|
Topology:
Configurations:
FGT1 # show router bgp
# config router bgp
set as 100
set router-id 1.1.1.1
# config neighbor
edit "10.15.7.171"
set soft-reconfiguration enable
set remote-as 100
next
end
# config network
edit 1
set prefix 10.15.0.0 255.255.240.0
next
edit 2
set prefix 10.12.0.0 255.255.240.0
next
end
# config redistribute "connected"
set status enable
end
# config redistribute "static"
set status enable
end
FGT2 # show router bgp
# config router bgp
set as 100
set router-id 2.2.2.2
set ebgp-multipath enable
set graceful-restart enable
# config neighbor
edit "10.15.7.170"
set soft-reconfiguration enable
set remote-as 100
next
edit "10.16.7.143"
set ebgp-enforce-multihop enable
set soft-reconfiguration enable
set ebgp-multihop-ttl 10
set remote-as 200
next
end
# config network
edit 3
set prefix 10.10.0.0 255.255.240.0
next
edit 1
set prefix 10.15.0.0 255.255.240.0
next
edit 2
set prefix 10.16.0.0 255.255.240.0
next
end
# config redistribute "connected"
set status enable
end
# config redistribute "static"
set status enable
end
FGT3 # show router bgp
# config router bgp
set as 200
set router-id 3.3.3.3
set ebgp-multipath enable
set graceful-restart enable
# config neighbor
edit "10.16.7.171"
set ebgp-enforce-multihop enable
set soft-reconfiguration enable
set ebgp-multihop-ttl 10
set remote-as 100
next
end
# config network
edit 1
set prefix 10.11.0.0 255.255.240.0
next
edit 2
set prefix 10.16.0.0 255.255.240.0
next
end
# config redistribute "connected"
set status enable
end
# config redistribute "static"
set status enable
end
Results:
FGT1 # get router info bgp neighbors
VRF 0 neighbor table:
BGP neighbor is 10.15.7.171, remote AS 100, local AS 100, internal link
BGP version 4, remote router ID 2.2.2.2 <-
BGP state = Established, up for 12:53:41 <-
Last read 00:00:06, hold time is 180, keepalive interval is 60 seconds <-
Configured hold time is 180, keepalive interval is 60 seconds
Neighbor capabilities:
Route refresh: advertised and received (old and new)
Address family IPv4 Unicast: advertised and received
Address family VPNv4 Unicast: advertised and received
Address family IPv6 Unicast: advertised and received
Received 991 messages, 3 notifications, 0 in queue
Sent 995 messages, 1 notifications, 0 in queue
Route refresh request: received 1, sent 1
NLRI treated as withdraw: 0
Minimum time between advertisement runs is 30 seconds
For address family: IPv4 Unicast
BGP table version 6, neighbor version 5
Index 1, Offset 0, Mask 0x2
Inbound soft reconfiguration allowed
Community attribute sent to this neighbor (both)
2 accepted prefixes, 2 prefixes in rib
2 announced prefixes
For address family: VPNv4 Unicast
BGP table version 1, neighbor version 1
Index 1, Offset 0, Mask 0x2
Community attribute sent to this neighbor (both)
0 accepted prefixes, 0 prefixes in rib
0 announced prefixes
For address family: IPv6 Unicast
BGP table version 1, neighbor version 1
Index 1, Offset 0, Mask 0x2
Community attribute sent to this neighbor (both)
0 accepted prefixes, 0 prefixes in rib
0 announced prefixes
Connections established 5; dropped 4
Local host: 10.15.7.170, Local port: 11024 <-
Foreign host: 10.15.7.171, Foreign port: 179 <-
Egress interface: 5
Nexthop: 10.15.7.170 <-
