BGP + Route map + Next Hop

Have a question or want to start a discussion? Post it! No Registration Necessary.  Now with pictures!

Threaded View
David Sudjiman's Avatar (by Gravatar) posted on
January 17, 2007, 8:03 am
rate this thread
Reply to this post Reply Tag this thread to save it in your account Save Printer-friendly version of this post Print
Hi,

I created these routers with below configuration

R1===================R2

R1 connected to R2 with DTE-DCE serial.

hostname R1
!
interface Loopback0
  ip address 131.108.1.1 255.255.255.0
  ip policy route-map FROM-131.108.1.1-TO-131.108.3.1
!
interface Loopback1
  ip address 131.108.4.1 255.255.255.0
  ip policy route-map FROM-131.108.4.1-TO-131.108.6.1
!
interface Serial0
  ip address 131.108.2.1 255.255.255.252
  no fair-queue
!
interface Serial1
  ip address 131.108.5.1 255.255.255.252
  clockrate 56000
!
router bgp 1
  bgp log-neighbor-changes
  network 131.108.1.0 mask 255.255.255.0
  network 131.108.4.0 mask 255.255.255.0
  neighbor 131.108.2.2 remote-as 2
  neighbor 131.108.5.2 remote-as 2
!
access-list 100 permit icmp host 131.108.1.1 host 131.108.3.1
access-list 101 permit icmp host 131.108.4.1 host 131.108.6.1
route-map FROM-131.108.1.1-TO-131.108.3.1 permit 10
  match ip address 100
  set ip next-hop 131.108.2.2
!
route-map FROM-131.108.4.1-TO-131.108.6.1 permit 10
  match ip address 101
  set ip next-hop 131.108.5.2

=========================

hostname R2
!
interface Loopback0
  ip address 131.108.3.1 255.255.255.0
!
interface Loopback1
  ip address 131.108.6.1 255.255.255.0
!
interface Serial0
  ip address 131.108.2.2 255.255.255.252
  no fair-queue
  clockrate 56000
!
interface Serial1
  ip address 131.108.5.2 255.255.255.252
!
router bgp 2
  bgp log-neighbor-changes
  network 131.108.3.0 mask 255.255.255.0
  network 131.108.6.0 mask 255.255.255.0
  neighbor 131.108.2.1 remote-as 1
  neighbor 131.108.5.1 remote-as 1

=============================

R1#sh ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
        D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
        N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
        E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
        i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS
level-2
        ia - IS-IS inter area, * - candidate default, U - per-user
static route
        o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

      131.108.0.0/16 is variably subnetted, 6 subnets, 2 masks
B       131.108.6.0/24 [20/0] via 131.108.2.2, 00:28:55
C       131.108.5.0/30 is directly connected, Serial1
C       131.108.4.0/24 is directly connected, Loopback1
B       131.108.3.0/24 [20/0] via 131.108.2.2, 00:28:55
C       131.108.2.0/30 is directly connected, Serial0
C       131.108.1.0/24 is directly connected, Loopback0
R1#sh ip bgp
BGP table version is 5, local router ID is 131.108.4.1
Status codes: s suppressed, d damped, h history, * valid, > best, i -
internal
Origin codes: i - IGP, e - EGP, ? - incomplete

    Network          Next Hop            Metric LocPrf Weight Path
*> 131.108.1.0/24   0.0.0.0                  0         32768 i
*  131.108.3.0/24   131.108.5.2              0             0 2 i
*>                  131.108.2.2              0             0 2 i
*> 131.108.4.0/24   0.0.0.0                  0         32768 i
*  131.108.6.0/24   131.108.5.2              0             0 2 i
*>                  131.108.2.2              0             0 2 i

========================================================

When I tried to ping from 131.108.4.1 to 131.108.6.1, the route-map
didn't pickup anything.

