CCIE Routing & Switching Advanced Technologies Class - BGP Next-Hop Self, BGP Next-Hop Processing

Transcript

1	Introduction	0h 43m
2	Using the Cisco Documentation	0h 52m
3	Ethernet Overview, Layer 2 Switchports, Trunking, ISL, 802.1q, DTP	0h 47m
4	VTP, VTP Authentication, VTP Pruning	1h 02m
5	VTP Prune Eligible List, VTP Transparent, VTP Troubleshooting, Trunk Allowed List, Extended VLANs	0h 48m
6	VLAN and VTP Review	0h 19m
7	SVIs, Native Routed Interfaces, Router-on-a-Stick	0h 46m
8	Layer 2 EtherChannel, EtherChannel Load Balancing, Layer 3 EtherChannel	0h 57m
9	802.1q Tunneling, Layer 2 Protocol Tunneling, EtherChannel over 802.1q Tunneling	1h 03m
10	STP Root Bridge Election, STP Root Port Election, STP Designated Port Election, STP Priority, STP Cost, STP Port-Priority	1h 46m
11	STP Review	0h 12m
12	STP Timers, STP PortFast	0h 34m
13	STP UplinkFast	0h 11m
14	STP BackboneFast	0h 12m
15	STP BPDU Filter	0h 13m
16	STP BPDU Guard	0h 11m
17	STP Root Guard	0h 11m
18	STP Loop Guard, Unidirectional Link Detection (UDLD)	0h 11m
19	Multiple Spanning-Tree Protocol (MST)	0h 40m
20	Rapid Spanning-Tree Protocol (RSTP), Rapid-PVST	0h 18m
21	MST with Multiple Regions	0h 33m
22	Flex Links	0h 16m
23	Frame Relay	0h 39m
24	Frame Relay Configuration Part 1	0h 34m
25	Frame Relay Configuration Part 2	0h 41m
26	Frame Relay Switching	0h 27m
27	Back-to-Back Frame Relay	0h 08m
28	Frame-Relay End-to-End Keepalives	0h 18m
29	PPP, PPP PAP Authentication, PPP CHAP Authentication	0h 59m
30	PPPoFR, PPPoE	0h 40m
31	Transparent Bridging, IRB	0h 32m
32	Fallback Bridging	0h 14m
33	IP Routing Overview, Switching Paths, Static Routing	0h 42m
34	Static Routing Examples	0h 25m
35	IP Default-Gateway, IP Default-Network	0h 14m
36	On-Demand Routing (ODR)	0h 07m
37	Floating Static Routes	0h 10m
38	Backup Interface	0h 29m
39	Enhanced Object Tracking, IP SLA, Reliable Static Routing	0h 21m
40	Policy Routing	0h 43m
41	GRE Tunneling, GRE Recursive Routing Errors	0h 27m
42	Reliable Backup Interface with GRE	0h 25m
43	RIP Overview, RIP Versions, RIP Auto-Summary	0h 48m
44	RIP Split-Horizon, RIP Timers	0h 22m
45	RIP Broadcast Updates, IP Directed Broadcast, IP Broadcast-Address, Smurf Attacks, Fraggle Attacks	0h 16m
46	RIP Unicast Updates	0h 03m
47	RIP Offset-List	0h 18m
48	RIP Authentication	0h 11m
49	RIP Summarization	0h 10m
50	Prefix-Lists, RIP Distribute-List Filtering, RIP Administrative Distance Filtering	0h 48m
51	RIP Default Routing, RIP Conditional Default Routing	0h 18m
52	RIP Triggered, RIP Validate Update Source,	0h 12m
53	EIGRP Overview	0h 29m
54	EIGRP Auto-Summary	0h 07m
55	EIGRP Split-Horizon	0h 11m
56	EIGRP Update Types, EIGRP Neighbor, EIGRP Passive-Interface	0h 24m
57	EIGRP Hello-Interval, EIGRP Hold-Time	0h 05m
58	EIGRP Authentication	0h 11m
59	EIGRP Time Based Authentication	0h 25m
60	EIGRP Path Selection, EIGRP Metric Weights, EIGRP Traffic Engineering	0h 47m
61	EIGRP Unequal Cost Load Balancing, EIGRP Variance	0h 19m
62	EIGRP QUERY, EIGRP Summarization, EIGRP Leak-Map	0h 28m
63	EIGRP Stub Router Advertisement	0h 22m
64	EIGRP Default Routing	0h 13m
65	EIGRP Route Filtering	0h 11m
66	EIGRP Router-ID	0h 07m
67	Miscellaneous EIGRP Features	0h 02m
68	OSPF Overview	0h 27m
69	Establishing OSPF Adjacencies, Understanding the OSPF Database	0h 43m
70	OSPF Network Type Broadcast, OSPF DR/BDR Election, OSPF over NBMA, OSPF Network Type Non-Broadcast and Point-to-Multipoint	0h 56m
71	OSPF Network Type Point-to-Point, OSPF Network Type Mismatch	0h 13m
72	OSPF Network Type Point-to-Multipoint Non-Broadcast, OSPF Per Neighbor Cost	0h 17m
73	OSPF Network Type Loopback	0h 02m
74	OSPF Path Selection	0h 27m
75	OSPF Convergence Timers	0h 09m
76	OSPF Authentication	0h 12m
77	OSPF Summarization	0h 32m
78	OSPF Stub Areas, OSPF Totally Stubby Areas, OSPF NSSAs, OSPF Totally NSSAs	0h 40m
79	Controlling OSPF NSSA Redistribution	0h 02m
