Hi There, The next-hop value is providing the peer with the next-hop value to use for the advertised prefixes from your router. So, the next-hop should be an address on your router. It looks correct based on your edited configuration file.
If you run a 'show bgp peers' it will show you whether or not your session is established with your peer. If it's not established, that would be one reason why the ISP claims they did not receive a prefix advertisement from you. First off, verify your configuration is correct (IPs, ASNs etc). Then you can run a tshark on eth0 (your BGP peering interface) on port 179 (tshark -i eth0 port 179 -Vn) to take a look at the BGP packets and also take a look at the logs 'show log.' If your session is established, make sure the route you are advertising with your policy exists in the routing table and matches the prefix in the policy. You can check the route by running a 'show route protocol static.' You must see the static route that you've pointed to your loopback interface in the table. If it's not there, verify your configuration etc. If it is there, make sure the prefix in your policy matches the route exactly. If it does not match, it won't be advertised. If all of the above are correct, take a look at 'show bgp route' and make sure you see your advertised prefix in the output. If it's there then your ISP is probably rejecting your advertisement. They need to add your prefix to their prefix list. ISPs forget to add their customer's prefixes to their prefix lists all the time. The loopback address for the BGP ID won't hurt anything but Ahsan is correct that for eBGP peering with external public peers, you should probably set your BGP ID to your public IP on eth0. Thanks! and I hope this helps. -Robyn Ahsan Khan wrote: > Hi, > > I think your nexthop IP should be your ISP IP address and not your > own. Also check with your ISP if they can confirm about BGP session > establishment, Most router like Juniper, Cisco can explain a lot in their > output the reasons if the session is not established. > > Also loopback IP is normally used in BGP if you have multiple interfaces > connected to same ISP, or you are using some other complex configuration. I > would use interface IP connected to ISP to avoid routing issues etc. > > Thanks. > > Ahsan Khan > > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Poh Yong Hwang > Sent: Tuesday, December 18, 2007 11:20 PM > To: Justin Fletcher > Cc: vyatta-users > Subject: Re: [Vyatta-users] Advises on configuring BGP > > Hi, > > Thanks. I just could not traceroute to the router and according to my > peering upstream, they mention that they did not receive any of my prefix > announcement. > > Basically i just want to do a simple setup at this moment with one box > running Vyatta and eth0 is link to one of our upstream provider which we > want to peer with. I have my ASN number as well as a /21 range of IP > addresses to announce. Here is my configuration: > > loopback ip : 10.0.0.65 > My ASN : 100 > My IP Range : XX.XX.XX.XX/21 > > Upstream Route IP : a.b.c.d > Customer Interface IP : c.d.e.f > Upstream ASN : 200 > > protocols { > bgp { > bgp-id: 10.0.0.65 > local-as: 100 > import: "" > export: "BGP_EXPORT" > peer " a.b.c.d" { > import: "" > export: "" > multihop: 1 > peer-port: 179 > local-port: 179 > local-ip: c.d.e.f > as: 9989 > next-hop: c.d.e.f > holdtime: 90 > delay-open-time: 0 > client: false > confederation-member: false > disable: false > ipv4-unicast: true > ipv4-multicast: false > ipv6-unicast: false > ipv6-multicast: false > md5-key: "" > } > } > static { > disable: false > route XX.XX.XX.XX/21 { > next-hop: 10.0.0.65 > metric: 1 > } > } > } > policy { > policy-statement "BGP_EXPORT" { > term 1 { > from { > protocol: "static" > network4: XX.XX.XX.XX/21 > } > then { > action: "accept" > } > } > } > } > interfaces { > restore: false > loopback lo { > description: "" > address 10.0.0.65 { > prefix-length: 32 > disable: false > } > } > ethernet eth0 { > disable: false > discard: false > description: "" > hw-id: 00:30:48:55:63:FC > duplex: "auto" > speed: "auto" > address c.d.e.f { > prefix-length: 25 > disable: false > } > } > ethernet eth1 { > disable: false > discard: false > description: "" > hw-id: 00:30:48:55:63:FD > duplex: "auto" > speed: "auto" > address XX.XX.XX.1 { > prefix-length: 21 > disable: false > } > } > } > service { > http { > port: 80 > } > } > firewall { > log-martians: "enable" > send-redirects: "disable" > receive-redirects: "disable" > ip-src-route: "disable" > broadcast-ping: "disable" > syn-cookies: "enable" > } > system { > host-name: "vyatta" > domain-name: "" > time-zone: "GMT" > ntp-server "69.59.150.135" > login { > user root { > full-name: "" > authentication { > encrypted-password: "$1$$Ht7gBYnxI1xCdO/JOnodh." > } > } > user vyatta { > full-name: "" > authentication { > encrypted-password: "$1$$Ht7gBYnxI1xCdO/JOnodh." > } > } > } > package { > auto-sync: 1 > repository community { > component: "main" > url: "http://archive.vyatta.com/vyatta"; > } > } > } > rtrmgr { > config-directory: "/opt/vyatta/etc/config" > } > > Is this config correct? > > Thanks > > > > On Dec 18, 2007 3:17 AM, Justin Fletcher < [EMAIL PROTECTED] > <mailto:[EMAIL PROTECTED]> > wrote: > > > It's hard to tell without the full configuration, but remember that > you need > both a route out, as well as the rest of the internet needs to be > able to > find their way back to you. You can check to see if you're > reachable > using an external traceroute; see www.traceroute.org > <http://www.traceroute.org> to check and see > if you're reachable. > > Best, > Justin > > > On Dec 17, 2007 2:05 AM, Poh Yong Hwang < [EMAIL PROTECTED] > <mailto:[EMAIL PROTECTED]> > wrote: > > Hi, > > > > I have managed to setup the BGP session with my peer and also > based on the > > topic on Originating a Route to eBGP neighbors to announce my IP > ranges. I > > have set my eth1 ip to be XX.XX.XX.1/21 and connect one server > directly to > > eth1 for testing. Setting XX.XX.XX.2 with subnet of 255.255.248.0 > and > > XX.XX.XX.1 for default gateway on the server itself, I cannot go > out of the > > internet (Cannot surf net using that server). Eth0 is link with > the UTP > > cable provided by upstream for peering > > > > Is this the correct way to set it up? > > > > Please advise > > > > Thanks > > > > Regards > > Yongsan > > > > > > > > On Dec 14, 2007 12:24 PM, Poh Yong Hwang < [EMAIL PROTECTED] > <mailto:[EMAIL PROTECTED]> > wrote: > > > Hi, > > > > > > I have read the docs that was available but still have a few > questions in > > mind. I have a UTP cable that was provided by the provider that I > would like > > to peer with so I have plug it into my eth0. So what IP address > should I set > > on my eth0? Where can I set the IP range XX.XX.XX.XX/21 that I > want to > > announce? > > > > > > Please advise. > > > > > > Thanks! > > > > > > Yongsan > > > > > > > > > > > > > > > > > > On Dec 12, 2007 12:03 AM, Justin Fletcher < [EMAIL PROTECTED] > <mailto:[EMAIL PROTECTED]> > wrote: > > > > > > > Certainly; there's documentation with examples from > > > > http://www.vyatta.com/documentation/index.php or > > > > > http://www.vyatta.com/twiki/bin/view/Community/DocumentationSet. > > > > > > > > Best, > > > > Justin > > > > > > > > > > > > > > > > > > > > On Dec 10, 2007 8:18 PM, Poh Yong Hwang <[EMAIL PROTECTED] > > wrote: > > > > > Hi, > > > > > > > > > > Thanks! I am a noob in setting up BGP and we have the > following info > > from > > > > > our upstream provider > > > > > > > > > > Upstream Router Server IP Address > > > > > Customer Primary Interface Address > > > > > Upstream Secondary Router Server IP Address > > > > > Customer Secondary Interface Address > > > > > > > > > > Plus my ASN number as well as my IP range XX.XX.XX.XX/21 > > > > > > > > > > So is all these information be enough to configure it? Is > there any > > examples > > > > > I can follow? > > > > > > > > > > Thanks! > > > > > > > > > > Yongsan > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > On Dec 11, 2007 11:33 AM, Justin Fletcher > <[EMAIL PROTECTED]> wrote: > > > > > > Well, yes - Vyatta has full BGP support, so you'll be able > to peer > > > > > > with your provider. > > > > > > > > > > > > Best, > > > > > > Justin > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > On Dec 10, 2007 7:26 PM, Poh Yong Hwang < > [EMAIL PROTECTED]> wrote: > > > > > > > Hi, > > > > > > > > > > > > > > New here and to Vynatta and hope to get advises on > getting this > > up. I > > > > > wish > > > > > > > to setup a BGP router for our current setup (We have got > our ASN > > number, > > > > > IP > > > > > > > range) and we will peer with our upstream provider for > MLPA. > > > > > > > > > > > > > > Just some simple BGP routes for testing purposes. So > just > > wondering if > > > > > > > Vynatta is able to do that? > > > > > > > > > > > > > > Thanks! > > > > > > > > > > > > > > Yongsan > > > > > > > > > > > > > > _______________________________________________ > > > > > > > Vyatta-users mailing list > > > > > > > Vyatta-users@mailman.vyatta.com > <mailto:Vyatta-users@mailman.vyatta.com> > > > > > > > http://mailman.vyatta.com/mailman/listinfo/vyatta-users > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > _______________________________________________ > Vyatta-users mailing list > Vyatta-users@mailman.vyatta.com > http://mailman.vyatta.com/mailman/listinfo/vyatta-users > _______________________________________________ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users