R1#debug ip policy
Policy routing debugging is on
R1#ping
Protocol [ip]:
Target IP address: 131.108.6.1
Repeat count [5]:
Datagram size [100]:
Timeout in seconds [2]:
Extended commands [n]: y
Source address or interface: 131.108.4.1
Type of service [0]:
Set DF bit in IP header? [no]:
Validate reply data? [no]:
Data pattern [0xABCD]:
Loose, Strict, Record, Timestamp, Verbose[none]:
Sweep range of sizes [n]:
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 131.108.6.1, timeout is 2 seconds:
Packet sent with a source address of 131.108.4.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 36/36/40 ms
R1#u all
R1#debug ip packet
IP packet debugging is on
R1#ping
Protocol [ip]:
Target IP address: 131.108.6.1
Repeat count [5]:
Datagram size [100]:
Timeout in seconds [2]:
Extended commands [n]: y
Source address or interface: 131.108.4.1
Type of service [0]:
Set DF bit in IP header? [no]:
Validate reply data? [no]:
Data pattern [0xABCD]:
Loose, Strict, Record, Timestamp, Verbose[none]:
Sweep range of sizes [n]:
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 131.108.6.1, timeout is 2 seconds:
Packet sent with a source address of 131.108.4.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 52/73/124 ms
R1#
00:40:46: IP: tableid=0, s=131.108.4.1 (local), d=131.108.6.1 (Serial0),
routed via RIB
00:40:46: IP: s=131.108.4.1 (local), d=131.108.6.1 (Serial0), len 100,
sending
00:40:46: IP: tableid=0, s=131.108.6.1 (Serial0), d=131.108.4.1
(Loopback1), routed via RIB
00:40:46: IP: s=131.108.6.1 (Serial0), d=131.108.4.1, len 100, rcvd 4
00:40:46: IP: tableid=0, s=131.108.4.1 (local), d=131.108.6.1 (Serial0),
routed via RIB
00:40:46: IP: s=131.108.4.1 (local), d=131.108.6.1 (Serial0), len 100,
sending
00:40:46: IP: tableid=0, s=131.108.6.1 (Serial0), d=131.108.4.1
(Loopback1), routed via RIB
00:40:46: IP: s=131.108.6.1 (Serial0), d=131.108.4.1, len 100, rcvd 4
00:40:46: IP: tableid=0, s=131.108.4.1 (local), d=131.108.6.1 (Serial0),
routed via RIB
00:40:46: IP: s=131.108.4.1 (local), d=131.108.6.1 (Serial0), len 100,
sending
00:40:46: IP: tableid=0, s=131.108.6.1 (Serial0), d=131.108.4.1
(Loopback1), routed via RIB
00:40:46: IP: s=131.108.6.1 (Serial0), d=131.108.4.1, len 100, rcvd 4
00:40:46: IP: tableid=0, s=131.108.4.1 (local), d=131.108.6.1 (Serial0),
routed via RIB
00:40:46: IP: s=131.108.4.1 (local), d=131.108.6.1 (Serial0), len 100,
sending
00:40:46: IP: tableid=0, s=131.108.6.1 (Serial0), d=131.108.4.1
(Loopback1), routed via RIB
00:40:46: IP: s=131.108.6.1 (Serial0), d=131.108.4.1, len 100, rcvd 4
00:40:46: IP: tableid=0, s=131.108.4.1 (local), d=131.108.6.1 (Serial0),
routed via RIB
00:40:46: IP: s=131.108.4.1 (local), d=131.108.6.1 (Serial0), len 100,
sending
00:40:46: IP: tableid=0, s=131.108.6.1 (Serial0), d=131.108.4.1
(Loopback1), routed via RIB
00:40:46: IP: s=131.108.6.1 (Serial0), d=131.108.4.1, len 100, rcvd 4

==================================

What I want were:

any ICMP from 131.108.1.1 to 131.108.3.1 will be delivered using route
131.108.1.1-131.108.2.1-131.108.2.2-131.108.3.1

any ICMP from 131.108.4.1 to 131.108.6.1 will be delivered using route
131.108.4.1-131.108.5.1-131.108.5.2-131.108.6.1

1. Where was the wrong part of configuration?
2. Why?
3. How can I fix it?

--
thx
David Sudjiman

http://www.davidsudjiman.info


 
Steve's Avatar (by Gravatar) posted on
January 17, 2007, 1:43 pm
Permalink
Reply to this post Reply Tag this thread to save it in your account Save Printer-friendly version of this post Print
Re: BGP + Route map + Next Hop
David,

    I didn't look over your config carefully, but I'm not sure that route
maps will work when applied to the loopback interface.  I have always
applied them to the incoming physical interface.

