Sunday, April 16, 2017

Troubleshooting MultiProtocol BGP(MP-BGP) Issues

                            Now the we have considered some of the Troubleshooting issues surrounding BGP, let’s now consider Multi-Protocol BGP, Multiprotocol BGP allows us to support BGP Routing for IPv6
                And there is similar consideration to Troubleshooting Multiprotocol BGP as there are Traditional BGP however, i want to use this topic to point out a couple of differences and some extra things to keep in mind for one thing if Routing IPv6, we need to make sure that the Router is enabled for IPv6 unicast-routing, let’s do a
Ø  R1(config)#ipv6 unicast-routing
                               Now we are enabled for IPv6 and there is something else that’s not is obvious going on here, we got a couple of ways setting this up, we could do IPv6 Routing over an IPv4 session or we could do IPv6 Routing over an IPv6 session and i want you to show you the Configuration for both and this topology, i have got an IPv4 session setup between Router R1 and R2, let’s take a look at the Configuration.
Ø  R1#show run | section router
                          And you gonna see this looks lot like, the EIGRP Named Configuration or the Address-Families configuration for OSPF, that’s what we have got here, we got an Address-family for IPv4 and we got another Address-family for IPv6. Notice we go into Router BGP Configuration Mode similar to have we do with Traditional BGP or the way we normally talk about Traditional BGP as being BGP Version 4.
                         Please understand this is also technically BGP Version 4, it’s just that we have some extra extensions added when we have Multiprotocol BGP but technically still Version 4 and i am specifying my neighbor and Remote Autonomous System number and i am using IPv4 address to specify the neighbor when it comes to Troubleshooting though, here is the one of first thing i want you to think about for your IPv6 Address-Family if you are doing this over an IPv4 session you need to specify a Route-Map for that neighbor
                         That’s going to specify what next Hop IPv6 address it should use and this is Next Hop information, note that Router R1 is using this is next Hop-Router information, that R1 is telling to Router R2, we are telling R2 how to get back to us, we are specifying ourselves, we specifying our IPv6 address, let’s take a look at this Route-Map
Ø  R1#show route-map
                                                     And you can see that, we are setting our IPv6 next-hop to 2000:2::1 and if you take a look at our topology that’s us, we are telling Router R2 use this IPv6 Address to get back to us if we don’t do this then any Routes that we advertised to Router R2 they are not gonna be injected into Router R2’s IP Routing Table because Router R2 would not know how to get back to us, it would not know how to get to the next-hop so, if we doing this over an IPv4 session, we need to specify that Next-Hop.
                               And those are couple of things to keep in mind if we doing IPv6 Routing over an IPv4 BGP session and i want you to show you for contrast what a configuration looks like if we doing IPv6 Routing over an IPv6 BGP session, i am going to update the configuration on this topology right now, and we check that out.
                                 In this topology, i have got an IPv6 BGP session setup between Router’s R1 and R2 and we are doing IPv6 Routing over that IPv6 session and i wanted you to contrast this configuration vs the configuration where we doing IPv6 Routing over IPv4 BGP session, let’s do a
Ø  R1#show run | include router
                          And here you see that configuration is bit simpler, it still using this address’s family approach but i am specifying as my neighbor an IPv6 address and notice that under the IPv6 address-family, there is no need to have a Route-Map Configured as we did a few movements ago when we had a IPv4 BGP session.

                          Now this does not mean we cannot do IPv4 Routing as well over BGP it’s just that we would have to setup that separately and that would requires to have here adjacency that might not scale very well for very large network, we get lots of neighbors each of which running IPv4 and IPv6 but in, some cases this is more efficient approach maybe you only want to do IPv6 Routing and If you do this is a fairly simple way to set it up and we do not have to worry about creating a Route-Map.

Click Here To Download The PDF File

If You Like the Post. Don’t forget 
          to “Subscribe/Share/Comment”. Thank You
Read More

