Hi,
I set up a lab with 3 CCR2116, let’s say R1, R2 and R3, all on ROS 7.21.2
Target: I want to be able to acces e.g. R3 from R1, if the direct link R1 > R3 is lost via R2 and use dynamic routing to realize this. Also, I want to have a smooth way to advertise routes.
In real world, this should be 3 sites (or more), later.
All ether1 act as “WAN“, connectetd on a dedicated switch, all have static IP’s.
All routers are connected via wireguard, each tunnel on a own interface (/30 address), one peer on each interface:
R1 to R2, R1 to R3
R2 to R1, R2 to R2
R3 to R1, R3 tor R2
Allowed Addresses is 0.0.0.0/0, so everything show run through.
All devices can ping their opposite tunnel member, it is working fine.
Then I added BGP (eBGP).
All sites have a own AS, so R1 is in 65001, R2 in 65002 and R3 in 65003, all routers have unique router id’s (172.17.234.1…3, addresses on loopback-bridge). Remote address and local address are the IP’s of the tunnels.
So on each router there are 1 instance and to connections. Routes to be advertised are in a address list (BGP-NETWORKS).
There are no filters, no redistibution, no multihop, on each connection is Listen and Connect is set, address list is set in Output Network.
All wireguard interfaces are in a interface list (TUN) and BFD ist used to monitor them (applied to IF-List), Use BFD is set in BGP connection config.
All connections are established and routes are advertides to the other routers, I can ping from one local network to another on other sites, it works nearly as expected, except ping R1 > R3 and opposite.
The routers select a possible a way to the other, 2 do this as expexted (choose direct way to neighbor AS), one not.
R2 and R3 are choosing the direct connection/tunnel, R1 is always choosing the way over R2 but direct connection is available on both ends (BFD up, BGP connection established). Checking the AS PATH I see 2 entries in the non-choosen routes (Db) in R2 and R3 and one for the active route (DAb), all as expected.
R1 allways show only 1 entry/AS in AS-PATH, e.g. R2 shows AS-PATH 65001,65003 for the “optional“ way from R2 to R3 via R1 while R1 shows only one entry for the “optional/2-hop“ way to R3 via R2 (should be 65002,65003, is 65002) while inactive route/direct way shows 65003, its direct neighbor. I Think, that’s why R1 is not choosing the route to R3 via R2 because of the same path length but smaller AS and/or router id.
If I disable a tunnel, e.g. on R2 to R3 to simulate a breaking connection, routes are switching over to the alternative way very fast and pings are running (TTL - 1), maybe 1 or 2 packets lost while switching routes.
Could anyone explain what is happening on R1 and maybe give me any idea to solve this?