Community discussions

MikroTik App
 
antleo
newbie
Topic Author
Posts: 47
Joined: Thu Dec 19, 2019 3:27 am

V7.5 BGP not advertising eBGP to iBGP peer

Wed Sep 07, 2022 4:52 am

Ok, I believe this is an ROS7 thing and just a misconfiguration on my part. By default, BGP on ROS6 would advertise eBGP routes to iBGP. However, despite having a plain accept output filter(or no output filter set which should do the same thing), no eBGP routes are being advertised into iBGP.

Is that expected behavior?
Last edited by antleo on Wed Sep 07, 2022 6:03 pm, edited 1 time in total.
 
User avatar
IPANetEngineer
Trainer
Trainer
Posts: 1673
Joined: Fri Aug 10, 2012 6:46 am
Location: iparchitechs.com
Contact:

Re: V7.5 BGP not redistributing eBGP to iBGP

Wed Sep 07, 2022 4:31 pm

Just to clarify terminology, redistribution is a manual config in BGP that is not the default.

It seems like you're describing advertising eBGP learned routes to iBGP peers..is that accurate?

Can you share config and the output of /routing/routes for the routers involved?
 
antleo
newbie
Topic Author
Posts: 47
Joined: Thu Dec 19, 2019 3:27 am

Re: V7.5 BGP not redistributing eBGP to iBGP

Wed Sep 07, 2022 5:59 pm

Yes that's correct. I am just looking to have eBGP routes advertised to iBGP peers. I updated my original post to eliminate the ambiguity.


Edge Router BGP and filter config:
/routing bgp template
set default address-families=ip as=65534 disabled=no nexthop-choice=\
    force-self output.network=bgp-networks router-id=10.200.1.1 \
    routing-table=main use-bfd=yes vrf=main
add address-families=ip as=65534 disabled=no input.filter=DROPALL name=\
    EXTERNAL-v4 output.filter-chain=DROPALL .network=BGP-v4-OUTPUT \
    router-id=<sanitized> routing-table=main use-bfd=no vrf=main

/routing bgp connection

add address-families=ip as=65534 disabled=no input.filter=\
    BGP-HURRICANE_ELECTRIC_V4_IN local.role=ebgp-customer name=\
    WAN_HURRICANE-ELECTRIC output.filter-chain=BGP-HURRICANE_ELECTRIC_V4_OUT \
    .network=V4_PUBLIC remote.address=184.105.63.33/32 .as=6939 \
    router-id=<sanitized> routing-table=main templates=EXTERNAL-v4 use-bfd=\
    no vrf=main

add address-families=ip as=65534 connect=yes disabled=no input.filter=\
    BGP-CORER1_V4_IN listen=yes local.address=10.200.1.1 .role=\
    ibgp-rr-client multihop=yes name=CORER1.DC01_V4 nexthop-choice=\
    force-self output.filter-chain=BGP-CORER1_V4_OUT \
    remote.address=10.200.1.3/32 .as=65534 router-id=10.200.1.1 \
    routing-table=main templates=default use-bfd=no vrf=main
	
/routing filter rule
add chain=BGP-HURRICANE_ELECTRIC_V4_IN comment=\
    "Drop all variations of our prefixes" disabled=no rule=\
    "if (dst in BGP_OUR_PREFIXES)  {\r\
    \nreject\r\
    \n}"
add chain=BGP-HURRICANE_ELECTRIC_V4_IN comment="Drop bogon routes in" disabled=\
    no rule="if (dst in BOGON)  {\r\
    \nreject\r\
    \n}"
add chain=BGP-HURRICANE_ELECTRIC_V4_IN comment="Accept all other routers" \
    disabled=no rule=accept
add chain=BGP-HURRICANE_ELECTRIC_V4_OUT comment=\
    "Only Advertise routes in BGP_V4_PUBLIC Firewall Filter" disabled=\
    no rule="if (dst in BGP_V4_PUBLIC) {accept}"
add chain=BGP-CORER1.DC01_V4_IN disabled=no rule=accept
add chain=BGP-CORER1.DC01_V4_OUT disabled=no rule=accept
Core Configuration:
/routing bgp template
set default address-families=ip as=65534 disabled=no nexthop-choice=force-self output.network=bgp-networks router-id=10.200.1.3 routing-table=main use-bfd=no vrf=main

/routing bgp connection
add address-families=ip as=65534 connect=yes disabled=no input.filter=BGP-EDGER1.DC01_V4_IN listen=yes local.address=10.200.1.3 .role=ibgp-rr name=EDGER1.DC01_V4 nexthop-choice=force-self output.filter-chain=BGP-EDGER1.DC01_V4_OUT .network=BGP-LOCAL-NETS remote.address=10.200.1.1/32 .as=65534 router-id=\
    10.200.1.3 routing-table=main templates=default use-bfd=no vrf=main
    
/routing filter rule
add chain=BGP-EDGER1.DC01_V4_IN disabled=no rule=accept
add chain=BGP-EDGER1.DC01_V4_OUT disabled=no rule=accept
    

Im not going to dump the table, as the edge is taking full routes however here is OSPF and an eBGP route(google):
ip route/print where dst-address=8.8.8.0/24
Flags: D - DYNAMIC; I, A - ACTIVE; b, y - COPY
Columns: DST-ADDRESS, GATEWAY, DISTANCE
    DST-ADDRESS  GATEWAY        DISTANCE
DAb 8.8.8.0/24   184.105.63.33        20

/ip route/ print where ospf=yes
Flags: D - DYNAMIC; A - ACTIVE; o, y - COPY; + - ECMP
Columns: DST-ADDRESS, GATEWAY, DISTANCE
     DST-ADDRESS     GATEWAY                                 DISTANCE
DAo  10.200.1.3/32    10.10.10.6%E1V0102-TRANSIT-CORE01.DC01       110

 ip route print where connect=yes
Flags: D - DYNAMIC; A - ACTIVE; c, y - COPY
Columns: DST-ADDRESS, GATEWAY, DISTANCE
    DST-ADDRESS       GATEWAY                         DISTANCE
DAc 10.10.10.4/30     E1V0102-TRANSIT-CORE01.DC01            0
DAc 10.200.1.1/32     loopback                               0
DAc 10.217.0.0/24     ether2                                 0
DAc 184.105.63.32/29  E1V0002-WAN-HURRICANE-ELECTRIC         0


Core / iBGP neighbor
iip route print
Flags: D - DYNAMIC; A - ACTIVE; c, s, o, d, y - COPY; + - ECMP
Columns: DST-ADDRESS, GATEWAY, DISTANCE
 #      DST-ADDRESS         GATEWAY                                  DISTANCE

   DAc  10.10.10.4/30       E1V0102-TRANSIT-EDGER1.DC01                     0
   DAo  10.200.1.1/32       10.10.10.5%E1V0102-TRANSIT-EDGER1.DC01        110
   DAc  10.200.1.3/32       loopback                                        0
   DAc  10.217.0.0/24       ether2                                          0
 


As you can see, no routes are being advertised to the iBGP neighbor, I did confirm that the session is established on both ends. If I enable redistribution, it does push all of the routes as expected. I think there is some misconfiguration I made, but don't see where specifically.

Thanks!

Who is online

Users browsing this forum: asavu and 3 guests