Wednesday, March 22, 2017

TroubleShooting BGP Routing Issues

                         Let’s now consider common BGP Routing issues for example, we might have incorrect network statement, let’s double check to make sure that we have enter the network statement correctly, let’s make sure that we haven’t transpose to couple of numbers in the IP Address in the example but something that bit more unique to BGP is a concept of the “Next Hop Router
                           A big point to keep in mind is that when “an advertisement comes into Autonomous System and it’s advertised over IBGP connections to Routers all belonging to the same Autonomous System, by default the next Hop Router information is not updated” and it’s possible that we got a Router residing in this Autonomous System that has a no way to get to the next Hop Address that’s been advertised to in this BGP advertisement.
                            One way we could address that is to “Redistribute BGP into the IGP”, we could alternately set up the static Route to tell the Router how to get to that Next-Hop-Address however, we could go into the BGP Router Configuration of a Router and say “Neighbor” and then we give the neighbors IP Addresses or Peer Group name and then we say “Next-Hop-Self”
                           It’s going to cause a Router to advertise its IP Address as the Next Hop IP Address when it’s sending a BGP Routing update to an IBGP neighbors, those are few different ways we might be able to address an issue where a Router within an Autonomous System is not able to reach the next Hop Route advertised into BGP Advertisement.
                            Similar to EIGRP we could have a Split-Horizon issue which say’s if a Route was learned on an interface that interface is not going to advertised the Route back out and in a point to multipoint network maybe like frame-relay that could be an issue.
                    We could have Filtered Routes, we might be doing some Route Filtering maybe intentionally or maybe there is more believable Route like a Static Route in IP Routing Table and it’s possible that BGP is taking a Sub Optimal Route because of Inappropriate path Attributes
                     Infect to illustrate that bit further, let’s go out to interface and Troubleshoot a very real world issue when you got an enterprise network connected out to more than One ISP and by default we are taking a sub-optimal path and let’s see how to fix that.
                   Notice that Router R2 has a connection of 768K out of ISP1, it’s got a 1.544Mbps connection out to ISP2 and clearly, we would prefer to use the ISP that had a highest bandwidth we would prefer to use ISP2, let’s see what we using right now though, if we do a
Ø  R2#show ip route
                          I am using 9.9.9.9 as an example, of some internet destination, that’s actually a Loopback interface on my INET Router on picture, and it looks like to get there i am gonna go via 198.51.100.2, that’s actually ISP1 that’s the slower link and why is that? let’s take a look at BGP Table.
Ø  R2#show ip bgp
                     BGP knows about two different ways to get there it knows that we could get there via ISP2 or ISP1 but notice the (greater than >) sign, this is telling us that we were using ISP1 and that’s this enterprise network Autonomous System 65001 as it going out to the internet, how does it look from the internet as coming back in, let’s go to the INTERNET Router and let’s do a
Ø  INET#show ip bgp
                      Let’s look at one of Routes inside the Enterprise Autonomous System, 192.0.2.0 as an example, i can get their couple of different ways but notice the Greater than “>” sign is it looks like from the prospective of the internet we gonna go via ISP1 again we going via the slower link and underline causes most likely a lower Router ID(Next Hop Address) and in the Real World, we probably not gonna be able to do any work on the ISP Router we have to do our work on Enterprise Router in this case Router R2, and we want to be able to do Configuration just on R2 to influence both Outbound and Inbound Path Selection.
                      To influence the Outbound Path Selection let’s use the Local Preference, notice that we do not currently have a Local-Preference set for Routes that we learned via the ISP1 and ISP2 Routers, let’s change and Higher Local Preference values are preferred, to do this we create a couple of Route-Maps. I am gonna create a Route-map for ISP1
Ø  R2(config)#route-map ISP1
Ø  R2(config-route-map)#set local-preference 100
                             I am going to apply this to Routes that I am learning from ISP1, let’s create another Route-Map for ISP2 and i am gonna set the higher Local-Preference value to make it more preferable
Ø  R2(config)#route-map ISP2
Ø  R2(config-route-map)#set local-preference 200
                          Now to make this take effect we have to apply the Route Maps as a part of the neighbor statement in Router Configuration mode for BGP
Ø  R2(config)#router bgp 65001
Ø  R2 (config-router)#neighbor 198.51.100.2 route-map ISP1 in
                         I want to apply that in Inbound direction another word, as i learned Routes from that neighbor, i want to apply the ISP1 Route-Map which is going to assign those Routes to a local Preference of 100, let’s do something similar for the other neighbor for ISP2.
Ø  Router(config-router)#neighbor 198.51.100.6 route-map ISP2 in
To make this take effect, let’s reset the BGP Process
Ø  R2#clear ip bgp * soft
Ø  R2#show ip bgp
                      And look at this now in order to get to this 9.9.9.9/32 network, we gonna go via ISP2, notice the Greater than “>” sign why is that?
                       It’s because of the Local-Preference there is a Local-Preference of 200 to use ISP2, there is a Local-Preference of 100 use ISP1, we’ve now influenced Outbound Path Selection to prefer the ISP that has more bandwidth however, we now need to Influence Inbound Path Selection, host out on the internet are still coming into us based on the shortest Autonomous System Path so, let’s do this.
                         Let’s say that we want to Prepend to that Autonomous System Path some additional Instances of our own Autonomous System, that’s what i mean, let’s create another Route-Map
Ø  R2(config)#route-map ASPATH
ü  This is name, i made up that’s not some sort of Cisco iOS Keyword
I am setting the Autonomous System Path Attribute such that, i am prepending additional instances of the local Autonomous System, i am gonna add couple of additional instances
Ø  R2(config-route-map)#set aspath prepend 65001 65001
                              And i am only going to apply this Route-map to ISP1, ISP1 is going to appear to have more Autonomous System to transit in order to get into the Enterprise Network.
Ø  R2(config)#router bgp 65001
Ø  Router(config-router)#neighbor 198.51.100.2 route-map ASPATH out
                   This time it gonna be Outbound direction when i am sending Route advertisements to ISP1, i am going to be prepending two additional instances of my own Autonomous System to the ASPATH, let’s do a Soft Reset of BGP again.
Ø  R2#clear ip bgp * soft
                          And let’s go out to the INTERENT Router and see how it looks coming back in the Enterprise Network
                    Notice before, when we looking into the Enterprise network we are going via ISP1 the Autonomous System path had the same length where they went via ISP1 or ISP2, now we should update that such that, it gonna be a longer path to go via ISP1 let’s once again do a
Ø  INET#show ip bgp
                         Look at this now get to this internal 192.0.2.0 network inside of our enterprise network the best Path indicating is with Greater than “>” sign, it’s ISP2 why is that?
                        Well now the Autonomous System Path via ISP2 is significantly Shorter then the path via ISP1 and the reason is, we Prepended a couple of additional instances of our local Autonomous System to the AS Path that was being advertised out the ISP1 and that’s a very real world look at how we could Troubleshoot a scenario where we have a sub-optimal path when an Enterprise network is connecting out to more than 1 ISP remember, we need to influence both Outbound and Inbound Path Selection.



