dear list,
scenario:
A - B - C - D -E
A = ISP Peer
B = to A Peer
C = distribution router
D = to E peer
E = Another ISP Peer
ISP A gives B local IX nation prefix
ISP E gives D full prefix
C announce /24 to B and D,
B and D forward received prefix to C,
A B C D run ibgp, D to E ebgp
the config:
router B:
DISTRIBS = "202.69.110.254"
UPSTREAM = "202.69.98.161"
AS 9785
router-id 202.69.110.253
holdtime min 3
fib-update yes
neighbor 202.69.110.254 {
descr "DISTRIB"
remote-as 9785
announce all
enforce neighbor-as no
announce IPv4 unicast
announce IPv6 none
softreconfig in yes
softreconfig out yes
}
neighbor 202.69.98.161 {
descr "JST"
remote-as 9785
announce all
enforce neighbor-as no
announce IPv4 unicast
announce IPv6 none
softreconfig in yes
softreconfig out yes
}
match to 202.69.110.254 set { nexthop self }
deny from any
allow to 202.69.98.161 prefix 202.69.110.0/24
allow from 202.69.98.161
allow to 202.69.110.254
allow from 202.69.110.254
router C:
TOINP = "202.69.110.241"
TOJST = "202.69.110.253"
AS 9785
router-id 202.69.110.254
holdtime min 3
fib-update yes
network 202.69.110.0/24
neighbor 202.69.110.253 {
descr "JST"
remote-as 9785
announce all
enforce neighbor-as no
announce IPv4 unicast
announce IPv6 none
softreconfig in yes
softreconfig out yes
}
neighbor 202.69.110.241 {
descr "INP"
remote-as 9785
announce self
enforce neighbor-as no
announce IPv4 unicast
announce IPv6 none
softreconfig in yes
softreconfig out yes
}
match from 202.69.110.253 set { localpref 200 pftable BGPIIX }
deny from any
allow to 202.69.110.241
allow from 202.69.110.241
allow to 202.69.110.253
allow from 202.69.110.253
deny from any prefix 202.69.110.0/24
additional info:
from router B:
Nexthop State
202.69.110.254 valid sk0 UP, Ethernet, active, 100 MBit/s
202.69.96.179 valid xl0 UP, Ethernet, active, 100 MBit/s
[EMAIL PROTECTED] bgpctl sh rib neigh 202.69.110.254
flags: * = Valid, > = Selected, I = via IBGP, A = Announced
origin: i = IGP, e = EGP, ? = Incomplete
flags destination gateway lpref med aspath origin
I*> 202.69.110.0/24 202.69.110.254 100 0 i
[EMAIL PROTECTED]
[EMAIL PROTECTED] bgpctl sh rib neigh 202.69.98.161 | more
flags: * = Valid, > = Selected, I = via IBGP, A = Announced
origin: i = IGP, e = EGP, ? = Incomplete
flags destination gateway lpref med aspath origin
I*> 32.234.169.0/24 202.69.96.179 100 0 7717 2687 ?
I*> 32.234.170.0/24 202.69.96.179 100 0 7717 2687 ?
I*> 32.234.171.0/24 202.69.96.179 100 0 7717 2687 ?
I*> 32.234.172.0/24 202.69.96.179 100 0 7717 2687 ?
I*> 32.234.173.0/24 202.69.96.179 100 0 7717 2687 ?
I*> 32.234.175.0/24 202.69.96.179 100 0 7717 2687 ?
[....]
[EMAIL PROTECTED] bgpctl sh fib nexthop
flags: * = valid, B = BGP, C = Connected, S = Static
N = BGP Nexthop reachable via this route
r = reject route, b = blackhole route
flags destination gateway
*SN 202.69.96.179/32 202.69.110.249
*CN 202.69.110.252/30 link#2
[EMAIL PROTECTED]
from router C:
Nexthop State
202.69.110.253 valid xl0 UP, Ethernet, active, 100 MBit/s
202.69.110.241 valid sk0 UP, Ethernet, active, 1000 MBit/s
[EMAIL PROTECTED] bgpctl sh fib nexthop
flags: * = valid, B = BGP, C = Connected, S = Static
N = BGP Nexthop reachable via this route
r = reject route, b = blackhole route
flags destination gateway
*SN 124.195.56.96/30 202.69.110.241
*CN 202.69.110.240/30 link#2
*CN 202.69.110.252/30 link#3
[EMAIL PROTECTED]
[EMAIL PROTECTED] bgpctl sh rib neigh 202.69.110.253
flags: * = Valid, > = Selected, I = via IBGP, A = Announced
origin: i = IGP, e = EGP, ? = Incomplete
flags destination gateway lpref med aspath origin
[EMAIL PROTECTED]
the problem:
C able to announce /24 to D, and D successfully forward to E and whole world.
while in B, receive announce /24 from C and prefix from A,
but not able forward announce /24 to A and not able forward received
routes from A
to C.
both running 4.3-stable.
i have no idea what might happen at B, so it only receive prefix only,
i've check
pf too, and no block rules for bgp.
any additional info needed ? thanks for any help :)
-A
