Search this Blog

Wednesday, October 2, 2013

EBGP multihop 3 command


If we pair up two routers using EBGP using loopbacks as the source and one router between them, the ebgp-multihop 2 command lets them come up as neighbors. This should not work however as they are more than 2 hops away.

For example we have the following network:

bgp question.png
The configuration on each router is:

ROUTER 1
----------
interface Loopback1
ip address 1.1.1.1 255.255.255.255
!
interface Serial0/0
ip address 80.80.80.1 255.255.255.0
clock rate 2000000
!
router bgp 1
no synchronization
bgp log-neighbor-changes
neighbor 2.2.2.2 remote-as 2
neighbor 2.2.2.2 ebgp-multihop 2
neighbor 2.2.2.2 update-source Loopback1
no auto-summary
!
ip route 2.2.2.2 255.255.255.255 Serial0/0

ROUTER 2
----------
interface Loopback1
ip address 2.2.2.2 255.255.255.255
!
interface Serial0/1
ip address 90.90.90.1 255.255.255.0
clock rate 2000000
!
router bgp 2
no synchronization
bgp log-neighbor-changes
neighbor 1.1.1.1 remote-as 1
neighbor 1.1.1.1 ebgp-multihop 2
neighbor 1.1.1.1 update-source Loopback1
no auto-summary
!
ip route 1.1.1.1 255.255.255.255 Serial0/1

ROUTER 3
----------
interface Serial0/0
ip address 80.80.80.2 255.255.255.0
clock rate 2000000
!
interface Serial0/1
ip address 90.90.90.2 255.255.255.0
clock rate 2000000
!
ip route 1.1.1.1 255.255.255.255 Serial0/0
ip route 2.2.2.2 255.255.255.255 Serial0/1
!

In this instance the neighbor ship comes up. Should we need ebgp-multihop 3 to get this working?

No, they aren't. They are just 2 hops away. You must count routers, not links. When sending packets to a distant router, with respect to the hop count, it is irrelevant which of the destination router's IP addresses you are talking to. In your case, when R1 sends a packet with TTL=2 towards R3, the TTL gets decremented on R2 to TTL=1 and the packet arrives to R3. There, the packet is not routed anymore because it has already been delivered to the destination device, so the TTL is not decremented on R3 anymore.

I believe that a part of this confusion stems from the fact that even if you have two routers connected back to back and run EBGP between them, you are told to use ebgp-multihop 2 if you are peering them using their loopbacks. This creates a notion as if talking to the opposite router's loopback involved decrementing the TTL. However, there is a totally different and slightly hidden agenda inside: Cisco's BGP implementation makes two precautions when establishing EBGP neighbor-ships:

1.    It checks whether the client is on a directly connected network. If it is not, it does not even try to establish the relationship. This check can be deactivated on a per-neighbor basis using the neighbor disable-connected-check
2.  It sets the TTL of packets carrying BGP messages to 1, unless the ebgp-multihop is configured. If the ebgp-multihop is configured, the router automatically and implicitly behaves to the neighbor as if the disable-connected-check was configured. In other words, using ebgp-multi hop automatically implies disable-connected-check


In fact, the disable-connected-check was created precisely for the purpose of peering two back-to-back routers on their loop backs without using the ebgp-multihop. So in other words, if you're talking to a directly connected EBGP neighbor by its loop back address, you are perfectly fine with TTL=1 (i.e. don't use the ebgp-multihop), just use the disable-connected-checkand the peering will come up.

Citation - This blog post does not reflect original content from the author. Rather it summarizes content that are relevant to the topic from different sources in the web. The sources might include any online discussion boards, forums, websites and others.

No comments :

Post a Comment

 
/* Google Analytics begin ----------------------------------------------- */ /* Google Analytics end ----------------------------------------------- */