On Tue, Jul 05, 2011 at 06:20:56PM +0300, peter dunaskin wrote:
> Hello,
>
>
> I'm having hard time figuring out what's wrong with my or my upstream
> setup. I have set up 2 BGP routers, each with its own session to the
> same upstream BGP router. Primary router has pretty much default
> settings for upstream router and IBGP session with secondary router.
> Secondary router has prepend-self and prepend-neighbor so that it's used
> only when primary is down. Primary router had IP address 159.148.214.102
> and secondary router has 159.148.214.99, so BGP ID value of secondary
> router was lower. The problem is that up until I changed primary routers
> IP address to 159.148.214.98 (lower than secondary), my upstream would
> always choose secondary router as correct path. According to Stuart's
> post on this mailing list, aspath is much more important in correct path
> decision than BGP ID:
> http://www.mail-archive.com/misc@openbsd.org/msg31183.html
>
> Since I've changed IP address, everything seems to work ok, but I'm
> worried my upstream could be ignoring my BGP settings and some traffic
> would still be forwarded to wrong router. They claim they've checked
> everything and configuration on their side is correct.
>
> Primary router is running OpenBSD 4.6-stable, secondary router is
> 4.8-stable. I know I should be running 4.9, but from what I checked
> nothing has changed regarding OpenBGDP path decision since then.
Appart from hundreds of bug fixes all over bgpd nothing has changed since
4.6 there is absolutly no need to update at all.
> Configuration of primary BGP router is:
>
> #macros
> latnet="159.148.214.101"
> core2b="159.148.214.99"
>
> # global configuration
> AS 21178
> router-id 159.148.214.98
> log updates
> holdtime 30
> network 194.143.152.0/23
>
> # neighbors and peers
> group "peering AS21178" {
> remote-as 2588
> neighbor $latnet {
> descr "latnet"
> announce all
> tcp md5sig password xxxxxxxxxx
> demote carp
> }
> }
>
> group IBGP {
> remote-as 21178
> neighbor $core2b {
> descr "core2b"
> announce all
> tcp md5sig password yyyyyyyyyyyy
> }
> }
> #(default filter rules follow)
>
>
> Secondary BGP router configuration:
>
> # macros
> latnet="159.148.214.101"
> core2a="159.148.214.98"
>
> # global configuration
> AS 21178
> router-id 159.148.214.99
> log updates
> holdtime 30
> network 194.143.152.0/23
>
> # neighbors and peers
> group "peering AS21178" {
> remote-as 2588
> neighbor $latnet {
> descr "latnet"
> announce all
> tcp md5sig password xxxxxxxxxxxxxxxxx
> set prepend-self 3
> set prepend-neighbor 3
> demote carp
> }
> }
>
> group IBGP {
> remote-as 21178
> neighbor $core2a {
> descr "core2a"
> announce all
> tcp md5sig password yyyyyyyyyyyyyyy
> }
> }
> #(default filter rules follow)
>
>
> I know "announce all" for EBGP connections is not default, but I've
> tried changing it to self, result was the same, however. It's set to
> "all" because I plan to add couple other AS to this router soon.
>
> What am I missing here?
>
A) look at bgpd -nv output and check if the filter rules make sense.
B) use "bgpctl show rib nei latnet out" to see what prefixes you are
actually sending to the other side.
--
:wq Claudio
