Thursday, March 2, 2023

BGP LAB - Split Horizon Rule

I have created a simple basic BGP Lab. The lab is to understand the basic concept of BGP rules, and command lines.

The setup is as below :

  • 4 units of Router running AS 65000 (iBGP)
  • PC as an end-user

Now I will configure iBGP not as mesh, it will form iBGP neighborship with their neighbor only.

Configuration for R1:
configure terminal
interface GigabitEthernet0/0
ip address 192.168.12.1 255.255.255.0
no shut
exit
!
interface FastEthernet1/0
ip address 192.168.14.1 255.255.255.0
no shut
exit
!
interface ethernet3/0
ip address 192.168.11.1 255.255.255.0
no shut
exit
!
interface loopback0
ip address 1.1.1.1 255.255.255.255
exit
!
ip dhcp pool DHCPPCPOOL_R1
network 192.168.11.0 255.255.255.0
default-router 192.168.11.1
dns-server 192.168.11.1
exit
!
ip dhcp excluded-address 192.168.11.1
!
router bgp 65000
no auto-summary
no synchronization
network 1.1.1.1 mask 255.255.255.255
network 192.168.12.0 mask 255.255.255.0
network 192.168.14.0 mask 255.255.255.0
neighbor 192.168.12.2 remote-as 65000
neighbor 192.168.14.4 remote-as 65000
exit
!
end
wr

Configuration for R2
configure terminal
interface GigabitEthernet0/0
ip address 192.168.12.2 255.255.255.0
no shut
exit
!
interface FastEthernet1/0
ip address 192.168.23.2 255.255.255.0
no shut
exit
!
interface ethernet3/0
ip address 192.168.22.1 255.255.255.0
no shut
exit
!
interface loopback0
ip address 2.2.2.2 255.255.255.255
exit
!
ip dhcp pool DHCPPCPOOL_R2
network 192.168.22.0 255.255.255.0
default-router 192.168.22.1
dns-server 192.168.22.1
exit
!
ip dhcp excluded-address 192.168.22.1
!
router bgp 65000
no auto-summary
no synchronization
network 2.2.2.2 mask 255.255.255.255
network 192.168.12.0 mask 255.255.255.0
network 192.168.23.0 mask 255.255.255.0
neighbor 192.168.12.1 remote-as 65000
neighbor 192.168.23.3 remote-as 65000
exit
!
end
wr

Configuration for R3
configure terminal
interface GigabitEthernet0/0
ip address 192.168.34.3 255.255.255.0
no shut
exit
!
interface FastEthernet1/0
ip address 192.168.23.3 255.255.255.0
no shut
exit
!
interface ethernet3/0
ip address 192.168.33.1 255.255.255.0
no shut
exit
!
interface loopback0
ip address 3.3.3.3 255.255.255.255
exit
!
ip dhcp pool DHCPPCPOOL_R3
network 192.168.33.0 255.255.255.0
default-router 192.168.33.1
dns-server 192.168.33.1
exit
!
ip dhcp excluded-address 192.168.33.1
!
router bgp 65000
no auto-summary
no synchronization
network 3.3.3.3 mask 255.255.255.255
network 192.168.23.0 mask 255.255.255.0
network 192.168.34.0 mask 255.255.255.0
neighbor 192.168.23.2 remote-as 65000
neighbor 192.168.34.4 remote-as 65000
exit
!
end
wr

Configuration for R4
configure terminal
interface GigabitEthernet0/0
ip address 192.168.34.4 255.255.255.0
no shut
exit
!
interface FastEthernet1/0
ip address 192.168.14.4 255.255.255.0
no shut
exit
!
interface ethernet3/0
ip address 192.168.44.1 255.255.255.0
no shut
exit
!
interface loopback0
ip address 4.4.4.4 255.255.255.255
exit
!
ip dhcp pool DHCPPCPOOL_R4
network 192.168.44.0 255.255.255.0
default-router 192.168.44.1
dns-server 192.168.44.1
exit
!
ip dhcp excluded-address 192.168.44.1
!
router bgp 65000
no auto-summary
no synchronization
network 4.4.4.4 mask 255.255.255.255
network 192.168.14.0 mask 255.255.255.0
network 192.168.34.0 mask 255.255.255.0
neighbor 192.168.34.3 remote-as 65000
neighbor 192.168.14.1 remote-as 65000
exit
!
end
wr

R1#
*Mar  1 19:39:01.927: %BGP-5-ADJCHANGE: neighbor 192.168.12.2 Up
R1#
*Mar  1 19:39:51.179: %BGP-5-ADJCHANGE: neighbor 192.168.14.4 Up
R1#

As BGP peer are up with their neighbor.

Now, if we check the routing table on any router, it will have route for loopback interface of their peers and the local network which is been advertised in BGP.

R1#show ip route bgp
Gateway of last resort is not set
 
      2.0.0.0/32 is subnetted, 1 subnets
B        2.2.2.2 [200/0] via 192.168.12.2, 00:10:06
      4.0.0.0/32 is subnetted, 1 subnets
B        4.4.4.4 [200/0] via 192.168.14.4, 00:10:02
B     192.168.23.0/24 [200/0] via 192.168.12.2, 00:04:43
B     192.168.34.0/24 [200/0] via 192.168.14.4, 00:01:46
R1# 

R2#show ip route bgp
Gateway of last resort is not set
 
      1.0.0.0/32 is subnetted, 1 subnets
B        1.1.1.1 [200/0] via 192.168.12.1, 00:11:33
      3.0.0.0/32 is subnetted, 1 subnets
B        3.3.3.3 [200/0] via 192.168.23.3, 00:11:22
B     192.168.14.0/24 [200/0] via 192.168.12.1, 00:11:33
B     192.168.34.0/24 [200/0] via 192.168.23.3, 00:11:22
R2#

From above routing table of BGP of R1, we can see router R3 loopback0 is not learned.
Also , in routing table of BGP of R2, R4 loopback0 is not learned.