80	OSPF Type 7 to 5 Translator Election, OSPF LSA Type 3 Filter, OSPF Forwarding Address Suppression	0h 24m
81	Route Redistribution Overview	0h 36m
82	Route Redistribution Configuration & Verification, Connected Redistribution	0h 22m
83	OSPF External Path Selection, TCL PING Scripting	0h 33m
84	Routing Loops Overview, EIGRP Route Loop Prevention	0h 55m
85	Metric Based Routing Loops, Route Tagging	0h 46m
86	Administrative Distance Based Routing Loops, Debug IP Routing, IP Route Profile	0h 58m
87	BGP Overview, BGP Peering Types	0h 51m
88	Establishing BGP Peerings, EBGP Multihop, BGP Neighbor Disable Connected Check, BGP TTL Security	0h 49m
89	BGP 4-Byte ASNs	0h 20m
90	BGP Local AS, BGP Peer Groups	0h 30m
91	BGP Next-Hop Self, BGP Next-Hop Processing	0h 30m
92	BGP Route Reflectors	0h 37m
93	Large Scale BGP Route Reflectors with Clusters	0h 34m
94	BGP Confederation	0h 37m
95	BGP NLRI Advertisements, BGP Network Statement, BGP Redistribution	0h 43m
96	BGP Aggregation, BGP Aggregation & Summary-Only, BGP Aggregation & Unsuppress-Map	0h 46m
97	BGP Origin, BGP Aggregation & AS-Set, BGP Aggregation & Advertise-Map	0h 22m
98	BGP Conditional Route Injection	0h 21m
99	BGP Bestpath Selection, BGP Multipath, BGP Weight	0h 53m
100	BGP Local Preference, BGP Local Preference and Communities, BGP AS-Path Prepending,	0h 30m
101	BGP MED, BGP MED Missing As Worst, BGP Deterministic MED	0h 34m
102	BGP Communites, BGP Regular Expressions	0h 43m
103	BGP Filtering, BGP Convergence Timers, BGP Default Routing, Miscellaneous BGP Features	0h 24m
104	MPLS Overview, MPLS Label Distribution Protocol (LDP)	1h 05m
105	MPLS Tunnels, MPLS Penultimate Hop Popping (PHP)	0h 40m
106	MPLS Layer 3 VPNs Overview, VRF Lite	0h 36m
107	MPLS Layer 3 VPNs and VPNv4 BGP	1h 08m
108	MPLS Layer 3 VPN Verification & Troubleshooting	0h 49m
109	MPLS Layer 3 VPN OSPF PE-CE Routing Overview	0h 06m
110	MPLS Layer 3 VPN OSPF PE-CE Routing Path Selection & Sham-Links	2h 01m
111	MPLS Layer 3 VPN OSPF PE-CE Routing Loop Prevention & Down-Bit, OSPF Capability VRF-Lite	0h 40m
112	IPv6 Overview, IPv6 ICMPv6 ND, IPv6 over NBMA	0h 44m
113	IPv6 Routing Overview, IPv6 Static Routing	0h 28m
114	IPv6 RIPng	0h 20m
115	IPv6 EIGRPv6	0h 09m
116	IPv6 OSPFv3	0h 31m
117	MP-BGP for IPv6	0h 26m
118	IPv6 Tunneling	1h 13m
119	Multicast Overview, IGMP	0h 34m
120	PIM Overview	0h 18m
121	PIM Dense Mode	1h 03m
122	PIM Sparse Mode	0h 30m
123	PIM Sparse Mode Configuration	0h 36m
124	PIM Sparse Mode RPF & RP Troubleshooting	0h 27m
125	Auto-RP, Multicast over GRE Tunnels	0h 53m
126	Bootstrap Router (BSR), Bidirectional PIM, Source Specific Multicast (SSM)	0h 40m
127	MSDP, Anycast RP	0h 27m
128	IPv6 Multicast Routing	0h 24m
129	QoS Overview, IntServ QoS, DiffServ QoS, IP Precedence, DSCP, MQC, HQF	0h 41m
130	MQC Classification	0h 44m
131	FIFO, FQ, WFQ, CBWFQ, HQF	0h 50m
132	LLQ	0h 23m
133	WRED	0h 31m
134	Traffic Shaping, Traffic Policing	0h 40m
135	Frame Relay Traffic Shaping (FRTS)	0h 33m
136	RSVP	0h 07m
137	Catalyst 3560 QoS	1h 00m
138	IOS Security Overview, Access Lists (ACLs)	0h 58m
139	Time Based ACLs, Dynamic ACLs	0h 33m
140	Reflexive ACLs	0h 21m
141	TCP Intercept, Content Based Access Control (CBAC)	0h 34m
142	Zone Based Policy Firewall (ZBPF)	1h 09m
143	AAA, Local Authentication, Local Authorization, Role Based CLI Access	0h 43m
144	Port Security, Static CAM Entries, Storm Control, 802.1X Authentication, PACLs, RACLs, VLAN Access Maps (VACLs)	0h 48m
145	DHCP Snooping, Dynamic ARP Inspection (DAI), IP Source Guard	0h 12m
146	Protected Ports, Private VLANs	0h 25m
147	IP Services Overview, HSRP	1h 10m
148	VRRP, GLBP	0h 28m
149	NAT	0h 42m
150	DHCP, DNS	0h 30m
151	NetFlow	0h 09m
152	WCCP, Miscellaneous IP Services	0h 06m
153	System Management Overview, NTP, NTP Authentication	0h 24m
154	SNMP, RMON	0h 38m
155	Syslog, Telnet, SSH, Banners	0h 21m
156	EEM Scripting, Miscellaneous System Management	0h 26m
Total Duration		81h 59m

