problem with unnumbered BGP

  • 1
  • Question
  • Updated 5 months ago
I have configured eBGP between cumulus switches but the switch does not advertise the Networks which it has  learned by eBGP to the another peers (neighbors)


and here is the configuration:

net add interface swp49-54

net add loopback lo ip address 172.20.0.6/32

net add interface eth0 ip address dhcp

net add hostname rcore2

net add interface eth0,swp51-54 ipv6 nd ra-interval 10

net del interface eth0,swp51-54 ipv6 nd suppress-ra

net add routing service integrated-vtysh-config

net add routing log syslog informational

net add bgp autonomous-system 65003

net add bgp router-id 30.0.0.2

net add bgp bestpath as-path multipath-relax

net add bgp bestpath compare-routerid

net add bgp neighbor FABRIC peer-group

net add bgp neighbor FABRIC remote-as external

net add bgp neighbor FABRIC capability extended-nexthop

net add bgp neighbor swp49 interface peer-group FABRIC

net add bgp neighbor swp50 interface peer-group FABRIC

net add bgp neighbor swp51 interface peer-group FABRIC

net add bgp neighbor swp52 interface peer-group FABRIC

net add bgp neighbor swp53 interface peer-group FABRIC

net add bgp neighbor swp54 interface peer-group FABRIC

net add bgp ipv4 unicast network 172.20.0.0/16
Photo of Mouhanad Alnaif

Mouhanad Alnaif

  • 124 Points 100 badge 2x thumb

Posted 5 months ago

  • 1
Photo of Sergei Hanus

Sergei Hanus

  • 506 Points 500 badge 2x thumb
Well, the info provided is insufficient to tell anything.
1. On which port does your neighbor leave?
2. Do all neighbors not receive updates, or just some of them?
3. How do you know, that neighbor is not receiving the update? Which commands do you use?
Photo of Mouhanad Alnaif

Mouhanad Alnaif

  • 124 Points 100 badge 2x thumb
the neighbors are connected per swp51, swp52, swp53 and swp54.
yes all neighbors not receive updates, 
I have used the command net show route 

and the result as followed:

show ip route
=============
Codes: K - kernel route, C - connected, S - static, R - RIP,
       O - OSPF, I - IS-IS, B - BGP, P - PIM, E - EIGRP, N - NHRP,
       T - Table, v - VNC, V - VNC-Direct, A - Babel,
       > - selected route, * - FIB route

K>* 0.0.0.0/0 via 192.168.0.254, eth0
C>* 172.20.0.6/32 is directly connected, lo
C>* 192.168.0.0/24 is directly connected, eth0


show ipv6 route
===============
Codes: K - kernel route, C - connected, S - static, R - RIPng,
       O - OSPFv3, I - IS-IS, B - BGP, N - NHRP, T - Table,
       v - VNC, V - VNC-Direct, A - Babel,
       > - selected route, * - FIB route

C * fe80::/64 is directly connected, swp51
C * fe80::/64 is directly connected, swp52
C * fe80::/64 is directly connected, swp54
C * fe80::/64 is directly connected, eth0
C>* fe80::/64 is directly connected, swp53



and I have used the commad 

net show bgp ipv4 unicast neighbor swp51 received-routes

to see if there are updates received from the neighbor that per swp1 connected and the result as followed :

% Inbound soft reconfiguration not enabled


and the result of command net show bgp as followed:



show bgp ipv4 unicast
=====================
BGP table version is 33, local router ID is 30.0.0.2
Status codes: s suppressed, d damped, h history, * valid, > best, = multipath,
              i internal, r RIB-failure, S Stale, R Removed
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
   172.20.0.0       0.0.0.0                  0         32768 i

Displayed  1 routes and 1 total paths


show bgp ipv6 unicast
=====================
No BGP prefixes displayed, 0 exist


 
Photo of Eelco Nieuwstad

Eelco Nieuwstad

  • 220 Points 100 badge 2x thumb
the net command for routing is a bit buggy. I recommend running vtysh and do all the routing verification there.
Photo of Sergei Hanus

Sergei Hanus

  • 506 Points 500 badge 2x thumb
Ok, you say "the switch does not advertise the Networks which it has  learned by eBGP to the another peers ".
Could you confirm, that the output of 'net show bgp'  is from the switch you are referring to (from which routes are not sent further)
If yes, then the route should be marked as active in order to be advertized. If it's not marked (and I don't see it) - then by some reason it's invalid. For example, next hop, which is being received from ebgp neighbor might not be accessible.

