BGP - strange best path selection

RouterOS Forwarding Protocols
1

Hello,

We are having some problems in BGP4 active dynamic routes selection

RouterOS x86 4.6,
two external ISP partners: provider1 and provider2
both of them exporting full view prefixes
both peers are configured in same way
BGP prepends are the same for each of them (prepend=1),
distance are the same, physical interfaces are both 1000mbit

some clarifications:

network 63.123.208.0/21 - PI, belongs to us (AS98765)
networks 196.240.126.0/24, 196.240.133.0/24 - are PA by provider1
so we have an out-filter for provider2 with action=discard for those networks

here is our configuration

  1. Interfaces
/interface ethernet
set 1 arp=enabled auto-negotiation=yes cable-settings=default comment=provider1 \
    disable-running-check=yes disabled=no full-duplex=yes mac-address=\
    00:15:17:BD:EE:F0 mtu=1500 name=ether1 speed=1Gbps

set 3 arp=enabled auto-negotiation=yes cable-settings=default comment=\
    provider2 disable-running-check=yes disabled=no full-duplex=yes \
    mac-address=00:15:17:BD:EE:F2 mtu=1500 name=ether4 speed=1Gbps
  1. IP addresses
/ip address
add address=63.238.2.74/30 broadcast=63.238.2.75 comment="" disabled=no \
    interface=ether1 network=63.238.2.72

add address=85.253.2.130/30 broadcast=85.253.2.131 comment="" disabled=no \
    interface=ether4 network=85.253.2.128
  1. BGP instances
/routing bgp instance
set default as=1 client-to-client-reflection=yes comment="" disabled=yes \
    ignore-as-path-len=no name=default out-filter="" redistribute-connected=\
    no redistribute-ospf=no redistribute-other-bgp=no redistribute-rip=no \
    redistribute-static=no router-id=0.0.0.0 routing-table=""

add as=98765 client-to-client-reflection=no comment="" disabled=no \
    ignore-as-path-len=no name=provider1 out-filter="" redistribute-connected=\
    no redistribute-ospf=no redistribute-other-bgp=no redistribute-rip=no \
    redistribute-static=no router-id=63.238.2.74 routing-table=""

add as=98765 client-to-client-reflection=no comment="" disabled=no \
    ignore-as-path-len=no name=provider2 out-filter="" \
    redistribute-connected=no redistribute-ospf=no redistribute-other-bgp=no \
    redistribute-rip=no redistribute-static=no router-id=85.253.2.130 \
    routing-table=""
  1. BGP peers
/routing bgp peer
add address-families=ip as-override=no comment="provider1" default-originate=never \
    disabled=no hold-time=1m30s in-filter=provider1-in instance=provider1 \
    interface=ether1 multihop=no name=provider1 nexthop-choice=default \
    out-filter=provider1-out passive=no remote-address=63.238.2.73 remote-as=\
    3216 remove-private-as=no route-reflect=no tcp-md5-key="" ttl=5 use-bfd=\
    no

add address-families=ip as-override=no comment="provider2" default-originate=never \
    disabled=no hold-time=1m30s in-filter=provider2-in instance=provider2 \
    interface=ether4 multihop=no name=provider2 nexthop-choice=default \
    out-filter=provider2-out passive=no remote-address=85.253.2.129 \
    remote-as=35810 remove-private-as=no route-reflect=no tcp-md5-key="" ttl=\
    5 use-bfd=no
  1. networks in routing-bgp-networks
/routing bgp network
add comment="" disabled=no network=63.123.208.0/21 synchronize=no
add comment="" disabled=no network=196.240.126.0/24 synchronize=no
add comment="" disabled=no network=196.240.133.0/24 synchronize=no

with this settings router must be choosing the best route by as-path length, right?
(http://wiki.mikrotik.com/wiki/Manual:BGP_Best_Path_Selection_Algorithm)

most routes are choosed correctly (by the shortest as-path length)
but there are some routes that are exception (look 11-12 and 13-14 from the listing below):

[admin@GW] /ip route> print detail
Flags: X - disabled, A - active, D - dynamic, C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme, B -
blackhole, U - unreachable, P - prohibit
 0 X S  dst-address=0.0.0.0/0 gateway=63.238.2.73 gateway-status=63.238.2.73 inactive distance=1 scope=30
target-scope=10 

 1 ADb  dst-address=1.12.0.0/14 gateway=63.238.2.73 gateway-status=63.238.2.73 reachable ether1 distance=20 scope=40
target-scope=10 
        bgp-as-path="98765,3216,3549,4134,4847,18245" bgp-origin=igp
bgp-communities=3216:3000,3216:3004,3549:2015,3549:30840 received-from=provider1 

 2  Db  dst-address=1.12.0.0/14 gateway=85.253.2.129 gateway-status=85.253.2.129 reachable ether4 distance=20 scope=40
target-scope=10 
        bgp-as-path="98765,35810,39792,4134,4847,18245" bgp-origin=igp received-from=provider2 

 3 ADb  dst-address=1.12.0.0/24 gateway=63.238.2.73 gateway-status=63.238.2.73 reachable ether1 distance=20 scope=40
target-scope=10 
        bgp-as-path="98765,3216,3549,4134,4847,18245" bgp-origin=igp
bgp-communities=3216:3000,3216:3004,3549:2015,3549:30840 received-from=provider1 

 4  Db  dst-address=1.12.0.0/24 gateway=85.253.2.129 gateway-status=85.253.2.129 reachable ether4 distance=20 scope=40
target-scope=10 
        bgp-as-path="98765,35810,39792,4134,4847,18245" bgp-origin=igp received-from=provider2 

