An important part of understanding BGP is understanding how it sends it’s routing updates. Take for example this basic topology…
There are 7 routers total and 4 autonomous systems. We’ll be using EIGRP as the IGP for link reachability. In addition, all of the BGP peering will be done with the physical interface IPs, I am not using loopbacks for the iBGP peering since there aren’t any redundant paths. Let’s assume that EIGRP is up and all local physical interfaces are up. Let’s also assume that BGP is up and configured with neighbors on each router but there is no additional configuration.
Let’s start by advertising two prefixes into BGP on router1…
First I create a loopback interface and then I create a null0 route. I advertise the loopback by using the BGP network command the static route by redistributing static routes into BGP. Let’s take a look at the BGP table on router2 to start with…
So this is interesting. Router2 has exactly one path to reach each prefix both of which are through it’s directly connected link to router1. Also note that the 172.64.1.0/24 prefix shows an AS path of ‘400 ?’ while the 192.168.1.1/32 prefix shows an AS path of ‘400 i’. Since the static route (172.64.1.0/24) was redistributed into BGP, the origin of the prefix is incomplete. However, since the loopback was redistributed using the network statement it shows an origin of ‘i’ meaning that it came from manual redistribution.
Note: When I see the ‘i’ I like to think that it means that “I manually injected that route into BGP” where as ‘?’ means that redistribution did it for me.
So let’s update our diagram to reflect the available paths as we look at each router. I’ll use a blue arrow to show available paths and a green arrow to show the path that each router selected as it’s best path…
Since I’m trying to figure out why router2 only has one path to each prefix, let’s look at the BGP table on router3 to see what it has…
Well, now this is interesting. Router3 has two paths to each prefix. Note that the next hop for each of these prefixes is a non-directly connected interface for router3. This is because we haven’t told the AS edge router in AS 100 to use the next-hop self command. Let’s change that and then look at this again…
Looking at the BGP table on router3 we can now see that the next hop references the directly connected interfaces of router3…
Note that router3’s best path is through router2 for each of the prefixes. Let’s update the diagram and move on…
Let’s now look at the BGP table on router4…
Interesting. Once again, router4 only has one path to each prefix. More interesting is that the best path for each of these prefixes is through router5. Let’s update the diagram and move on to router5…
Router5’s BGP table shows that it once again has a single path through router6 to get to each prefix…
This is particularly interesting to me since from an AS perspective the prefix is exactly two AS hops away in either direction. Once again, we’ll document this and move on…
Looking at the router6 BGP table we see that it has a single path to each prefix through router7. Note that I already updated these iBGP peering with the next-hop-self command.
And finally, we see that router7 also has single path to the prefixes through its directly connected peering to router1…
The final route diagram we have is rather interesting. While some of it makes sense, other parts don’t. For instance, why is router4’s best path through router5? Why does router5 only have one path to the prefixes when it clearly has two equal cost AS paths to the prefixes.
Have you figured it out yet? Im hoping some of you figured it out when you saw the first diagram. I broke the cardinal rule of BGP. All BGP routers in the same AS need to be peered to each other. This is because all BGP routers will only share their best route with other neighbors. In addition, iBGP advertisements don’t get re-advertised to other iBGP peers.
That’s clearly not the case here. Let’s break down the advertisements…
1. Router1 sends its updates to router7 and router2.
2. Router7 and router2 mark the path towards router1 as their best path since its the only one they have
3. Router7 sends the update to router6. Router6 marks the path through router7 as its best path since its the only one. Router2 sends the update to router3 which marks the path as its best path since it currently only has the one.
4. Router6 advertise the paths to router5 who marks them as the best since its the only one it has currently heard. Router3 does NOT advertise any of these prefixes to router4 since they were learned over an iBGP path. We can see this by looking at the routes advertised from router3 to router4…
5. Router5 advertise the path it learned through router6 to router4. Since router4 doesn’t receive any advertisements from router3, it becomes router4’s best path.
So let’s fix the iBGP issue and see if things make more sense afterwards…
Now let’s update the diagram to see where we are now…
Ah ha! This looks better. Let’s walk through the advertisement process again now that we’ve fixed our problem…
1. Router1 sends its updates to router7 and router2.
2. Router7 and router2 mark the path towards router1 as their best path since its the only one they have
3. Router7 sends the update to router6. Router6 marks the path through router7 as its best path since its the only one. Router2 sends the update to router3 which marks the path as its best path since it currently only has the one. Router2 also sends the update to router4 which also marks it as it’s best path since it’s currently the only one it has.
4. Router6 advertise the paths to router5 who marks them as the best since its the only one it has currently heard. Router3 and router4 do not advertise the route to each other since they heard the advertisement via iBGP. We can can see that here…
5. Router5 advertises the path it learned through router6 to router4. Router4 in turn advertises the AS 100 best path through router2 to router5. Both routers already have paths to the prefixes so they now need to decide which one is best. Looking at the BGP table we can see how they picked the best path…
For router 4, the choice was easy. The AS-path through iBGP up to AS 400 is much shorter through router2. Note that the path is listed with a next hop of 10.0.0.25 since I didn’t use the neighbor next-hop-self command on the new iBGP peering. Since this path is the best one the AS has, router4 has to advertise it to router5. Let’s look at router5’s BGP table…
On router5, the AS path for each path is the same length. Without diving into BGP path selection (that’s the next post!) I can tell you that the route through router6 (10.0.0.5) is being selected since it’s the oldest route.
So there we have it. The key takeaway for this post are these rules…
-iBGP learned routes are never advertised to other iBGP peers
-Only the best path to any given prefix is advertised to another BGP peer.