next-hop-self for update received from iBGP neighbor


Hi,

will next-hop-self still work for bgp update received from iBGP neighbor in ExtremeXOS?

for example for cisco additional routemap is required:

route-map RM-NHSset ip next-hop peer-address neighbor X.X.X.X route-map out RM-NHS While for juniper it works by default for iBGP neighbors within different clusters[/code]

18 replies

Userlevel 6
Hi Tatiana,

To configure outgoing updates to the specified neighbors to specify the address of the BGP connection originating the update as the next hop address, use the following command:

configure bgp neighbor next-hop-self

IPv4 unicast address family will be used by default. For IPv6 you must specify the option in the command.
Henrique wrote:

Hi Tatiana,

To configure outgoing updates to the specified neighbors to specify the address of the BGP connection originating the update as the next hop address, use the following command:

configure bgp neighbor next-hop-self

IPv4 unicast address family will be used by default. For IPv6 you must specify the option in the command.

Thanks, I found that.

Let's say we have 3 Routers, A B and C.
A is route reflector client for B,
Between A and B, and B and C are iBGP sessions.
on the B router is configured #configure bgp neighbor "Cremoteaddr" next-hop-self

In case B will receive an iBGP update from A, will it send it to C with
next-hop-self ? or this works only for BGP updates received from eBGP neighboors?
Userlevel 6
Henrique wrote:

Hi Tatiana,

To configure outgoing updates to the specified neighbors to specify the address of the BGP connection originating the update as the next hop address, use the following command:

configure bgp neighbor next-hop-self

IPv4 unicast address family will be used by default. For IPv6 you must specify the option in the command.

Got the point. Thanks for the details.

I believe that will work only for routes learned from eBGP neighbors, otherwise it will keep the "C" router as next-hop address.

I will check if there is any route-policy to that and update this thread.
Userlevel 7
Henrique wrote:

Hi Tatiana,

To configure outgoing updates to the specified neighbors to specify the address of the BGP connection originating the update as the next hop address, use the following command:

configure bgp neighbor next-hop-self

IPv4 unicast address family will be used by default. For IPv6 you must specify the option in the command.

Changing the nh for eBGP is mandatory, you don't have to configure it. This parameter is for iBGP sessions which do not change nh by default. As Henrique said you'll need to specify it per familly address, without any it defaults to IPv4 unicast.
Userlevel 6
Henrique wrote:

Hi Tatiana,

To configure outgoing updates to the specified neighbors to specify the address of the BGP connection originating the update as the next hop address, use the following command:

configure bgp neighbor next-hop-self

IPv4 unicast address family will be used by default. For IPv6 you must specify the option in the command.

Just to clarify, here is a simple diagram and observations for both iBGP and eBGP scenarios:

eBGP scenario:



In the above scenario, router A will get the routes advertised by router "C" with the following information by default:

Destination: 200.200.200.0/24
Peer: 192.168.1.6
Next-Hop: 192.168.1.4 (router C)

If we enable next-hop-self in router "B" for BGP neighbor "A" we would get:

Destination: 200.200.200.0/24
Peer: 192.168.1.6
Next-Hop: 192.168.1.6 (router B)

iBGP scenario:



In the above scenario router B is the reflector for client/neighbor router "A".

Router "A" will get the routes reflected by router "B" (previously learned from router "C") with following information:

Destination: 200.200.200.0/24
Peer: 192.168.1.6
Next-Hop: 192.168.1.4 (router C)

This result will happen regardless of using "next-hop-self" option in router "B" to neighbor "A".

There is a route-policy option to include the "next-hop" action, but I don't believe that applies to this case.
Userlevel 7
Henrique wrote:

Hi Tatiana,

To configure outgoing updates to the specified neighbors to specify the address of the BGP connection originating the update as the next hop address, use the following command:

configure bgp neighbor next-hop-self

IPv4 unicast address family will be used by default. For IPv6 you must specify the option in the command.

