EBGP Multihop

Hello NWL Team,

I hava e simple question for you.

Why in the first example of the explanation of eBGP Multihop the ping test is not success. From R1 to R3 o R3 to R1

R1 PING ----------------to-------------------> R3
192.168.12.1 not success 192.168.23.3

Therefore the bgp session never comes up

Thanks,

Hello Miguel

After the static routing is implemented between R1 and R3, the pings should work between the routers. Make sure the static routing is configured as stated in the lesson.

Secondly, the BGP session will not come up because of the fact that the BGP neighbors exist in different subnets. eBGP will not try to become a neighbor with a router that has a different subnet. The rest is explained in the lesson.

I hope this has been helpful

Laz

Rene,

I’m trying to use Wireshark and bounce the interface on R1 to see BGP messages. I used the filter “bgp” and don’t see any messages. Unlike you’re scenario though, I’m using a serial connection using HDLC. If I don’t use any filter, I do see other (non-BGP) messages, so it is capturing some data.

I set up the network shown above. I tried using a static default route on R1 and R3 and could ping from R1 to R3 (and vice versa). However, it wasn’t until I created a static route on R1 to 20.20.20.8/30 that BGP came up.

So, two questions:

Why did I need to specify the subnet in the static route when there was reachability using a static default route?

Why did I not need to configure a static route that included the subnet in both R1 and R3? Putting in the static route in R1 (to 20.20.20.8/30) brought up bgp in R1 and R3. I still had the quad 0 default route in R3. No static route to 10.10.10.4/30 was configured in R3.

R1#show run | sec r b
router bgp 1
no synchronization
bgp log-neighbor-changes
neighbor 20.20.20.10 remote-as 2
neighbor 20.20.20.10 ebgp-multihop 2
no auto-summary
!
ip route 0.0.0.0 0.0.0.0 10.10.10.6
ip route 20.20.20.8 255.255.255.252 Serial2/0

R3#sh run | sec r b
router bgp 2
no synchronization
bgp log-neighbor-changes
neighbor 10.10.10.5 remote-as 1
neighbor 10.10.10.5 ebgp-multihop 2
no auto-summary
!
ip route 0.0.0.0 0.0.0.0 20.20.20.9

Hello Andy

I’ll respond to both posts here.

BGP shouldn’t have a problem to function over a serial link. If you’re still using the appropriate IP addresses on the interfaces, things should work as expected. Verify that there is no issue somewhere else in your configuration.

Multihop BGP will form a BGP adjacency as long as there is routing between the devices, whether that comes from a default route or a more specific static route. Now when you say “bgp comes up” do you mean that the adjacency was formed or that the specific route was placed in the BGP table?

In order for a route to be placed in the BGP table, it requires both the network and subnet mask to exist within the routing table, whether this is obtained from a static route or a dynamic routing protocol. In this case, the 20.20.20.8/30 subnet will be included in the BGP table only when the destination and subnet match exactly.

Can you clarify what you see in your setup so that we can further troubleshoot?

I hope this has been helpful!

Laz

Hello,

As far as the network setup goes, there’s no issue. The adjacency is there and I see the routes I expect to see. I’m just trying to figure out how to setup Wireshark so I can see all the “behind the scenes” activity going on with BGP. That’s where my trouble lies. Are there certain filters (beyond just simply “bgp”) I need to use in Wireshark to see the all the BGP messages going on?

Thanks,

Andy

Hi Andy,

If you want everything from BGP, just use “bgp” as a filter. I usually just right mouse-click the things I want to see, then use “Apply as filter” and “Selected”. If needed, I edit the filter in the toolbar. This is easier than trying to remember the different filter names.

“bgp” is easy to remember but something like “arp.src.hw_mac” to get the sender MAC address of an ARP request is a pain.

Once you have all bgp traffic, you can always add additional filters to zoom in on specific things you want to see.

Rene

Hello,
i tried to recreate the first example with loopbacks at R1 and R3. I created static routes for both loopbacks from R1->R3 (e.g ip route 3.3.3.3 255.255.255.255 192.168.12.2), R3->R1 and R2->R1(e.g ip route 1.1.1.1 255.255.255.255 192.168.12.1), R2->R3 and used the proper configuration with update-source command. When configuration ended adjacency went up and also when i tried to advertise the loopbacks of R1 and R3 they both managed to learn each others and put them at their RIB. However with show ip bgp command i can see tha they don’t have the correct next hop or AS-path, it’s like R2 is totally ignored. As a result ping gives 0/5.

