Wired Intelligent Edge

 View Only
Expand all | Collapse all

BGP best path

This thread has been viewed 55 times
  • 1.  BGP best path

    Posted Feb 29, 2024 04:46 AM

    Hi

    I'm preparing for a customer implementation where I will change the existing Aruba-CX 8360v2 VSX cluster with a single Internet access using static routing to a redundant Internet access using BGP. This is also the first step for multiple DC's connected to Internet.

    So now my question. I have setup a simple setup using eve-ng with Cisco routers being the ISP and the Aruba-CX OVA Version: Virtual.10.07.0004 being the customer (without the VSX part)
    I'm using Communities providing Local pref for the provider (standard setup for the ISP (instead of as-path prepend) and using local pref for the inbound routes from the provider which probably will be the default route only at this stage. All this looks good. 

    The setup for the customer will be active standby using BGP meaning only one path will be active. On the provider side local pref works as expected with local pref value deciding the path. Now to my concern. when looking in the Aruba bgp table, "show bgp ipv4/ipv6 unicast" the local pref is ok, 300 on the "standby node iBGP path. BUT the best path in the table on the "standby node" is the eBGP with a local pref of 200. 

    Looking in the Aruba doc and BGP best path algorithm it says that step 2 is local pref and ebgp and ibgp is further down in the table. This is what I expected but the outcome in reality doesn't follow that. Why? I assume I can tweak it by setting ibgp and ebgp to the same distance, not possible though in the OVA. Is there a difference in the Aruba-CX OVA compared to the real devices in scope 8360v2? Anyone that can sched some light on this behaviour?

    Below the bgp output from the standby node. The eBGP link networks are /31 nets. OSPF for igp and loopback is used for update source for ibgp.

    Node 1 (standby node)
    --------------
    sw01# sho bgp ipv4 unicast
    Status codes: s suppressed, d damped, h history, * valid, > best, = multipath,
                  i internal, e external S Stale, R Removed, a additional-paths
    Origin codes: i - IGP, e - EGP, ? - incomplete
     
    VRF : default
    Local Router-ID 10.10.255.1
     
        Network            Nexthop         Metric     LocPrf     Weight Path
    * i 0.0.0.0/0          172.16.184.243 0          300        0       64513 i
    *>e 0.0.0.0/0          172.16.184.241 0          200        0       64513 i
    *>  172.16.184.0/23   0.0.0.0         0          100        0       i
    * i 172.16.184.0/23   10.10.255.2   0          100        0       i
    * i 200.200.0.0/16     172.16.184.243 2          300        0       64513 i
    *>e 200.200.0.0/16     172.16.184.241 0          200        0       64513 i
    Total number of entries 6
     
    sw01# 



    ------------------------------
    Torro
    ------------------------------


  • 2.  RE: BGP best path

    Posted Mar 11, 2024 12:05 PM

    Hi again

    I have now tested with a newer version of Aruba-CX OVA, 

    -----------------------------------------------------------------------------
    ArubaOS-CX
    (c) Copyright Hewlett Packard Enterprise Development LP
    -----------------------------------------------------------------------------
    Version      : Virtual.10.09.0002
    Build Date   :
    Build ID     : ArubaOS-CX:Virtual.10.09.0002:456cd71cc7cb:202112061706
    Build SHA    : 456cd71cc7cb78a52d12445ff257fd49cf120ad9

    Still the same problem, 

    eBGP has precedence over Local Preference which is wrong. Also its not possible to change the routing administrative distance for eBGP/iBGP.

    Comments anyone?
    I will test this in reality when the second access is installed (still some weeks to go).



    ------------------------------
    Torro
    ------------------------------



  • 3.  RE: BGP best path

    Posted Mar 12, 2024 04:52 AM

    What you observed with the OVA is wrong.

    The BGP decision tree should be:

    Please note that the admin distance does not come into the picture before step 8.

    I can not check right now on OVA but you should have distance bgp command in router bgp section.

    If so, please set same distance for both ebgp and ibgp although this is not expected in network industry.

    If the behavior is the same on 8360, please open a TAC case.




  • 4.  RE: BGP best path

    Posted Mar 13, 2024 04:19 AM

    Hi
    Many thanks for responding and yes that is my expectation that Local pref has precedence over eBGP in this case according to the best path algorithm.
    Yes I'm aware of that and my workaround will be to set eBGP and iBGP with the same distance so that local pref will break the tie in favour for iBGP.

    I will feed back here also if I see the same problem in the 8360v2 sw and open a TAC case,

     



    ------------------------------
    Torro
    ------------------------------



  • 5.  RE: BGP best path

    Posted Mar 14, 2024 05:16 AM

    Right now, you still have to configure same admin distance even on physical switches to get what you're looking for.




  • 6.  RE: BGP best path

    Posted Mar 14, 2024 05:21 AM
    Edited by torro Mar 14, 2024 05:22 AM

    Hi
    thanks for notifying. It's a bit sad though.



  • 7.  RE: BGP best path

    Posted Mar 14, 2024 06:50 AM

    Hi,

    Can you double check if iBGP route next-hop (172.16.184.243) is reachable? 

    * i 0.0.0.0/0          172.16.184.243 0          300        0       64513 i
    *>e 0.0.0.0/0          172.16.184.241 0          200        0       64513 i
    AOS-CX supports BGP best-path selection as per standard BGP decision tree, and there are no gaps here.  When BGP RIB learns same route from iBGP and eBGP sessions, by default eBGP route will get selected as best route. However, in this case you have set the LP which is second in priority so the route that has higher local-preference should get selected as best route. I think here eBGP is selected as best route may be due to next-hop 172.16.184.243 is unreachable.
    Can you double check if the next-hop is reachable?
    My local test-bed it is working perfectly fine.

        Network                                     Nexthop                                 Metric     LocPrf     Weight Path

    *>i 22.22.22.22/32                              10.1.1.1                                0          300        0       1 i

    * e 22.22.22.22/32                              12.1.1.1                                0          200        0       1 i

    --Ramaprasad



  • 8.  RE: BGP best path

    Posted Mar 14, 2024 07:50 AM
    Hi

    Next-hop self on the iBGP peering (best practice) would perhaps help as well. 

    Cheers, Thomas





  • 9.  RE: BGP best path

    Posted Mar 14, 2024 08:22 AM

    Hi

    When I do setups like this I use next hop self on eBGP and use IGP and update source loopback interface for iBGP



    ------------------------------
    Torro
    ------------------------------



  • 10.  RE: BGP best path

    Posted Mar 19, 2024 11:52 AM

    next-hop-self should be set on iBGP peering.