[c-nsp] bgp weird issue

Reinhold Fischer Reinhold.Fischer at gmx.net
Sun Nov 30 15:42:00 EST 2008 

hi john,

is the /29 address-block assigned by ISPA and staticall routed to
you only by ISPA?
Does the connectivity problem only exist from networks that you reach
preferrably through ISPB?

If so, then could it be that ISPB has packet filters applied
that drop packets with the source of the /29 network? To ISPB traffic from
the /29 network looks like illegal traffic since the packets have a source
IP other than the networks you announce with BGP.

regards

Reinhold



On Sun, Nov 30, 2008 at 08:32:39PM +0200, mm-tech wrote:
> Hi guys,
> 
> I'm having this weird issue with BGP and I was wondering if you could help.
> 
> Topology:
> - 2 X cisco 1800 series routers, both connected to 2 different ISPs:
> Router1 -> ISPA and RouterB -> ISPB
> - Router1 and Router2 are directly connected
> - on Router1 receiving only the default route from ISPA
> - on Router2 receiving customer routes from ISPB
> - announcing a /23 address block through both ISPA and ISPB (91.195.X.X)
> 
> The connectivity with ISPA is being done using a /30 subnet
> (interconnected subnets): ISPA(172.28.164.17/30) ->
> router1(172.28.164.18/30). Also, I have a /29 public address space on
> router1 (62.217.X.X) routed through the /30 subnet. The default gw for
> Router1 received via eBGP is 62.217.w.w and I have added a static route
> for it:
>  ip route 62.217.w.w 255.255.255.255 172.28.164.17
> 
> That's how ISPA has it's network configured and I cannot change anything.
> 
> The connectivity with ISPB is simple: only a /32 ip address on Router2:
> 89.149.X.X
> 
> BGP config Router1:
> 
> router bgp myASN
>  no synchronization
>  bgp router-id 62.217.X.X
>  bgp log-neighbor-changes
>  network 91.195.X.0 mask 255.255.254.0
>  neighbor 62.217.X.X remote-as ASN_ISPA
>  neighbor 62.217.X.X ebgp-multihop 8
>  neighbor 62.217.X.X soft-reconfiguration inbound
>  neighbor 62.217.X.X filter-list 10 out
>  neighbor 91.195.y.1 remote-as myASN
>  neighbor 91.195.y.1 next-hop-self
>  no auto-summary
> 
> ip as-path access-list 10 permit ^$
> 
> BGP config Router2:
> 
> router bgp myASN
>  no synchronization
>  bgp router-id 89.149.X.X
>  bgp log-neighbor-changes
>  network 91.195.X.0 mask 255.255.254.0
>  neighbor 89.149.X.X remote-as ASN_ISPB
>  neighbor 89.149.X.X filter-list 10 out
>  neighbor 91.195.z.1 remote-as myASN
>  neighbor 91.195.z.1 next-hop-self
>  no auto-summary
> 
> ip as-path access-list 10 permit ^$
> 
> The issue is after I configure the iBGP relationship between Router1 and
> Router2: connectivity to the 62.217.X.X/29 subnet on Router1 is lost. It
> cannot be pinged anymore from outside. The 91.195.X.X/23 is announced
> correctly through both ISPs and any IP in this /23 subnet is pingable from
> outside. They only problem is with the 62.217.X.X/29 block that becomes
> unreachable after configuring the iBGP relationship and I don't understand
> why this is happening.
> 
> Sorry for the long post and I hope you'll give me some hints -:)
> 
> Thanks,
> John
> 
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/

More information about the cisco-nsp mailing list