#

Saturday, August 26, 2017

Update Source Loopback of BGP Configuration

Most of the time for iGBP neighbors you will configure neighbor with a loopback address.
This is the better way to create the mesh connectivity between all iBGP neighbors.
This is sometimes can be seen where we have redundant paths to our iBGP / eBGP neighbors and if one of the physical links go down BGP neighbor relationship won’t go down..
To do this to eBGP peers we have to change the TTL value by a command and create the neighbor relationship between loopback interfaces.








 For iBGP peers

R1(config)#router bgp 1
R1(config-router)#neighbor 2.2.2.2 remote-as 1

R2(config)#router bgp 1
R2(config-router)#neighbor 1.1.1.1 remote-as 1

Routing needed to reach loopbacks..

R1(config)#ip route 2.0.0.0 255.0.0.0 10.1.1.2
R2(config)#ip route 1.0.0.0 255.0.0.0 10.1.1.1

Now let's enter update source loopback command on R1 only;

 R1(config-router)#neighbor 2.2.2.2 update-source lo0

New neighbor relationship will be formed. (if did't, clear bgp to reset neighbors)
So this means even with only 1 side, neighbor relationship can be formed. But the best practice is to do it from both sides.

The above command means, the source IP address of the BGP packets sent to R2 is the loopback of R1.. Then the correctly configured router (R1) always becomes the TCP client who starts the SYN witth the R2's loopback. So R2 replies to the source of the SYN with SYN/ACK and again R1 sends the ACK to complete TCP handshake..

For eBGP peers

You would have to enter another command to make it work for eBGP neighbors from both sides.
Assuming all other configurations working;

R1(config-router)#neighbor 2.2.2.2 ebgp-multihop 2
R2(config-router)#neighbor 1.1.1.1 ebgp-multihop 2

Now neighbors will come up. This is required because eBGP neighbors have packets with TTL value of '1' for security reasons. Above commands will change the TTL to 2.

Side Note:- You can set an eBGP peer with a not directly connected router which is far away from your location using this ebgp-multihop command. You will have to know the hop count from your router to the target router and give the multihop value larger than that.
Also you can simply disable the connected check for eBGP neighbors by the following command..

R1(config-router)#neighbor 2.2.2.2 disable-connected-check
R2(config-router)#neighbor 1.1.1.1 disable-connected-check
by at
Tags

1 comment:

  1. AnonymousOctober 26, 2018 at 5:06 AM

    It's an awesome article for all the internet people; they will get benefit from it I am sure.

    ReplyDelete

Subscribe to: Post Comments (Atom)