IPv6 BGP doesn't like link-local address?

I'm just curious why when configuring BGP for the ipv6 address family with the link-local addresses for neighbours I see the following 1n the peer router

B   2000:1:0:1::/64 [20/0]
     via FE80::1, Null0

Please note incoming interface Null0

But if the link-local neighbour address is replaced with a routable 2001:0:0:9::1/64  everything starts working properly.

B   2000:1:0:1::/64 [20/0]
     via FE80::1, Serial1/0

The Serial0/1 interface has the map statement "frame-relay map ipv6 FE80::1 101 br" so there should not be any problem with the reverse address to interface mapping.

Looks like an IOS bug? Or do you think it's by design? Please explain.

I'm using  C3725-ADVENTERPRISEK9-M, Version 12.4(15)T14

Comments

  • I think you may be missing %<> after link-local address. Eg fe80::1%serial1/1.

    Thanks,

    Dinesh

  • Hello Vitya,

    I don't know how you configured your IPV6 BGP using link-local address but one most important requirement to configure IPV6 BGP using link-local address is:

    IPV6 neighbor equires that the interface for the neighbor be identified by using the update-source command

    (Remember when you ping to global unicast address you don't need provide the outgoing interface but while pinging to link-local address you should provide the outgoing interface).

     

    Here is my configuration with link-local address:

    R2#show running-config interface fastEthernet 0/0
    Building configuration...

    Current configuration : 144 bytes
    !
    interface FastEthernet0/0
     no ip address
     duplex auto
     speed auto
     ipv6 address FE80::2 link-local
     ipv6 address 2001::2/64
     ipv6 enable
    end

    !

    R2#show running-config | section router bgp
    router bgp 2
     no synchronization
     bgp router-id 2.2.2.2
     bgp log-neighbor-changes
     neighbor FE80::1 remote-as 1
     neighbor FE80::1 update-source FastEthernet0/0
     no auto-summary
     !
     address-family ipv6
      neighbor FE80::1 activate
      network 2002::2/128
     exit-address-family

    R1#show running-config interface fastEthernet 0/0
    Building configuration...

    Current configuration : 144 bytes
    !
    interface FastEthernet0/0
     no ip address
     duplex auto
     speed auto
     ipv6 address FE80::1 link-local
     ipv6 address 2001::1/64
     ipv6 enable
    end
    !

    R1#show running-config | section router bgp
    router bgp 1
     no synchronization
     bgp router-id 1.1.1.1
     bgp log-neighbor-changes
     neighbor FE80::2 remote-as 2
     neighbor FE80::2 update-source FastEthernet0/0
     no auto-summary
     !
     address-family ipv6
      neighbor FE80::2 activate
      network 2002::1/128
     exit-address-family

    !

    R2#show bgp ipv6 unicast summary
    BGP router identifier 2.2.2.2, local AS number 2
    BGP table version is 3, main routing table version 3
    2 network entries using 304 bytes of memory
    2 path entries using 152 bytes of memory
    3/2 BGP path/bestpath attribute entries using 372 bytes of memory
    1 BGP AS-PATH entries using 24 bytes of memory
    0 BGP route-map cache entries using 0 bytes of memory
    0 BGP filter-list cache entries using 0 bytes of memory
    Bitfield cache entries: current 1 (at peak 1) using 32 bytes of memory
    BGP using 884 total bytes of memory
    BGP activity 3/1 prefixes, 3/1 paths, scan interval 60 secs

    Neighbor        V    AS MsgRcvd MsgSent   TblVer  InQ OutQ Up/Down  State/PfxRcd
    FE80::1         4     1       8       8        3    0    0 00:04:56        1

