Cogent Communications

They want us to have a Peer A and Peer B arrangement. We have a Peer B which is just to 'receive' BGP, while PEER A we are to 'send' our network announcements.

When we ask them to turn on Full Routes, our router (Router OS 5.21) starts to create a ton of dynamic routes that gateway to 38.103.65.54, problem is that is not a valid gateway, the valid gateway for this Cogent feed is 38.104.232.97 (see attached badroute.jpg).

Cogent tells me its got to be something configured incorrectly on our Mikrotik router. They provided an 'example' of what should be set but its Cisco not Mikrotik. If anyone can compare the example with our config below and tell me if I am missing something I'd appreciate it greatly. Thank you

EXAMPLE:
!
interface Loopback10
description Cogent supplied loopback address for the B peer
ip address 38.103.65.55 (Cogent provided loopback address your side) 255.255.255.255
router bgp 11668
no synchronization
neighbor a.a.a.a 38.104.232.97 remote-as 174
neighbor a.a.a.a description Cogent's A Peer to BA router
neighbor a.a.a.a password (password recommended)
neighbor b.b.b.b 38.103.65.54 remote-as 174
neighbor b.b.b.b description Cogent's B Peer to Core Router Loopback
neighbor b.b.b.b password (password recommended)
neighbor b.b.b.b ebgp-multihop 5 <----- where do I set this on Mikrotik?
neighbor b.b.b.b update-source loopback10 <----- where do I set this on Mikrotik?
network n.n.n.n (IP ranges you wish to announce) mask 255.x.x.x (subnet mask of block)
network x.x.x.x 38.103.65.55 mask 255.255.255.255
maximum-paths 6
no auto-summary
!

Our BGP Config:

oct/16/2013 20:05:40 by RouterOS 5.21

software id = 2IXR-CLLF

/routing bgp instance
set default as=11668 client-to-client-reflection=yes disabled=no ignore-as-path-len=no name=default out-filter=
"" redistribute-connected=no redistribute-ospf=no redistribute-other-bgp=no redistribute-rip=no
redistribute-static=no router-id=0.0.0.0 routing-table=""
/routing bgp network
add disabled=no network=216.115.224.0/24 synchronize=no
add disabled=no network=216.115.225.0/24 synchronize=no
add disabled=no network=216.115.226.0/24 synchronize=no
add disabled=no network=216.115.227.0/24 synchronize=no
add disabled=no network=216.115.228.0/24 synchronize=no
add disabled=no network=216.115.229.0/24 synchronize=no
add disabled=no network=216.115.230.0/24 synchronize=no
add disabled=no network=216.115.231.0/24 synchronize=no
add disabled=no network=216.115.232.0/24 synchronize=no
add disabled=no network=216.115.233.0/24 synchronize=no
add disabled=no network=216.115.234.0/24 synchronize=no
add disabled=no network=216.115.235.0/24 synchronize=no
add disabled=no network=216.115.237.0/24 synchronize=no
add disabled=no network=216.115.238.0/24 synchronize=no
add disabled=no network=216.115.239.0/24 synchronize=no
add disabled=no network=216.115.240.0/24 synchronize=no
add disabled=no network=216.115.241.0/24 synchronize=no
add disabled=no network=216.115.242.0/24 synchronize=no
add disabled=no network=216.115.243.0/24 synchronize=no
add disabled=no network=216.115.244.0/24 synchronize=no
add disabled=no network=216.115.245.0/24 synchronize=no
add disabled=no network=216.115.246.0/24 synchronize=no
add disabled=no network=216.115.247.0/24 synchronize=no
add disabled=no network=216.115.248.0/24 synchronize=no
add disabled=no network=216.115.249.0/24 synchronize=no
add disabled=no network=216.115.250.0/24 synchronize=no
add disabled=no network=216.115.251.0/24 synchronize=no
add disabled=no network=216.115.252.0/24 synchronize=no
add disabled=no network=216.115.253.0/24 synchronize=no
add disabled=no network=216.115.254.0/24 synchronize=no
add disabled=no network=216.115.255.0/24 synchronize=no
add disabled=no network=38.103.65.55/32 synchronize=no
add disabled=no network=216.115.236.0/24 synchronize=no
/routing bgp peer
add address-families=ip as-override=no default-originate=never disabled=no hold-time=3m in-filter=Cogent-in
instance=default multihop=yes name="Cogent BGP Peer1" nexthop-choice=default out-filter=Cogent-out passive=
no remote-address=38.104.232.97 remote-as=174 remove-private-as=no route-reflect=no tcp-md5-key="" ttl=
default use-bfd=no
add address-families=ip as-override=no default-originate=never disabled=no hold-time=3m in-filter="" instance=
default multihop=yes name="peer B" nexthop-choice=default out-filter=peerb-out passive=no remote-address=
38.103.65.54 remote-as=174 remove-private-as=no route-reflect=no tcp-md5-key="" ttl=default use-bfd=no
add address-families=ip as-override=no default-originate=never disabled=no hold-time=3m in-filter=tw-in
instance=default multihop=yes name=twtelecom nexthop-choice=default out-filter=tw-out passive=no
remote-address=64.128.204.49 remote-as=4323 remove-private-as=no route-reflect=no tcp-md5-key="" ttl=default
use-bfd=no

/routing filter
add action=discard chain=peerb-out disabled=no invert-match=no set-bgp-prepend-path=""

badroute.jpg517×315 63.3 KB

Reading up about BGP NEXTHOP I think thats the culprit. Looks like by default if you receive your BGP the NEXTHOP is derived from the IP on the interface, in this case its PEER B’s ip at Cogent.
I believe (not positive yet because I haven’t tested it) that I can filter the incoming routes from Peer B to utilize the correct gateway using this command:

/routing filter
add action=accept chain=peerb-in disabled=no invert-match=no set-bgp-prepend-path=“” set-in-nexthop=38.104.232.97


Also noticed my BGP peers where set to MultiHop, but they aren’t multiple hops away, not sure if that made any difference but I now set Multihop to NO

Any commands would be appreciated

Routes are received from peer B which remote address is 38.103.65.54 not 38.104.232.97. eNGP default behavior is that nextop is set to remote peers address.

Using the filter I mentioned above fixed the problem.

Now all my routes say ‘Distance 20’. My STATIC gateway 0.0.0.0/0 has a distance 1 which I think is taking presidence. Should I define routing filter ‘Set Distance’ or remove my static route?

Distance is used only to determine which route will be active. Route with more specific prefix (if present) is always used instead of default.