Tuesday, May 31, 2011

BGP over GRE

The BGP synchronization rule states that if an AS provides transit service to another AS, BGP should not advertise a route until all of the routers within the AS have learned about the route via an IGP.

If the routes are not synchronized, the traffic might be dropped. Earlier day’s synchronization was enabled by default in order to prevent this black hole.

So how can we make non BGP speakers aware of BGP NLRI and advertise the information to a third AS when synchronization is ON?. Redristribute BGP routes into IGP. But what if you don’t want non BGP speakers aware of BGP routes. We have ways to do this.

The diagram is self explanatory. R5 and R2 advertises loopback into BGP

Here we have OSPF as IGP runs on R1,R3,R4. Connected interfaces of R1 participates in OSPF as well as interface Ser 0/1 of R3 and Fas 1/0 of R4.


Requirement:

  1. We want R5 to reach R2 and vice versa.
  2. Do not redistribute BGP into OSPF (loopback of R5 and R2)


In this scenario, R1 actually creates a black hole between R3 and R4 since R1 is not aware of BGP routes. In such situations where we don’t want R1 to be aware of BGP routes, GRE tunnel comes in handy.

We will create a tunnel between R3 and R4 and transport BGP information between them. We can select tunnel source as loopback (I select loopback0 of both routers) and tunnel destination would be remote router loopback ip. Make sure you enable these loopbacks into ospf routing to bring the tunnel up. Also the remote tunnel interface should be reachable from both routers R3 and R4 to facilitate IBGP neighborship. So we enable tunnel interface into ospf routing as well.


On R3

On R4





Testing the tunnel


Next establish IGP peering between R3 and R4 using the tunnel interface.

R4 BGP configuration:



R3 BGP configuration:



Test: R3 established neighbor ship with R5 (EBGP) and R4 (IBGP with tunnel 0).

We have achieved the reachability between R5 and R2which is transparent to R1





R1’s routing table. R1 is not aware of BGP routes (of R5 and R2)



What really happens here –

My packet capture shows how IBGP session is established between R3 (10.1.34.3) tunnel and R4 (10.1.34.4) tunnel interface and the different BGP messages exchanged between the neighbors. OPEN, KEEPALIVE, UPDATE.



NLRI of R5 inside GRE



Files
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)