I ran into an issue while doing BGP confederations today. In the topology below, I was seeing sub-AS 65013 in the AS PATH on R5 for routes to VLAN4. I found out the problem but I decided to post this so if you ever see this issue, you can tell what it looks like.
VLAN4--R4---[[R1---R3]---[R2]]---R5--VLAN5 and 58
R4 = AS 3
R1,R3 = sub-AS 65013, AS 2
R2 = sub-AS 65002, AS 2
R5 = AS 1
VLAN4 = 204.1.12.0
VLAN5 = 155.1.5.0
VLAN58 = 155.1.58.0
Study the outputs below. Notice that R5 still sees sub-AS 65013 in it's routes to R4. The AS PATH should be: 2 3. What is the error I made?
-------------------------------------------------------------------------------
In the below output, R4 sees R5's VLAN coming from AS 1 and AS 2. There is no way of telling these come from condeferations.
R4#show ip bgp
BGP table version is 20, local router ID is 4.4.4.4
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 155.1.5.0/24 155.1.146.1 0 2 1 i
*> 155.1.58.0/24 155.1.146.1 0 2 1 i
*> 204.12.1.0 0.0.0.0 0 32768 i
R4#
-------------------------------------------------------------------------------
R1 sees both of R5's VLANS as coming from AS 1 and sub-AS 65002. R1 is confederation peer with sub-AS 65002.
R1#show ip bgp
BGP table version is 8, local router ID is 155.1.146.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*>i155.1.5.0/24 155.1.23.2 0 100 0 (65002) 1 i
*>i155.1.58.0/24 155.1.23.2 0 100 0 (65002) 1 i
*> 204.12.1.0 155.1.146.4 0 0 3 i
R1#
-------------------------------------------------------------------------------
R3 sees the same thing as R1.
R3#show ip bgp
BGP table version is 8, local router ID is 155.1.37.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 155.1.5.0/24 155.1.23.2 0 100 0 (65002) 1 i
*> 155.1.58.0/24 155.1.23.2 0 100 0 (65002) 1 i
*>i204.12.1.0 155.1.13.1 0 100 0 3 i
R3#
-------------------------------------------------------------------------------
R2 sees R5's vlan as originating from AS 1. It also sees R4's VLAN as coming from AS 3 and AS 65013 - not sure why there isn't parenthesis around 65013 in this case...
R2#sho ip bgp
BGP table version is 4, local router ID is 155.1.23.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 155.1.5.0/24 155.1.0.5 0 0 1 i
*> 155.1.58.0/24 155.1.0.5 0 0 1 i
*> 204.12.1.0 155.1.13.1 0 100 0 65013 3 i
R2#
-------------------------------------------------------------------------------
Here are R5 sees R4's VLAN as coming throigh AS 3 65013 and then from AS 2. Why is 65013 appearing?
R5#show ip bgp
BGP table version is 22, local router ID is 5.5.5.5
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 155.1.5.0/24 0.0.0.0 0 32768 i
*> 155.1.58.0/24 0.0.0.0 0 32768 i
*> 204.12.1.0 155.1.0.2 0 2 65013 3 i
R5#
-------------------------------------------------------------------------------
It turns out the error was on R3:
router bgp 65013
no synchronization
bgp log-neighbor-changes
bgp confederation peers 65002
neighbor 155.1.13.1 remote-as 65013
neighbor 155.1.23.2 remote-as 65002
I dont have a bgp confederation identifier!
Let's fix it:
R3(config)#router bgp 65013
R3(config-router)#bgp confederation identifier 2
That's much better:
R5#show ip bg
BGP table version is 24, local router ID is 5.5.5.5
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 155.1.5.0/24 0.0.0.0 0 32768 i
*> 155.1.58.0/24 0.0.0.0 0 32768 i
*> 204.12.1.0 155.1.0.2 0 2 3 i
VLAN4--R4---[[R1---R3]---[R2]]---R5--VLAN5 and 58
R4 = AS 3
R1,R3 = sub-AS 65013, AS 2
R2 = sub-AS 65002, AS 2
R5 = AS 1
VLAN4 = 204.1.12.0
VLAN5 = 155.1.5.0
VLAN58 = 155.1.58.0
Study the outputs below. Notice that R5 still sees sub-AS 65013 in it's routes to R4. The AS PATH should be: 2 3. What is the error I made?
-------------------------------------------------------------------------------
In the below output, R4 sees R5's VLAN coming from AS 1 and AS 2. There is no way of telling these come from condeferations.
R4#show ip bgp
BGP table version is 20, local router ID is 4.4.4.4
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 155.1.5.0/24 155.1.146.1 0 2 1 i
*> 155.1.58.0/24 155.1.146.1 0 2 1 i
*> 204.12.1.0 0.0.0.0 0 32768 i
R4#
-------------------------------------------------------------------------------
R1 sees both of R5's VLANS as coming from AS 1 and sub-AS 65002. R1 is confederation peer with sub-AS 65002.
R1#show ip bgp
BGP table version is 8, local router ID is 155.1.146.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*>i155.1.5.0/24 155.1.23.2 0 100 0 (65002) 1 i
*>i155.1.58.0/24 155.1.23.2 0 100 0 (65002) 1 i
*> 204.12.1.0 155.1.146.4 0 0 3 i
R1#
-------------------------------------------------------------------------------
R3 sees the same thing as R1.
R3#show ip bgp
BGP table version is 8, local router ID is 155.1.37.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 155.1.5.0/24 155.1.23.2 0 100 0 (65002) 1 i
*> 155.1.58.0/24 155.1.23.2 0 100 0 (65002) 1 i
*>i204.12.1.0 155.1.13.1 0 100 0 3 i
R3#
-------------------------------------------------------------------------------
R2 sees R5's vlan as originating from AS 1. It also sees R4's VLAN as coming from AS 3 and AS 65013 - not sure why there isn't parenthesis around 65013 in this case...
R2#sho ip bgp
BGP table version is 4, local router ID is 155.1.23.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 155.1.5.0/24 155.1.0.5 0 0 1 i
*> 155.1.58.0/24 155.1.0.5 0 0 1 i
*> 204.12.1.0 155.1.13.1 0 100 0 65013 3 i
R2#
-------------------------------------------------------------------------------
Here are R5 sees R4's VLAN as coming throigh AS 3 65013 and then from AS 2. Why is 65013 appearing?
R5#show ip bgp
BGP table version is 22, local router ID is 5.5.5.5
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 155.1.5.0/24 0.0.0.0 0 32768 i
*> 155.1.58.0/24 0.0.0.0 0 32768 i
*> 204.12.1.0 155.1.0.2 0 2 65013 3 i
R5#
-------------------------------------------------------------------------------
It turns out the error was on R3:
router bgp 65013
no synchronization
bgp log-neighbor-changes
bgp confederation peers 65002
neighbor 155.1.13.1 remote-as 65013
neighbor 155.1.23.2 remote-as 65002
I dont have a bgp confederation identifier!
Let's fix it:
R3(config)#router bgp 65013
R3(config-router)#bgp confederation identifier 2
That's much better:
R5#show ip bg
BGP table version is 24, local router ID is 5.5.5.5
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 155.1.5.0/24 0.0.0.0 0 32768 i
*> 155.1.58.0/24 0.0.0.0 0 32768 i
*> 204.12.1.0 155.1.0.2 0 2 3 i