[c-nsp] bgp weird issue

Sun Nov 30 17:02:43 EST 2008

> hi john,
>
> is the /29 address-block assigned by ISPA and staticall routed to
> you only by ISPA?
> Does the connectivity problem only exist from networks that you reach
> preferrably through ISPB?
>

Yes, the /29 block is assigned by ISPA from their address space and it's
statically routed to me by them.
No, the connectivity issue occurs for both networks reachable through ISPA
or ISPB.

> If so, then could it be that ISPB has packet filters applied
> that drop packets with the source of the /29 network? To ISPB traffic from
> the /29 network looks like illegal traffic since the packets have a source
> IP other than the networks you announce with BGP.
>

I don't think ISPB has any packet filters blocking my /29 subnet, because
this /29 subnet is part of the whole ISPA address space, and ISPB has a
route to this ISPA address space...

Thanks,
john

> regards
>
> Reinhold
>
>
>
> On Sun, Nov 30, 2008 at 08:32:39PM +0200, mm-tech wrote:
>> Hi guys,
>>
>> I'm having this weird issue with BGP and I was wondering if you could
>> help.
>>
>> Topology:
>> - 2 X cisco 1800 series routers, both connected to 2 different ISPs:
>> Router1 -> ISPA and RouterB -> ISPB
>> - Router1 and Router2 are directly connected
>> - on Router1 receiving only the default route from ISPA
>> - on Router2 receiving customer routes from ISPB
>> - announcing a /23 address block through both ISPA and ISPB (91.195.X.X)
>>
>> The connectivity with ISPA is being done using a /30 subnet
>> (interconnected subnets): ISPA(172.28.164.17/30) ->
>> router1(172.28.164.18/30). Also, I have a /29 public address space on
>> router1 (62.217.X.X) routed through the /30 subnet. The default gw for
>> Router1 received via eBGP is 62.217.w.w and I have added a static route
>> for it:
>>  ip route 62.217.w.w 255.255.255.255 172.28.164.17
>>
>> That's how ISPA has it's network configured and I cannot change
>> anything.
>>
>> The connectivity with ISPB is simple: only a /32 ip address on Router2:
>> 89.149.X.X
>>
>> BGP config Router1:
>>
>> router bgp myASN
>>  no synchronization
>>  bgp router-id 62.217.X.X
>>  bgp log-neighbor-changes
>>  network 91.195.X.0 mask 255.255.254.0
>>  neighbor 62.217.X.X remote-as ASN_ISPA
>>  neighbor 62.217.X.X ebgp-multihop 8
>>  neighbor 62.217.X.X soft-reconfiguration inbound
>>  neighbor 62.217.X.X filter-list 10 out
>>  neighbor 91.195.y.1 remote-as myASN
>>  neighbor 91.195.y.1 next-hop-self
>>  no auto-summary
>>
>> ip as-path access-list 10 permit ^$
>>
>> BGP config Router2:
>>
>> router bgp myASN
>>  no synchronization
>>  bgp router-id 89.149.X.X
>>  bgp log-neighbor-changes
>>  network 91.195.X.0 mask 255.255.254.0
>>  neighbor 89.149.X.X remote-as ASN_ISPB
>>  neighbor 89.149.X.X filter-list 10 out
>>  neighbor 91.195.z.1 remote-as myASN
>>  neighbor 91.195.z.1 next-hop-self
>>  no auto-summary
>>
>> ip as-path access-list 10 permit ^$
>>
>> The issue is after I configure the iBGP relationship between Router1 and
>> Router2: connectivity to the 62.217.X.X/29 subnet on Router1 is lost. It
>> cannot be pinged anymore from outside. The 91.195.X.X/23 is announced
>> correctly through both ISPs and any IP in this /23 subnet is pingable
>> from
>> outside. They only problem is with the 62.217.X.X/29 block that becomes
>> unreachable after configuring the iBGP relationship and I don't
>> understand
>> why this is happening.
>>
>> Sorry for the long post and I hope you'll give me some hints -:)
>>
>> Thanks,
>> John
>>
>> _______________________________________________
>> cisco-nsp mailing list  cisco-nsp at puck.nether.net
>> https://puck.nether.net/mailman/listinfo/cisco-nsp
>> archive at http://puck.nether.net/pipermail/cisco-nsp/
>