TransWikia.com

BGP unnumbered on P2MP link

Network Engineering Asked by Eugene D. Gubenkov on January 30, 2021

I’m wondering what will happen if BGP unnumbered session is configured on a link that has multiple routers on the other side which are both IPv6-capable and will both reply on RS and produce RA messages (Router Advertisement and Router Solicitation) which auto-configuration for BGP unnumbered relies upon?

Such configuration seems inherently ambiguous, but it might, for instance, [automagically] establish BGP peering with both…

If anyone tried to set up such a configuration or knows the result in advance, can you please share your findings?

illustration

One Answer

I've finally reproduced this scenario to check what will happen.

Using eve-ng network emulator (note, it's not a simulator, it runs real software images and shows what happens almost indistinguishably from real devices) I've created the following topology.

topology

cumulus10 there (with AS 65003) hosts vlan1 interface (which is switch virtual interface) and ports swp1 and swp2 are bridged, effectively forming a single broadcast domain (as in the problem statement).

interface bridge
  bridge-ports swp1 swp2
  bridge-vids 1
  bridge-vlan-aware yes

interface vlan1
  address 10.10.10.1/24
  vlan-id 1
  vlan-raw-device bridge

This system has an instruction to establish BGP unnumbered session using vlan1 interface.

router bgp 65003
  neighbor vlan1 interface remote-as external

Two other devices (cumulus9 and cumulus11) have a simple configuration for BGP unnumbered peering over swp1 and swp2 respectively.

router bgp 65004
  neighbor swp1 interface remote-as external
router bgp 65005
  neighbor swp2 interface remote-as external

In one of my test runs I'm going to be using as an example I see that as soon as SVI brought up AS 65003 tries to establish BGP session sequentially with both neighbors, but in the end, only a single BGP session is established, the second one always fails. I am leaving the packet capture results as seen on swp1 interface for cumulus9 and swp2 for cumulus11 which sheds the light on the internals.

The bottom line: such configuration is inherently flawed for BGP unnumbered peering. From experiments, I see that any of the three possible pairs can form a BGP session (even look at the picture in question -- it is symmetric!), and which pair will do it is a subject for undefined behavior and probabilistic.

Packet capture plus link-local addresses and MAC addresses for all 3 devices below (to make sense of the packet capture results). Raw packet capture files (two .pcapng files, openable in Wireshark) I'm leaving for those who interested to dig here: https://www.dropbox.com/sh/bdo3w8a8tt2u8ka/AAD-Pfv2cWfuTdG2B9tFzN1va?dl=0; additionally, a quick peek at the most interesting part in form of the image is below.

| device    | interface  |  MAC              |   IPv6 LLA              |
|-----------+------------+-------------------+-------------------------|
| cumulus10 |   vlan1    | 50:00:00:0a:00:01 | fe80::5200:ff:fe0a:1/64 |
| cumulus9  |   swp1     | 50:00:00:09:00:01 | fe80::5200:ff:fe09:1/64 |
| cumulus11 |   swp2     | 50:00:00:0b:00:02 | fe80::5200:ff:fe0b:2/64 |

click to enlarge packet capture

Answered by Eugene D. Gubenkov on January 30, 2021

Add your own answers!

Ask a Question

Get help from others!

© 2024 TransWikia.com. All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP