Routing
Highlighted
Routing

Directly connected EBGP comes up after addin static route discard to peer's /32 IP

[ Edited ]
‎03-09-2018 04:18 AM

Hello Colleagues,

 

I have two Juniper vMX devices. They are connected over ge-0/0/0

My side 172.17.23.9/30

Remote side 172.17.23.10/30

 

For testing purposes I add static route to 172.17.23.10/32 with discard statemet. Route gets installed and on my routing table for 172.17.23.10/32 I see DISCARD

Ping stops, I can no longer reach to my directly connected neighbour. But BGP stays up, and after I clear BGP session it still comes up.

 

I see Ebgp does not do lookup and just establishes bgp session but I do not understand based on what it happened?

Since BGP is  RE traffic as soon as I see peer has route discard it should not attempt to build neighbourship. 

Ping bypass-routing works. 

 

The same is not true for IBGP sessions

 

My question is why/how bgp comes up?

Screenshoots are attached.

 

 

 

Networking or Notworking
12 REPLIES 12
Highlighted
Routing

Re: Directly connected EBGP comes up after addin static route discard to peer's /32 IP

‎03-09-2018 04:21 AM

Screenshoots attached 

Networking or Notworking

Attachments

Highlighted
Routing

Re: Directly connected EBGP comes up after addin static route discard to peer's /32 IP

‎03-09-2018 04:28 AM
What about the connected route? Mx has a connected route as well, it will use that to reach ebgp neighbor
Highlighted
Routing

Re: Directly connected EBGP comes up after addin static route discard to peer's /32 IP

‎03-09-2018 06:47 AM

Actually MX will prefer the most specific  static route over connected  because of longest prefix.

From the screenshoots we ca see that Static route is instaled on inet.0 . table and has been propogated to Forwarding plane.

 

We see two enties for peer IP. on forwarding table

1- dscrd

2- uncst 

 

So the main questions are:

1. Why I have two entries on Data Plane

2. Why even we check Data plane for RE generated traffic.  ( On the RE we have 'discard')

Networking or Notworking
Highlighted
Routing

Re: Directly connected EBGP comes up after addin static route discard to peer's /32 IP

[ Edited ]
‎03-09-2018 07:20 AM

Ahh, I didn’t see the screenshot as I directly replied over email notification that’s why I asked the question about connected route



1. Why I have two entries on Data Plane

Both route are different route type. One is user configured (user) another is “dest” which is automatically created for the destinations which are directly reachable from the interface.

2. Why even we check Data plane for RE generated traffic. ( On the RE we have 'discard')
I need to check this. Maybe for TCP session, it’s not doing ip lookup or preferring “dest” route-type over “user”. I will check this and get back to you

Highlighted
Routing

Re: Directly connected EBGP comes up after addin static route discard to peer's /32 IP

‎03-09-2018 09:37 AM

Hi Hasan,

I checkced on physical MX and i do see the same behavior. 

Junos: 15.1R6.7

 

1.  By default ebgp neighbor is most cases will be next hop ip address (if we dont use multihop),
so we are not checking the routing-table here and sending the tcp session towards the directly connected interface to establish BGP session.

Because we are skipping the routing table we are able to form the bgp session. this is my understanding from debug on LAB.

 

2. Ping traffic does the  route lookup that is the reason ping is not working withour by-pass as expected.

 

labroot@piekna11-gw-01> show route 5.0.0.2

inet.0: 19 destinations, 19 routes (19 active, 0 holddown, 0 hidden)
Restart Complete
+ = Active Route, - = Last Active, * = Both

5.0.0.2/32 *[Static/5] 03:16:12
Discard

labroot@piekna11-gw-01> show route forwarding-table destination 5.0.0.2
Routing table: default.inet
Internet:
Destination Type RtRef Next hop Type Index NhRef Netif
5.0.0.2/32 user 0 dscd 34 9
5.0.0.2/32 dest 1 d4:4:ff:5e:dd:4d ucst 722 5 xe-2/0/2.0

 

 

16:24:45.782001 Out IP truncated-ip - 11 bytes missing! 193.59.0.146.179 > 193.59.0.147.64567: P 4039233726:4039233745(19) ack 3379742532 win 16384 <nop,nop,timestamp 538228322 538211743>: BGP, length: 19
16:24:45.882177 In IP 193.59.0.147.64567 > 193.59.0.146.179: . ack 19 win 16384 <nop,nop,timestamp 538228422 538228322>
16:24:52.654001 Out IP truncated-ip - 11 bytes missing! 5.0.0.1.49490 > 5.0.0.2.179: P 1030549558:1030549577(19) ack 4018759665 win 16384 <nop,nop,timestamp 538235194 538211743>: BGP, length: 19
16:24:52.754188 In IP 5.0.0.2.179 > 5.0.0.1.49490: . ack 19 win 16384 <nop,nop,timestamp 538235294 538235194>
16:24:55.064334 In IP 193.59.0.147.64567 > 193.59.0.146.179: P 1:20(19) ack 19 win 16384 <nop,nop,timestamp 538237604 538228322>: BGP, length: 19
16:24:55.163929 Out IP 193.59.0.146.179 > 193.59.0.147.64567: . ack 20 win 16384 <nop,nop,timestamp 538237704 538237604>

 

 

Hope this helps

--------------------------------------------------------------------------------------------------------
If this post was helpful, please mark this post as an "Accepted Solution".
Kudos are always appreciated!
--------------------------------------------------------------------------------------------------------

Highlighted
Routing

Re: Directly connected EBGP comes up after addin static route discard to peer's /32 IP

[ Edited ]
‎03-09-2018 12:58 PM

Thank you very much for the response.

