Tuesday, February 7, 2012

MBGP IPV6

BGP FOR IPV6 OVERVIEW
----------------------
RFC 2548
Tansport and NLRI are independent
   - Transport can be ipv4 or ipv6
   -NLRI advertised via AFI (Address family id) 2 & SAFI 1
     address-famaily ipv6 unicast
Normal BGP rules apply
   -requires underlying IGP for TCP transport
   -EBGP loop prevention via AS Path
   -IBGP loop prevention via split horzion AS rule
   -same attributes + best path selection
SO essential you could establish neighbor adjacency over ipv4 and advertise ipv6 routes
(just need to watch the next hops)
Or we could do neighbor adjacenecy over ipv6 and advertise ipv6

ipv6 peering
router bgp 5
neighbor 2001:155:28::1 remote-as 1
if we just left as this on both sides it would come up but would only capaable of supporting ipv4 nlri
if you do
sh ip bgp neighbor you can seee capabalites
if you did advertise ipv4 nlri they would have issue as they could not comprehend the bgp next hop we could change next hop
with a route-map thou

router bgp 5
neighbor 2001:155:28::1 remote-as 1
address-family ipv6 unicast
neighbor 2001:155:28::1 activate
sh ip bgp ipv6 unicast
sh bgp ipv6 unicast summary

IPV4 peering with ipv6 nlri
router bgp 1
neighbor 155.28.146.6 remote-as 6
address-family ipv6 unicast
neighbor 155.28.146.1 activate
you will need to change the next to ipv6 address (either link local or ipv6 global)
router-map from r1
set ipv6 next-hop 2001:155:28:146::1
router bgp 6
address-family ipv6 unicast
neighbor 155.28.146.1 route-map FROM_R1 in

LAB
---

Lets look at full ipv6 bgp relationship

r5
--
r5(config)#router bgp 600
r5(config-router)#neighbor 2001:155::1 remote-as 500   - peering with r1
r5(config-router)#

r1
---
r1(config)#router bgp 500
r1(config-router)#neighbor 2001:155::5 remote-as 600
r1(config-router)#exit
r1(config)#exit
r1#ping 2
*Mar  1 04:00:40.759: %SYS-5-CONFIG_I: Configured from console by console00
*Mar  1 04:00:41.975: %BGP-5-ADJCHANGE: neighbor 2001:155::5 Up 1

we can see the neighbor relationship has come up

but if we look at the
r1#sh ip bgp neigh
BGP neighbor is 2001:155::5,  remote AS 600, external link
  BGP version 4, remote router ID 5.5.5.5
  BGP state = Established, up for 00:00:43
  Last read 00:00:13, last write 00:00:13, hold time is 180, keepalive interval is 60 seconds
  Neighbor capabilities:
    Route refresh: advertised and received(old & new)
    Address family IPv4 Unicast: advertised and received

notice we have the ipv4 router id 5.5.5.5 but if look at capabilties it only least ipv4
R5
---

in order to advertise ipv6 prefixes we need to activate ipv6 both sides under the address family. We could advertise ipv4 prefixes with the above config
ipv6 bgp neighbors
we need to activate under the ipv6 address family
r5(config)#router bgp 600
r5(config-router)#address-family ipv6 unicast
r5(config-router-af)#neighbor 2001:155::1 activate
r5(config-router-af)#
*Feb  7 20:45:36.767: %BGP-5-ADJCHANGE: neighbor 2001:155::1 Down Address family activated
*Feb  7 20:45:38.907: %BGP-5-ADJCHANGE: neighbor 2001:155::1 Up

r1
---
r1(config)#router bgp 500
r1(config-router)#address-family ipv6 unicast
r1(config-router-af)#neighbor 2001:155::5 activate
r1(config-router-af)#
*Mar  1 04:05:07.771: %BGP-5-ADJCHANGE: neighbor 2001:155::5 Down Address family activated
*Mar  1 04:05:09.915: %BGP-5-ADJCHANGE: neighbor 2001:155::5 Up

we will advertise r1 loopback

r1(config-router)#address-family ipv6 unicast
r1(config-router-af)#network 2001:1:1:1::1/128
r1(config-router-af)#

r5
---
r5#sh bgp
r5#sh ipv6 route
IPv6 Routing Table - 5 entries
Codes: C - Connected, L - Local, S - Static, R - RIP, B - BGP
       U - Per-user Static route
       I1 - ISIS L1, I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary
       O - OSPF intra, OI - OSPF inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2
       ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2
       D - EIGRP, EX - EIGRP external
B   2001:1:1:1::1/128 [20/0]
     via FE80::20D:28FF:FE70:2040, Serial0/0/0
C   2001:155::/64 [0/0]
     via ::, Serial0/0/0
L   2001:155::5/128 [0/0]
     via ::, Serial0/0/0
L   FE80::/10 [0/0]
     via ::, Null0
L   FF00::/8 [0/0]
     via ::, Null0
r5#

we are learning the route via bgp

r5#sh bgp ipv6 unicast
BGP table version is 4, local router ID is 5.5.5.5
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
   Network          Next Hop            Metric LocPrf Weight Path
*> 2001:1:1:1::1/128
                    2001:155::1              0             0 500 i
r5#

r5#sh bgp ipv6 unicast summary
BGP router identifier 5.5.5.5, local AS number 600
BGP table version is 4, main routing table version 4
1 network entries using 161 bytes of memory
1 path entries using 76 bytes of memory
2/1 BGP path/bestpath attribute entries using 248 bytes of memory
1 BGP AS-PATH entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 509 total bytes of memory
BGP activity 1/0 prefixes, 2/1 paths, scan interval 60 secs
Neighbor        V    AS MsgRcvd MsgSent   TblVer  InQ OutQ Up/Down  State/PfxRcd
2001:155::1     4   500      22      20        4    0    0 00:05:27        1
We can ping successifully
r5#ping 2001:1:1:1::1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2001:1:1:1::1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 64/64/68 ms
r5#

