RE: BGP - multihop & ttl security from Bob Sinclair on 2010-09-07 (Ccielab archives 09/2010)

From: Bob Sinclair <bob_at_bobsinclair.net>
Date: Tue, 7 Sep 2010 19:26:16 -0400

Hi John,

That is bizarre; why should ttl-security permit the peering but make the
next hop appear inaccessible? I am sure you have checked, but do you still
have a good route to 10.1.1.100? Can you send us show ip route 10.1.1.100?

Bob Sinclair CCIE 10427 CCSI 30427
CIERS2 Online Instructor
www.tinyurl.com/ciers2online

> -----Original Message-----
> From: nobody_at_groupstudy.com [mailto:nobody_at_groupstudy.com] On Behalf Of
> Edward John
> Sent: Tuesday, September 07, 2010 2:53 PM
> To: Narbik Kocharians
> Cc: shiran guez; Cisco certification
> Subject: Re: BGP - multihop & ttl security
>
> Hi,
>
> Thanks to all for very detail explanation. I understand that ttl
> behaviour
> different than ebgp-multihop, but both matters when establishing the
> peering.
> But my problem here, I get the adjacency up. But if ttl-security is
> configured, received prefixes are not chosen as best routes..
>
>
> PE1#show ip bgp summary
> BGP router identifier 10.1.1.1, local AS number 65001
> BGP table version is 24, main routing table version 24
> 26 network entries using 2938 bytes of memory
> 26 path entries using 1352 bytes of memory
> 13/10 BGP path/bestpath attribute entries using 1404 bytes of memory
> 2 BGP rrinfo entries using 48 bytes of memory
> 5 BGP AS-PATH entries using 120 bytes of memory
> 0 BGP route-map cache entries using 0 bytes of memory
> 10 BGP filter-list cache entries using 120 bytes of memory
> BGP using 5982 total bytes of memory
> BGP activity 26/0 prefixes, 26/0 paths, scan interval 60 secs
>
> Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down
> State/PfxRcd
> 10.1.1.100 4 100 47 55 24 0 0 00:41:51
> 4
> 10.1.1.254 4 65001 37 31 24 0 0 00:22:31
> 12
> 140.100.1.2 4 1540 48 48 24 0 0 00:40:16
> 9
> PE1#sh
> PE1#show ip bg
> PE1#show ip bgp | i
> PE1#show ip bgp | include 10.1.1.100
> * 0.0.0.0 10.1.1.100 0 100 200 i
> * 101.101.101.0/24 10.1.1.100 0 0 100 i
> * 172.16.111.0/24 10.1.1.100 0 0 100 i
> * 172.16.113.0/24 10.1.1.100 0 100 200 i
> PE1#sh
> PE1#sh ip bg
> PE1#sh ip bgp 101.101.101.0
> BGP routing table entry for 101.101.101.0/24, version 0
> Paths: (1 available, no best path)
> Not advertised to any peer
> 100
> 10.1.1.100 (inaccessible) from 10.1.1.100 (10.1.1.100)
> Origin IGP, metric 0, localpref 100, valid, external
> PE1#
>
>
> Regards,
> John
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
>
>
>
>
>
>
> No virus found in this incoming message.
> Checked by AVG - www.avg.com
> Version: 9.0.851 / Virus Database: 271.1.1/3118 - Release Date:
> 09/07/10 14:43:00

Blogs and organic groups at http://www.ccie.net
Received on Tue Sep 07 2010 - 19:26:16 ART

This archive was generated by hypermail 2.2.0 : Fri Oct 01 2010 - 05:58:05 ART