[c-nsp] Re: Source address on BGP peering set up

Piltrafilla piltrafilla at gmail.com
Tue Jan 18 03:33:23 EST 2005


Hi Michael, 

I set up two separate neighbor statements for each of the two IP
addresses. The problem is that is not possible to have both of the BGP
sessions established, the one based on secondary addresses doesn't go
up because it uses the primary IP address to establish the peering.

Regards,

On Mon, 17 Jan 2005 19:30:35 -0800, Michael K. Smith <mksmith at noanet.net> wrote:
> Hello:
> 
> Am I missing something, or why couldn't you just set up two separate
> neighbor statements for the two IP addresses?
> 
> Neighbor 10.0.0.1 remote-as 65000
> Neighbor 192.168.0.1 remote-as 65000
> 
> Mike
> 
> On 1/17/05 3:59 PM, "Piltrafilla" <piltrafilla at gmail.com> wrote:
> 
> > Hi Brian,
> >
> > If I correctly understood your explanation, you mean that I should
> > replace primary IP address on peering interface, then configuring the
> > old IP address on a loopback and finally setting up static routes to
> > neighbors to peering interface. Isn't on that way?
> >
> > For keeping ARP going on with neighbors, in case they do not have the
> > same config as you, I suppose that proxy-arp should be configured. And
> > I do not really like that option.
> >
> > Thanks for your reply, :)
> >
> > On Mon, 17 Jan 2005 10:39:04 -0600, Brian Feeny <signal at shreve.net> wrote:
> >>
> >> I can understand that you are doing a migration from one network to
> >> another.
> >> However, there are probably easier ways of doing this.  Migrate the
> >> network, and then
> >> later migrate the BGP neighbors, in other words, leave them numbered
> >> out of legacy space
> >> until the last thing.
> >>
> >> or
> >>
> >> Use a loopback address on the Cisco, number that out of the new IP
> >> space, or just some other
> >> IP space, and use that as the update-source.
> >>
> >> Brian
> >>
> >> On Jan 17, 2005, at 10:27 AM, Piltrafilla wrote:
> >>
> >>> Hi people,
> >>>
> >>> First of all, thank you for all your replies, I'm sorry for the delay
> >>> in my answer.
> >>>
> >>> With your feedback I have tried a BGP peering on my home lab between a
> >>> Cisco and OpenBSD bgpd:
> >>>
> >>> Cisco
> >>>   primary 10.0.0.1
> >>>   secondary 192.168.0.1
> >>> OpenBSD
> >>>  primary 10.0.0.2
> >>>  secondary 192.168.0.2
> >>>
> >>> On OpenBSD bgpd configuration I have set up local-address for peer
> >>> 10.0.0.1:
> >>>
> >>>    neighbor 10.0.0.1
> >>>    {
> >>>        local-address           10.0.0.2
> >>>        remote-as                65500
> >>>    }
> >>>
> >>> After configuration on both sides, I did a clear ip bgp 192.168.0.2 on
> >>> the Cisco side to force reestablishing the peering as a client
> >>> (ephemeral to 179). That's the tcpdump on the OpenBSD side:
> >>>
> >>> 10.0.0.1.15357 > 192.168.0.2.179: S 2018010072:2018010072(0) win 16384
> >>> 10.0.0.1.15357 > 192.168.0.2.179: S 2018010072:2018010072(0) win 16384
> >>>
> >>> Although Cisco router has a connected secondary IP to peer
> >>> 192.168.0.2, Cisco tries to set up the peering with the primary
> >>> address.
> >>>
> >>> A few seconds later, OpenBSD successfully establishes peering with the
> >>> Cisco box as a client (ephemeral to 179) because of the possibility of
> >>> configuring local-address:
> >>>
> >>> 192.168.0.2.46380 > 192.168.0.1.179: S 957503115:957503115(0) win 65535
> >>> 192.168.0.1.179 > 192.168.0.2.46380: S 949964186:949964186(0) ack
> >>> 957503116 win 16384
> >>> 192.168.0.2.46380 > 192.168.0.1.179: . ack 1 win 65535
> >>> 192.168.0.2.46380 > 192.168.0.1.179: P 1:40(39) ack 1 win 65535 : BGP
> >>> [|BGP OPEN] (DF) [tos 0xc0]
> >>>
> >>> I know that for many of you, this config could seem in someway really
> >>> stupid. That config was thought for a temporary peer migration not for
> >>> a definitive config.
> >>>
> >>> Any comments on the results?
> >>>
> >>> Take Care,
> >>>
> >>> -- Carlos
> >>>
> >>> On Fri, 14 Jan 2005 15:34:32 +0000 (GMT), Stephen J. Wilcox
> >>> <steve at telecomplete.co.uk> wrote:
> >>>> I thought I'd chip in as everyone else has had a go at this..
> >>>>
> >>>> On Fri, 14 Jan 2005, Piltrafilla wrote:
> >>>>
> >>>>> Anyone knows how BGP on a Cisco router choose source IP address for
> >>>>> peering
> >>>>> establishment if no "update-source" command is applied to neighbor?
> >>>>> Is it only
> >>>>> the primary IP address on the closest interface to neighbor?
> >>>>
> >>>> update-source will use the primary address, if no update source is
> >>>> applied it
> >>>> will use the ip on the outgoing interface
> >>>>
> >>>>> For instance, let's say that you would like to set up a peering
> >>>>> using a
> >>>>> secondary IP address to between two directly-connected neighbors. Is
> >>>>> it
> >>>>> setting up loopbacks, static /32 routes and update-source on the
> >>>>> neighbors'
> >>>>> config the only way to do it?
> >>>>
> >>>> no you can just config it like any other ebgp directly connected peer
> >>>>
> >>>>> On bgpd of OpenBSD you could set up a "local-address" parameter per
> >>>>> neighbor or group that sets up source IP address used for that
> >>>>> peering. I haven't found any similar parameter on cisco bgp
> >>>>> neighbors'
> >>>>> config.
> >>>>
> >>>> it doesnt have it
> >>>>
> >>>> Steve
> >>>>
> 
>


More information about the cisco-nsp mailing list