Re: bgp router with multi asn's - neighbor config ?
Hi Ondrej! Thanks for your hints. Please let me add a question! (see below) On Thu, 2014-09-04 at 16:32 +0200, Ondrej Zajicek wrote:
On Thu, Sep 04, 2014 at 12:32:46PM +0000, Leo Vandewoestijne wrote:
You cannot have two BGP relations to a single peer. I see two options:
You will certainly have to do this on different IP's. And actually I only do it with different IP's in different netmasks.
Yes, you can have two BGP sessions between two BGP neighbors if you use two pairs of IP addresses, IMHO it should work even if all addresses have the same netmask.
I now tried a setup with a peer (only one IP address) and a router on my side which has two IP addresses configured on the same interface (primary and secondary). The schema of config on my side would look like this: interface tun0: 10.0.0.1 (primary) 10.0.0.2 (secondary) protocol bgp me_1 {6 local 10.0.0.1 as 1; router id 10.0.0.1; neighbor 10.0.0.9 as 9; direct; } protocol bgp me_2 {6 local 10.0.0.2 as 2; router id 10.0.0.2; neighbor 10.0.0.9 as 9; direct; } (In fact there are a lot of peers like this one.) This setup doesn't seem to work. It seems as if, with each restart, only on of the two connections comes online, not always the same one. The second connection is rejected when incoming. Which is the mistake I made here? Or does the peer have to have two IP addresses as well? The bird user manual states "Note that contrary to other IP routers, BIRD is able to act as a router located in multiple AS’es simultaneously". What is the intended way to configure this situation? Best regards and many thanks, Kai -- "Das ist Demokratie, wenn man sich aussuchen darf, wer einen verarscht." (Hagen Rether) D-65203 Wiesi fast: kai_pf (aT] web(dot)de ++ PGP Key fingerprint B567 C43E 99D1 7709 7D64 3BF8 2DE8 1092 0EEF D58E ++ -----BEGIN GEEK CODE BLOCK----- VERSION: 3.12 GCS/IT/CM d- s:- a+>-----(?) C++$ UL++(++++$) P+++ L++ E-(+) W--(+) N !w---($) !O !M V? PS+ PE-() Y+ PGP(+) t R*@ tv--@ b+>++ DI++ G e+++(*) h? y? ------END GEEK CODE BLOCK------
On Fri, 26 Sep 2014, Kai wrote:
protocol bgp me_1 {6 local 10.0.0.1 as 1; router id 10.0.0.1; neighbor 10.0.0.9 as 9; direct; }
protocol bgp me_2 {6 local 10.0.0.2 as 2; router id 10.0.0.2; neighbor 10.0.0.9 as 9; direct; }
(In fact there are a lot of peers like this one.) This setup doesn't seem to work. It seems as if, with each restart, only on of the two connections comes online, not always the same one. The second connection is rejected when incoming.
I'm familiar with that collision, so not surprised.
Which is the mistake I made here? Or does the peer have to have two IP addresses as well?
Yes, that's very likely the case. I've done this with Cisco, Juniper and Foundry neighbours, and in all cases I ended up using aliased IP's for the same neighbour. After trial and (many) error, I concluded that appearently Bird can't otherwise make a distinct. And when re-reading the thread Ondrej Zajicek said that twice: here subtle:
Yes, you can have two BGP sessions between two BGP neighbors if you use two pairs of IP addresses
and here more clear/explained:
Incoming sessions are dispatched based on their source addresses.
-- Met vriendelijke groet, With kind regards, Leo Vandewoestijne
On Mon, Sep 29, 2014 at 02:19:03PM +0000, Leo Vandewoestijne wrote:
On Fri, 26 Sep 2014, Kai wrote:
protocol bgp me_1 {6 local 10.0.0.1 as 1; router id 10.0.0.1; neighbor 10.0.0.9 as 9; direct; }
protocol bgp me_2 {6 local 10.0.0.2 as 2; router id 10.0.0.2; neighbor 10.0.0.9 as 9; direct; }
(In fact there are a lot of peers like this one.) This setup doesn't seem to work. It seems as if, with each restart, only on of the two connections comes online, not always the same one. The second connection is rejected when incoming.
I'm familiar with that collision, so not surprised.
Which is the mistake I made here? Or does the peer have to have two IP addresses as well?
Yes, that's very likely the case.
That is true. You have to use two addresses on the other side. But it would be a good idea to implement it in the future versions. -- Elen sila lumenn' omentielvo Ondrej 'Santiago' Zajicek (email: santiago@crfreenet.org) OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net) "To err is human -- to blame it on a computer is even more so."
Gesendet: Mittwoch, 01. Oktober 2014 um 12:47 Uhr Von: "Ondrej Zajicek" <santiago@crfreenet.org>
On Mon, Sep 29, 2014 at 02:19:03PM +0000, Leo Vandewoestijne wrote:
On Fri, 26 Sep 2014, Kai wrote:
protocol bgp me_1 {6 local 10.0.0.1 as 1; router id 10.0.0.1; neighbor 10.0.0.9 as 9; direct; }
protocol bgp me_2 {6 local 10.0.0.2 as 2; router id 10.0.0.2; neighbor 10.0.0.9 as 9; direct; }
(In fact there are a lot of peers like this one.) This setup doesn't seem to work. It seems as if, with each restart, only on of the two connections comes online, not always the same one. The second connection is rejected when incoming.
I'm familiar with that collision, so not surprised.
Which is the mistake I made here? Or does the peer have to have two IP addresses as well?
Yes, that's very likely the case.
That is true. You have to use two addresses on the other side.
Dear Leo, dear Ondrej, Thanks a lot for making this point more clear again, so that even I was able to grasp it finally. ;)
But it would be a good idea to implement it in the future versions.
As I cannot reasonably ask a lot og peers to implement an unusal IP setup just for my special case, I'm going to switch to a completely different approach. But I'd like to strongly support the notion of implemeting a change in future versions. Best regards, Kai
participants (3)
-
Kai -
Leo Vandewoestijne -
Ondrej Zajicek