Slides - Diagrams

Slides - Introduction

Slides - Ethernet Switching

Slides - Advanced Ethernet Switching

Slides - Frame Relay

Slides - PPP

Slides - Transport Bridging

Slides - Redistribution

Slides - IOS Security

Slides - Layer 2 Security

Slides - IP Services

Slides - System Management

0:00:13	So, let's look at this doing it in three separate ways.
0:00:18	We'll use the next hop self command,
0:00:20	we'll use the manual next hop modification,
0:00:23	and we'll simply advertise the transit link into the IGP network.
0:00:29	Now, advertising the transit link, this is probably the simplest way to solve this problem.
0:00:35	We would just go to...
0:00:36	let's say, router 2.
0:00:39	And under our IGP process,
0:00:42	we'll simply advertise that link into IGP.
0:00:47	Now, whether I really have a neighbor on that link that I want to establish adjacency with,
0:00:51	it's gonna depend on the other design issues.
0:00:54	So, I may wanna advertise this let's say the link is passive,
0:00:57	or maybe I wanna redistribute this as a connected link.
0:01:01	As long as the end result
0:01:03	is that the other neighbors have a route to that exit point,
0:01:09	it doesn't really matter how they learned it.
0:01:12	Technically, they can even learn it through BGP.
0:01:15	So, one BGP route can recurse to another one
0:01:19	as long as ultimately, the route points towards a connected interface.
0:01:24	So, router 2 could have done the network statement under BGP, that would be fine as well.
0:01:28	As long as when we look at the Show IP Route
0:01:31	and match the next hop value,
0:01:33	as long as some valid entry comes up here, that's what the ultimate goal is.
0:01:38	So now, on router 5, if we look at the Show IP BGP,
0:01:43	we should see that those prefixes learned from router 2,
0:01:46	those are now best routes.
0:01:50	We see the greater than sign in the Show IP BGP Output,
0:01:54	but notice that the next hop value hasn't changed.
0:02:00	Now, if we look at the full route recursion,
0:02:03	if we were to look at router 5 and figure out how do we actually get towards that next hop.
0:02:10	We could say, Show IP Route to get to 205.90.31.0.
0:02:18	Router 5 says, "This is learned via BGP.
0:02:21	The next hop value is 192.10.28.254."
0:02:30	I'll now ping, Show IP Route.
0:02:36	192.10.28.254...
0:02:39	is reachable via 155.28.0.2.
0:02:43	So now, we need to do an additional recursive lookup
0:02:46	to say, how do we get to 155.28.0.2.
0:02:51	This is it's connected via our serial interface.
0:02:56	This serial interface is running frame-relay.
0:03:00	It's a multipoint interface,
0:03:01	which then means the Layer 2 process would need to do a lookup on the mapping.
0:03:05	We know what the final next hop is, which is router 2's address.
0:03:13	Since we have a frame-relay mapping associated with that,
0:03:15	now, we should be able to send the traffic out that particular link.
0:03:20	Now, we could also do the final verification all at once
0:03:23	if we were to simply look at the CEF entry for this.
0:03:26	If I said Show IP CEF for 204, or 205...
0:03:32	205.90.31.0.
0:03:38	It says, it's forwarding out serial 0/0/0.
0:03:43	So, in reality, CEF is pre-calculating the recursion here,
0:03:47	and pre-calculating the Layer 2 header that's gonna be used on that link.
0:03:50	If we look at the Show IP CEF Detail,
0:03:53	we can see exactly the information that it's using here.
0:03:59	If we said, Show IP CEF Internal,
0:04:02	this is gonna give us even more information about it.
0:04:05	Possibly we would have multiple paths to get there,
0:04:10	this, Show IP CEF Internal, this would show us our load distribution information there.
0:04:15	Where in this case, there's only one possible way to get to that particular neighbor.
0:04:18	So, it says, "This destination is actually recursive to this next hop,
0:04:25	which points at router 2, which eventually points at serial 0/0/0."
0:04:33	So, as long as we can get to that step where we find the interface,
0:04:36	that's ultimately what the routing process is looking for.
0:04:44	Now, at this point, we are learning the updates from the remote backbone routers,
0:04:49	but we're not advertising anything to them.
0:04:53	So, this means that we have a route to them, but they don't have a route back to us.
0:04:57	So, if we're gonna test the connectivity here,
