This post represents the solution and explanation for quiz-17.
Have a look at the quiz to understand the problem.
Quiz Review
The quiz presents a situation when the network is refreshed by swapping the Cisco routers with Juniper ones.
It's far from me the intention of discussing which one is better...the reason for this quiz is to present different approaches chosen by these two vendors when implementing BGP advertisements.
There are a lot of differences but this article discusses the default behaviour for advertising inactive routes by BGP.
The
As a revision of these values, below is a table of Cisco's AD and Juniper's Route Preference for some of the routing protocols:
Note that this table does not contain all routing sources!
Getting back to the quiz, R1 and R2 are part of the OSPF Area 0 and also run an iBGP session between them. R1 advertises local subnets in both OSPF and BGP. The configuration applied to Juniper devices "matches" Cisco configuration, meaning: there is no import/export policies applied (Juniper's BGP Default Policy is Accept All/Advertise All, same as Cisco's).
Note that this article does not discuss BGP design "best practices"
In this topology, when R2 is a Cisco device, R3 will receive the 192.168.100.0/24 and 192.168.200.0/24 prefixes... but with Juniper as R2, these routes are not received by R3.
Default behaviour on Cisco vs. Juniper
The different result seen on router R3 is due to the different default behavior:
by default, CISCO advertises inactive routes - this can be disabled with commandbgp suppress-inactive, but only in special situations, depending whether next-hop matches or not !by default, JUNIPER does not advertise inactive routes - this can be enabled with commandadvertise-inactive
In my opinion, in a good network design (please read "in most situations", as I don't want to debate here when & why a network design is better than another) you would not have to deal with BGP inactive routes. In the routing world, where all advertisements/redistribution are done from the RIB / active routes, the Juniper approach seems logical. On the other hand, Cisco seems to support designs where prefixes are "leaked" into the BGP domain on devices that are not at the edge of the network (like in this quiz: 192.168.x00.0/24 get into BGP on R1 instead of edge router, R2).
Please note that for both vendors, the inactive route needs to be selected as best path in the BGP table in order to have the option of being advertised !
Displaying the inactive routes on Cisco and Juniper
Inactive routes appear in the BGP table with the prefix of "r" which means "RIB-failure":
R2#show ip bgp BGP table version is 5, local router ID is 192.168.23.2 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,r RIB-failure , S Stale Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Pathr >i192.168.100.0 192.168.12.1 0 100 0 ir >i192.168.200.0 192.168.12.1 0 100 0 i R2# R2#sh ip route 192.168.100.0 Routing entry for 192.168.100.0/24Known via "ospf 1" , distance 110, metric 2, type intra area Last update from 192.168.12.1 on FastEthernet0/0, 00:01:21 ago Routing Descriptor Blocks: * 192.168.12.1, from 192.168.200.1, 00:01:21 ago, via FastEthernet0/0 Route metric is 2, traffic share count is 1
Spotting the inactive routes on Juniper is much easier due to the fact that the output of the command "show route" contains information about all routing sources:
root@Router-2>show route 192.168.100.0 inet.0: 7 destinations, 9 routes (7 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 192.168.100.0/24*[OSPF/10] 00:11:28, metric 1 > to 192.168.12.1 via em1.0 **[BGP/170]** 00:11:26, localpref 100 AS path: I > to 192.168.12.1 via em1.0
This simple command "show route" display both active route (OSPF, preference 10, marked with a "
Using the detailed/extensive version, "show route extensive", you will also see detailed output for each routing information and in case of the BGP inactive route, the output will contain the reason why it is inactive !
Solutions
The best solution, for this scenario, is to use the "advertise-inactive" command on Juniper router R2:
root@Router-2>show configuration protocols bgp group AS_65100 { type internal; neighbor 192.168.12.1 { peer-as 65100; } } group AS_65300 { type external;advertise-inactive ; neighbor 192.168.23.3 { peer-as 65300; } }
Of course, other solutions are possible, in order of my own preference:
- announce internal routes into BGP on the edge router R2, instead of the "internal" router R1
- redistribute the OSPF routes into BGP on router R2
- change the default route preference, either make BGP "better" (read lower) than OSPF or vice-versa. The best approach would be to change the default preference with a routing policy rather than changing it for the whole protocol, which may create even bigger problems than the initial one trying to solve
Thank you for your comments and interest in the quiz!
Subscribe to this blog to get more interesting quizzes and detailed solutions.
Costi is a network and security engineer with over 10 years of experience in multi-vendor environments. He holds a CCIE Routing and Switching certification and is currently pursuing same expert-level certifications in other areas. He believes that the best way to learn and understand networking topics is to challenge yourself to fix different problems, production-wise or lab-type exams. He also enjoys teaching networking and security technologies, whevever there is an opportunity for it.
Comments
comments powered by Disqus