[c-nsp] Small Issue With next-hop-self for VPNv4
Piotr Marecki
peter at mareccy.org
Tue Jul 26 11:59:08 EDT 2005
On Tue, Jul 26, 2005 at 01:47:02PM +0200, Tantsura, Jeff wrote:
> It is not cisco that dictates that it's RFC1966 -
> In some implementations, modification of the BGP path attribute,
> NEXT_HOP is possible. For example, there could be a need for a RR to
> modify NEXT_HOP for EBGP learned routes sent to its internal peers.
> However, it must not be possible for an RR to set on reflected IBGP
> routes as this breaks the basic principle of Route Reflection and
> will result in potential black holeing of traffic.
>
> It's also that you are not allowed to alter BGP attributes outbound (from
> Cisco), if I recall correctly not the case for Juniper
>
> CCO:
> Using set clauses in outbound route maps modifies attributes, possibly
> creating routing loops. To avoid this, set clauses of outbound route maps
> are ignored for routes reflected to IBGP peers.
>
> Personally, I don't think you should change default behaviour, unless you
> really must too.
>
>
> --
> Jeff Tantsura CCIE# 11416
> Senior IP Network Engineer
>
Of course i'm aware of all "nice" effects that can be caused by resetting NEXT_HOP at route-reflector - however in this
particular scenario ( iBGP between PE and CE in L3VPN on Cisco ) using RR to reflect _AND_ reset NEXT_HOP to self is inevitable.
Additionally, not only NEXT_HOP attribute during PE->CE "reflection" ( or rather , redistribution from VPN-IPv4 to IPv4 family)
change is required but also altering NEXT_HOP within MP-NLRI itself is needed ( PE<->PE ). On the other hand , "other vendor"
equipment supports iBGP on CE-PE without such dirty tricks.
Also , according to my experience , setting NEXT_HOP to required value is supported on RR server through "set ip next-hop"
in route-map installed in outbound direction in at least 12.3 and 12.4 IOS trains.
regards
Piotr Marecki
More information about the cisco-nsp
mailing list