BGP
Authentication
It’s so simple I often forget. BGP only supports MD5 authentication hence the config is as follows:
neighbor <ip addr> password <password>
If afterwards the following error shows up then reset the peer on the other side, it hasn’t applied the MD5 authentication yet. Better yet do this standard at both sides of the neighborship during the lab!
%TCP-6-BADAUTH: No MD5 digest from 1.1.1.1(179) to 2.2.2.2(11000)
RIB-failure
RIB failures are shown in the BGP database:
R5#b (sh ip bgp)
BGP table version is 17, local router ID is 1.1.5.5
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
___Network__________Next Hop____________Metric LocPrf Weight Path
*>i10.0.0.0/8_______1.1.4.4__________________0____100______0 i
r>i10.1.4.4/32______1.1.4.4__________________0____100______0 i
To figure out what the cause is:
R5#b rib
Network____________Next Hop______________________RIB-failure___RIB-NH Matches
1.1.4.4/32_________1.1.4.4_____________Higher admin distance______________n/a
The route has been learned by an IGP which has a lower AD than eBGP. Thus it is not installed into the routing table from the BGP table and as such this is classed as a RIB-failure.
2 Responses to “BGP”
hey, the good djerk! good job in the ibgp to BGP default route redistribution method, the ip prefix method. it saved the day for me! Thanks.
keep up the good work!
you see, many information and articles available but not all to the point with a practical use just like the one you posted. I Have one question if possible, would you use ibgp where you have two border routers to Internet and at the bottom of the network, have a 300 MB SONET ring to anothet site? or just use eigrp in site one, site 2 and just BGP (or eBGP) to the Internet?
Regards,
MD
MD,
Glad to see you find my site of use! I’ll definitely keep up the good work, though not studying at the moment and permanently being contracted out to a customer don’t help. I’m having to be very discreet with announcing what I’m working on, though sadly I’m not working on anything majorly exciting at the moment.
With regards to your question about choosing an IGP when eBGP is involved on an ASBR. That really depends on what is required. EIGRP and most other link state protocols have faster convergence while (i)BGP carries things like communities and supports MPLS very well. So if I had to give a definitive answer without more input I’d advise EIGRP if you need fast convergence. If however redistribution between EIGRP and BGP was required -beyond a simple default-route- and convergence wasn’t so much of an issue I’d prefer BGP as it’s best to avoid redistribution if possible.
Some overly generic real life info from my experience for you: SMB mainly use EIGRP or OSPF as IGP, EGP is whatever they get offered by their ISP and as such mostly redistributed statics. Enterprises mainly use OSPF as IGP and BGP as EGP, the larger ones prefer to use more than one ISP (multihoming) and will most likely be using iBGP and different ASs for the different branches and holdings. Enterprises are also more and more deploying MPLS (MP-iBGP), e.g. the holding provides the MPLS cloud and the branches are the MPLS customers with their own IGPs. ISPs use either ISIS and/or OSPF overlaid with MP-iBGP (MPLS) and obviously peer with eBGP and sometimes MP-eBGP.
Care to comment?