Regards,
Steve
www.networking-forum.com


Quoted text here. Click to load it




 
Gabriele Beltrame's Avatar (by Gravatar) posted on
January 17, 2007, 3:07 pm
Permalink
Reply to this post Reply Tag this thread to save it in your account Save Printer-friendly version of this post Print
Re: BGP + Route map + Next Hop
Hi,

I'm not sure either; if loopback traffic is considered "local" then you
could use "ip local policy route-map <map name>" to policy route locally
generated traffic.

Regards,
Gabriele

Quoted text here. Click to load it




 
John Agosta's Avatar (by Gravatar) posted on
January 17, 2007, 4:23 pm
Permalink
Reply to this post Reply Tag this thread to save it in your account Save Printer-friendly version of this post Print
Re: BGP + Route map + Next Hop

Quoted text here. Click to load it

Not sure if the above suggestion for "local" policy will do the trick, but
the following will:
Put a PC on the ethernet port of your router, and place the policy map on
the ethernet.
Ping from your PC.....




 
David Sudjiman's Avatar (by Gravatar) posted on
January 17, 2007, 8:27 pm
Permalink
Reply to this post Reply Tag this thread to save it in your account Save Printer-friendly version of this post Print
Re: BGP + Route map + Next Hop
David Sudjiman wrote:
Quoted text here. Click to load it

Thx to Steve, Gabriele, and John.

I thought that was the problem, couldn't be simpler :-)

Let me try that and let you guys know.

--
thx
David Sudjiman

http://www.davidsudjiman.info


 
David Sudjiman's Avatar (by Gravatar) posted on
January 17, 2007, 10:55 pm
Permalink
Reply to this post Reply Tag this thread to save it in your account Save Printer-friendly version of this post Print
Re: BGP + Route map + Next Hop
David Sudjiman wrote:
Quoted text here. Click to load it

Well, I tried by using e0 and put my laptop. The icmp packet goes to the
  destined network but not going through the path I want.

However, one thing that confuse me. It worked using "ip local policy".
Can somebody explain to me why I can't using per interface ip policy?

--
thx
David Sudjiman

http://www.davidsudjiman.info


 
John Agosta's Avatar (by Gravatar) posted on
January 18, 2007, 5:11 pm
Permalink
Reply to this post Reply Tag this thread to save it in your account Save Printer-friendly version of this post Print
Re: BGP + Route map + Next Hop

Quoted text here. Click to load it

Assuming the route map was re-written correctly to reflect what was
happening at the new location (e0),
I don't see why having your PBR statement on the inbound interface wouldn't
have worked.....




 
David Sudjiman's Avatar (by Gravatar) posted on
January 23, 2007, 9:07 am
Permalink
Reply to this post Reply Tag this thread to save it in your account Save Printer-friendly version of this post Print
Re: BGP + Route map + Next Hop
I've created a diagram and several info if you keen to help

I have two routers that connected back-to-back using two serials. I also
have each e0 on each router (R1 and R2) configured. both routers are
using BGP AS 1 and BGP as 2, respectively. What I’m trying to do next is
to make any ICMP packets from R1’s e0 going to path R1E0-R1S1-R2S1-R2E0.
I’m using route-map and next hop to achieve this.

The problem is why can’t I use ip policy route-map on the interface yet
I have to use ip LOCAL policy route-map to do this?

http://www.davidsudjiman.info/?p=149

--
thx
David Sudjiman

http://www.davidsudjiman.info


 
David Sudjiman's Avatar (by Gravatar) posted on
January 23, 2007, 1:14 pm
Permalink
Reply to this post Reply Tag this thread to save it in your account Save Printer-friendly version of this post Print
Case Closed Re: BGP + Route map + Next Hop
Case closed. Explanation on http://www.davidsudjiman.info/?p=149

--
thx
David Sudjiman

http://www.davidsudjiman.info


 
Gabriele Beltrame's Avatar (by Gravatar) posted on
January 23, 2007, 1:25 pm
Permalink
Reply to this post Reply Tag this thread to save it in your account Save Printer-friendly version of this post Print
Re: BGP + Route map + Next Hop


Hi,

Policy routing applied to an interface is only taken in consideration =
for traffic entering that interface and not for locally generated =
traffic ( for locally generated traffic you use ip local policy )

Your ping trest from the Windows box connected to e0/0 probably failed =
due to an error in route-map ( e.g access-list 100 permit icmp host =
20.20.20.1 host 10.10.10.1 )

Try something like this:
Applying that route map to either e0/0 and as "local policy" should give =
you a consistent result

-------------------------------------------------------------------

 

Site Timeline