Page 1 of 1

BGP Route Advertisement

Posted: Wed May 02, 2007 1:09 am
by ubb
I've having a little trouble getting bgp to advertise my route. I'm not entirely sure whether the issue is on my end or if my provider is filtering me incorrectly. Before I call them, I wanted to make sure that I have things set up properly.

I have a single /22 that I'm trying to advertise to my upstream provider (Qwest). I'm using version 2.9.42. Here's my configuration:

/ routing filter
add chain=bgp_out prefix=66.29.172.0/22 invert-match=yes action=discard comment="" \
disabled=no

/ routing bgp instance
set default name="default" as=32808 router-id=206.81.130.210 redistribute-connected=yes \
redistribute-static=yes redistribute-rip=no redistribute-ospf=no \
redistribute-other-bgp=no out-filter=bgp_out client-to-client-reflection=yes \
ignore-as-path-len=no comment="" disabled=no

/ routing bgp peer
add name="qwest" instance=default remote-address=206.81.130.209 remote-as=209 \
tcp-md5-key="" nexthop-choice=default multihop=no route-reflect=no hold-time=3m \
ttl=1 in-filter="" out-filter=bgp_out comment="" disabled=no

Should this occomplish my goal of advertising 66.29.172.0/22 to Qwest? Does anyone see anything wrong with this set up? (BTW, I am connected to the remote end and I am receiving routes from them.) Thanks in advance.

Re: BGP Route Advertisement

Posted: Wed May 02, 2007 1:17 am
by karyal
I've having a little trouble getting bgp to advertise my route. I'm not entirely sure whether the issue is on my end or if my provider is filtering me incorrectly. Before I call them, I wanted to make sure that I have things set up properly.

I have a single /22 that I'm trying to advertise to my upstream provider (Qwest). I'm using version 2.9.42. Here's my configuration:

/ routing filter
add chain=bgp_out prefix=66.29.172.0/22 invert-match=yes action=discard comment="" \
disabled=no

/ routing bgp instance
set default name="default" as=32808 router-id=206.81.130.210 redistribute-connected=yes \
redistribute-static=yes redistribute-rip=no redistribute-ospf=no \
redistribute-other-bgp=no out-filter=bgp_out client-to-client-reflection=yes \
ignore-as-path-len=no comment="" disabled=no

/ routing bgp peer
add name="qwest" instance=default remote-address=206.81.130.209 remote-as=209 \
tcp-md5-key="" nexthop-choice=default multihop=no route-reflect=no hold-time=3m \
ttl=1 in-filter="" out-filter=bgp_out comment="" disabled=no

Should this occomplish my goal of advertising 66.29.172.0/22 to Qwest? Does anyone see anything wrong with this set up? (BTW, I am connected to the remote end and I am receiving routes from them.) Thanks in advance.
what does /routing bgp advertisements print
report?
do you have 66.29.172.0/22 route showed in your routing table (/ip route print)?
Also, try to set routing bgp nexthop-choice to force-self
Bye,
Ricky

Posted: Wed May 02, 2007 4:16 am
by ubb
Thank you for the reply. Here are the answers to your questions:

/routing bgp advertisements print
DST-ADDRESS NEXTHOP PEER AS-PATH ORIGIN LOCAL-PREF
66.29.172.0/22 206.81.130.210 qwest incomplete

/ip route print from [find dst-address=66.29.172.0/22]
# DST-ADDRESS PREF-SRC G GATEWAY DISTANCE INTERFACE
0 ADC 66.29.172.0/22 66.29.172.1 0 ether3

I'll try setting nexthop-choice to force-self and see what that does. What exactly does this do for me?

Posted: Wed May 02, 2007 6:57 am
by changeip
I've had problems with invert-match. . . try 'accept' for the route you want to allow out, then add another filter rule to discard everything else.

Sam

Posted: Wed May 02, 2007 8:19 am
by ubb
So, I changed the filters to be as follows:

0 chain=bgp_out prefix=66.29.172.0/22 invert-match=no action=accept
1 chain=bgp_out prefix-length=0-32 invert-match=no action=discard

/routing bgp advertisements print still shows:

DST-ADDRESS NEXTHOP PEER AS-PATH ORIGIN LOCAL-PREF
66.29.172.0/22 206.81.130.210 qwest incomplete

Unfortunately, this still isn't making things happen.

Posted: Wed May 02, 2007 6:19 pm
by changeip
here is what I use that works - maybe it's the prefix length that needs to be set ?

add chain=level3-out prefix=204.16.xxx.0/24 \
prefix-length=24 invert-match=no action=accept \
comment="" disabled=no

Posted: Wed May 02, 2007 6:29 pm
by karyal
I'll try setting nexthop-choice to force-self and see what that does. What exactly does this do for me?
sets the nexthop for the peer, so that the routes can be seen as reacheable, else they won't propagate..

Posted: Wed May 02, 2007 6:32 pm
by karyal
here is what I use that works - maybe it's the prefix length that needs to be set ?
I think he's announcing ok, if it was filtered the prefix wouldn't appear in the announcements.. @ubb: can you ask your upstream to send you a list of what receives from you?
Bye
Ricky

Posted: Wed May 02, 2007 7:03 pm
by believewireless
Shouldn't you add your network to /routing bgp network?

Posted: Wed May 02, 2007 7:08 pm
by karyal
Shouldn't you add your network to /routing bgp network?
should.. if it worked :D actually it's safer to either have it as connected or static routes..

Posted: Thu May 03, 2007 10:48 pm
by ubb
I'll try to get in contact with my upstream. I've looked at their web based looking glass (http://stat.qwest.net/looking_glass.html) and I can see that my advertisements aren't showing up there. I guess I'll see what they say when I get a hold of them.

Posted: Fri May 04, 2007 12:10 am
by ubb
So it looks like Qwest was filtering my BGP Advertisements incorrectly. Once they changed the filters, I was able to see my advertisement on their looking glass. I'm still having problems and I don't know if it's on my end or if I should call them back. When I run /routing bgp advertisements print it gives me the following:

DST-ADDRESS NEXTHOP PEER AS-PATH ORIGIN LOCAL-PREF
66.29.172.0/22 206.81.130.210 qwest incomplete

Why would it say that the origin is "incomplete". Would this have anything to do with the fact that when I look it up in the looking glass, it says "Not advertised to any peer"? Thanks for the help so far!

Posted: Fri May 04, 2007 4:27 am
by ubb
It works!

I just wanted to follow up with everyone. Things are working just like they should. In the end, I figured out that I have everything correct in the beginning but my upstream was filtering my announcements incorrectly.

Thanks for everyone's help!

Posted: Fri May 04, 2007 11:10 am
by karyal
Why would it say that the origin is "incomplete".
Because the announcement is either generated by a static route or a connected route, not by a "network" announcement, and it's not IGP or EGP.
It is normal, and not affecting anything, a part from the best route choice.
Would this have anything to do with the fact that when I look it up in the looking glass, it says "Not advertised to any peer"? Thanks for the help so far!
No.. once the bgp session is up and you can see you route in the announced prefixes, 99% you have everything set up fine, and there is still work to do in the upstream filters (or the upstream upstreams filter).
Remmber it's not just your upstream that has to modify his filtering rules, but also his upstreams too.
It is normal for this process to take up to a couple of days.
Bye,
Ricky