 

Actually I guess when router wants to build a BGP neihghorship it should have no information where is the peer, if it is directly connected peer, local interface etc so route lookup should be performed to find the neighbour. 

 

I am wondering if your statement is correct, does juniper has any documentation for this design. ( First think came to my mind was also may be Junos EBGP implementation  just sends packets out of directly conencted interface, but the question is in my mind is how it knows to which interface to forward to packets. It should see peer as a direct route first)

 

 

Networking or Notworking
Highlighted
Routing

Re: Directly connected EBGP comes up after addin static route discard to peer's /32 IP

[ Edited ]
‎03-09-2018 01:43 PM

I just checked the same scenario on IBGP and it is not happening for IBGP sessions

 

 

Networking or Notworking
Highlighted
Routing

Re: Directly connected EBGP comes up after addin static route discard to peer's /32 IP

‎03-09-2018 10:30 PM
I think, the reason is “dest” route type because of which eBGP is working but as I said, I am not sure and need to check the documentation. I will let you know.

Regarding the eBGP and iBGP, it doesn’t matter, whether the peer is single-hop away or multiple-hop away, both eBGP and iBGP sessions are coming up as long as you use outgoing physical interface as a source.

I can see both eBGP (multi-hop) and iBGP coming up (when I use outgoing interface as a source) even if the route is in discard state.
Highlighted
Routing

Re: Directly connected EBGP comes up after addin static route discard to peer's /32 IP

‎03-10-2018 08:56 PM

Hi Hasanov,

 

Finally i was able to figureout the reason TCP Establishment: 

 

Please find the detailed explanation and examples tested on LAB:

 

By default in Junos TCP packet is contructed fully on RE including L2 header and it wont sent to PFE for further lookup, while contrusting the whole packet it is picking the entry of destination ip (5.0.0.2) where it is resolved arp for kernel view, and it selecting the directly connected interface arp for contructing the total packet. thats why TCP session able to establish between your peer.

 

But in case of ICMP and other protocol like BFD(if it is delegated to PFE) its has to perform the lookup performed on the PFE. then the packet is rejected because in this case RE only perform l3 packet contruction and it has to perform l2 header contruct on PFE. so it wont form BFD session until it is delegated to Routing Engine.

 

Kernel view for destination route:

 

# show route forwarding-table destination 5.0.0.2
Routing table: default.inet
Internet:
Destination Type RtRef Next hop Type Index NhRef Netif
5.0.0.2/32 user 1 dscd 34 10
5.0.0.2/32 dest 0 d4:4:ff:5e:dd:4d ucst 722 4 xe-2/0/2.0

 

PFE view for destination route: (ping and BFD will not go through)

 

# sho route ip prefix 5.0.0.2

IPv4 Route Table 0, default.0, 0x80000:
Destination NH IP Addr Type NH ID Interface
--------------------------------- --------------- -------- ----- ---------
5.0.0.2 Discard 34 RT-ifl 0

 

May be you can try the above you wont see bgp coming up which explain my theory correct:

 

R1<==> R2<===> R3

 

1. Form multihop eBGP session with R3 from R1 with R3 interface as neighbor and local address.

2. in this case R2 will have reject route for R3 physical interface ip and TCP packet from R1 is transit for R2 now it will reject on R2 router itself PFE and hence it will not form the BGP session.

 

 

Hope this helps

--------------------------------------------------------------------------------------------------------
If this post was helpful, please mark this post as an "Accepted Solution".
Kudos are always appreciated!
--------------------------------------------------------------------------------------------------------

Highlighted
Routing

Re: Directly connected EBGP comes up after addin static route discard to peer's /32 IP

‎03-10-2018 09:54 PM
Hi Vvadivel,

If you configure “reject” route then it become completely different story, as it will become transit traffic for R2.

For your TCP theory, I am not sure about that because SSH also use TCP and we can’t do ssh R2 if the discard route is configured on R1

R1----------------R2
Highlighted
Routing

Re: Directly connected EBGP comes up after addin static route discard to peer's /32 IP

‎03-10-2018 10:19 PM

Hi Harpreet,

 

There is some internal process how tcp is constructed for routing Protocols and other non routing-protocols like SSH on MX, this is  internal to Juniper which cannot be shared 🙂 but as i mentioned in my last post this is how the packet contructed for BGP, i have tested multiple scenario to confirm the same.

 

Hope this helps

 

regards

Vadivelan V

Highlighted
Routing

Re: Directly connected EBGP comes up after addin static route discard to peer's /32 IP

‎03-11-2018 03:42 PM

Hi Vadivelan,

 

Thank you very much for your time and explanation.

 

Regarding IBGP vs EBGP for this case. 

I tried both in my lab. Whie EBGP is up and I add discard route EBGP is still up. I clear the session and immediatelly BGP comes up. 

For IBGP, when I add discard route, it takes few minutes (longer than BGP hold time) then I see the session in Active state.

I clear the iBGP sessaion after adding discard route and iBGP never comes up.

Now I am thinking about your statement if it is true for both eBGP and iBGP.

Regarding your explanation, is there any documentation by Juniper or it is "secret" 🙂 

 

I will test few scenarios and come back to you.

Thanks for the effort, you already have Kudos for brining lights to this topic.

 

 

Elshan 

 

 

 

 

Networking or Notworking
Feedback