0:04:59	we'd actually have to use some advertisements out to them.
0:05:03	So, on router 2,
0:05:06	I'm gonna advertise to BB2.
0:05:08	Simply a summary of the entire internal address space.
0:05:13	Now, we are gonna come back later and look at the aggregation in more detail.
0:05:18	Look at all the specific sub-options that we can do on the aggregate.
0:05:21	Like the summary only, the suppress map, the un-suppress map.
0:05:24	And we'll see how that's going to affect the traffic engineering and the best path selection design.
0:05:30	But for simplicity here, just make sure that we can test reachability,
0:05:34	I'm gonna go to router 2,
0:05:37	and under the BGP process,
0:05:41	generate an aggregate for 155.28.0.0/16.
0:05:49	So, it's just a classful summary.
0:05:53	Now, in order to do this,
0:05:55	I need to make sure that I have at least one subnet
0:05:58	in the BGP table of the aggregate,
0:06:01	which at this point, I don't because we're not advertising anything in the BGP.
0:06:07	Now, the simple way that I can do this is just to look at the routing table,
0:06:11	and essentially pick out any of these subnets.
0:06:13	It's doesn't matter what it is.
0:06:15	It could be a connected route, it could be a dynamically learned route.
0:06:19	As long as one of those subnets are in the BGP table,
0:06:22	then, it's going to allow me to generate the summary.
0:06:26	So, let's say this very last prefix. Network 155.28.108.0.
0:06:36	And that is a /24.
0:06:41	Once this particular prefix is in the BGP table,
0:06:46	it then means we should be able to generate the aggregate,
0:06:53	which is the aggregate here.
0:06:56	If we were to then look at the Show IP BGP Neighbor
0:07:01	BB2's address...
0:07:04	and the advertised routes,
0:07:07	this is gonna show us what we're actually sending to that particular peer.
0:07:13	So, this says that we're sending them the /24 subnets plus we're sending them the summary.
0:07:19	Now, I don't really care that we're sending them the subnet here.
0:07:23	The ultimate goal is just to make sure they have that summary.
0:07:27	The end result of this should be...
0:07:30	is that router 5 will now be able to reach...
0:07:33	any of those destinations learned from BGP.
0:07:36	So, if I ping 205.90.31.1,
0:07:41	everyone on the way there has a route to it,
0:07:44	everyone on the way back has a route.
0:07:47	If we were to look at the trace for this,
0:07:53	as the CEF table showed us, the route recursion is pointing towards router 2,
0:07:57	then, router 2 is directly connected to that destination, which is BB2.
0:08:05	But again, when we look at the Show IP BGP Output,
0:08:08	we can immediately tell which of these prefixes are gonna have problems with them
0:08:13	is they don't have the greater than sign in the leftmost output
0:08:18	from Show IP BGP.
0:08:21	So, on router 2, the way that we solved this...
0:08:25	problem with routing to the next hop was simply to advertise that link into EIGRP.
0:08:32	Which is a perfectly valid design solution just depends on what our individual requirements are.
0:08:38	If this was within the scope of the lab exam,
0:08:40	and the question says, "Don't do that",
0:08:42	then, we're gonna have to look for other possible options.
0:08:47	So again, there's only two possible solutions for this.
0:08:50	Either we give them a route to the next hop,
0:08:54	or we change the next hop.
0:08:55	So, it's something that they already do have a route to.
0:09:00	This is what we look at doing on router 6 and on router 4.
0:09:08	Next on router 4,
0:09:11	let's look at our configuration under the BGP process,
0:09:16	I need to apply this change on to all of these neighbors at the same time,
0:09:21	so, I'm gonna apply it to the peer group.
0:09:26	I'll say that when I learn a route from an EBGP neighbor,
0:09:29	and I turn around an advertise it to an IBGP neighbor,
0:09:33	I wanna set the next hop value
0:09:36	to my own local peering address.
0:09:41	Since my update source for the peer group is my loopback zero,
0:09:46	it then would mean, all of my BGP routes
0:09:49	that are advertised to these neighbors
0:09:51	are also gonna have the next hop of my loopback zero.
0:09:57	Once I make this change,
0:10:00	I'm gonna need to send a new update out to the neighbors in order to refresh this particular attribute.
0:10:04	So, the way I can do this is to automatically enable the route or refresh capability.
