From: Jim\(thrupoint\) (jgrina@xxxxxxxxxxxxx)
Date: Mon Feb 12 2001 - 12:37:21 GMT-3
Chuck,
I'd be interested. I have 7 routers in a lab setup. Normally, I NAT to the
Internet, but I can get an address that is public.
Jim
----- Original Message -----
From: "Chuck Larrieu" <chuck@cl.cncdsl.com>
To: "CCIE_Lab Groupstudy List" <ccielab@groupstudy.com>
Sent: Sunday, February 11, 2001 9:20 AM
Subject: RE: Off Topic - BGP across the net - Lab?
> A couple of us got together and tried this - iBGP connectivity between our
> pods across the net. Some comments:
>
> 1) It works. Really well. Especially when you use the right ip addresses
in
> your neighbor statements. ;->
>
> 2) Great lesson in troubleshooting.
> Take a guess as to what the major stumbling block we found. Hint - only
one
> router was seeing all the routes it was supposed to see
> MyDomain-------MyEdgeRouter--------NigelsDomain The answer is one of
those
> slap on the side of the head answers. Doh!
>
> 3) After solving the above mentioned problem, we tried an eBGP connection
> across the net. That works too. Took a while for it to come up, but it did
> come up and we saw all the routes we were supposed to see everywhere in
both
> domains. You have all read in Halabi and elsewhere that eBGP routers must
be
> on the same subnet. I believe the RFC states that as well, although it's
> been a while. Our results indicated this is not necessarily true. I am
> assuming the ebgp-multlihop command is part of bgp because of real world
> requirements. Nigel and I were able to connect over a distance of 17 hops
or
> so. It does require a bit of patience. It seemed like a long time before
the
> debugs indicated that the two routers finally saw eachother. Once they
did -
> everything was happy.
>
> This experiment leads to some interesting possibilities. I think this
would
> be worth trying again, if several of us could get together one evening. It
> would be good practice for connectivity, filtering, route maps, all kinds
of
> things.
>
> Tunneling is not required. We did try a tunnel at one point, and in the
> course of fumbling around I discovered something interesting. BGP did not
> like route maps wit statements that referred to interfaces. One more thing
> to look at.
>
> Any case, let me lay this out to the group. Now that Nigel and I have
worked
> out the bugs, how about we have a router party across the net next
weekend?
> Anyone who can connect their study pod to the net directly, lets see if we
> can have some fun. It would be a chance to practice effectively with a
whole
> bunch more routers than normal. Route filtering, weights, local
preferences,
> all kinds of things.
>
> I'm thinking next Sunday, Feb 18. Let me know off line. I'm in ASET next
> week, so maybe this is a bit aggressive. But it would be fun!
> Let me know off line if you 1) are interested and 2) can do this next
week.
>
> Requirements: at least one router connected to the internet ( public ip
> address ), willingness to reveal that address and allow bgp connections,
> ability to tolerate chaos. Communicating across a chat room with just
three
> people was interesting. More than that - wow!
>
> Let me know off line.
>
> Chuck
>
>
>
> -----Original Message-----
> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
> Chuck Larrieu
> Sent: Friday, February 09, 2001 5:12 PM
> To: CCIE_Lab Groupstudy List
> Subject: Off Topic - BGP across the net - Lab?
>
> I'm spending the weekend with BGP - want to know enough to be able to fake
> it in the ASET lab next week.
>
> Just pondering something. If iBGP routers do not need to be directly
> connected, then is it reasonable to try to join up two labs across the
> internet and see what we can see?
>
> Me---------the internet-----------you
> <-----------ibgp--------------->
>
> my router
> router bgp 65000
> neighbor your_outside_ip_address
>
> your router
> router bgp 65000
> neighbor my_outside_ ip_address
>
> I don't think there would be any implications to the global internet
routing
> table. But if that is a concern, a simple GRE tunnel could alleviate that
> issue.
>
> Worth a shot? Any problems to the internet itself, if we use a private AS
> number and the appropriate neighbor statements?
>
> anyone interested in trying this tomorrow sometime after 5:00 p.m.
pacific
> ( 8:00 p.m. eastern ) ?
> If this is feasible, several of use could link up. Hell of a lot simpler
> than trying IPSec / VPN tunnels
>
> Chuck
>
> A long shot at passing is better than no shot.
> Right now that's all I got to get me through,
> So I gotta believe!
>
> ( paraphrased from Kathy Baille / Baille and the Boys
> a song from several years ago )
>
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:28:46 GMT-3