Thanks Rene. I’ll give that a try.

Hello George

Can you share the next hop and AS-path information that you see in the show ip bgp command?

Keep in mind as well that when you use loopbacks instead of the physical interfaces, you will have to add one hop to the e-bgp-multihop command. This is because to get from loopback to loopback in the specific topology, you are traversing all three routers rather than just two. This can also be seen in the second example Rene has in the lesson. I don’t know if this is a problem in your implementation, but it’s something to look into.

I hope this has been helpful!

Laz

Hi René and staff,

in this lab

imagine (just for training) you don’t use “ebgp-multihop” when you try to form an eBGP peer relation between the loopback interfaces

1. from the perspective of R1: if connected-check is enabled (default behavior) => BGP on R1 do nothing because 2.2.2.2 does not belong to its connected networks

2. so (just for training again) disable connected-check => now BGP on R1 will try to form a peer relation with 2.2.2.2, but this is not possible, and i try to understand exactly why

here is a capture

Image17.jpg938×400 117 KB

we see that R1 try to establish a TCP session with 2.2.2.2 on port 179 from 1.1.1.1 The TTL in this packet is 1
But we see that R2 refuse the connection (RST), why ?

So this is not a problem of TTL: the initial packet from R1 reached 2.2.2.2 (it was not dropped) and this interface made a response with a reset = connection refused

So, ebgp-multihop solved this issue: (OK) but i dont understand exactly why because this is not a hop (TTL) problem
Could you help me to understand ?

Hello Dominique

In this scenario, you are attempting to make the 1.1.1.1 and 2.2.2.2 loopbacks neighbours. The distance between these two loopback interfaces is two hops. If you were to use the IP address of Fa0/0 or Fa 0/1, then the distance between the neighbours would be 1 hop. For this reason, using the loopback addresses requires us to use the multihop feature to increase the TTL and to allow the packet to reach the router.

Now, it is important to realize that it doesn’t matter which interface of the destination router you are attempting to make the BGP peering with. It could be the Fa0/1 interface or the loopback interface, it won’t actually increase the hops and the result would be the same. What BGP actually does is if it receives a packet with a TTL of 1, it considers it invalid because if it was to be routed, TTL would be decremented and it would be dropped. So the 2.2.2.2 interface actually responds stating that this is too far for us to create a peering, thus I refuse your request. If the peering was three hops for example, the request would never reach the intended router and thus you would see no refusal for connection at all.

I hope this has been helpful!

Laz

**** Looking for advise… stilll a novice****
Hello Lazaros,
This 2 hops would only count if we are thinking of reaching loopback of R1 from loopback of R2… right? I mean … [loopbkr2… 2nd hop…] R1—1st hop—R2…[loopbckr1]…is this correct ?

The reason i m focussing on this again is cause, I made a scenario in lab as below
(loop4.4.4.4)-A ----20.1.1.1/30— B----10.1.1.1/30–C- (loop3.3.3.3)
All are reachable only via static routes. Can ping from c-b-A and vice versa.
1)When peering wit BGP… A was kept in AS 1…& C in AS2
2)Initially i only made BGP cmds on A towards C’s loopback…peering never comes up

*Jan 30 23:35:53.035: BGP: 3.3.3.3 Active open failed - tcb is not available, open active delayed 11264ms (35000ms max, 60% jitter)
*Jan 30 23:35:53.035: BGP: ses global 3.3.3.3 (0x6AF6B210:0) act Reset (Active open failed).
*Jan 30 23:35:53.047: BGP: 3.3.3.3 active went from Active to Idle
*Jan 30 23:35:53.047: BGP: nbr global 3.3.3.3 Active open failed - open timer running
*Jan 30 23:35:53.047: BGP: nbr global 3.3.3.3 Active open failed - open timer running

config on A

A#sh run | sec bgp
router bgp 1
 bgp log-neighbor-changes
 neighbor 3.3.3.3 remote-as 2
 neighbor 3.3.3.3 ebgp-multihop 2 <-- Tied changing this to 3 as well
 neighbor 3.3.3.3 update-source LoopbackX

This question is to the point in this article that BGP creates ONE way relationship unlike other protocols?