Nexthop interface: port3 <-
Nexthop global: ::
Nexthop local: ::
BGP connection: non shared network
Last Reset: 12:53:47, due to BGP Notification sent
Notification Error Message: (Hold Timer Expired/Unspecified Error Subcode)
FGT2 # get router info bgp neighbors
VRF 0 neighbor table:
BGP neighbor is 10.15.7.170, remote AS 100, local AS 100, internal link
BGP version 4, remote router ID 1.1.1.1 <-
BGP state = Established, up for 12:55:34 <-
Last read 00:00:48, hold time is 180, keepalive interval is 60 seconds <-
Configured hold time is 180, keepalive interval is 60 seconds
Neighbor capabilities:
Route refresh: advertised and received (old and new)
Address family IPv4 Unicast: advertised and received
Address family VPNv4 Unicast: advertised and received
Address family IPv6 Unicast: advertised and received
Received 890 messages, 0 notifications, 0 in queue
Sent 891 messages, 0 notifications, 0 in queue
Route refresh request: received 0, sent 0
NLRI treated as withdraw: 0
Minimum time between advertisement runs is 30 seconds
For address family: IPv4 Unicast
BGP table version 3, neighbor version 3
Index 1, Offset 0, Mask 0x2
Inbound soft reconfiguration allowed
Community attribute sent to this neighbor (both)
2 accepted prefixes, 2 prefixes in rib
2 announced prefixes
For address family: VPNv4 Unicast
BGP table version 1, neighbor version 1
Index 1, Offset 0, Mask 0x2
Community attribute sent to this neighbor (both)
0 accepted prefixes, 0 prefixes in rib
0 announced prefixes
For address family: IPv6 Unicast
BGP table version 1, neighbor version 1
Index 1, Offset 0, Mask 0x2
Community attribute sent to this neighbor (both)
0 accepted prefixes, 0 prefixes in rib
0 announced prefixes
Connections established 1; dropped 0
Local host: 10.15.7.171, Local port: 179 <-
Foreign host: 10.15.7.170, Foreign port: 11024 <-
Egress interface: 5
Nexthop: 10.15.7.171 <-
Nexthop interface: port3 <-
Nexthop global: ::
Nexthop local: ::
BGP connection: non shared network
BGP neighbor is 10.16.7.143, remote AS 200, local AS 100, external link
BGP version 4, remote router ID 3.3.3.3 <-
BGP state = Established, up for 00:49:21 <-
Last read 00:00:07, hold time is 180, keepalive interval is 60 seconds <-
Configured hold time is 180, keepalive interval is 60 seconds
Neighbor capabilities:
Route refresh: advertised and received (old and new)
Address family IPv4 Unicast: advertised and received
Address family VPNv4 Unicast: advertised and received
Address family IPv6 Unicast: advertised and received
Received 59 messages, 0 notifications, 0 in queue
Sent 60 messages, 0 notifications, 0 in queue
Route refresh request: received 0, sent 0
NLRI treated as withdraw: 0
Minimum time between advertisement runs is 30 seconds
For address family: IPv4 Unicast
BGP table version 3, neighbor version 2
Index 2, Offset 0, Mask 0x4
Inbound soft reconfiguration allowed
Community attribute sent to this neighbor (both)
1 accepted prefixes, 1 prefixes in rib
3 announced prefixes
For address family: VPNv4 Unicast
BGP table version 1, neighbor version 1
Index 2, Offset 0, Mask 0x4
Community attribute sent to this neighbor (both)
0 accepted prefixes, 0 prefixes in rib
0 announced prefixes
For address family: IPv6 Unicast
BGP table version 1, neighbor version 1
