3/30/2018

BGP session by loopback vs combo static route

Topology:

Configuration:

 Says, in the above topology, there is 2 eBGP sessions:

 Between R0 and R1, eBGP session is by loopback address 10.255.255.1 and 10.255.255.2 respectively. No IGP involved, to make it work, we have the following configurations:

 On R0:
ip route 10.255.255.1/32 10.0.1.1 ! 10.0.1.1 = R1's intf ip address
ip route 10.255.255.1/32 10.0.1.3 ! 10.0.1.3 = R1's intf ip address
!
router bgp 65000
   maximum-paths 128
   neighbor 10.255.255.1 remote-as 65001
   neighbor 10.255.255.1 ebgp-multihop 2

 And between R0 and R2, there is an eBGP session. Also R2 advertises a prefix of 10.0.1.0/24, which is the supernet of 10.0.1.0/31

 BGP sessions are all up w/o any issues. 

 R0(s2)(config)#sh ip bgp sum
  Neighbor         V  AS           MsgRcvd   MsgSent  InQ OutQ  Up/Down State  PfxRcd PfxAcc
  10.0.2.1         4  65002            202       201    0    0 03:11:40 Estab  1      1
  10.255.255.1     4  65001           1867      1887    0    0 01:31:06 Estab  0      0

 Issue:

 Now, let's disable 1 of 2 back-to-back connections between R0 and R1. And eBGP session between R0 and R1 is down! even the 2nd connection is of no problem. 

 R0(s2)(config)#int e6/45
R0(s2)(config-if-Et6/45)#shu
R0(s2)(config-if-Et6/45)#sh ip bgp sum
BGP summary information for VRF default
Router identifier 72.129.223.37, local AS number 65000
Neighbor Status Codes: m - Under maintenance
  Neighbor         V  AS           MsgRcvd   MsgSent  InQ OutQ  Up/Down State  PfxRcd PfxAcc
  10.0.2.1         4  65002            205       204    0    0 03:14:06 Estab  1      1
  10.255.255.1     4  65001           1914      1933    0    0 00:00:05 Connect

 Why? It is because the route to 10.255.255.1 pointing to unexpected interface

 R0(s2)(config-if-Et6/45)#sh ip route 10.255.255.1
.......
 S      10.255.255.1/32 [1/0] via 10.0.2.1, Ethernet6/9 ! R0/R2 intf
                              via 10.0.1.3, Ethernet6/46

Remember the static route we created above
ip route 10.255.255.1/32 10.0.1.1 ! 10.0.1.1 = R1's intf ip address

R0(s2)(config-if-Et6/45)#sh ip route 10.0.1.1
 B E    10.0.1.0/24 [200/0] via 10.0.2.1, Ethernet6/9 ! 

 Ok, the reason is because, the static route 10.0.1.0/31 is gone after shutting down interface. Then the eBGP route from R2 kicks in and now NH 10.0.1.1 points to R2 after recursive lookup. And it builds an incorrect 2-way ECMP between 10.255.255.1 and 10.255.255.2, which creates a 50% chance of dropping packets. Then BGP is down. 

 Workaround/Solution:

 To solve this issue, we need to use combo static routes to specify the NH and egress interfaces, like:

 R0(s2)(config)#sh run | grep 10.255.255.1
ip route 10.255.255.1/32 Ethernet6/45 10.0.1.1
ip route 10.255.255.1/32 Ethernet6/46 10.0.1.3

 R0(s2)(config)#int e6/45
R0(s2)(config-if-Et6/45)#shu
R0(s2)(config-if-Et6/45)#sh ip route 10.255.255.1
 S      10.255.255.1/32 [1/0] via 10.0.1.3, Ethernet6/46

Details of "combo" static route

Posted by at
Labels: , , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)