10 Replies Latest reply: Jun 24, 2011 7:38 PM by Hyeoncheol Cho RSS

    eBGP Multihop

    Chetan

      Hi ,

       

      Please refer to the topology on the following link :

       

       

      http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a00800c95bb.shtml#ebgpmultihop

       

       

      Explaination says that :

       

      RTB indicates a neighbor that has direct connection, which is 129.213.1.2.

       

      RTA indicates an external neighbor that does not have direct connection.

       

      I didn't understand it. There are only two routers in the topology. Then one router has direct connection but not the other router..What's this ??

       

      On RTA, what is the significance of using neighbor 180.225.11.1 instead of using neighbor 129.213.1.3 ?

       

      Afterall both, 129.213.1.3 and 180.225.11.1 are referring to the same non-cisco router RTB..

       

      Is it because of the fact that 180.225.11.1 means bgp router-id on RTB or what ??

       

      Please help..

        • 1. Re: eBGP Multihop
          Paul Stewart  -  CCIE Security

          That is a difficult to interpret picture.  The second eBGP peer is actually behind RTB at IP 180.225.11.1.

           

          The deal with BGP and multi hop is this.  eBGP (a peering relationship with another AS) sets the IP TTL to 1 by default.  So when this traverses a router, it is decreased to 0 and dropped.  This is the same IP Header Field that TTL that is used with traceroute.  So as a eBGP packet traverses a router, it is dropped.  To remedy this, you use the ebgp-multihop paramater on a neighbor statement, after you define the neighbor.  If you don't specify a value, it will default to an initial TTL of 255.  I would say that this doesn't need to be that high, but that depends on how many hops the peers are apart.  iBGP allows multihop by default.  I have not looked at an iBGP packet to see what the initial TTL is, but I'd guess 255 or 127.

          • 2. Re: eBGP Multihop
            Paul Stewart  -  CCIE Security

            Looking at your example further, I see what you are talking about.  I wouldn't worry too much about that, just remember that multihop affects the IP TTL Field.  That is a confusing example.  The only thing I could be guessing is packets in one direction (RTA to RTB) are going through the router logic in RTB, where the return packets aren't.  In my last post, I said I thought the second peer was behind RTB, but I'm not sure what they are trying to show.  Again, just understand you need to use multihop when you send eBGP traffic through something that will decrement the TTL and drop the packet (i.e. a router).

            • 3. Re: eBGP Multihop
              Paul Stewart  -  CCIE Security

              One more note on this, then I'll give pause for your response.  You mentioned that RTB is a "non-cisco" router.  I actually interpret third-party in this example to mean another party or network that is outside of your control, most likely the ISP.  That is why the policy could be such that there is no direct connectivity of BGP Peers.

              • 4. Re: eBGP Multihop
                Chetan

                Paul,

                 

                I think "third-party", here refers to any router that is not of CISCO brand, that is of any other brand say D-Link Router.

                 

                So I understood the picture as One is Cisco Router and Other is (say) D-Link Router.

                 

                Then, what confused me was that D-Link Router (RTB) can have Direct Connection with Cisco Router(RTA), But Cisco Router (RTA) can't have Direct Connection with D-Link Router (RTB)..

                .

                I didn't get this stuff ..

                • 5. Re: eBGP Multihop
                  Scott Morris - CCDE/4xCCIE/2xJNCIE

                  The concept of ebgp peers needing to be directly connected is per the RFC, not Cisco.  So that (or the workaround of multihop) is not reserved to Cisco devices.  Whether there's  a non-Cisco router in the mix wouldn't actually change anything here.

                   

                  Scott

                  • 6. Re: eBGP Multihop
                    Chetan

                    Thanks Paul and Scott for sharing your expert knowledge.. 

                    • 7. Re: eBGP Multihop
                      Paul Stewart  -  CCIE Security

                      I have to be very careful talking about BGP (not my strong suit).  I just happen to understand eBGP multi-hop from my studies in CCIE Sec.  So  wouldn't necessarily consider myself an expert in that category, but thanks for the compliment.  Scott, on the other hand, is an expert on all things routing (including BGP).

                      • 8. Re: eBGP Multihop
                        Scott Morris - CCDE/4xCCIE/2xJNCIE

                        hehehehe...  I dunno about that...  I just get to play around with lots of different things. 

                        • 9. Re: eBGP Multihop
                          lius

                          通过抓包之后看到的情况,确实和楼上的说法一致,改变了IP包头中的TTL值。

                          • 10. Re: eBGP Multihop
                            Hyeoncheol Cho

                            Chetan,

                            I also have been studying BGP a bit these days and wanted to share a bit of my knowledge.

                             

                            Rule of thumb.

                            1. For iBGP peering, there is no restirction to the number of hops in the peering condition.

                             

                            2. However, when it comes to the eBGP, one of the condition to estabilsh peering is that the peering router( you can consider the IP address of the neighbor) _MUST_ be on the same directly connected network. i.e, two routers in eBGP neighbor relation should have one interface connected on the same IP subnet. if not, the eBGP routers would not even generate an "open' message at all. neibhgor 180.225.11.1 ebgp-multihop is used to overcome this condition. once this command is used in the cnfiguration, the eBGP router understand that the peer does not directly connected.