Manual:BGP HowTo & FAQ: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
No edit summary |
||
| Line 18: | Line 18: | ||
:Routes must be resolved to become active; it's possible that you need to change [[Using scope and target-scope attributes|scope or target-scope attributes]] for some routes. | :Routes must be resolved to become active; it's possible that you need to change [[Using scope and target-scope attributes|scope or target-scope attributes]] for some routes. | ||
'''''Question:''' How to check if a specific route exists in IP routing table?'' | |||
:Finding a route by prefix is pretty fast: | |||
/ip route print where dst-address = 193.23.33.0/24 | |||
:To find all routes with prefixes falling in a range: | |||
/ip route print where dst-address in 193.23.0.0/16 | |||
:You can also search routes by other attributes, but it will be much slower and can take some time on a router having full BGP feed. | |||
Revision as of 16:23, 14 August 2008
Problem: BGP is not connecting
- BGP uses TCP, you can start with testing TCP connectivity. One way to do that is as simple as /system telnet <remote-ip> 179. The result you see should be something like this: "Connection closed by foreign host". This means BGP port (179) is open and reachable.
- If this is eBGP, make sure you have configured multihop=yes and TTL as needed. Use /routing bgp peer print status to see the current state of BGP connection.
- Also note that if the remote peer is not supporting BGP Capabilities Advertisement (RFC 2842), some extra time will be needed for session establishment.
Problem: BGP connection is established, but routing updates are ignored
- NLRI (Network Layer Reachability Information) is ignored if path attributes are invalid. Turn on BGP debug logs to see the exact cause of the problem. (/system logging add topics=bgp,!raw).
- One frequent case is unacceptable BGP nexthop. (Read here more about RouterOS and BGP nexthops.) In this case you must fix the nexthop on the sending side. Use nexthop-choice peer setting to modify default nexthop selection preferences. If that fails, specify nexthop manually using set-out-nexthop routing filter.
Problem: Routes are exchanged and installed in IP route table, but they stay inactive
- Routes must be resolved to become active; it's possible that you need to change scope or target-scope attributes for some routes.
Question: How to check if a specific route exists in IP routing table?
- Finding a route by prefix is pretty fast:
/ip route print where dst-address = 193.23.33.0/24
- To find all routes with prefixes falling in a range:
/ip route print where dst-address in 193.23.0.0/16
- You can also search routes by other attributes, but it will be much slower and can take some time on a router having full BGP feed.
Question: How to advertise default route?
- To send default route to a particular peer, set originate-default=yes for that peer.
Question: How to announce just a single large IP prefix instead of many smaller (i.e. more specific) prefixes?
- Use BGP aggregates if you need to aggregate multiple BGP routes in a single one. An aggregate will be announced one if there are some active BGP routes falling under it. When an aggregate becomes active, a corresponding blackhole route is a automatically created.
- If the smaller prefixes belong to IGP or static routes instead, simply configure a BGP network and filter out all unneeded smaller prefixes. Specify synchronize=yes in BGP network parameters if you want to announce the network only when there are some active underlying IGP routes.
Question: How to filter out something?
- Use routing filters. For example, to filter out routes with a specific BGP community, add this rule:
/routing filter add bgp-communities=111:222 chain=bgp-in action=discard
- Then tell BGP peer to use that filter chain:
/routing bgp peer set peer in-filter=bgp-in
- There is also an out-filter BGP peer parameter for filtering outgoing BGP updates.
Question: How to control advertised routing information?
- Use routing filters.
- To advertise the same information (e.g. some BGP attribute value) to all peers, use BGP instance out-filter:
/routing filter add set-bgp-communities=111:222 chain=bgp-out /routing bgp instance set default out-filter=bgp-out
- To send routing information to different peers, use peer specific filters. For example, if you want to advertise a lower preference value (higher path cost) to one of the peers, you can prepend your AS number multiple times to the BGP AS_PATH attribute:
/routing filter add set-bgp-prepend=4 chain=bgp-out-peer1 /routing bgp peer set peer1 out-filter=bgp-out-peer1
Problem: Looks like my routing filter isn't working
- Most likely prefix matcher is configured incorrectly. For example, say that you want to configure filter that will discard all routes falling under prefix 1.1.1.0/24.
- This rule is incorrect:
add prefix=1.1.1.0 action=discard chain=bgp-in
- Default netmask is /32, so it will match only prefix 1.1.1.0/32
- This is incorrect too:
add prefix=1.1.1.0/24 action=discard chain=bgp-in
- This will match only route with netmask 255.255.255.0.
- The correct way to do this is to also specify prefix-length matcher:
add prefix=1.1.1.0/24 prefix-length=24-32 action=discard chain=bgp-in
- Or (the same effect):
add prefix=1.1.1.0 prefix-length=24-32 action=discard chain=bgp-in
- Use filter action log to see which routes are matched by it.
Question: Can MT propagate BGP route updates without installing them in IP route table (i.e. serve as a pure route reflector)?
- No.