The eBGP diagram confuses me a lot. Should I understand A and B are in AS 100 with an iBGP session and C is in AS 200? I imagine also the identical /30 is a copy-paste typo. Assuming this, the eBGP scenario is expected, and without nhs on B I imagine the network from C is unreachable from A. I was referring to this for nhs keyword.
Henrique wrote:

Hi Tatiana,

To configure outgoing updates to the specified neighbors to specify the address of the BGP connection originating the update as the next hop address, use the following command:

configure bgp neighbor next-hop-self

IPv4 unicast address family will be used by default. For IPv6 you must specify the option in the command.

Thanks a lot. For Cisco actualy a route-policy helps to solve this case, it changes next-hop atribute. Could someone translate the below cisco route-policy :

route-map RM-NHS
set ip next-hop peer-address

to ExtremeXOS one?
Thanks
Userlevel 7
Henrique wrote:

Hi Tatiana,

To configure outgoing updates to the specified neighbors to specify the address of the BGP connection originating the update as the next hop address, use the following command:

configure bgp neighbor next-hop-self

IPv4 unicast address family will be used by default. For IPv6 you must specify the option in the command.

I should have better read the topic. You want to change nh attribute for a route learnt by iBGP that you want to reflect in iBGP... This is bad in BGP (https://tools.ietf.org/html/rfc4271#section-5.1.3) and could result in network issues. So I hope you know what you're doing. RR shouldn't modify nh attribute for clients and non-clients and I'm surprized JunOS would do that by default (https://tools.ietf.org/html/rfc4456#section-10). I believe a routing policy can allow you to modify the nh attribute, there's a next-hop parameter from what I recall. Check the routing policy chapter in the EXOS User Guide (http://www.extremenetworks.com/support/documentation/), sorry I don't have access to it right now to give the exact syntax.
Userlevel 4
Henrique wrote:

Hi Tatiana,

To configure outgoing updates to the specified neighbors to specify the address of the BGP connection originating the update as the next hop address, use the following command:

configure bgp neighbor next-hop-self

IPv4 unicast address family will be used by default. For IPv6 you must specify the option in the command.

You can use 'next-hop' action along with appropriate matching conditions in a routing policy.

entry 1 {
if match any {
nlri 0.0.0.0/0;
} then {
next-hop ;
} }
Userlevel 4
Henrique wrote:

Hi Tatiana,

To configure outgoing updates to the specified neighbors to specify the address of the BGP connection originating the update as the next hop address, use the following command:

configure bgp neighbor next-hop-self

IPv4 unicast address family will be used by default. For IPv6 you must specify the option in the command.

You can use 'next-hop' action along with appropriate matching conditions in a routing policy.

entry 1 {
if match any {
nlri 0.0.0.0/0;
} then {
next-hop ;
} }
Henrique wrote:

Hi Tatiana,

To configure outgoing updates to the specified neighbors to specify the address of the BGP connection originating the update as the next hop address, use the following command:

configure bgp neighbor next-hop-self

IPv4 unicast address family will be used by default. For IPv6 you must specify the option in the command.

Grosjean, Stephane, I have a reason to do this ) Thanks

Kevin Kim, Thank you for commands, will try them.
Userlevel 6
Henrique wrote:

Hi Tatiana,

To configure outgoing updates to the specified neighbors to specify the address of the BGP connection originating the update as the next hop address, use the following command:

configure bgp neighbor next-hop-self

IPv4 unicast address family will be used by default. For IPv6 you must specify the option in the command.

Just made a quick test and got same results with or without the policy. The Nex-Hop remains unchanged pointing to router "C".

Since that's applied in a BGP reflector, I'm not sure if that would work.

Please let me know if you got a different result.

Thanks.
Henrique wrote:

Hi Tatiana,

To configure outgoing updates to the specified neighbors to specify the address of the BGP connection originating the update as the next hop address, use the following command:

configure bgp neighbor next-hop-self

IPv4 unicast address family will be used by default. For IPv6 you must specify the option in the command.

