Resources
    BGP Route Preference - Th ...
    20 October 11

    BGP Route Preference - The Mostly Commonly Missed Task in R&S CCIE Mock Lab 2

    Posted byINE
    facebooktwitterlinkedin
    news-featured

    In our R&S CCIE Mock Lab 2 there is a BGP task that relates to having a particular router prefer an iBGP route as the preferred path to exit its local AS over an eBGP learned path. This seems like a very simple task and it is if you are very thorough with your verification but it ends up being the most commonly missed task in this particular mock lab. Lets start by going over the task and the solution most commonly implemented by students.

    In the lab R1, R2 and SW2 are in AS 300. R1 and R2 each have an eBGP peering session with R3. The task states that AS 300 should use the T1 link between R1 and R3 to reach paths originating in AS 54 (BB3). R3 (sub-AS 65003) appears as AS 100 but is actually in a confederation with R4 (sub-AS 65004) and R5 (sub-AS 65005). This doesn't have any bearing on the task but needs to be mentioned for clarification when looking at the diagram and the output of the show commands. Below is the full task and the diagram (click the image to enlarge).
    BGP Route Preference

    CCIE Mock Lab 2

    So the task is asking R1 to be the preferred exit point for AS 300 to paths originating in AS 54. This means we should use R1's T1 circuit to R3 over the Frame Relay link between R2 and R3 to exit AS 300 to reach AS 54. Since this task requires that the configuration be done on R1, the simplest solution is just to set the local preference on R1 for paths originating in AS 54 so that R1's iBGP path will be selected over R2's eBGP path learned directly from R3. As we know from the BGP Best Path Selection Algorithm that local preference is used (step 2) to select the best path after weight. Lets look at a particular BGP learned path on R2 before we change the local preference on R1. We'll look at the 114.0.0.0/8 network that is being originated by BB3 (AS 54).

    Rack1R2#show ip bgp 114.0.0.0/8
    BGP routing table entry for 114.0.0.0/8, version 27
    Paths: (2 available, best #2, table Default-IP-Routing-Table)
    Advertised to update-groups:
    2 3
    100 54
    164.1.13.3 (metric 6023936) from 164.1.12.1 (150.1.1.1) <-- 150.1.1.1 is R1's BGP Router-ID
    Origin IGP, metric 0, localpref 100, valid, internal
    100 54
    164.1.23.3 from 164.1.23.3 (150.1.3.3) <-- 150.1.3.3 is R3's BGP Router-ID
    Origin IGP, localpref 100, valid, external, best
    Rack1R2#

    As we can see R2 is by default preferring the eBGP path from R3 over the iBGP path from R1. This is number 7 in the BGP Best Path Selection Algorithm (eBGP over iBGP). To have R2 prefer R1 with only making changes to R1 we're going to change the local preference for paths originating in AS 54. Here is the solution simular to what most students apply to R1.

    router bgp 300
    neighbor 164.1.13.3 route-map LOCAL_PREFERENCE in
    !
    ip as-path access-list 1 permit _54$
    !
    route-map LOCAL_PREFERENCE permit 10
    match as-path 1
    set local-preference 200
    !
    route-map LOCAL_PREFERENCE permit 20

    Now lets look at that 114.0.0.0/8 path on R2 after the above configuration is applied.

    Rack1R2#show ip bgp 114.0.0.0/8
    BGP routing table entry for 114.0.0.0/8, version 35
    Paths: (2 available, best #1, table Default-IP-Routing-Table)
    Advertised to update-groups:
    3
    100 54
    164.1.13.3 (metric 6023936) from 164.1.12.1 (150.1.1.1)
    Origin IGP, metric 0, localpref 200, valid, internal, best
    100 54
    164.1.23.3 from 164.1.23.3 (150.1.3.3)
    Origin IGP, localpref 100, valid, external
    Rack1R2#

    We can see now that R2 prefers the iBGP path from R1 over the eBGP path from R3 due to the higher local preference set by R1 (200 as opposed to the default of 100). Most students now believe that they are done with the task and move on but this solution isn't complete. Lets look at why.