Also, send 'net show bgp summary' to verify bgp neighbors established


(Edited)
Photo of Mouhanad Alnaif

Mouhanad Alnaif

  • 124 Points 100 badge 2x thumb
the problem is just the switch can't ping the second switch in the same AS but can ping the another  AS.


Problem with unnumbered eBGP : the switch can’t ping the second switch in the same AS but can ping the others they in another AS.

(bcore1 can ping fcore1, fcore2, rcore1 and rcore2 but can’t ping bcore2)

 

I have configured eBGP on 6 switches:

 

 

Autonomous System 65002

 

 Fcore1 loopback 172.20.0.3/32

 Fcore2 loopback 172.20.0.4/32

 

Autonomous System 65003

 

 Rcore1 loopback 172.20.0.5/32

 Rcore2 loopback 172.20.0.6/32

 

Autonomous System 65001

 Bcore1 loopback 172.20.0.1/32

 Bcore2 loopback 172.20.0.2/32

 

 

The configuration of the switchs as followed:

 

 

Switch bcore1:

 

net add interface swp49-54

net add loopback lo ip address 172.20.0.1/32

net add interface eth0 ip address dhcp

net add hostname bcore1

net add interface eth0,swp51-54 ipv6 nd ra-interval 10

net del interface eth0,swp51-54 ipv6 nd suppress-ra

net add routing service integrated-vtysh-config

net add routing log syslog informational

net add bgp autonomous-system 65001

net add bgp router-id 20.0.0.1

net add bgp bestpath as-path multipath-relax

net add bgp bestpath compare-routerid

net add bgp neighbor FABRIC peer-group

net add bgp neighbor FABRIC remote-as external

net add bgp neighbor FABRIC capability extended-nexthop

net add bgp neighbor swp49 interface peer-group FABRIC

net add bgp neighbor swp50 interface peer-group FABRIC

net add bgp neighbor swp51 interface peer-group FABRIC

net add bgp neighbor swp52 interface peer-group FABRIC

net add bgp neighbor swp53 interface peer-group FABRIC

net add bgp neighbor swp54 interface peer-group FABRIC

net add bgp ipv4 unicast network 172.20.0.0/16

net add bgp ipv4 unicast network 172.20.0.1/32

 

 

switch bcore2:

 

net add interface swp49-54

net add loopback lo ip address 172.20.0.2/32

net add interface eth0 ip address dhcp

net add hostname bcore2

net add interface eth0,swp51-54 ipv6 nd ra-interval 10

net del interface eth0,swp51-54 ipv6 nd suppress-ra

net add routing service integrated-vtysh-config

net add routing log syslog informational

net add bgp autonomous-system 65001

net add bgp router-id 20.0.0.2

net add bgp bestpath as-path multipath-relax

net add bgp bestpath compare-routerid

net add bgp neighbor FABRIC peer-group

net add bgp neighbor FABRIC remote-as external

net add bgp neighbor FABRIC capability extended-nexthop

net add bgp neighbor swp49 interface peer-group FABRIC

net add bgp neighbor swp50 interface peer-group FABRIC

net add bgp neighbor swp51 interface peer-group FABRIC

net add bgp neighbor swp52 interface peer-group FABRIC

net add bgp neighbor swp53 interface peer-group FABRIC

net add bgp neighbor swp54 interface peer-group FABRIC

net add bgp ipv4 unicast network 172.20.0.0/16

net add bgp ipv4 unicast network 172.20.0.2/32

 

 

Switch fcore1

 

 

net add interface etho,swp49-54

net add loopback lo ip address 172.20.0.3/32

net add interface eth0 ip address dhcp

net add hostname fcore1

net add interface eth0,swp51-54 ipv6 nd ra-interval 10

net del interface eth0,swp51-54 ipv6 nd suppress-ra

net add routing service integrated-vtysh-config

net add routing log syslog informational

net add bgp autonomous-system 65002

net add bgp router-id 40.0.0.1

net add bgp bestpath as-path multipath-relax

net add bgp bestpath compare-routerid

net add bgp neighbor FABRIC peer-group

net add bgp neighbor FABRIC remote-as external

net add bgp neighbor FABRIC capability extended-nexthop

net add bgp neighbor swp49 interface peer-group FABRIC

net add bgp neighbor swp50 interface peer-group FABRIC

net add bgp neighbor swp51 interface peer-group FABRIC

net add bgp neighbor swp52 interface peer-group FABRIC

net add bgp neighbor swp53 interface peer-group FABRIC

net add bgp neighbor swp54 interface peer-group FABRIC

net add bgp ipv4 unicast network 172.20.0.0/16

net add bgp ipv4 unicast network 172.20.0.3/32

 

