I should use the word “coexistence” instead “versus” in my short talk about BGP versus OSPF. Let us move on with a slightly more technical discussion about the collaboration and coexistence of the two protocols. I will discuss solid grounds first.

In order to be able to “route”, a router must know the next hop for a certain destination. And the next hop must be reachable! It is very important not to forget this basic rules when combining more routing protocols which interact with each other. Let’s have a look into a very basic network topology with an underlying OSPF and iBGP on top of it. Here, routers R1 and R3 are placed in separate stub OSPF areas which are connected to the backbone router R2.

simple_but-broken_ibgp-session

Let us assume that these two areas are totally stubby and they only receive the default route (::/0) from the backbone router R2. Well, they can reach each other and a BGP session between R1 (2001:DB8:1::) in R3 (2001:DB8:3::) can be established. So it goes, BGP comes up and routes are exchanged. R1 learns about 2001:DB8:3::/48 from R3 via BGP and R3 learns about 2001:DB8:1::. But, next-hop for 2001:DB8:3::/48 at R1 is 2001:DB8:3:: (please, do not get confused here – 2001:DB8:3:: is a valid IPv6 address and 2001:DB8:3::/48 is a subnet in which that IP address resides in). Obviously, R1 now has a recursive route for R3’s 2001:DB8:3::. Here is the story told by R1 (some logs were omitted for brevity):

*Jan 17 05:02:45.413: BGP: 2001:DB8:3:: passive open to 2001:DB8:1::
*Jan 17 05:02:45.417: BGP: 2001:DB8:3:: passive went from Idle to Connect
*Jan 17 05:02:45.417: BGP: ses global 2001:DB8:3:: (0x66FA8CAC:0) pas Setting open delay timer to 60 seconds.
*Jan 17 05:02:45.425: BGP: 2001:DB8:3:: passive rcv message type 1, length (excl. header) 39
*Jan 17 05:02:45.429: BGP: ses global 2001:DB8:3:: (0x66FA8CAC:0) pas Receive OPEN
...
*Jan 17 05:02:45.453: BGP: 2001:DB8:3:: passive went from OpenSent to OpenConfirm
*Jan 17 05:02:45.501: BGP: 2001:DB8:3:: passive went from OpenConfirm to Established
*Jan 17 05:02:45.501: BGP: ses global 2001:DB8:3:: (0x66FA8CAC:1) pas Assigned ID
*Jan 17 05:02:45.501: BGP: ses global 2001:DB8:3:: (0x66FA8CAC:1) Up
*Jan 17 05:02:45.505: %BGP-5-ADJCHANGE: neighbor 2001:DB8:3:: Up 
*Jan 17 05:02:45.505: BGP: nbr global 2001:DB8:3:: Active open failed - open timer running
*Jan 17 05:02:45.537: BGP IPv6: Updating route 2001:DB8:3::/48 m/d 0/20, flags 20
*Jan 17 05:02:45.541: IPv6RT[default]: bgp 1, Route add 2001:DB8:3::/48 [new 20/0]
*Jan 17 05:02:45.541: IPv6RT[default]: bgp 1, Added path 2001:DB8:3::/None
*Jan 17 05:02:45.545: IPv6RT[default]: Event: 2001:DB8:3::/48, Add, owner bgp, previous None

BGP was established and we are now stuck in a recursion: 2001:DB8:3:: is known as being part of 2001:DB8:3::/48, which was learned via BGP and next-hop for 2001:DB8:3::/48 is 2001:DB8:3::. R1 is in trouble:

*Jan 17 05:02:45.721: IPv6RT[default]: Routing depth exceeded for 2001:DB8:3::
*Jan 17 05:02:47.057: IPv6RT[default]: Routing depth exceeded for 2001:DB8:3::
*Jan 17 05:02:50.137: IPv6RT[default]: Routing depth exceeded for 2001:DB8:3::
R1#
R1#
R1#show ipv6 route 2001:db8:3::
Routing entry for 2001:DB8:3::/48
  Known via "bgp 1", distance 20, metric 0, type external
  Route count is 1/1, share count 0
  Routing paths:
    2001:DB8:3::
      MPLS label: nolabel
      Last updated 00:00:10 ago
*Jan 17 05:02:56.293: IPv6RT[default]: Routing depth exceeded for 2001:DB8:3::

Try to ping R3 from R1 – it doesn’t work anymore :-(:

R1#ping 2001:db8:3:: source lo0

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2001:DB8:3::, timeout is 2 seconds:
Packet sent with a source address of 2001:DB8:1::

*Jan 17 05:03:02.465: IPv6RT[default]: Routing depth exceeded for 2001:DB8:3::.
*Jan 17 05:03:04.465: IPv6RT[default]: Routing depth exceeded for 2001:DB8:3::.
...
*Jan 17 05:03:10.477: IPv6RT[default]: Routing depth exceeded for 2001:DB8:3::.
Success rate is 0 percent (0/5)

After a while…

*Jan 17 05:03:33.229: IPv6RT[default]: Routing depth exceeded for 2001:DB8:3::
*Jan 17 05:03:33.237: IPv6RT[default]: Routing depth exceeded for 2001:DB8:3::
*Jan 17 05:03:33.237: IPv6RT[default]: Routing depth exceeded for 2001:DB8:3::
*Jan 17 05:03:34.585: IPv6RT[default]: Routing depth exceeded for 2001:DB8:3::
*Jan 17 05:03:37.485: BGP: topo global:IPv4 Unicast:base Scanning routing tables
*Jan 17 05:03:37.485: BGP: topo global:IPv6 Unicast:base Scanning routing tables
*Jan 17 05:03:37.489: IPv6RT[default]: Routing depth exceeded for 2001:DB8:3::

