Hi,
I have two routers running bird connected to two peers where one peer is my
own ISP and AS which lets us use his AS and was kind enough to allocate two
/24 for our networks so that we can have two sites in different locations
using BGP with a second ISP to be a multi-home system using only two /24.
This is our network (I hope you can understand my sketch):
Internet <-> BR1-AS1 <-> R1-AS1 <-> R2-AS1 <-> BR-AS2 <-> Internet
| | ^ ^
+> BR2-AS1 <+ +-> Net1/24 +-> Net2/24
So, our main ISP has IBGP sessions from its border-routers (BRx-AS1) to our
main router (R1-AS1) which in turn has another IBGP session with our second
router located at a remote site (R2-AS1). R2-AS1 has an BGP session with
the second ISP border router (BR-AS2).
Well, when all sessions are UP, Net1 and Net2 can reach the Internet and
each other without problems.
But, for example, if the BGP session between R2-AS1 and BR-AS2 goes down,
traffic between Net1 and Net2 continues OK, but Net2 can't reach the
Internet anymore. Or, in other words, the routes received from BRx-AS1 at
R1-AS1 are not being advertised to R2-AS1, in fact a "show protocol all" on
R1-AS1 shows its advertising only the direct connected networks and the
static routes to R2-AS1 and vice-versa:
BIRD 1.4.5 ready.
name proto table state since info
R2-AS1 BGP master up 17:39:21 Established
Router ID: x.y.w.249
Preference: 100
Input filter: ACCEPT
Output filter: ACCEPT
Routes: 5 imported, 10 exported, 2 preferred
Route change stats: received rejected filtered ignored
accepted
Import updates: 5 0 0 0
5
Import withdraws: 0 0 --- 0
0
Export updates: 527178 527168 0 ---
10
Export withdraws: 20 --- --- ---
0
BGP state: Established
Neighbor address: x.y.w.251
Neighbor AS: xxxx
Neighbor ID: x.y.w.251
Neighbor caps: refresh restart-aware AS4
Session: internal AS4
Source address: x.y.w.249
Hold timer: 188/240
Keepalive timer: 66/80
The debug shows a lot of "rejected by protocol" messages, which I can't
find a clear description of what is its meaning:
2015-02-18 16:55:48 <TRACE> kernel1 < replaced 148.208.146.0/24 via
x.y.z.29 on bond1
2015-02-18 16:55:48 <TRACE> BR1-AS1 < rejected by protocol 148.208.146.0/24
via x.y.z.29 on bond1
2015-02-18 16:55:48 <TRACE> BR2-AS1 < rejected by protocol 148.208.146.0/24
via x.y.z.29 on bond1
2015-02-18 16:55:48 <TRACE> R2-AS1 < rejected by protocol 148.208.146.0/24
via x.y.z.29 on bond1
2015-02-18 16:55:49 <TRACE> BR2-AS1 > added [best] 177.10.158.0/24 via
x.y.z.29 on bond1
2015-02-18 16:55:49 <TRACE> kernel1 < replaced 177.10.158.0/24 via x.y.z.29
on bond1
2015-02-18 16:55:49 <TRACE> BR1-AS1 < rejected by protocol 177.10.158.0/24
via x.y.z.29 on bond1
2015-02-18 16:55:49 <TRACE> BR2-AS1 < rejected by protocol 177.10.158.0/24
via x.y.z.29 on bond1
2015-02-18 16:55:49 <TRACE> R2-AS1 < rejected by protocol 177.10.158.0/24
via x.y.z.29 on bond1
2015-02-18 16:55:49 <TRACE> BR1-AS1 > removed 177.10.158.0/24 via x.y.z.27
on bond1
This is the template for the IBGP session between R1-AS1 and R2-AS1 (as
simple as possible):
template bgp ibgp_sites {
local as myas;
import all;
export all;
direct;
}
I know that BGP has a lot of subtle behaviors, and I'd like to know if
there is any way to make this work or if it's a dead end approach.
Thanks in advance for any help.
Jero
ps: sorry for my broken English