If You Like the Post. Don’t forget 
          to “Subscribe/Share/Comment”. Thank You
Read More

Friday, March 17, 2017

IPv6 Route Redistribution Considerations

   
                    In this topic, we wanna talk about a couple of additional considerations we have when we were Troubleshooting Route Redistribution for IPv6, for the most part issues are similar but there are couple of additional things i want you to keep in mind beyond what we already talked about.
                       First let’s consider Router running some Routing Protocol, let’s say it’s OSPF and let’s say that Router has several interfaces and those interfaces are participating in OSPF and let’s say, that Router is doing a Route Redistribution of OSPF into another Routing Process with IPv4 the interfaces on that Router that are participating in OSPF they are going to be Redistributed but that’s not the case by default with IPv6, with IPv6 we have to specify an additional parameter to say that we want to Redistribute a connected networks.
                           Now “Route Redistribution works on the premise that, in order to Redistribute a Route into another Routing Protocol, that Route has to exist in the IP Routing Table” and if we take a look in the IP Routing Table if we have an interface on that Router that does participating in OSPF, Yes! the network attach to that interface is going to show up in the Routing Table but not because it was learned via OSPF, it shows up because it’s a directly connected network and if we doing IPv4 Route Redistribution it understands that this interface, it is connected but its participating in the Routing Process so i am going to Redistributed that’s as well.
                          But with IPv6 that does not happen, with IPv6 if i say for example that i want to Redistribute all of my OSPF learned Routes into another Routing Process or all of my EIGRP learned Routes into another Routing Process, those Routes that i am Redistributing not only need to show up in the IP Routing Table because they were learned by OSPF or EIGRP or whatever Routing Protocol is doing a Redistribution.
                         But usually we will want also Redistribute networks connected to interfaces that are participating in that Routing Process and when we go to interface in a movement, i am going to show you the extra parameter, we have to give and here is another difference when we doing Route Redistribution with IPv6 is supposed to IPv4.
                         Remember, with IPv4 when we were Redistributing into OSPF we said that we would normally want to give the “Subnets” option, without the “Subnets” option the only networks that were going to be Redistributed into OSPF, where networks that had there classful mask but now we talking about Redistributing into OSPFv3 which gives us IPv6 support and with IPv6, there is no concept of Subnet or a classful network so, we don’t have to worry about giving the Subnets option and to demonstrate a Mutual Route Redistribution for IPv6
Ø  Between OSPF and EIGRP
Ø  Specifically, OSPFv3 and EIGRP for IPv6.
I already got those Routing Protocols configured on Routes R1, R2 and R3.
Now Let’s configure Route Redistribution, let’s go into Global Configuration Mode
Ø  R2(config)#ipv6 router eigrp 1
Ø  R2(config-rtr)#redistribute ospf 1 1544 10 255 1 1500 include-connected
                  Here we want to give “include-connected” option what i am saying is, i want to Redistribute networks from any interfaces on this Router(R2) that are enabled for OSPF those networks not in the IP Routing Table because they were learned via OSFP, they directly connected networks but we do want to Redistribute those and to make that happen i say “include-connected”.
Now let’s Redistribute EIGRP learned Routes into OSPF
Ø  R2(config)#ipv6 router ospf 1
Ø  R2(config-rtr)#redistribute eigrp 1 include-connected
               There is no Subnets option because IPv6 has no concept of Subnets, i do want to say (include-connected) though just like we did for OSPF Routes that were being Redistributed into EIGRP and we have done.
Let’s go over Router R1 and issue command
Ø  R1#show ipv6 route
               You can see that we have learned couple of networks via Route Redistribution, now let’s go to Router R3 and see what we have learned any OSPF
Ø  R3#show ipv6 route
                    And we do have couple of Routes and that’s the look at couple of differences that we should keep in mind when we doing Route Redistribution with IPv6 as supposed to IPv4 and again there is no Subnets option when we Redistributing with IPv6 and also, we might want to add that (include-connected) option when we doing Redistribution which were cause directly connected networks that are enabled for that Routing Process to also be Redistributed.