0:10:11	To do this, I'll say, Clear IP BGP.
0:10:15	I want it to affect
0:10:17	either all neighbors with the asterisk.
0:10:20	I could say 100 with just my internal peers.
0:10:23	I could say individual address.
0:10:25	But the key is I want to send a outbound route refresh.
0:10:32	So, it's not resetting the TCP session here.
0:10:34	It's just sending them a new triggered update.
0:10:38	Once I make this change, if I were to go to router 5,
0:10:42	and now look at the difference in the Show IP BGP,
0:10:46	notice that the next hop value for the routes that came from router 4
0:10:51	now has the next hop set to its loopback.
0:10:56	And since this loopback is already advertised into my IGP,
0:11:02	it implies that for any of these BGP learned destinations,
0:11:07	I should be able to perform a final route recursion.
0:11:10	And again, the CEF table is gonna show us that. So, if I Show IP CEF 118.0.0.0,
0:11:16	look at the detail,
0:11:18	it says it recurses first back to 4,
0:11:21	then, there's two possible ways I could get there.
0:11:25	If I look at the internal CEF entry here,
0:11:29	it's now gonna show me how I'm actually doing the load distribution.
0:11:33	Because I have multiple equal cost paths
0:11:36	in order to get to the inter-mediary next hop.
0:11:41	So, it says, "To get to the final destination, I really have two choices."
0:11:46	So, this is the final destination,
0:11:50	there's two interfaces I could go out.
0:11:53	In both cases, they're going to router 4, if they're on different physical links.
0:11:58	We're doing per-session load balancing.
0:12:01	There's two possible choice.
0:12:04	Okay, first session basically means per-flow.
0:12:06	So, by default CEF is gonna take both the source
0:12:09	address and the destination address as the input to the algorithm.
0:12:16	It says there is 16 possible choices I have for load balancing.
0:12:21	So, 16 hash packets, it's what CEF calls it.
0:12:25	So, it takes the source address, the destination address,
0:12:27	puts it through whatever the internal CEF hashing is,
0:12:30	and then, it's gonna choose one of these buckets.
0:12:34	Now, assuming that they equally chosen 0 all the way through 15.
0:12:39	Notice how they are spread out.
0:12:42	It says, "The first one goes through the frame-relay interface.
0:12:46	Next one goes to the point-to-point.
0:12:48	Next one goes to the frame-relay, next one goes to the point-to-point."
0:12:51	So, over and over and over,
0:12:53	basically means I'm load balancing on a one-to-one basis.
0:12:57	But this would be per-flow, not necessarily per-packet or per-destination.
0:13:06	So again, the key point about this output is that ultimately, CEF points at a connected interface
0:13:11	in order to reach the BGP destination.
0:13:14	It means that the full route recursion is correct.
0:13:17	We can send it down to the switching path and it's not gonna have a problem
0:13:20	moving the packet between the interfaces.
0:13:24	If I look at the Show IP BGP 118.0.0.0,
0:13:29	since I did not yet update the next hop value on router 6,
0:13:34	it says, "The path I'm learning from router 6 is still invalid,
0:13:41	because the next hop is inaccessible."
0:13:44	So, if the next hop value is not reachable,
0:13:47	it means I will not consider that individual path for best path selection.
0:13:52	Even if the local preference value was higher than the first one.
0:13:56	Or if the weighting value was higher.
0:13:59	Or the metric value was lower.
0:14:01	As long as this next hop stays inaccessible,
0:14:03	then, it means I'm never gonna consider this particular particular for best path selection.
0:14:16	So, we saw how we could change this on router 4
0:14:21	was with the...
0:14:23	next hop self command under the BGP process.
0:14:26	So, that's a perfectly valid option. It says that
0:14:28	"For any routes that are coming from the EBGP peers",
0:14:32	which in this case, it's just...
0:14:35	this one particular neighbor here.
0:14:39	"For any routes that come from the EBGP peers,
0:14:42	when I'm sending the routes to my IBGP peers,
0:14:46	I'm gonna change the next hop value so that's it's my own local loopback zero."
0:14:52	Again, the reason why we're using the loopback zero because that's what the update source is.
0:14:57	My update source was Fast Ethernet 0/0,
0:14:59	that's what the next hop value would be changed to.
0:15:04	Now, on router 6, we're essentially gonna do the same thing modifying the next hop
0:15:09	except we're gonna do it manually.
0:15:11	And we'll so this with a route map
0:15:14	that says to change the next hop.
0:15:19	Under the route map, I'll say, Set IP Next Hop.
0:15:23	Then, whatever address that we want to send this to.
0:15:26	Now, I could use an address that is connected to router 6,
0:15:31	or I could technically do whatever I want. I could say 1.2.3.4.
0:15:36	Now, if the other neighbors don't have a route to 1.2.3.4, then, that's gonna be a problem.
0:15:40	But anything that they essentially can do the full route recursion on,
0:15:44	that's what we're ultimately looking for.
0:15:47	So, this could be my loopback, this could be my...
0:15:51	Ethernet interface.
0:15:55	The only disadvantage of using the physical link...
0:15:59	would be what?
0:16:03	If router 6 were to tell all of its IBGP peers
0:16:07	that the next hop for these EBGP updates was this interface,
0:16:15	what else is that gonna impact in the design?
0:16:24	It would mean that if router 6 looses its connection to that segment,
0:16:29	then, the BGP peers would not be able to use any of those routes.
0:16:34	Now, it could be possible that that's actually what we wanted for the design.
0:16:38	So, maybe on router 6, this should be the only possible exit point.
0:16:43	And if this exit is down, we don't want to re-route over that interface.
0:16:48	In which case, that would be valid to set the next hop to this interface.
0:16:51	It really depends on how we're trying to affect the traffic flow.
0:16:54	Now, another valid case to do this...
0:16:57	would be if you're trying to do some sort of enhanced object tracking
0:17:01	with the IP SLA agreement.
0:17:04	I could say for example that I want router 6
0:17:06	to advertise the BGP updates,
0:17:10	but only if some attribute is true about the connection to BB1.
0:17:16	So, maybe if the delay is less than some value.
0:17:19	Or if I'm able to reach my DNS server via that exit point.
0:17:23	Okay, I could do whatever application check that I want.
0:17:27	Then, the IP SLA instance, I could tie this to a static route
0:17:33	that is advertised into IGP.
0:17:37	Then, router 6 could set the next hop value to that under the route map.
0:17:43	So, by using the route map, it's gonna give us more flexibility
0:17:46	as to whether we should actually use that particular exit point or not.
0:17:51	So, let's take a look at a quick example of this.
0:17:54	Let's say on router 6...
0:17:56	that I wanted to be used as a BGP exit point,
0:17:59	but only if I can guarantee
0:18:01	that the end-to-end connection to BB1 is actually up.
0:18:06	The potential problem I could have
0:18:08	is that if I look at the Show IP Interface Brief...
0:18:11	on router 6,
0:18:14	I'm using the main interface for frame-relay.
0:18:18	The main interface for frame-relay remember is gonna use what?
0:18:21	To figure out if the line protocol status should be up.
0:18:30	It's gonna use the LMI keepalive from the frame-relay switch.
0:18:33	Now, it's not gonna use the status to the DLCI, and that's what the issue is gonna be.
0:18:38	As long as router 6,
0:18:41	when it look at the Show Frame-Relay LMI,
0:18:44	as long as we are receiving these status replies,
0:18:48	then, the link is gonna stay up.
0:18:51	Even if the frame-relay PVC were to go down,
0:18:54	it's not gonna change the status of the interface.
0:18:58	So, this means that if BB1 looses its connection, then,
0:19:01	router 6 is not gonna know about that.
0:19:05	Okay, it knows that the circuit is gonna go down, but it's not gonna affect the physical link.
0:19:08	So, what I'm gonna do now instead...
0:19:12	is...
0:19:14	create an IP SLA instance...
0:19:17	that say, "I'm gonna send an ICMP echo
0:19:22	to 54...
0:19:25	54.28.1.254.
0:19:29	And I'm gonna send this every 5 seconds.
0:19:33	And my time-out is 2,000 milliseconds."
0:19:38	So basically, every 5 seconds, router 6 is just gonna say, "Ping this address."
0:19:44	We could see right now, it's getting a response.
0:19:47	Next thing I'm gonna do is tie this LSA instance to an enhanced object.
0:19:54	I'll say, "Track object number 2...
0:19:56	is checking against an IP SLA instance...
0:20:01	number 1.
0:20:02	If SLA instance 1 is up,
