trojan81
asked on
BGP synchornization
Hello BGP experts.
Scenario:
RTR-A has EBGP session with ISP-A (AS7000)
RTR-B has EBGP session with ISP-B (AS8000)
RTR-A and RTR-B have IBGP session between each other (AS6000) and peer to a route reflector.
Both RTRs have NO Synchornization and advertising 50.50.50.0/20 to their directly connected ISP.
Question: If I disconnect the IBGP link on RTR-A, will it still advertise 50.50.50.0/20 to ISP-A? Keep in mind there is NO Synchronization under router BGP
Scenario:
RTR-A has EBGP session with ISP-A (AS7000)
RTR-B has EBGP session with ISP-B (AS8000)
RTR-A and RTR-B have IBGP session between each other (AS6000) and peer to a route reflector.
Both RTRs have NO Synchornization and advertising 50.50.50.0/20 to their directly connected ISP.
Question: If I disconnect the IBGP link on RTR-A, will it still advertise 50.50.50.0/20 to ISP-A? Keep in mind there is NO Synchronization under router BGP
ASKER
RFC,
Yes A and B are the originating routers.
What if I turn on synchronization on RTR-A and cut off it's IBGP connection. So that means it will only have an EBGP connection to the service provider. Will it still advertise 50.50.50.0/20 to the ISP or will that stop?
Yes A and B are the originating routers.
What if I turn on synchronization on RTR-A and cut off it's IBGP connection. So that means it will only have an EBGP connection to the service provider. Will it still advertise 50.50.50.0/20 to the ISP or will that stop?
Yes, both routers will still advertise the route
ASKER
rfc,
I witnessed a few weeks ago that when RTR-A has "NO SYNC" and loses it's IBGP link, it will still advertise 50.50.50.0/20. Traffic will try to come back through ISP-A and get dropped because RTR-A no longer has a connection to the internal network.
However, with SYNC enabled, it will stop advertising that network out to ISP-A. Thus, traffic will come back in through ISP-B through RTR-B and make it back to the internal network because it still has it's IBGP connection in tact.
Does that sound right?
I witnessed a few weeks ago that when RTR-A has "NO SYNC" and loses it's IBGP link, it will still advertise 50.50.50.0/20. Traffic will try to come back through ISP-A and get dropped because RTR-A no longer has a connection to the internal network.
However, with SYNC enabled, it will stop advertising that network out to ISP-A. Thus, traffic will come back in through ISP-B through RTR-B and make it back to the internal network because it still has it's IBGP connection in tact.
Does that sound right?
do you have a network diagram with the RR; I need a complete picture of how the network is configured along with the configs please.
Thanks
Billy
Thanks
Billy
by the way, it does not make sense, that is why I am asking for a network diagram along with the configs. Also I need to see the RR in relation to the clients and where the upstreams connect to in your network.
Billy
Billy
ASKER
Billy,
Unfortunately I don't have the ability to get configs because as a Jr. engineer, they do not allow me access to that piece of the network. I just watch over their shoulders.
Just looking at old emails and I made a mistake in the explanation.
RTR-A and RTR-B do not peer to a route reflector. Their inside facing interfaces (GI0/1) connect to a layer 2 switch and run HSRP.
What I observed was when GI0/1 went out on RTR-A with the NO SYNC config, it will still advertise to ISP-A and all internet traffic will stop. However, with SYNC enabled, it will no longer advertise to ISP-A and RTR-B-ISP-B will handle the internet.
Unfortunately I don't have the ability to get configs because as a Jr. engineer, they do not allow me access to that piece of the network. I just watch over their shoulders.
Just looking at old emails and I made a mistake in the explanation.
RTR-A and RTR-B do not peer to a route reflector. Their inside facing interfaces (GI0/1) connect to a layer 2 switch and run HSRP.
What I observed was when GI0/1 went out on RTR-A with the NO SYNC config, it will still advertise to ISP-A and all internet traffic will stop. However, with SYNC enabled, it will no longer advertise to ISP-A and RTR-B-ISP-B will handle the internet.
> However, with SYNC enabled, it will no longer advertise to ISP-A and RTR-B-ISP-B will handle the internet.
This tells me that RTR-A and RTR-B do NOT have a pull-up route (Typically to null0); it appears that IGP is used to send the routes to all neighbors. This is typically not best practice as you can clearly see why. The routers that are the originating routers should have a pull-up route (static route to null0) so in the even that IGP is having issues, the routers are still advertised upstream. There are several ways to accomplish advertising the routes via BGP.
http://www.pacnog.org/pacnog1/day4/b0-6up.pdf
The comments not best practice should be take with a grain of salt; there are several ways to design BGP and IGP to accomplish several things, and depending on the topology, this is more than likely at one point considered best practice or was the only way to accomplish the task. The pull-up route is very important and should not be in IGP, as a matter of fact, aggregate routes and customer routes should not be in BGP, only internal ifrastructure such as PtP links and loopback, etc. All others should be in BGP to be considered best practice.
Billy
This tells me that RTR-A and RTR-B do NOT have a pull-up route (Typically to null0); it appears that IGP is used to send the routes to all neighbors. This is typically not best practice as you can clearly see why. The routers that are the originating routers should have a pull-up route (static route to null0) so in the even that IGP is having issues, the routers are still advertised upstream. There are several ways to accomplish advertising the routes via BGP.
http://www.pacnog.org/pacnog1/day4/b0-6up.pdf
The comments not best practice should be take with a grain of salt; there are several ways to design BGP and IGP to accomplish several things, and depending on the topology, this is more than likely at one point considered best practice or was the only way to accomplish the task. The pull-up route is very important and should not be in IGP, as a matter of fact, aggregate routes and customer routes should not be in BGP, only internal ifrastructure such as PtP links and loopback, etc. All others should be in BGP to be considered best practice.
Billy
ASKER
RFC,
AS I understood and also by looking at after configs, simply by putting in SYNC in RTR-A under BGP, RTR A no longer advertises the 50.50.50.0/20 network after it loses it's IBGP connection.
This fixes the issue because now traffic is not trying to come back through RTR-A and will thus go through RTR-B.
Does that sound correct to you?
AS I understood and also by looking at after configs, simply by putting in SYNC in RTR-A under BGP, RTR A no longer advertises the 50.50.50.0/20 network after it loses it's IBGP connection.
This fixes the issue because now traffic is not trying to come back through RTR-A and will thus go through RTR-B.
Does that sound correct to you?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I appreciate your response Billy. What you proposed makes better sense.
You have no included whether or not A and B are the originating routers of 50.50.50.0/20; I am assuming they are.
Yes, of course it will; disabling synchronization prevents BGP from validating iBGP routes. I think you are missing the point of what sync is and what it provides; Synchronization states that, if your AS passes traffic from another AS to a third AS, BGP should not advertise a route before all the routers in your AS have learned about the route via IGP
Source: http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a00800c95bb.shtml#synch