No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

BGP False Virtual Next-hop Configuration Results in Loop

Publication Date:  2012-07-27 Views:  30 Downloads:  0
Issue Description
After the direct link of NE1 and NE3 is down, it is found that the route from NE3 to MAN does not point to NE4. But it points to NE5. The route to MAN on NE5 points to NE3 and there is loop.
RR-------------NE5-----------------NE6------------RR
                  |                     |
                  |                     |
                  |                     |
                NE3-----------------NE4
                |||                    |||
                |||                    |||       AS4134
------------------------------------------------------------------------------EBGP
                |||                    |||       AS64853
                NE1------------------NE2
1. EBGP neighbor relation is established between NE1 and NE3. All routes are distributed to NE3 through Network. When NE3 informs routes of MAN to RR through route-policy, it forcibly designate next-hop as virtual next-hop address 202.105.0.5; static route configuration of virtual next-hop address is as follows:
ip route-static 202.105.0.5 255.255.255.255 61.142.140.166
 ip route-static 202.105.0.5 255.255.255.255 61.142.140.170
 ip route-static 202.105.0.5 255.255.255.255 61.145.84.94  
Next-hop addresses of these three static routes are interface address of interconnected three links of NE1 and NE3. Here static route does not point to designated outbound interface. (Interconnected interface of NE1 and NE3 is Pos1/0/0; Pos2/0/0 and Pos2/1/0)
2. Import these three static routes through import static+route-policy in IGP ISIS of NE3, the configuration is as follows:
ip ip-prefix virtualaddress index 10 permit 202.105.0.5 32
route-policy virtual-to-isis permit node 10
 if-match ip-prefix virtualaddress  
 isis 
 cost-style wide-compatible
 network-entity 86.xxxx.2020.9702.8090.00
 import-route static cost 1 level-1-2 route-policy virtual-to-isis
 preference 110   
The configuration of NE2 and NE4 matches that of NE1 and NE3.
<NE3>dis ip ro 61.145.84.90   //disp network segment of MAN on NE3
Destination/Mask    Proto  Pre  Cost       NextHop         Interface
    61.145.84.0/22  BGP    20   0          61.142.140.166  Pos1/0/0
                    BGP    20   0          61.142.140.170  Pos2/0/0
                    BGP    20   0          61.145.84.94    Pos2/1/0
<NE3>  dis ip ro 202.105.0.5        //Virtual Next-hop
Destination/Mask    Proto  Pre  Cost       NextHop         Interface
    202.105.0.5/32  Static 60   0          61.142.140.166  Pos1/0/0
                    Static 60   0          61.142.140.170  Pos2/0/0
                    Static 60   0          61.145.84.94    Pos2/1/0
---------------------------------<NE4>dis ip ro 61.145.84.94  //disp network segment of MAN on NE4
Destination/Mask    Proto  Pre  Cost       NextHop         Interface
    61.145.84.0/22  BGP    20   0          61.146.54.70    Pos1/0/0
                    BGP    20   0          61.146.54.66    Pos2/0/0
                    BGP    20   0          61.145.84.90    Pos2/1/0
<NE4>dis ip ro 202.105.0.5 //Virtual Next-hop
Destination/Mask    Proto  Pre  Cost       NextHop         Interface
    202.105.0.5/32  Static 60   0          61.146.54.70    Pos1/0/0
                    Static 60   0          61.146.54.66    Pos2/0/0
                    Static 60   0          61.145.84.90    Pos2/1/0
After interconnected interface of NE1 and NE3 is down,  NE3 to internal network segments of MAN is unreachable.
Alarm Information
Null
Handling Process
When configuring static route of virtual next-hop, it is not related with outbound interface. When outbound interface is down, static route is valid. Change the configuration of static route as follows. Bind outbound interface when configuring static route of virtual next-hop.
ip route-static 202.105.0.5 255.255.255.255 61.142.140.166  POS1/0/0
ip route-static 202.105.0.5 255.255.255.255 61.142.140.170  POS2/0/0
ip route-static 202.105.0.5 255.255.255.255 61.145.84.94    POS2/1/0
When opposite interface is down, static route is invalid. NE4 imports static route of virtual next-hop in ISIS, virtual next-hop 202.105.0.5 on NE3 should point to NE4 and there is no such problem above.
Root Cause
After interconnected interface of NE1 and NE3 is down, it is found that the next-hop of internal route of MAN on NE3 is virtual next-hop 202.105.0.5. But outbound interface points to national backbone NE5:
<NE3>dis ip ro 61.145.84.90
Destination/Mask    Proto  Pre  Cost       NextHop         Interface
    61.145.84.0/22  BGP    200  0          202.105.0.5     Pos6/0/0
                    BGP    200  0          202.105.0.5     Pos6/0/0
Reasons are as follows:
When interconnected interface of NE3 and NE1 is down, static route is not invalid because static route of virtual next-hop does not point to designated outbound interface. Virtual next-hop chooses BGP route through route iteration. The route points to NE5 and there is loop. Detailed route list is displayed as follows:
1. Virtual next-hop address 202.105.0.5 is manually added static route and the next-hop address does not change. The previous outbound interface has been down, so outbound interface points to NE5.<NE3>dis ip ro 202.105.0.5
Destination/Mask    Proto  Pre  Cost       NextHop         Interface
    202.105.0.5/32  Static 60   0          61.142.140.166  Pos6/0/0
                    Static 60   0          61.142.140.170  Pos6/0/0
Static 60   0          61.145.84.94    Pos6/0/0
2. Take one next-hop address 61.142.140.166 of virtual next-hop 202.105.0.5 as example, it is found that 61.142.140.166 matches one BGP route and the next-hop of the route points to 202.105.0.5 again. NE3 receives internal route of MAN from RR (NE2 informs MAN route to NE4 through EBGP and NE4 distributes the route to RR and change next-hop as virtual address 202.105.0.5, RR reflects the route to NE3.)
<GD-FS-NQ-A-N1.163>dis ip ro 61.142.140.166
Routing Table : Public
Destination/Mask    Proto  Pre  Cost       NextHop         Interface
   61.142.140.0/22  BGP    200  0          202.105.0.5     Pos6/0/0
                    BGP    200  0          202.105.0.5     Pos6/0/0
It indicates the route to MAN has loop between NE3 and NE5.
Suggestions
Bind outbound interface when configuring static route of virtual next-hop.

END