0:20:05	it would mean that the tracked object is up."
0:20:09	Now, let's start the SLA instance. We'll say, IP SLA 1...
0:20:14	or IP SLA Schedule 1.
0:20:17	Start now, the life time is...
0:20:20	forever.
0:20:22	So, I'm gonna start the ping, and it's gonna keep going indefinitely.
0:20:26	We could see, this also immediately changes the state of the object to be up.
0:20:30	Because right now, the pings are working.
0:20:34	Next step is that I'm gonna create a static route that points to null zero
0:20:39	that I'm essentially just using as a place holder.
0:20:42	So, we'll use any random address. Let's say, 169.254.0.1/24...
0:20:50	or /32 goes to null zero,
0:20:52	but I'm tracking object null 2 with this.
0:20:58	So, this is any invalid address basically 169.254 is the link local address based on IPv4.
0:21:05	So, this would not be globally routable in the public BGP table.
0:21:11	Next thing I'm gonna is under the EIGRP process.
0:21:15	I'm gonna redistribute this static route.
0:21:19	And I'll set whatever metric value that I want. Let's say...
0:21:25	a hundred megabits per second.
0:21:28	1,000 microseconds of delay or actually 110's of microseconds.
0:21:35	A reliability of 255, a load of 1, and an MTU of 1500.
0:21:39	Okay, it really doesn't matter what the metric is,
0:21:41	because I'm the only possible exit point for this static route.
0:21:46	So now, if I were to look at any other router in the IGP network,
0:21:51	let's say I were to go to router 5,
0:21:55	and say, Show IP Route 169.254.0.1.
0:22:02	Router 5 does have a route to that.
0:22:04	This means that the tracked object is up.
0:22:10	Now, it can't actually ping this address, because this is going to router 6 as null zero.
0:22:13	That's not really the point of it. The point of it is just that it's a place holder
0:22:17	that I'm using to combine with the IP SLA instance.
0:22:23	So, as long as this route is in the routing table,
0:22:25	it basically means that my connection to BB1 is up.
0:22:30	Now, I could take this logic even a step further...
0:22:33	and go to router 6,
0:22:35	and say, "When I advertise my BGP updates out,
0:22:40	I'm gonna change the next hop value...
0:22:43	so that it actually points to this place holder route."
0:22:49	So, if we Show Run...
0:22:52	or Do Show Route Map,
0:22:55	okay, it said, "The route map's name was changed next hop.
0:23:00	Where I'm going to set the IP next hop to 169.254.0.1.
0:23:09	Now, under the BGP process,
0:23:13	I'll say when I send updates out to my neighbor
0:23:16	that is the peer group.
0:23:19	So, if I Show Run Section Router BGP,
0:23:22	We'll say neighbor IBGP PEERS.
0:23:26	I have the route-map
0:23:29	that is Change the Next Hop...
0:23:33	outbound.
0:23:38	Then lastly, router 6 needs to apply the new policy.
0:23:41	So, we'll say Clear IP BGP star outbound.
0:23:44	This is gonna send a new update out to them
0:23:46	that should ideally update the next hop.
0:23:50	So, now, if I look at router 5,
0:23:52	let's look at the Show IP...
0:23:55	Show IP BGP,
0:23:58	we see the next hop value was changed to that 169 address.
0:24:05	So, now, let's look at what's the end result of this.
0:24:08	Let's say that from switch 4,
0:24:12	I'm gonna trace 112.0.0.1
0:24:19	Notice right now that this exit point
0:24:23	is router 6 out of our network.
0:24:26	So, from switch 4's perspective, the packets are going
0:24:30	to switch 2.
0:24:32	To router 5.
0:24:33	From router 5, we have a couple of different choices.
0:24:35	Router 5 in this case is sending it to 1.
0:24:39	One is then sending it to 6.
0:24:41	And then 6 is sending the packet out.
0:24:45	If I were now to go to BB1,
0:24:52	and...
0:24:54	let's just say the...
0:24:57	the router crashes.
0:24:59	So, we'll reload it.
0:25:02	From router 6,
0:25:04	this means that the...
0:25:07	tract object is gonna go down.
0:25:15	Which then means that even if we were to continue to advertise the BGP route,
0:25:21	router 5 or basically anyone else in the topology,
0:25:25	they would no longer have the route to the next hop.
0:25:30	Which then in turn means that the route recursion would not complete
0:25:34	and the BGP route could not be used.
0:25:38	So, the key behind this,
0:25:41	is that there's other ways to base the convergence
0:25:44	of the BGP routes than the actual BGP hello and hold time.
0:25:49	Because when we look at the default timers, let's say we go to router 4,