    First off lets reread the second bullet point in the task. It states that AS 300 should use the T1 link and although BGP is selecting R1's iBGP path, the next-hop is still R3 (164.1.13.3). We need to look further into how R2 is going to route to the next-hop for the iBGP path.

    Rack1R2#show ip route 164.1.13.3
    Routing entry for 164.1.13.0/24
    Known via "eigrp 100", distance 90, metric 6023936, type internal
    Redistributing via eigrp 100
    Last update from 164.1.23.3 on Serial0/0/0.23, 00:00:58 ago
    Routing Descriptor Blocks:
    * 164.1.23.3, from 164.1.23.3, 00:00:58 ago, via Serial0/0/0.23
    Route metric is 6023936, traffic share count is 1
    Total delay is 40000 microseconds, minimum bandwidth is 512 Kbit
    Reliability 255/255, minimum MTU 1500 bytes
    Loading 1/255, Hops 1

    Rack1R2#

    As we can see R2 will still route directly to R3 over the Frame Relay connection to reach the 114.0.0.0/8 (BGP AS 54) network as opposed to using the T1 link between R1 and R3. We will traceroute to verify this.

    Rack1R2#traceroute 114.0.0.1
    

    Type escape sequence to abort.
    Tracing the route to 114.0.0.1

    1 164.1.23.3 32 msec 28 msec 28 msec <-- Frame Relay link
    2 164.1.0.4 56 msec 56 msec 56 msec
    3 204.12.1.254 56 msec 60 msec 56 msec
    4 172.16.4.1 36 msec * 36 msec
    Rack1R2#

    This is obviously a problem because R2 isn't using the T1 link to exit AS 300 for AS 54 originated paths. Not resolving this issue next-hop issue is the reason this task is one of the most commonly missed tasks for Mock Lab 2. Most students use the BGP show commands and ping for verification but aren't tracerouting to see what path is actually being used by R2.

    The two simplest solutions to resolve this issue would be to either alter the IGP metrics, in the case EIGRP, so that for R2 to reach the next-hop (164.1.13.3) for the iBGP path, R2 uses R1. Another simple option would be to use the next-hop-self option on the end of the BGP neighbor command on R1 pointing to R2. Lets now add that on R1 and then go back and verify that R2 is using the T1 link to exit AS 300.

    router bgp 300
    neighbor 164.1.12.2 next-hop-self

    Now verify the next-hop has changed.

    Rack1R2#show ip bgp 114.0.0.0/8
    BGP routing table entry for 114.0.0.0/8, version 43
    Paths: (2 available, best #1, table Default-IP-Routing-Table)
    Flag: 0x940
    Advertised to update-groups:
    3
    100 54
    164.1.12.1 from 164.1.12.1 (150.1.1.1)
    Origin IGP, metric 0, localpref 200, valid, internal, best
    100 54
    164.1.23.3 from 164.1.23.3 (150.1.3.3)
    Origin IGP, localpref 100, valid, external
    Rack1R2#

    Finally we just need to traceroute from R2 to ensure that the T1 is the exit point for AS 300 to reach paths originating in AS 54.

    Rack1R2#traceroute 114.0.0.1   
    

    Type escape sequence to abort.
    Tracing the route to 114.0.0.1

    1 164.1.12.1 28 msec 28 msec 28 msec
    2 164.1.13.3 32 msec 36 msec 36 msec
    3 164.1.0.4 60 msec 64 msec 64 msec
    4 204.12.1.254 60 msec 64 msec 64 msec
    5 172.16.4.1 36 msec * 36 msec
    Rack1R2#

    To summarize remember when asked to prefer one route over another that you should also traceroute to verify that the preferred path is actually being used and not just selected as best.

    Good luck with your studies!

    Brian Dennis, CCIEx5 #2210 (R&S/ISP-Dial/Security/SP/Voice)
    bdennis@ine.com

    © 2024 INE. All Rights Reserved. All logos, trademarks and registered trademarks are the property of their respective owners.
    instagram Logofacebook Logotwitter Logolinkedin Logoyoutube Logo