As we know iBGP rule, update received from one iBGP neighbor is not sent to the other iBGP neighbor.
This rule is BGP Split Horizon Rule.

  • An update sends by one iBGP neighbor should not be send back to another iBGP neighbor.
  • BGP Split horizon is necessary to ensure that routing loops are not started within an AS.
To overcome this issue, we have 2 possible solutions:

  • Full mesh is required within an AS for all routers within the AS to learn about the BGP routes.
  • Route Reflectors

This means we need to form iBGP peering between R1 and R3, and also R2 and R4.

Configuration for R1
configure terminal
router bgp 65000
neighbor 192.168.23.3 remote-as 65000
exit
!
end
wr 

Configuration for R2
configure terminal
router bgp 65000
neighbor 192.168.14.4 remote-as 65000
exit
!
end
wr 

Configuration for R3
configure terminal
router bgp 65000
neighbor 192.168.12.1 remote-as 65000
exit
!
end
wr 

Configuration for R4
configure terminal
router bgp 65000
neighbor 192.168.12.2 remote-as 65000
exit
!
end
wr

R1#
*Mar  2 17:15:02.835: %BGP-5-ADJCHANGE: neighbor 192.168.23.3 Up
R1#
R2#
*Mar  2 17:15:01.759: %BGP-5-ADJCHANGE: neighbor 192.168.14.4 Up
R2#

Now if we look at the BGP routing table of R1 and R4, we can see route of R3 and R4 loopback0.

R1#show ip route bgp
Gateway of last resort is not set
 
      2.0.0.0/32 is subnetted, 1 subnets
B        2.2.2.2 [200/0] via 192.168.12.2, 00:23:12
      3.0.0.0/32 is subnetted, 1 subnets
B        3.3.3.3 [200/0] via 192.168.23.3, 00:01:33
      4.0.0.0/32 is subnetted, 1 subnets
B        4.4.4.4 [200/0] via 192.168.14.4, 00:23:08
B     192.168.23.0/24 [200/0] via 192.168.12.2, 00:17:49
B     192.168.34.0/24 [200/0] via 192.168.23.3, 00:01:33
R1#

R2#show ip route bgp
Gateway of last resort is not set
 
      1.0.0.0/32 is subnetted, 1 subnets
B        1.1.1.1 [200/0] via 192.168.12.1, 00:22:58
      3.0.0.0/32 is subnetted, 1 subnets
B        3.3.3.3 [200/0] via 192.168.23.3, 00:22:47
      4.0.0.0/32 is subnetted, 1 subnets
B        4.4.4.4 [200/0] via 192.168.14.4, 00:01:10
B     192.168.14.0/24 [200/0] via 192.168.12.1, 00:22:58
B     192.168.34.0/24 [200/0] via 192.168.23.3, 00:22:47
R2#

Now, connect the end host PC to each router, and run “ip dhcp” so that they get assigned with the IP address and with default gateway.
Also, we need to advertise  the end host network in BGP.

PC1> ip dhcp
DDORA IP 192.168.11.2/24 GW 192.168.11.1
 
PC2> ip dhcp
DDORA IP 192.168.22.2/24 GW 192.168.22.1
 
PC3> ip dhcp
DDORA IP 192.168.33.2/24 GW 192.168.33.1
 
PC4> ip dhcp
DDORA IP 192.168.44.2/24 GW 192.168.44.1

Configuration for R1, R2, R3 and R4 (XX is the router number)
configure terminal
router bgp 65000
network 192.168.XX.0 mask 255.255.255.0
exit
!
end
wr

Ensure all network and End host are reachable

R2#ping 4.4.4.4
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 4.4.4.4, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 36/60/76 ms
R2#
 
R4#traceroute 2.2.2.2
Type escape sequence to abort.
Tracing the route to 2.2.2.2
VRF info: (vrf in name/id, vrf out name/id)
  1 192.168.14.1 16 msec 28 msec 24 msec
  2 192.168.12.2 40 msec 44 msec 60 msec
R4#
 
R1#ping 192.168.44.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.44.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 20/39/56 ms
R1#
 
R3#traceroute 192.168.22.2
Type escape sequence to abort.
Tracing the route to 192.168.22.2
VRF info: (vrf in name/id, vrf out name/id)
  1 192.168.23.2 20 msec 24 msec 28 msec
  2 192.168.22.2 28 msec 44 msec 40 msec
R3#
 
PC1> ping 4.4.4.4
84 bytes from 4.4.4.4 icmp_seq=1 ttl=254 time=46.556 ms
84 bytes from 4.4.4.4 icmp_seq=2 ttl=254 time=45.223 ms
84 bytes from 4.4.4.4 icmp_seq=3 ttl=254 time=46.741 ms
84 bytes from 4.4.4.4 icmp_seq=4 ttl=254 time=45.877 ms
84 bytes from 4.4.4.4 icmp_seq=5 ttl=254 time=45.540 ms
 
PC1>
 
PC4> trace 192.168.22.2
trace to 192.168.22.2, 8 hops max, press Ctrl+C to stop
 1   192.168.44.1   15.171 ms  15.631 ms  16.366 ms
 2   192.168.14.1   46.193 ms  46.339 ms  45.686 ms
 3   192.168.12.2   79.165 ms  76.911 ms  76.850 ms
 4   *192.168.22.2   92.796 ms (ICMP type:3, code:3, Destination port unreachable)
 
PC4>

By at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)