Click Here To Download PDF File

If You Like the Post. Don’t forget 
            to “Subscribe/Share/Comment”. Thank You
Read More

Thursday, March 9, 2017

TroubleShooting Route RedistribuTion with Multiple RedistribuTion Points

               If we were designing a network ourselves, we might look at that Redistribution Point and think that’s the potential single Point of failure instead we might want to have 2 or more Routers that are Redistributing between the different Autonomous Systems, different Routing Domains we can certainly do that but in some cases, that might introduce a bit of Troubleshooting issue for example, let say that Router2 on Picture.
                    Wants to send traffic to the 10.1.1.0/24 network and Router R2’s IP Routing Table say’s that the next Hop is Router RD1
                 Which is a Router that’s doing Redistribution, RD1 sends the Packets down to Router R1 and interestingly Router R1 sends the packet on to Router RD2 and Router RD2 sends this packet back into our original Autonomous System
      That could be sub-optimal Routing we leaving our Routing Domain going through another Routing Domain, another Autonomous System and then coming back into our own Routing Domain and you might run into a situation like this
Ø  Depending on how many Domains you have?
Ø  How many boundary Routers you have?
Ø  What specific Routing Protocols you using?
Ø  How things are configured?
In this topic, we want to talk mostly in theory about how we would Troubleshoot an issue like this.
                         What we could do is, set really really high Metric values on a Routes that being Redistributed into a Routing Domain that way if i am in Autonomous System number 2 and i am trying to send packets to a destination that also lives in Autonomous System number 2, i am probably not going to be leaving my Autonomous System because the Metric would be too high to go through another Autonomous System, it would be a much lower Metric to stay with my own Autonomous System something else we might do to combat situation like this, is to statically set the Administrative Distance for a Routing Protocol
     Remember that , RIP has a default Administrative Distance of 120, OSPF has a default Administrative Distance of 110 and EIGRP has default Administrative Distance of 90 except for (external Routes that get injected into EIGRP those have an Administrative Distance of 170) infect since, EIGRP does distinguish between externally learned Routes and Routes leaned within the Autonomous System and it gives a higher Administrative Distance to those externally learned Routes EIGRP by itself does a great job for preventing a situation like this from happing but depending on what Routing Protocol you using and how things configured, you might in some cases need to statically configured the Administrative Distance for Routing Protocol so let’s Hope out to interface and take a look at how easy is to set the Administrative Distance for Routing Protocol.
I am sitting on Router RD1 and its configured for Route Redistribution and if we do a
Ø  RD1#show ip route
                     We have learned Routes via OSPF, we have learned Routes via EIGRP and notice the Administrative Distances of these different Routing Protocols however, in some Troubleshooting scenarios we might want to make OSPF more believable than EIGRP, here how we could do that, we can give the “Distance” command, that command works not just with OSPF, it also works with EIGRP and it works with RIP, here how we can do it
Ø  RD1(config)#router ospf 1
Ø  RD1(config-router)#distance 80
Now if we look at IP Routing Table again
Ø  RD1#show ip route
                        Look at this my OSPF Routes now have a more believable Administrative Distance then EIGRP, it’s now AD of 80 and you can see that we don’t have any EIGRP learned Routes in the IP Routing Table now because i have learned all of them via OSPF.
                         But something important to realize is that this Administrative Distance of 80 is only locally significant, it only applies to Router RD1 Route configured it, another words this Administrative Distance is not being advertised out to other Routers this is not going to influence the Routing decision that other Routers make, this only influences RD1