Index 2, Offset 0, Mask 0x4
Community attribute sent to this neighbor (both)
0 accepted prefixes, 0 prefixes in rib
0 announced prefixes
Connections established 1; dropped 0
External BGP neighbor may be up to 10 hops away. <-
Local host: 10.16.7.171, Local port: 179 <-
Foreign host: 10.16.7.143, Foreign port: 19451 <-
Egress interface: 6
Nexthop: 10.16.7.171 <-
Nexthop interface: port4 <-
Nexthop global: ::
Nexthop local: ::
BGP connection: non shared network
FGT3 # get router info bgp neighbors
VRF 0 neighbor table:
BGP neighbor is 10.16.7.171, remote AS 100, local AS 200, external link <-
BGP version 4, remote router ID 2.2.2.2 <-
BGP state = Established, up for 00:45:20 <-
Last read 00:00:23, hold time is 180, keepalive interval is 60 seconds <-
Configured hold time is 180, keepalive interval is 60 seconds
Neighbor capabilities:
Route refresh: advertised and received (old and new)
Address family IPv4 Unicast: advertised and received
Address family VPNv4 Unicast: advertised and received
Address family IPv6 Unicast: advertised and received
Received 56 messages, 0 notifications, 0 in queue
Sent 54 messages, 0 notifications, 0 in queue
Route refresh request: received 0, sent 0
NLRI treated as withdraw: 0
Minimum time between advertisement runs is 30 seconds
For address family: IPv4 Unicast
BGP table version 1, neighbor version 1
Index 1, Offset 0, Mask 0x2
Inbound soft reconfiguration allowed
Community attribute sent to this neighbor (both)
3 accepted prefixes, 3 prefixes in rib
1 announced prefixes
For address family: VPNv4 Unicast
BGP table version 1, neighbor version 1
Index 1, Offset 0, Mask 0x2
Community attribute sent to this neighbor (both)
0 accepted prefixes, 0 prefixes in rib
0 announced prefixes
For address family: IPv6 Unicast
BGP table version 1, neighbor version 1
Index 1, Offset 0, Mask 0x2
Community attribute sent to this neighbor (both)
0 accepted prefixes, 0 prefixes in rib
0 announced prefixes
Connections established 1; dropped 0
External BGP neighbor may be up to 10 hops away. <-
Local host: 10.16.7.143, Local port: 19451 <-
Foreign host: 10.16.7.171, Foreign port: 179 <-
Egress interface: 6
Nexthop: 10.16.7.143 <-
Nexthop interface: port4 <-
Nexthop global: ::
Nexthop local: ::
BGP connection: non shared network
Note:
- EBGP neighborship will only be established if the neighbor is the next hop.
- To change this default behavior, it is necessary to enable the multihop option.
- TTL 10 means a number of hops connection should pass to reach the other hop.
End to End connectivity:
From FGT1 & FGT2, it shows BGP routes for the destination: 10.11.7.143 which is in a different AS. However, it is not possible to ping from FGT1 because the next-hop 10.16.7.143 is not located next to FGT1.
So, there is a need for internal routing in AS 100 to forward the traffic to the destination: 10.11.7.143 from FGT1.
FGT2 # get router info routing-table details 10.11.7.143
Routing table for VRF=0
Routing entry for 10.11.0.0/20
Known via "bgp", distance 20, metric 0, best
Last update 00:42:25 ago
* vrf 0 10.16.7.143 priority 1 (recursive is directly connected, port4)
FGT2 # execute ping 10.11.7.143
PING 10.11.7.143 (10.11.7.143): 56 data bytes