0:25:53	and say Show IP BGP neighbor 204.12.28.254
0:26:00	It says the whole time for this is 3 minutes.
0:26:06	So, for some reason, that connection goes down,
0:26:08	I may not notice this for 3 minutes.
0:26:12	Which potentially could be tons and tons of traffic that's gonna be dropped.
0:26:16	So, by tying this to some...
0:26:18	some feature that can do much faster convergence,
0:26:21	or do convergence based on application level intelligence,
0:26:25	then it gives us more flexibility
0:26:27	as to how we're actually controlling how the traffic leaves the network.
0:26:33	So, the keypoint being here is that BGP gives us a lot of flexibility to do this.
0:26:37	We'll see later when we get into more details about the best path selection and doing aggregation,
0:26:43	there's probably a thousand different ways to solve the same problem in BGP.
0:26:48	It just that there's many different options that we have available to us.
0:26:52	And again, within this scope. the CCIE lab exam,
0:26:55	the key is to understand what are all the possible options.
0:26:59	So, then it really doesn't matter what the question is asking.
0:27:02	If the question says, "Don't do A, B and C",
0:27:04	that's fine because I know that there's ways
0:27:06	that D, E ad F that I could solve the same problem with.
0:27:10	And a lot of times that's gonna be the difference between getting the section right
0:27:14	or getting the section wrong.
0:27:15	If they could be asking you something that you just think is impossible,
0:27:20	because you didn't know that that was even an option to begin with.
0:27:26	So, if we look at our final configuration on router 6 here,
0:27:38	and let me put this into notepad so we can see the whole thing all at once.
0:27:54	So, first, we have the IP SLA instance.
0:28:07	Which is this. So, we're doing the pings.
0:28:11	Then we have the object that is tracking the SLA.
0:28:17	The object is then referenced from the access list.
0:28:23	Or not the access list.
0:28:24	The static route.
0:28:39	Then we are changing the next hop to that particular address.
0:28:45	Okay, the full way to read this config, it says, "ping BB1."
0:28:50	Ping them every 5 seconds. If I don't get a response back within 2 seconds,
0:28:55	I'm gonna consider that they're down.
0:28:57	If they are down, it's gonna cause object 2 to go down.
0:29:02	Which is gonna cause the static route to be removed from the routing table.
0:29:07	Since this address is the next hop of the BGP routes,
0:29:11	it means that anyone who learned the prefixes from me,
0:29:16	now it says that I'm an invalid path in order to get to those destinations.
0:29:20	Because if they don't have the route to the next hop,
0:29:23	it means that they're not gonna consider my path for best path selection.
0:29:29	So, it's kind of a roundabout way to get the network to reconverge.
0:29:33	But the advantage of this is that we could define whatever we want in the SLA.
0:29:38	So, I could say that maybe the service provider has guaranteed me
0:29:42	a hundred milliseconds end-to-end delay.
0:29:45	Because that's where my voice over IP traffic is going.
0:29:49	So, if my delay goes up to 200 milliseconds,
0:29:53	maybe that's unacceptable for whatever application that I'm using.
0:29:56	Then based on that, I could force router 6 to withdraw the routes in the BGP table.
0:30:05	So, we'll see some other advanced examples of this when we get to
0:30:08	other features in BGP.
0:30:10	But again, the ultimate goal here is that
0:30:12	since BGP was designed to be a policy protocol,
0:30:15	we have a lot of flexibility as to how we can solve this different design problems.

Now Viewing

CCIE Routing & Switching Advanced Technologies Class
Title:	CCIE Routing & Switching Advanced Technologies Class
Duration:	81h 59m
The CCIE Routing & Switching Advanced Technologies Class is the first step in understanding CCIE level technologies and is a companion to the Advanced Technologies Lab Workbook. Each technology you need to know for the CCIE Routing & Switching lab will be described in detail using an instructor led hands on demonstration. The class consists of over 80 hours of in depth explanations and examples.
Get instant access to our entire library!
$159/month	Add to Cart
Download this Course
$299.00	Add to Cart

BGP Next-Hop Self, BGP Next-Hop Processing

Create Bookmark