Manual:BGP HowTo & FAQ

From MikroTik Wiki
Revision as of 16:15, 14 August 2008 by Route (talk | contribs) (New page: '''''Problem:''' BGP is not connecting'' :BGP uses TCP, you can start with testing TCP connectivity. One way to do that is as simple as '''/system telnet <remote-ip> 179'''. Getting somet...)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Problem: BGP is not connecting

BGP uses TCP, you can start with testing TCP connectivity. One way to do that is as simple as /system telnet <remote-ip> 179. Getting something like this: "Connection closed by foreign host." as answer is fine.
If this is eBGP, make sure you have configured multihop=yes and TTL as needed. Use /routing bgp peer print status to see current state of BGP connection.
Also note that if the remote peer is not supporting BGP Capabilities Advertisement (RFC 2842), some extra time is needed for session establishment.

Problem: BGP connection is established, but routing updates are ignored

NLRI (Network Layer Reachability Information) is ignored if path attributes are invalid. Turn on BGP debug logs to see the exact cause of the problem. (/system logging add topics=bgp,!raw).
One frequent case is unacceptable BGP nexthop. (Read here more about RouterOS and BGP nexthops.) In this case you must fix the nexthop on the sending side. Use nexthop-choice peer setting to modify default nexthop selection preferences. If that fails, specify nexthop manually using set-out-nexthop routing filter.

Problem: Routes are exchanged and installed in IP route table, but they stay inactive

Routes must be resolved to become active; it's possible that you need to change scope or target-scope attributes for some routes.

Question: How to advertise default route?

To send default route to a particular peer, set originate-default=yes for that peer.

Question: How to announce just a single large IP prefix instead of many smaller (i.e. more specific) prefixes?

Use BGP aggregates if you need to aggregate multiple BGP routes in a single one. An aggregate will be announced one if there are some active BGP routes falling under it. When an aggregate becomes active, a corresponding blackhole route is a automatically created.
If the smaller prefixes belong to IGP or static routes instead, simply configure a BGP network and filter out all unneeded smaller prefixes. Specify synchronize=yes in BGP network parameters if you want to announce the network only when there are some active underlying IGP routes.

Question: How to filter out something?

Use routing filters. For example, to filter out routes with a specific BGP community, add this rule:
/routing filter add bgp-communities=111:222 chain=bgp-in action=discard
Then tell BGP peer to use that filter chain:
/routing bgp peer set peer in-filter=bgp-in
There is also an out-filter BGP peer parameter for filtering outgoing BGP updates.

Problem: Looks like my routing filter isn't working

Most likely prefix matcher is configured incorrectly. For example, say that you want to configure filter that will discard all routes falling under prefix
This rule is incorrect:
add prefix= action=discard chain=bgp-in
Default netmask is /32, so it will match only prefix
This is incorrect too:
add prefix= action=discard chain=bgp-in
This will match only route with netmask
The correct way to do this is to also specify prefix-length matcher:
add prefix= prefix-length=24-32 action=discard chain=bgp-in
Or (the same effect):
add prefix= prefix-length=24-32 action=discard chain=bgp-in
Use filter action log to see which routes are matched by it.

Question: Can a MT propagate BGP route updates without installing them in IP route table (i.e. serve as a pure route reflector)?