64 bytes from 10.11.7.143: icmp_seq=0 ttl=255 time=0.8 ms
64 bytes from 10.11.7.143: icmp_seq=1 ttl=255 time=0.5 ms
64 bytes from 10.11.7.143: icmp_seq=2 ttl=255 time=0.5 ms
64 bytes from 10.11.7.143: icmp_seq=3 ttl=255 time=0.5 ms
64 bytes from 10.11.7.143: icmp_seq=4 ttl=255 time=0.5 ms
--- 10.11.7.143 ping statistics ---
5 packets transmitted, 5 packets received, 0% packet loss
round-trip min/avg/max = 0.5/0.5/0.8 ms
FGT1 # get router info routing-table details 10.11.7.143
Routing table for VRF=0
Routing entry for 10.11.0.0/20
Known via "bgp", distance 200, metric 0, best
Last update 00:10:37 ago
* vrf 0 10.16.7.143 priority 1 (recursive via 10.5.31.254, port1)
FGT1 # execute ping 10.11.7.143
PING 10.11.7.143 (10.11.7.143): 56 data bytes
^C
--- 10.11.7.143 ping statistics ---
5 packets transmitted, 0 packets received, 100% packet loss
FGT1 # config router static
FGT1 (static) # edit 4
FGT1 (4) # show
# config router static
edit 4
set dst 10.11.0.0 255.255.240.0
set gateway 10.15.7.171
set device "port3"
next
end
FGT1 # execute ping 10.11.7.143
PING 10.11.7.143 (10.11.7.143): 56 data bytes
64 bytes from 10.11.7.143: icmp_seq=0 ttl=254 time=1.7 ms
64 bytes from 10.11.7.143: icmp_seq=1 ttl=254 time=0.8 ms
64 bytes from 10.11.7.143: icmp_seq=2 ttl=254 time=0.8 ms
64 bytes from 10.11.7.143: icmp_seq=3 ttl=254 time=1.1 ms
64 bytes from 10.11.7.143: icmp_seq=4 ttl=254 time=0.7 ms
--- 10.11.7.143 ping statistics ---
5 packets transmitted, 5 packets received, 0% packet loss
round-trip min/avg/max = 0.7/1.0/1.7 ms
FGT1 # execute traceroute 10.11.7.143
traceroute to 10.11.7.143 (10.11.7.143), 32 hops max, 3 probe packets per hop, 84 byte packets
1 10.15.7.171 0.648 ms 0.325 ms 0.163 ms
2 10.11.7.143 0.972 ms 0.535 ms 0.348 ms
FGT1 # execute ping 10.10.7.171
PING 10.10.7.171 (10.10.7.171): 56 data bytes
64 bytes from 10.10.7.171: icmp_seq=0 ttl=255 time=0.6 ms
64 bytes from 10.10.7.171: icmp_seq=1 ttl=255 time=0.6 ms
64 bytes from 10.10.7.171: icmp_seq=2 ttl=255 time=0.5 ms
64 bytes from 10.10.7.171: icmp_seq=3 ttl=255 time=0.4 ms
64 bytes from 10.10.7.171: icmp_seq=4 ttl=255 time=0.5 ms
--- 10.10.7.171 ping statistics ---
5 packets transmitted, 5 packets received, 0% packet loss
round-trip min/avg/max = 0.4/0.5/0.6 ms
FGT3 # execute ping 10.12.7.170
PING 10.12.7.170 (10.12.7.170): 56 data bytes
64 bytes from 10.12.7.170: icmp_seq=0 ttl=254 time=2.2 ms
64 bytes from 10.12.7.170: icmp_seq=1 ttl=254 time=0.9 ms
64 bytes from 10.12.7.170: icmp_seq=2 ttl=254 time=0.8 ms
64 bytes from 10.12.7.170: icmp_seq=3 ttl=254 time=0.7 ms
64 bytes from 10.12.7.170: icmp_seq=4 ttl=254 time=0.8 ms
--- 10.12.7.170 ping statistics ---
5 packets transmitted, 5 packets received, 0% packet loss
round-trip min/avg/max = 0.7/1.0/2.2 ms
FGT3 # execute ping 10.10.7.171
PING 10.10.7.171 (10.10.7.171): 56 data bytes
64 bytes from 10.10.7.171: icmp_seq=0 ttl=255 time=1.6 ms
64 bytes from 10.10.7.171: icmp_seq=1 ttl=255 time=0.7 ms
64 bytes from 10.10.7.171: icmp_seq=2 ttl=255 time=0.6 ms
64 bytes from 10.10.7.171: icmp_seq=3 ttl=255 time=0.8 ms
64 bytes from 10.10.7.171: icmp_seq=4 ttl=255 time=0.5 ms
--- 10.10.7.171 ping statistics ---
5 packets transmitted, 5 packets received, 0% packet loss
round-trip min/avg/max = 0.5/0.8/1.6 ms
|