3)Then I created config on C

C#sh run | sec bgp
router bgp 2
 bgp log-neighbor-changes
 neighbor 4.4.4.4 remote-as 1
 neighbor 4.4.4.4 ebgp-multihop 2

& BGP comes UP on A

 3.3.3.3 (0x6AF6B210:0) act Enhanced Refresh cap received in open message
*Jan 30 23:38:06.267: BGP: 3.3.3.3 active rcvd OPEN w/ optional parameter type 2 (Capability) len 6
*Jan 30 23:38:06.267: BGP: 3.3.3.3 active OPEN has CAPABILITY code: 65, length 4
*Jan 30 23:38:06.267: BGP: 3.3.3.3 active OPEN has 4-byte ASN CAP for: 30
*Jan 30 23:38:06.267: BGP: nbr global 3.3.3.3 neighbor does not have IPv4 MDT topology activated
*Jan 30 23:38:06.267: BGP: 3.3.3.3 active rcvd OPEN w/ remote AS 30, 4-byte remote AS 30
*Jan 30 23:38:06.267: BGP: 3.3.3.3 active went from OpenSent to OpenConfirm
*Jan 30 23:38:06.267: BGP: 3.3.3.3 active went from OpenConfirm to Established
*Jan 30 23:38:06.267: BGP: ses global 3.3.3.3 (0x6AF6B210:1) act Assigned ID
*Jan 30 23:38:06.267: BGP: ses global 3.3.3.3 (0x6AF6B210:1) Up
*Jan 30 23:38:06.267: %BGP-5-ADJCHANGE: neighbor 3.3.3.3 Up
*Jan 30 23:38:06.267: BGP: ses global 3.3.3.3 (0x6AF6B210:1) read request no-op

Even if I just create a BGP AS 3 process on C, it doesnt come UP
Why does this happen ???
& why does this setup work with just 2 multihops, per your description of multihops on this article, you said, each diff subnet is a multihop. so shudnt this work with 3 ebgp multihop cmd at the least ?

Hello Sahil

Yes this is correct. Keep in mind that the TTL is always decremented upon egress of the packet from the router. In this case however, R1 is the creator of the traffic, therefore it doesn’t decrement the TTL before it sends it out, but is sent with TTL=2. R2 receives the packet, and sends it out of its looback and decrements the TTL to 1 making the packet still valid when it reaches the loopback.

Now, to clarify, BGP peers can only form of both peers are properly configured. You cannot have a “one way” peering where you configure BGP on router A and expect it to peer with router C if that router hasn’t been configured. If you notice in the lesson, the neighbor command including the ebgp-multihop keyword must be configured on both routers for peering to come up. This is the case regardless of what the ebgp-multihop value will be.

I hope this has been helpful!

Laz

Hello Team,

Thanks for such a wonderful explanation but I am having one doubt that suppose their are two routers one in United States and other one in Europe and if they want to have a ebgp peering using multihop then how would they figure out that how many hops are their in between those two?

Regards
Varun

Hello Varun

First off, it is not common practice to create a multihop scenario between routers that are so far away. In essence, the number of hops can change at any moment, and will actually be different depending on the path taken between the two routers. In general, it’s a good idea to avoid multihop whenever possible on the Internet. It’s more of a design issue rather than an issue of technical capabilities.

Having said that, it is always possible to set the multihop to a high enough value to encompass all possibilities. You can set it to 50 or even to its maximum of 255 so you won’t have a problem with peering. However, this should be done with great caution as this could open up many security issues. One way to resolve them is to use TTL security which is further described in the following Cisco document:

I hope this has been helpful!

Laz

Thank you so much Laz.

sir i am confuse in ebgp multihope ?

• sir what happen if 2 non bgp routers between 2 bgp routers so what will be the configuration
• sir how will i know that i have to set ebgp multihop 2 for establishing neighbor adjacency may be more then 2 non bgp router between 2 bgp routers . please tell me how we can decide what will be ebgp multihop ?

Hello Harshit

In order for eBGP multihop to function, the routers between the BGP routers that are to become neighbors don’t need to be running BGP. So you can have non BGP routers between your neighbors. The only prerequisite is that there is a working route between the two BGP routers so that communication between them can occur. eBGP multihop uses only the TTL values to ensure that a BGP adjacency will form.

BGP multihop should only be used between routers for which you know the number of hops between them. You can find out more about this from the following relevant post:

I hope this has been helpful!

Laz

Nice explanation Rene!