectivity. (duh! ), What I mean is, neighbour relationships are configured manually, and neighbours don’t have to be physically adjacent. This means that routing must be established in some form or another (static route, IGP) between the BGP neighbouring routers in order for them to exchange BGP routing information. One might say “well if we have to run an IGP to get BGP to function, what’s the point?” I stress that routing between the two routers must be established for the exchange of BGP routing information, and NOT for the transfer of user data. Once BGP neighbourhoodship has been established, BGP routes can be exchanged and the network can converge for the purpose of transferring user data.

I hope this has been helpful!

Laz

I’m still not clear on why the second scenario requires multihop when the neighbours are directly connected.

Are you saying that when traffic is sourced from and to a loopback, it is effectively taking 3 hops? (2 of which are virtual within the routers).

Hello Chris

Essentially, if you use the FastEthernet interfaces to interconnect BGP, then the routers are considered directly connected and you wouldn’t need to use multihop. However, because we are using two redundant links to connect the two routers, if we use the fastEtherent interfaces, and one link goes down, then the BGP connection between them will also go down, thus rendering the redundant link unusable. This is why it is preferable to use the loopback interfaces. However, If you use the loopback interfaces, you can see that these loopbacks are not directly connected to each other and thus require an additional hop between them. This is why multihop is necessary. This is reinforced by the fact that a value of 2 is used for the TTL which would be the number of hops, counting each router as one hop.

I hope this has been helpful!

Laz

Hi Laz

So you are saying a TTL of 2 is required for 2 directly connected routers to reach each other, if both are using loopbacks as their update source.

In this case then, is “disable-connected-check” effectively useless in most scenarios as it’s best practise to use a loopback as an update source? As it doesn’t modify the TTL value. “disable-connected-check” will only work between 2 directly connected routers who are using PHYSICAL (not loopback) IP values as their update-source?

Hello Chris

Default eBGP operation checks the eBGP neighbour statement against its list of directly connected neighbours. Since the loopback does not fall into the common subnet, the eBGP neighbour relationship doesn’t attempt to form by default.

For this reason, you must configure eBGP multihop whenever the eBGP connections are not on the same network subnet, such as the above scenario.

Alternatively, the disable-connected-check overrides this behaviour and allows the attempt to occur, even if TTL=1 by default. Note: This does not override the TTL behaviour of 1 hop for eBGP but just allows an exception for the loopbacks of directly connected eBGP routers.

The disable-connected-check is not necessary if the neighbor X.X.X.X ebgp-multihop Y command is used. In other words, the disable-connected-check is used for peering between eBGP loopbacks on directly connected neighbours where the TTL value = 1.

So essentially you are correct.

I hope this has been helpful!

Laz

why are we using “neighbor 1.1.1.1 ebgp-multihop 2” when neighbors are directly connected ?
I am talking about the scennario

R2(config)#router bgp 2
R2(config-router)#neighbor 1.1.1.1 remote-as 1
R2(config-router)#neighbor 1.1.1.1 update-source loopback 0
R2(config-router)#neighbor 1.1.1.1 ebgp-multihop 2

Hello Deepika

This question has been addressed in a couple of posts above. Take a look at this post and the subsequent answers. If you still have questions, please feel free to ask them!

I hope this has been helpful!

Laz