                        Another fairly clever way to overcome this Routing Loop issue is to “Tag a Route” as its being Redistributed from one Routing Domain into another and when we talk about Tags, please realize we can use this for lots of different reason not just for Redistribution but what is a Tag?
                      It’s a value that we can assign to a Route and Tag isn’t a really measuring anything it’s not a specific unit of measure for bandwidth or delay or anything like that it’s just a Label that we put on a Route let’s checkout an example, what we can do with Tags.
                         What we could is say that, we want to assign a Tag of 10 to Routes being Redistributed into Autonomous System 1 on picture.
            And i have just drown for Router RD1 but we would do the same thing for router RD2 but in addition to setting the Tag to 10 for Routes going into Autonomous System 1. What if we did this also, what if we said that we going to deny any Routes from being Redistributed that had a Tag of 10 in the example of picture.
                  We got a Route going from Autonomous System 2 into Autonomous System 1 but as that Route gets Redistributed it’s given a Tag of 10 and RD1 in the example, is assigning that Tag if that’s same Route were to then try to comeback into Autonomous System 2 via RD2 that’s not going to be allowed because RD2 is gonna have a Route-Map that says we are not going to allow the Redistribution of any Route that has a Tag of 10 going into Autonomous System 2.
Let’s go out an interface now and take a look at how we can configure these Tags
                       We here again on Router RD1 and what we want to do is to say if we were Redistributing our Route from EIGRP into OSPF we want to give it a Label we gonna give it a Tag of 10 and we can do that with Route-Map, let’s do that
Ø  RD1(config)#route-map TAG10
Ø  RD1(config-route-map)#set tag 10
ü  TAG10: Route-Map Name
ü  10: Tag Number
Let’s create a second Route Map
Ø  RD1(config)#route-map DENYTAG10 deny 10
ü  DENYTAG10: Route-Map Name
ü  deny: Deny Statement
ü  10: Sequence Number
What I am wanting to deny, i am wanting to deny Routes that have a Tag of 10
Ø  RD1(config-route-map)#match tag 10
                      We gonna deny that being Redistributed from OSPF back into EIGRP thus breaking that potential Routing loop however, i want to allow other traffic to be Redistributed, i need to allow everything else so, we need to give a second Route-Map statement for the deny tag 10
Ø  RD1(config)#route-map DENYTAG10 permit 20
ü  DENYTAG10: Previous Route-Map Name
ü  Permit: Permit everything
ü  20: higher Sequence Number because (10 Sequence number is denying)
                    Now need to match anything because the default is going to match everything now the we got those Route-Map created, let’s apply them to our Routing Process.
Ø  RD1(config)#route ospf 1
Ø  RD1(config-route-map)#redistribute eigrp 1 subnet route-map TAG10
                          I am assigning Tag of 10 to Routes being Redistributed into OSPF from EIGRP, now let’s apply the other Route-Map to the EIGRP Routing Process.
Ø  RD1(config)#router eigrp 1
Ø  RD1(config-route-map)#redistribute ospf 1 route-map DENYTAG10
I have already set the Default Metric
                   I am saying if i am Redistributed into EIGRP from OSPF, i am going to deny any Routes that have a Tag of 10 and in this example, i did this two one of my Redistribution point RD1, to complete the Configuration i would need to do the same thing on Router RD2 which is my other Redistribution Point.

   That’s the look at a few different ways that we can Troubleshoot a Routing Loop that might occurred when where doing Mutual Route Redistribution between a couple of different Routing Domains and we have more than 1 Redistribution Point.

Click Here To Download The PDF File

If You Like the Post. Don’t forget 
            to “Subscribe/Share/Comment”. Thank You
Read More
© 2012 Best Cisco CCNA CCNP and Linux/CentOS PDF Notes
Designed By Shubham Kumar