Guys
There is some unknown issue with using ttl-security feature. When u
advertise prefix , it will not show vaild route in BGP routing table even
next hop or route source is accessible .
I have connected two router R2 and R5 on fast Ethernet , R2 is running AS 2
and R5 running AS 5. The ttl-security feature is configured between R2 and
R5 only.The R1 is advertise 1.1.1.0/24 prefix to EBG neighbour (R2 and R5)
which is also advertise via EIGRP. In additional R2 also advertise its
connected interface 2.2.2.0/24 however both route 1.1.1.0/24 and
2.2.2.0/24is showing in BGP but not valid and next hop is inaccessible
on R5
R1---------------
R2------------------------------------------------------------R5
R2 Config
R2#sh run | sec bgp
router bgp 2
no synchronization
bgp log-neighbor-changes
network 2.2.2.0 mask 255.255.255.0
neighbor 5.5.1.1 remote-as 5
neighbor 5.5.1.1 ttl-security hops 2
neighbor 5.5.1.1 update-source Loopback1
no auto-summary
On R5 Config
R5#sh run | sec bgp
router bgp 5
no synchronization
bgp log-neighbor-changes
neighbor 2.2.1.1 remote-as 2
neighbor 2.2.1.1 ttl-security hops 2
neighbor 2.2.1.1 update-source Loopback1
no auto-summary
R5#
R5#
R5#show ip bgp
BGP table version is 1, local router ID is 5.5.4.4
Status codes: s suppressed, d damped, h history, * valid, > best, i -
internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
* 1.1.1.0/24 2.2.1.1 0 2 1 i
* 2.2.2.0/24 2.2.1.1 0 0 2 i
R5#
R5#show ip bgp 1.1.1.0/24
BGP routing table entry for 1.1.1.0/24, version 0
Paths: (1 available, no best path)
Not advertised to any peer
2 1
2.2.1.1 (inaccessible) from 2.2.1.1 (2.2.4.4)
Origin IGP, localpref 100, valid, external
R5#
However 2.2.1.1 is reachable from R5 :
R5#ping 2.2.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2.2.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/28/56 ms
R5#
R5#show ip route 2.2.1.1
Routing entry for 2.2.1.0/24
Known via "eigrp 100", distance 90, metric 409600, type internal
Redistributing via eigrp 100
Last update from 30.30.30.2 on FastEthernet0/0, 04:08:49 ago
Routing Descriptor Blocks:
* 30.30.30.2, from 30.30.30.2, 04:08:49 ago, via FastEthernet0/0
Route metric is 409600, traffic share count is 1
Total delay is 6000 microseconds, minimum bandwidth is 10000 Kbit
Reliability 255/255, minimum MTU 1500 bytes
Loading 1/255, Hops 1
R5#
R5#show ip route 1.1.1.0
Routing entry for 1.1.1.0/24
Known via "eigrp 100", distance 90, metric 409600, type internal
Redistributing via eigrp 100
Last update from 50.50.50.1 on FastEthernet0/1, 04:08:55 ago
Routing Descriptor Blocks:
* 50.50.50.1, from 50.50.50.1, 04:08:55 ago, via FastEthernet0/1
Route metric is 409600, traffic share count is 1
Total delay is 6000 microseconds, minimum bandwidth is 10000 Kbit
Reliability 255/255, minimum MTU 1500 bytes
Loading 1/255, Hops 1
Please help.
Regards
Amit
_______________________________________________
For more information regarding industry leading CCIE Lab training, please visit
www.ipexpert.com
Are you a CCNP or CCIE and looking for a job? Check out
www.PlatinumPlacement.com