We will test this during maintenance. Can you send me configurations applied please?

One reason it not works is that this PBR doesn't change BGP next-hop attribute.
Userlevel 6
Henrique wrote:

Hi Tatiana,

To configure outgoing updates to the specified neighbors to specify the address of the BGP connection originating the update as the next hop address, use the following command:

configure bgp neighbor next-hop-self

IPv4 unicast address family will be used by default. For IPv6 you must specify the option in the command.

Hi Tatiana,

Please see below the commands applied for router "B":

regrabgp.pol

entry R1 {
if match any {
nlri 0.0.0.0/0;
} then {
next-hop 192.168.1.6;
}
}

Command 1: configure bgp neighbor 192.168.1.8 next-hop-self
Command 2: configure bgp neighbor 192.168.1.8 route-policy out regrabgp

I have tried using only command 1, then only command 2 and then both. Got same results on all 3 tests.
Userlevel 7
Henrique wrote:

Hi Tatiana,

To configure outgoing updates to the specified neighbors to specify the address of the BGP connection originating the update as the next hop address, use the following command:

configure bgp neighbor next-hop-self

IPv4 unicast address family will be used by default. For IPv6 you must specify the option in the command.

I can't verify now, but I think nlri matches by default with an exact. So, unless you are testing with an actual default route, your routing policy doesn't match. Check the routing policy chapter and look for nlri and next-hop keywords in the table to be sure.
Userlevel 6
Henrique wrote:

Hi Tatiana,

To configure outgoing updates to the specified neighbors to specify the address of the BGP connection originating the update as the next hop address, use the following command:

configure bgp neighbor next-hop-self

IPv4 unicast address family will be used by default. For IPv6 you must specify the option in the command.

Hi, I have just tested with the policy below and worked:

Policy: regrabgp

entry R1 {
if match any {
nlri 123.123.123.0/24 exact;
} then {
next-hop ;
permit ;
}
}

To match any routes with /24 mask-length you can use:

Policy: regrabgp

entry R1 {
if match any {
nlri any/24 exact;
} then {
next-hop ;
permit ;
}
}

BGP configuration for router B for the neighbor Router A:

create bgp neighbor 192.168.1.8 remote-AS-number 100 multi-hop
configure bgp neighbor 192.168.1.8 route-reflector-client
configure bgp neighbor 192.168.1.8 source-interface ipaddress 192.168.1.6
configure bgp neighbor 192.168.1.8 route-policy out regrabgp
enable bgp neighbor 192.168.1.8


Thanks Stephane to mention the routing-policy concepts. 🙂

Tatiana, please let us know if that worked for you.
Henrique wrote:

Hi Tatiana,

To configure outgoing updates to the specified neighbors to specify the address of the BGP connection originating the update as the next hop address, use the following command:

configure bgp neighbor next-hop-self

IPv4 unicast address family will be used by default. For IPv6 you must specify the option in the command.

Thanks Henrique, it helped,
We tested it on the equipment and route-map made his work.
Userlevel 6
Henrique wrote:

Hi Tatiana,

To configure outgoing updates to the specified neighbors to specify the address of the BGP connection originating the update as the next hop address, use the following command:

configure bgp neighbor next-hop-self

IPv4 unicast address family will be used by default. For IPv6 you must specify the option in the command.

Hi Tatiana, thanks for the feedback.

I have created an article with those steps:
https://gtacknowledge.extremenetworks.com/articles/How_To/How-to-configure-a-BGP-router-reflector-with-next-hop-self-for-iBGP-neighbor
Thanks, I found that.

Let's say we have 3 Routers, A B and C.
A is route reflector client for B,
Between A and B, and B and C are iBGP sessions.
on the B router is configured #configure bgp neighbor "Cremoteaddr" next-hop-self

In case B will receive an iBGP update from A, will it send it to C with
next-hop-self ? or this works only for eBGP updates?

Reply