 

the result of the command net Show route on bcore2 switch as followed:

 

 

show ip route

=============

Codes: K - kernel route, C - connected, S - static, R - RIP,

       O - OSPF, I - IS-IS, B - BGP, P - PIM, E - EIGRP, N - NHRP,

       T - Table, v - VNC, V - VNC-Direct, A - Babel,

       > - selected route, * - FIB route

 

K>* 0.0.0.0/0 via 192.168.0.254, eth0

C>* 172.20.0.2/32 is directly connected, lo

B>* 172.20.0.3/32 [20/0] via fe80::4638:39ff:fe00:f, swp51, 02:57:21

B>* 172.20.0.4/32 [20/0] via fe80::4638:39ff:fe00:2, swp52, 02:56:16

B>* 172.20.0.6/32 [20/0] via fe80::4638:39ff:fe00:14, swp54, 02:53:51

C>* 192.168.0.0/24 is directly connected, eth0

 

 

show ipv6 route

===============

Codes: K - kernel route, C - connected, S - static, R - RIPng,

       O - OSPFv3, I - IS-IS, B - BGP, N - NHRP, T - Table,

       v - VNC, V - VNC-Direct, A - Babel,

       > - selected route, * - FIB route

 

C * fe80::/64 is directly connected, swp54

C * fe80::/64 is directly connected, swp51

C * fe80::/64 is directly connected, swp53

C * fe80::/64 is directly connected, swp52

C>* fe80::/64 is directly connected, eth0

 

The result of command net show bgp on bcore2 as followed:

 

show bgp ipv4 unicast

=====================

BGP table version is 33, local router ID is 20.0.0.2

Status codes: s suppressed, d damped, h history, * valid, > best, = multipath,

              i internal, r RIB-failure, S Stale, R Removed

Origin codes: i - IGP, e - EGP, ? - incomplete

 

   Network          Next Hop            Metric LocPrf Weight Path

   172.20.0.0       0.0.0.0                  0         32768 i

*> 172.20.0.2/32    0.0.0.0                  0         32768 i

*  172.20.0.3/32    swp53                                  0 65003 65002 i

*                   swp54                                  0 65003 65002 i

*>                  swp51                    0             0 65002 i

*  172.20.0.4/32    swp54                                  0 65003 65002 i

*                   swp53                                  0 65003 65002 i

*>                  swp52                    0             0 65002 i

*  172.20.0.6/32    swp52                                  0 65002 65003 i

*                   swp51                                  0 65002 65003 i

*>                  swp54                    0             0 65003 i

 

Displayed  5 routes and 11 total paths



the result of command net show bgp summary as followed:


show bgp ipv4 unicast summary
=============================
BGP router identifier 20.0.0.2, local AS number 65001 vrf-id 0
BGP table version 33
RIB entries 8, using 1152 bytes of memory
Peers 6, using 122 KiB of memory
Peer groups 1, using 64 bytes of memory

Neighbor        V         AS MsgRcvd MsgSent   TblVer  InQ OutQ  Up/Down State/PfxRcd
swp49           4          0       0       0        0    0    0    never         Idle
swp50           4          0       0       0        0    0    0    never         Idle
fcore1(swp51)   4      65002  351239  351237        0    0    0 01w5d04h            2
fcore2(swp52)   4      65002  351199  351198        0    0    0 6d21h30m            2
rcore1(swp53)   4      65003  351238  351239        0    0    0 01w5d04h            2
rcore2(swp54)   4      65003  351240  351237        0    0    0 01w5d04h            3

Total number of neighbors 6


show bgp ipv6 unicast summary
=============================

show bgp l2vpn evpn summary
===========================


Photo of Sergei Hanus

Sergei Hanus

  • 506 Points 500 badge 2x thumb
As I understand, you gave the output of "net show bgp summary" from bcore2, right?
Then, it hasn't established bgp session with bcore1.
Probably, because it's on interface 49-50, which doesn't have ra enabled:
net add interface eth0,swp51-54 ipv6 nd ra-interval 10
Photo of Mouhanad Alnaif

Mouhanad Alnaif

  • 124 Points 100 badge 2x thumb

yes the Output of command net Show bgp summary on the bcore2 .

there are no direct connection between the switches at the same AS


Photo of Sergei Hanus

Sergei Hanus

  • 506 Points 500 badge 2x thumb
Aha, then,  my guess would be that the route from as65001 is advertized to 65002 and 65003, then it gets readvertized back to as65001 - and gets blocked by bgp loop prevention mechanism, as it already contains 65001 in as-path
(Edited)