 5 ADb  dst-address=1.24.0.0/13 gateway=63.238.2.73 gateway-status=63.238.2.73 reachable ether1 distance=20 scope=40
target-scope=10 
        bgp-as-path="98765,3216,1273,1239,4837" bgp-atomic-aggregate=yes bgp-origin=igp
bgp-communities=1273:21000,3216:3000,3216:3001 received-from=provider1 

 6  Db  dst-address=1.24.0.0/13 gateway=85.253.2.129 gateway-status=85.253.2.129 reachable ether4 distance=20 scope=40
target-scope=10 
        bgp-as-path="98765,35810,41842,12389,4837" bgp-atomic-aggregate=yes bgp-origin=igp received-from=provider2 

 7 ADb  dst-address=2.80.0.0/14 gateway=63.238.2.73 gateway-status=63.238.2.73 reachable ether1 distance=20 scope=40
target-scope=10 
        bgp-as-path="98765,3216,8657,3243" bgp-origin=igp bgp-communities=3216:3000,3216:3103 received-from=provider1 

 8  Db  dst-address=2.80.0.0/14 gateway=85.253.2.129 gateway-status=85.253.2.129 reachable ether4 distance=20 scope=40
target-scope=10 
        bgp-as-path="98765,35810,39792,8657,3243" bgp-origin=igp received-from=provider2 

 9 ADb  dst-address=2.96.0.0/13 gateway=63.238.2.73 gateway-status=63.238.2.73 reachable ether1 distance=20 scope=40
target-scope=10 
        bgp-as-path="98765,3216,13285,13285,13285" bgp-origin=igp
bgp-communities=3216:3000,3216:3101,13285:50,13285:5030 received-from=provider1 

10  Db  dst-address=2.96.0.0/13 gateway=85.253.2.129 gateway-status=85.253.2.129 reachable ether4 distance=20 scope=40
target-scope=10 
        bgp-as-path="98765,35810,39792,13285" bgp-origin=igp received-from=provider2 

11 ADb  dst-address=2.96.0.0/14 gateway=63.238.2.73 gateway-status=63.238.2.73 reachable ether1 distance=20 scope=40
target-scope=10 
        bgp-as-path="98765,3216,13285,13285,13285" bgp-origin=igp
bgp-communities=3216:3000,3216:3101,13285:50,13285:5030 received-from=provider1 

12  Db  dst-address=2.96.0.0/14 gateway=85.253.2.129 gateway-status=85.253.2.129 reachable ether4 distance=20 scope=40
target-scope=10 
        bgp-as-path="98765,35810,39792,13285" bgp-origin=igp received-from=provider2 

13 ADb  dst-address=2.100.0.0/14 gateway=63.238.2.73 gateway-status=63.238.2.73 reachable ether1 distance=20 scope=40
target-scope=10 
        bgp-as-path="98765,3216,13285,13285,13285" bgp-origin=igp
bgp-communities=3216:3000,3216:3101,13285:50,13285:5030 received-from=provider1 

14  Db  dst-address=2.100.0.0/14 gateway=85.253.2.129 gateway-status=85.253.2.129 reachable ether4 distance=20 scope=40
target-scope=10 
        bgp-as-path="98765,35810,39792,13285" bgp-origin=igp received-from=provider2 

15 ADb  dst-address=2.104.0.0/13 gateway=63.238.2.73 gateway-status=63.238.2.73 reachable ether1 distance=20 scope=40
target-scope=10 
        bgp-as-path="98765,3216,3549,3292" bgp-origin=igp
bgp-communities=3216:3000,3216:3004,3292:1000,3292:3021,3292:24500 received-from=provider1 

16  Db  dst-address=2.104.0.0/13 gateway=85.253.2.129 gateway-status=85.253.2.129 reachable ether4 distance=20 scope=40
target-scope=10 
        bgp-as-path="98765,35810,39792,3549,3292" bgp-origin=igp received-from=provider2 

17 ADb  dst-address=2.112.0.0/15 gateway=63.238.2.73 gateway-status=63.238.2.73 reachable ether1 distance=20 scope=40
target-scope=10 
        bgp-as-path="98765,3216,702,6762,3269" bgp-origin=igp bgp-communities=702:1020,3216:3000,3216:3002
received-from=provider1 

18  Db  dst-address=2.112.0.0/15 gateway=85.253.2.129 gateway-status=85.253.2.129 reachable ether4 distance=20 scope=40
target-scope=10 
        bgp-as-path="98765,35810,39792,3549,6762,3269" bgp-origin=igp received-from=provider2 

19 ADb  dst-address=2.114.0.0/15 gateway=63.238.2.73 gateway-status=63.238.2.73 reachable ether1 distance=20 scope=40
target-scope=10 
        bgp-as-path="98765,3216,702,6762,3269" bgp-origin=igp bgp-communities=702:1020,3216:3000,3216:3002
received-from=provider1

we found one difference by WinBox Utility
routing → bgp → peer
“provider2” status has two options selected “Refresh Capability” and “AS4 Capability”
but “provider1” has no “AS4 Capability” selected !



so what can be the reason for the wrong best path selection in this case? and how can we fix it? :wink:
any help is highly appreciated !!!


sorry for poor english (we speak russian naturally)

thx

2

Please read that manual that you provided more carefully.
Quote from the same link you provided:
“Best path algorithm compares routes received by a single BGP instance. Routes installed by different BGP instances are compared by the general algorithm, i.e. route distances are compared and the route with lower distance is preferred.”

If you want BGP attributes to be taken into account in route selecection process, then use one BGP instance for all peers.