OK lets change it round lets have ipv4 neighbors advertising ipv6 routes

r5
---
so i will clear the old config
r5(config)#no router bgp 600

start new config
r5(config)#router bgp 600
r5(config-router)#neighbor 155.0.0.1 remote-as 500
r5(config-router)#address-family ipv6 unicast
r5(config-router-af)#neighbor 155.0.0.1 activate
r5(config-router-af)#
we need to activate the address under the ipv6 address family

r1
---

r1(config)#no router bgp 500
r1(config)#router bgp 500
r1(config-router)#neighbor 155.0.0.5 remote-as 600
r1(config-router)#address-family ipv6 unicast
r1(config-router-af)#neighbor 155.0.0.5 activate
r1(config-router-af)#

ok so the neighbor relationship is up
r1#sh ip bgp neig
BGP neighbor is 155.0.0.5,  remote AS 600, external link
  BGP version 4, remote router ID 5.5.5.5
  BGP state = Established, up for 00:00:31
  Last read 00:00:01, last write 00:00:01, hold time is 180, keepalive interval is 60 seconds
  Neighbor capabilities:
    Route refresh: advertised and received(old & new)
    Address family IPv4 Unicast: advertised and received
    Address family IPv6 Unicast: advertised and received
with capabilities of ipv4 and ipv6

lets advertise the loopback
r1(config)#router bgp 500
r1(config-router)#address-family ipv6 unicast
r1(config-router-af)#network 2001:1:1:1::1/128
r1(config-router-af)#

r5
---
r5#sh i
*Feb  7 21:03:02.275: %SYS-5-CONFIG_I: Configured from console by con
r5#sh ipv6 route
IPv6 Routing Table - 4 entries
Codes: C - Connected, L - Local, S - Static, R - RIP, B - BGP
       U - Per-user Static route
       I1 - ISIS L1, I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary
       O - OSPF intra, OI - OSPF inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2
       ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2
       D - EIGRP, EX - EIGRP external
C   2001:155::/64 [0/0]
     via ::, Serial0/0/0
L   2001:155::5/128 [0/0]
     via ::, Serial0/0/0
L   FE80::/10 [0/0]
     via ::, Null0
L   FF00::/8 [0/0]
     via ::, Null0
r5#
the address is not in the routing table ???


r5#
*Feb  7 21:10:46.883: %BGP-5-ADJCHANGE: neighbor 155.0.0.1 Down User reset
*Feb  7 21:10:47.787: %BGP-5-ADJCHANGE: neighbor 155.0.0.1 Up
*Feb  7 21:10:47.875: BGP: 155.0.0.1 Advertised Nexthop ::FFFF:155.0.0.1: Non-local or Nexthop and peer Not on same interface
*Feb  7 21:10:47.875: BGP(1): 155.0.0.1 rcv UPDATE w/ attr: nexthop ::FFFF:155.0.0.1 (FE80::20D:28FF:FE70:2040), origin i, metric 0, originator 0.0.0.0, path 500, community , extended community
*Feb  7 21:10:47.875: BGP(1): 155.0.0.1 rcv UPDATE about 2001:1:1:1::1/128 -- DENIED due to: non-connected MP_REACH NEXTHOP;

it has been denied as the nexthop FFF:155.0.0.1 is not valid this the ipv4 address next hop and ipv6 can not understand it

ok lets make a route-map changing the next hop
r5(config-route-map)#route-map SETNEXTHOP
r5(config-route-map)#set ipv6 next-hop 2001:155::1
r5(config-route-map)#
r5(config)#router bgp 600
r5(config-router)#address-family ipv6 unicast
r5(config-router-af)#neighbor 155.0.0.1 route-map SETNEXTHOP in
r5(config-router-af)#
ok this is not working it is still the same being denied it must be checking before route-map is applied

I will look into we could alternatively on r1 do

r1
---
r1(config)#route-map SETNEXTHOP permit 10
r1(config-route-map)# set ipv6 next-hop 2001:155::1
r1(config-route-map)#exit
r1(config)#router bgp 500
r1(config-router)#address-family ipv6 unicast
r1(config-router-af)#neighbor 155.0.0.5 route-map SETNEXTHOP out
r1(config-router-af)#


still not working i need to investigate more getting following log message
*Feb  7 21:28:19.743: BGP: 155.0.0.1 Advertised Nexthop 2001:155::1: Non-local or Nexthop and peer Not on same interface
*Feb  7 21:28:19.743: BGP(1): 155.0.0.1 rcv UPDATE w/ attr: nexthop 2001:155::1, origin i, metric 0, originator 0.0.0.0, path 500, community , extended community
*Feb  7 21:28:19.743: BGP(1): 155.0.0.1 rcv UPDATE about 2001:1:1:1::1/128 -- DENIED due to: non-connected MP_REACH NEXTHOP;[OK]

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)