[c-nsp] Re: Source address on BGP peering set up

Michael K. Smith mksmith at noanet.net
Tue Jan 18 11:52:38 EST 2005 

Have you tried using the "maximum-paths 2" command on the Cisco side?  I'm
not sure about the OpenBSD side.

Mike

On 1/18/05 12:33 AM, "Piltrafilla" <piltrafilla at gmail.com> wrote:

> Hi Michael, 
> 
> I set up two separate neighbor statements for each of the two IP
> addresses. The problem is that is not possible to have both of the BGP
> sessions established, the one based on secondary addresses doesn't go
> up because it uses the primary IP address to establish the peering.
> 
> Regards,
> 
> On Mon, 17 Jan 2005 19:30:35 -0800, Michael K. Smith <mksmith at noanet.net>
> wrote:
>> Hello:
>> 
>> Am I missing something, or why couldn't you just set up two separate
>> neighbor statements for the two IP addresses?
>> 
>> Neighbor 10.0.0.1 remote-as 65000
>> Neighbor 192.168.0.1 remote-as 65000
>> 
>> Mike
>> 
>> On 1/17/05 3:59 PM, "Piltrafilla" <piltrafilla at gmail.com> wrote:
>> 
>>> Hi Brian,
>>> 
>>> If I correctly understood your explanation, you mean that I should
>>> replace primary IP address on peering interface, then configuring the
>>> old IP address on a loopback and finally setting up static routes to
>>> neighbors to peering interface. Isn't on that way?
>>> 
>>> For keeping ARP going on with neighbors, in case they do not have the
>>> same config as you, I suppose that proxy-arp should be configured. And
>>> I do not really like that option.
>>> 
>>> Thanks for your reply, :)
>>> 
>>> On Mon, 17 Jan 2005 10:39:04 -0600, Brian Feeny <signal at shreve.net> wrote:
>>>> 
>>>> I can understand that you are doing a migration from one network to
>>>> another.
>>>> However, there are probably easier ways of doing this.  Migrate the
>>>> network, and then
>>>> later migrate the BGP neighbors, in other words, leave them numbered
>>>> out of legacy space
>>>> until the last thing.
>>>> 
>>>> or
>>>> 
>>>> Use a loopback address on the Cisco, number that out of the new IP
>>>> space, or just some other
>>>> IP space, and use that as the update-source.
>>>> 
>>>> Brian
>>>> 
>>>> On Jan 17, 2005, at 10:27 AM, Piltrafilla wrote:
>>>> 
>>>>> Hi people,
>>>>> 
>>>>> First of all, thank you for all your replies, I'm sorry for the delay
>>>>> in my answer.
>>>>> 
>>>>> With your feedback I have tried a BGP peering on my home lab between a
>>>>> Cisco and OpenBSD bgpd:
>>>>> 
>>>>> Cisco
>>>>>   primary 10.0.0.1
>>>>>   secondary 192.168.0.1
>>>>> OpenBSD
>>>>>  primary 10.0.0.2
>>>>>  secondary 192.168.0.2
>>>>> 
>>>>> On OpenBSD bgpd configuration I have set up local-address for peer
>>>>> 10.0.0.1:
>>>>> 
>>>>>    neighbor 10.0.0.1
>>>>>    {
>>>>>        local-address           10.0.0.2
>>>>>        remote-as                65500
>>>>>    }
>>>>> 
>>>>> After configuration on both sides, I did a clear ip bgp 192.168.0.2 on
>>>>> the Cisco side to force reestablishing the peering as a client
>>>>> (ephemeral to 179). That's the tcpdump on the OpenBSD side:
>>>>> 
>>>>> 10.0.0.1.15357 > 192.168.0.2.179: S 2018010072:2018010072(0) win 16384
>>>>> 10.0.0.1.15357 > 192.168.0.2.179: S 2018010072:2018010072(0) win 16384
>>>>> 
>>>>> Although Cisco router has a connected secondary IP to peer
>>>>> 192.168.0.2, Cisco tries to set up the peering with the primary
>>>>> address.
>>>>> 
>>>>> A few seconds later, OpenBSD successfully establishes peering with the
>>>>> Cisco box as a client (ephemeral to 179) because of the possibility of
>>>>> configuring local-address:
>>>>> 
>>>>> 192.168.0.2.46380 > 192.168.0.1.179: S 957503115:957503115(0) win 65535
>>>>> 192.168.0.1.179 > 192.168.0.2.46380: S 949964186:949964186(0) ack
>>>>> 957503116 win 16384
>>>>> 192.168.0.2.46380 > 192.168.0.1.179: . ack 1 win 65535
>>>>> 192.168.0.2.46380 > 192.168.0.1.179: P 1:40(39) ack 1 win 65535 : BGP
>>>>> [|BGP OPEN] (DF) [tos 0xc0]
>>>>> 
>>>>> I know that for many of you, this config could seem in someway really
>>>>> stupid. That config was thought for a temporary peer migration not for
>>>>> a definitive config.
>>>>> 
>>>>> Any comments on the results?
>>>>> 
>>>>> Take Care,
>>>>> 
>>>>> -- Carlos
>>>>> 
>>>>> On Fri, 14 Jan 2005 15:34:32 +0000 (GMT), Stephen J. Wilcox
>>>>> <steve at telecomplete.co.uk> wrote:
>>>>>> I thought I'd chip in as everyone else has had a go at this..
>>>>>> 
>>>>>> On Fri, 14 Jan 2005, Piltrafilla wrote:
>>>>>> 
>>>>>>> Anyone knows how BGP on a Cisco router choose source IP address for
>>>>>>> peering
>>>>>>> establishment if no "update-source" command is applied to neighbor?
>>>>>>> Is it only
>>>>>>> the primary IP address on the closest interface to neighbor?
>>>>>> 
>>>>>> update-source will use the primary address, if no update source is
>>>>>> applied it
>>>>>> will use the ip on the outgoing interface
>>>>>> 
>>>>>>> For instance, let's say that you would like to set up a peering
>>>>>>> using a
>>>>>>> secondary IP address to between two directly-connected neighbors. Is
>>>>>>> it
>>>>>>> setting up loopbacks, static /32 routes and update-source on the
>>>>>>> neighbors'
>>>>>>> config the only way to do it?
>>>>>> 
>>>>>> no you can just config it like any other ebgp directly connected peer
>>>>>> 
>>>>>>> On bgpd of OpenBSD you could set up a "local-address" parameter per
>>>>>>> neighbor or group that sets up source IP address used for that
>>>>>>> peering. I haven't found any similar parameter on cisco bgp
>>>>>>> neighbors'
>>>>>>> config.
>>>>>> 
>>>>>> it doesnt have it
>>>>>> 
>>>>>> Steve
>>>>>> 
>> 
>>

More information about the cisco-nsp mailing list