BGP unnumbered on P2MP link
Network Engineering Asked by Eugene D. Gubenkov on January 30, 2021
I’m wondering what will happen if BGP unnumbered session is configured on a link that has multiple routers on the other side which are both IPv6-capable and will both reply on RS and produce RA messages (Router Advertisement and Router Solicitation) which auto-configuration for BGP unnumbered relies upon?
Such configuration seems inherently ambiguous, but it might, for instance, [automagically] establish BGP peering with both…
If anyone tried to set up such a configuration or knows the result in advance, can you please share your findings?
One Answer
I've finally reproduced this scenario to check what will happen.
Using eve-ng network emulator (note, it's not a simulator, it runs real software images and shows what happens almost indistinguishably from real devices) I've created the following topology.
cumulus10 there (with AS 65003) hosts vlan1 interface (which is switch virtual interface) and ports swp1 and swp2 are bridged, effectively forming a single broadcast domain (as in the problem statement).
interface bridge
bridge-ports swp1 swp2
bridge-vids 1
bridge-vlan-aware yes
interface vlan1
address 10.10.10.1/24
vlan-id 1
vlan-raw-device bridge
This system has an instruction to establish BGP unnumbered session using vlan1 interface.
router bgp 65003
neighbor vlan1 interface remote-as external
Two other devices (cumulus9 and cumulus11) have a simple configuration for BGP unnumbered peering over swp1 and swp2 respectively.
router bgp 65004
neighbor swp1 interface remote-as external
router bgp 65005
neighbor swp2 interface remote-as external
In one of my test runs I'm going to be using as an example I see that as soon as SVI brought up AS 65003 tries to establish BGP session sequentially with both neighbors, but in the end, only a single BGP session is established, the second one always fails. I am leaving the packet capture results as seen on swp1 interface for cumulus9 and swp2 for cumulus11 which sheds the light on the internals.
The bottom line: such configuration is inherently flawed for BGP unnumbered peering. From experiments, I see that any of the three possible pairs can form a BGP session (even look at the picture in question -- it is symmetric!), and which pair will do it is a subject for undefined behavior and probabilistic.
Packet capture plus link-local addresses and MAC addresses for all 3 devices below (to make sense of the packet capture results). Raw packet capture files (two .pcapng files, openable in Wireshark) I'm leaving for those who interested to dig here: https://www.dropbox.com/sh/bdo3w8a8tt2u8ka/AAD-Pfv2cWfuTdG2B9tFzN1va?dl=0; additionally, a quick peek at the most interesting part in form of the image is below.
| device | interface | MAC | IPv6 LLA |
|-----------+------------+-------------------+-------------------------|
| cumulus10 | vlan1 | 50:00:00:0a:00:01 | fe80::5200:ff:fe0a:1/64 |
| cumulus9 | swp1 | 50:00:00:09:00:01 | fe80::5200:ff:fe09:1/64 |
| cumulus11 | swp2 | 50:00:00:0b:00:02 | fe80::5200:ff:fe0b:2/64 |
click to enlarge
Answered by Eugene D. Gubenkov on January 30, 2021
Add your own answers!
Ask a Question
Get help from others!
Recent Questions
- How can I transform graph image into a tikzpicture LaTeX code?
- How Do I Get The Ifruit App Off Of Gta 5 / Grand Theft Auto 5
- Iv’e designed a space elevator using a series of lasers. do you know anybody i could submit the designs too that could manufacture the concept and put it to use
- Need help finding a book. Female OP protagonist, magic
- Why is the WWF pending games (“Your turn”) area replaced w/ a column of “Bonus & Reward”gift boxes?
Recent Answers
- Joshua Engel on Why fry rice before boiling?
- Jon Church on Why fry rice before boiling?
- Peter Machado on Why fry rice before boiling?
- haakon.io on Why fry rice before boiling?
- Lex on Does Google Analytics track 404 page responses as valid page views?