…R1 drops the route for 2001:DB8:3::/48…

*Jan 17 05:03:37.489: BGP: topo global:IPv4 Multicast:base Scanning routing tables
*Jan 17 05:03:37.537: IPv6RT[default]: bgp 1, Delete all next-hops for 2001:DB8:3::/48
*Jan 17 05:03:37.537: IPv6RT[default]: bgp 1, Delete 2001:DB8:3::/48 from table
*Jan 17 05:03:37.537: IPv6RT[default]: Event: 2001:DB8:3::/48, Del, owner bgp, previous None

R1#show ipv6 route 2001:db8:3::
Routing entry for ::/0
  Known via "ospf 1", distance 110, metric 2, type inter area
  Route count is 1/1, share count 0
  Routing paths:
    FE80::C801:8FF:FED1:8, GigabitEthernet0/0
      Last updated 08:01:33 ago

…and we can gain the connectivity between R1 and R3 back again:

R1#ping 2001:db8:3:: source lo0

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2001:DB8:3::, timeout is 2 seconds:
Packet sent with a source address of 2001:DB8:1::
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 36/37/40 ms
R1#

But not for long:

*Jan 17 05:04:37.537: BGP: topo global:IPv4 Unicast:base Scanning routing tables
*Jan 17 05:04:37.537: BGP: topo global:IPv6 Unicast:base Scanning routing tables
*Jan 17 05:04:37.541: BGP: topo global:IPv4 Multicast:base Scanning routing tables
*Jan 17 05:04:37.569: BGP IPv6: Updating route 2001:DB8:3::/48 m/d 0/20, flags 20
*Jan 17 05:04:37.569: IPv6RT[default]: bgp 1, Route add 2001:DB8:3::/48 [new 20/0]
*Jan 17 05:04:37.573: IPv6RT[default]: bgp 1, Added path 2001:DB8:3::/None
*Jan 17 05:04:37.573: IPv6RT[default]: Event: 2001:DB8:3::/48, Add, owner bgp, previous None
R1#
R1#
R1#show ipv6 route 2001:db8:3::
Routing entry for 2001:DB8:3::/48
  Known via "bgp 1", distance 20, metric 0, type external
  Route count is 1/1, share count 0
  Routing paths:
    2001:DB8:3::
      MPLS label: nolabel
      Last updated 00:00:13 ago

R1#ping 2001:db8:3:: source lo0

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2001:DB8:3::, timeout is 2 seconds:
Packet sent with a source address of 2001:DB8:1::

*Jan 17 05:04:53.265: IPv6RT[default]: Routing depth exceeded for 2001:DB8:3::.
*Jan 17 05:04:55.269: IPv6RT[default]: Routing depth exceeded for 2001:DB8:3::.
*Jan 17 05:04:57.277: IPv6RT[default]: Routing depth exceeded for 2001:DB8:3::.
*Jan 17 05:04:59.277: IPv6RT[default]: Routing depth exceeded for 2001:DB8:3::.
*Jan 17 05:05:01.281: IPv6RT[default]: Routing depth exceeded for 2001:DB8:3::.
Success rate is 0 percent (0/5)

The design is totally broken!
From this simple example we see that next-hop reachability and stability in very important. R1 and R3 should have solid routes for each other. This obviously is not accomplished if only default routing is used to maintain inter-area connectivity – both routers need exact routes known from OSPF and these should not change after the establishment of the BGP session. Totally stuby OSPF areas are not appropriate for the task. Let’s try with “normal” stub areas, where, in addtition to the default, intra and inter-area routes are known to R1 and R3.

simple_fixed_ibgp-session

We’ve fixed the configuration at R2:

R2#show archive config differences
!Contextual Config Diffs:
ipv6 router ospf 1
 +area 100 stub no-summary
 +area 300 stub no-summary
ipv6 router ospf 1
 -area 100 stub
 -area 300 stub

…and it works like a charm now. R1 and R3 have explicit host routes for 2001:DB8:3::/128 and 2001:DB8:1::/128 respectively. For example:

R1#sh ipv6 route
IPv6 Routing Table - default - 7 entries
Codes: C - Connected, L - Local, S - Static, U - Per-user Static route
       B - BGP, HA - Home Agent, MR - Mobile Router, R - RIP
       I1 - ISIS L1, I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary
       D - EIGRP, EX - EIGRP external, ND - Neighbor Discovery
       O - OSPF Intra, OI - OSPF Inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2
       ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2
OI  ::/0 [110/2]
     via FE80::C801:8FF:FED1:8, GigabitEthernet0/0
S   2001:DB8:1::/48 [1/0]
     via Null0, directly connected
LC  2001:DB8:1::/128 [0/0]
     via Loopback0, receive
OI  2001:DB8:2::/128 [110/1]
     via FE80::C801:8FF:FED1:8, GigabitEthernet0/0
B   2001:DB8:3::/48 [20/0]
     via 2001:DB8:3::
OI  2001:DB8:3::/128 [110/2]
     via FE80::C801:8FF:FED1:8, GigabitEthernet0/0
L   FF00::/8 [0/0]
     via Null0, receive


Our examples shows that we need solid grounds to run BGP on top. In OSPF design (or any other IGP in general) we must focus on full and stable reachability for ovelaying BGP and next-hops for BGP-learned networks. Stay tuned for more examples…

Advertisements