[c-nsp] Source address on BGP peering set up

Piltrafilla piltrafilla at gmail.com
Mon Jan 24 08:02:04 EST 2005 

I just wanted to let you know that the activity I mentioned was a bug
on some platforms. I was wrong on the lab test, the results I posted
where not the ones based on c2600+bgpd lab test but on a cat6k+bgpd
one.

Thanx everyone for your replies,

--

CSCeb48064 Bug Details

Headline C2MSFC3:BGP Peer not formed with secondary address configured
Product c6msfc Model
Component bgp Duplicate of
Severity 3 Severity help Status Resolved Status help
First Found-in Version 12.2S All affected versions First Fixed-in
Version 12.0(27.3)S01, 12.2(23.9)S, 12.3(7.10)T, 12.3(7.11)

Release Notes

Condition:
If a router uses a secondary address as neighbor address the session
will not be accepted

Workaround:
Use a primary (or loopback) address for the session.



On Mon, 17 Jan 2005 10:39:04 -0600, Brian Feeny <signal at shreve.net> wrote:
> 
> I can understand that you are doing a migration from one network to
> another.
> However, there are probably easier ways of doing this.  Migrate the
> network, and then
> later migrate the BGP neighbors, in other words, leave them numbered
> out of legacy space
> until the last thing.
> 
> or
> 
> Use a loopback address on the Cisco, number that out of the new IP
> space, or just some other
> IP space, and use that as the update-source.
> 
> Brian
> 
> On Jan 17, 2005, at 10:27 AM, Piltrafilla wrote:
> 
> > Hi people,
> >
> > First of all, thank you for all your replies, I'm sorry for the delay
> > in my answer.
> >
> > With your feedback I have tried a BGP peering on my home lab between a
> > Cisco and OpenBSD bgpd:
> >
> > Cisco
> >   primary 10.0.0.1
> >   secondary 192.168.0.1
> > OpenBSD
> >  primary 10.0.0.2
> >  secondary 192.168.0.2
> >
> > On OpenBSD bgpd configuration I have set up local-address for peer
> > 10.0.0.1:
> >
> >    neighbor 10.0.0.1
> >    {
> >        local-address           10.0.0.2
> >        remote-as                65500
> >    }
> >
> > After configuration on both sides, I did a clear ip bgp 192.168.0.2 on
> > the Cisco side to force reestablishing the peering as a client
> > (ephemeral to 179). That's the tcpdump on the OpenBSD side:
> >
> > 10.0.0.1.15357 > 192.168.0.2.179: S 2018010072:2018010072(0) win 16384
> > 10.0.0.1.15357 > 192.168.0.2.179: S 2018010072:2018010072(0) win 16384
> >
> > Although Cisco router has a connected secondary IP to peer
> > 192.168.0.2, Cisco tries to set up the peering with the primary
> > address.
> >
> > A few seconds later, OpenBSD successfully establishes peering with the
> > Cisco box as a client (ephemeral to 179) because of the possibility of
> > configuring local-address:
> >
> > 192.168.0.2.46380 > 192.168.0.1.179: S 957503115:957503115(0) win 65535
> > 192.168.0.1.179 > 192.168.0.2.46380: S 949964186:949964186(0) ack
> > 957503116 win 16384
> > 192.168.0.2.46380 > 192.168.0.1.179: . ack 1 win 65535
> > 192.168.0.2.46380 > 192.168.0.1.179: P 1:40(39) ack 1 win 65535 : BGP
> > [|BGP OPEN] (DF) [tos 0xc0]
> >
> > I know that for many of you, this config could seem in someway really
> > stupid. That config was thought for a temporary peer migration not for
> > a definitive config.
> >
> > Any comments on the results?
> >
> > Take Care,
> >
> > -- Carlos
> >
> > On Fri, 14 Jan 2005 15:34:32 +0000 (GMT), Stephen J. Wilcox
> > <steve at telecomplete.co.uk> wrote:
> >> I thought I'd chip in as everyone else has had a go at this..
> >>
> >> On Fri, 14 Jan 2005, Piltrafilla wrote:
> >>
> >>> Anyone knows how BGP on a Cisco router choose source IP address for
> >>> peering
> >>> establishment if no "update-source" command is applied to neighbor?
> >>> Is it only
> >>> the primary IP address on the closest interface to neighbor?
> >>
> >> update-source will use the primary address, if no update source is
> >> applied it
> >> will use the ip on the outgoing interface
> >>
> >>> For instance, let's say that you would like to set up a peering
> >>> using a
> >>> secondary IP address to between two directly-connected neighbors. Is
> >>> it
> >>> setting up loopbacks, static /32 routes and update-source on the
> >>> neighbors'
> >>> config the only way to do it?
> >>
> >> no you can just config it like any other ebgp directly connected peer
> >>
> >>> On bgpd of OpenBSD you could set up a "local-address" parameter per
> >>> neighbor or group that sets up source IP address used for that
> >>> peering. I haven't found any similar parameter on cisco bgp
> >>> neighbors'
> >>> config.
> >>
> >> it doesnt have it
> >>
> >> Steve
> >>
> >>
> > _______________________________________________
> > cisco-nsp mailing list  cisco-nsp at puck.nether.net
> > https://puck.nether.net/mailman/listinfo/cisco-nsp
> > archive at http://puck.nether.net/pipermail/cisco-nsp/
> >
> ------------------------------------------------------------------------
> ------
> Brian Feeny, CCIE #8036, CISSP          e: signal at shreve.net
> Network Engineer                                p: 318.213.4709
> ShreveNet Inc.                                  f: 318.221.6612
> 
>

More information about the cisco-nsp mailing list