Solved

How do I configure iBGP on my border routers?

Posted on 2010-08-30
3
446 Views
Last Modified: 2012-05-10
Hi,

We run VRRP on the inside of our Juniper border routers, and I've had a static 0.0.0.0/0 254 route pointing from each router to the other in the case that the BGP sessions on the primary router go down (say the fibre gets cut), but the router itself stays up (meaning it's still the VRRP master and receiving the traffic with nowhere to go).

This lets traffic flow into the vrrp master (router 0) and then through to router 1, then out to the world.

This works ok.

I would like to swap this to iBGP instead of static routes, but because our upstream advertise us a 0.0.0.0/0 route in the bgp feed (along with lots of other routes) its causing problems.

Basically router 1 receives the bgp feed containing it's 0.0.0.0 - 111.x.x.x route which comes in at a 100 local pref, and it also has a 0.0.0.0 - 192.168.1.2 (local interface)  254 pref configured locally.

Local config:
 route 0.0.0.0/0 {
            next-hop 192.168.1.2;
            preference 254;
        }

Open in new window



I then use iBGP to advertise the 0.0.0.0 route to router0, but because the upstream's default route is a lower pref, it will advertise that (0.0.0.0 111.x.x.x), instead of my intended one (0.0.0.0 - 192.168.1.2).

This means that if router0 drops its bgp session with the upstream, it will have a route from router1 saying 0.0.0.0 111.x.x.x which is useless as it can't reach that 111.x.x.x due to the connection drop.


I've tired this:
policy-statement exportdefault {
        term default {
            from {
                route-filter 0.0.0.0/0 exact {
                    next-hop 192.168.1.2;
                }
            }
            then accept;
        }
        term else {
            then reject;
        }
    }

Open in new window


But that doesn't work.

How do I force router1 to send 0.0.0.0 192.168.1.2 instead of 0.0.0.0 111.x.x.x.x?


Thanks,
0
Comment
Question by:nwteam
  • 2
3 Comments
 
LVL 32

Expert Comment

by:harbor235
ID: 33569197


You should be sending default via your IGP not via iBGP.

harbor235 ;}
0
 
LVL 28

Expert Comment

by:mikebernhardt
ID: 33569649
That is a very common problem. In Cisco, there's a neighbor command which is "next-hop-self." This tells the router to advertise itself as the next hop to an iBGP neighbor which is not the default, as you discovered.
0
 
LVL 32

Accepted Solution

by:
harbor235 earned 500 total points
ID: 33571994

The issue you are describing is not a problem, it is the way BGP was designed. BGP was never designed that way because it's an EGP, an IGP was designed to perform that routing function. Now I agree that next-hop-self is a way to extend BGP to provide that functionality, I guess I am a old school and like segmentation between my EGP and IGP, they really do provide unique services within your routing domain.

If you add the external link that you peer with into ospf as well as sending default (make it passive), then you do not have to worry about next-hop-self. Next-hop-self is a way to correct the problem as Mike states but I would not do it that way.

harbor235 ;}



0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

Suggested Solutions

In the world of WAN, QoS is a pretty important topic for most, if not all, networks. Some WAN technologies have QoS mechanisms built in, but others, such as some L2 WAN's, don't have QoS control in the provider cloud.
Data center, now-a-days, is referred as the home of all the advanced technologies. In-fact, most of the businesses are now establishing their entire organizational structure around the IT capabilities.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now