    R1#show bgp ipv6 unicast summary
    BGP router identifier 1.1.1.1, local AS number 1
    BGP table version is 3, main routing table version 3
    2 network entries using 304 bytes of memory
    2 path entries using 152 bytes of memory
    3/2 BGP path/bestpath attribute entries using 372 bytes of memory
    1 BGP AS-PATH entries using 24 bytes of memory
    0 BGP route-map cache entries using 0 bytes of memory
    0 BGP filter-list cache entries using 0 bytes of memory
    Bitfield cache entries: current 1 (at peak 1) using 32 bytes of memory
    BGP using 884 total bytes of memory
    BGP activity 3/1 prefixes, 3/1 paths, scan interval 60 secs

    Neighbor        V    AS MsgRcvd MsgSent   TblVer  InQ OutQ Up/Down  State/PfxRcd
    FE80::2         4     2       9       9        3    0    0 00:05:12        1

     

    R2#show ipv6 route
    IPv6 Routing Table - 5 entries
    Codes: C - Connected, L - Local, S - Static, R - RIP, B - BGP
           U - Per-user Static route, M - MIPv6
           I1 - ISIS L1, I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary
           O - OSPF intra, OI - OSPF inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2
           ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2
           D - EIGRP, EX - EIGRP external
    C   2001::/64 [0/0]
         via ::, FastEthernet0/0
    L   2001::2/128 [0/0]
         via ::, FastEthernet0/0
    B   2002::1/128 [20/0]
         via FE80::1, FastEthernet0/0
    LC  2002::2/128 [0/0]
         via ::, Loopback0
    L   FF00::/8 [0/0]
         via ::, Null0

    R2#ping 2002::1

    Type escape sequence to abort.
    Sending 5, 100-byte ICMP Echos to 2002::1, timeout is 2 seconds:
    !!!!!
    Success rate is 100 percent (5/5), round-trip min/avg/max = 0/31/56 ms

    R1#show ipv6 route
    IPv6 Routing Table - 5 entries
    Codes: C - Connected, L - Local, S - Static, R - RIP, B - BGP
           U - Per-user Static route, M - MIPv6
           I1 - ISIS L1, I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary
           O - OSPF intra, OI - OSPF inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2
           ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2
           D - EIGRP, EX - EIGRP external
    C   2001::/64 [0/0]
         via ::, FastEthernet0/0
    L   2001::1/128 [0/0]
         via ::, FastEthernet0/0
    LC  2002::1/128 [0/0]
         via ::, Loopback100
    B   2002::2/128 [20/0]
         via FE80::2, FastEthernet0/0
    L   FF00::/8 [0/0]
         via ::, Null0

    R1#ping 2002::2

    Type escape sequence to abort.
    Sending 5, 100-byte ICMP Echos to 2002::2, timeout is 2 seconds:
    !!!!!
    Success rate is 100 percent (5/5), round-trip min/avg/max = 20/43/92 ms

    You can go through this documentation as well

    http://www.cisco.com/en/US/docs/ios/ipv6/configuration/guide/ip6-mptcl_bgp.html#wp1036605

    If you have any queries, let me know.

    HAPPY STUDY

    [:D]

     

  • Question for everyone: why do you need the "update-source" :)

  • Thanks for you reply, nnn

    IPV6 neighbor equires that the interface for the neighbor be identified by using the update-source command

    Sure enough the update-source has been specified in the config, otherwise there wouldn't be an B   2000:1:0:1::/64 [20/0] entry in the routing table. Peering was there and up, no question about that.

     

    To me it looks like this is an isolated issue that shows up only when you do the manual FR dlci mapping with no inverse arp. Clearly Ethernet doesn't suffer from that.

    I'll try to recreate this on a more recent/stable IOS but if you could check it out on your hardware and use serial interface for peering that would also be good.

  • Question for everyone: why do you need the "update-source" :)

    The link-lacals are interface specific and therefore multiple identical link-local IPs can be configured on the same router. This confuses BGP so it requires to state it explicitly what interface to use to peer with the neighbor

  • It's related to how Cisco maintaining the routing table on IPv4 and IPv6.

    In IPv4 every connected networks install in the routing with proper outgoing interface name.

    Gateway of last resort is not set

         1.0.0.0/32 is subnetted, 1 subnets
    C       1.1.1.1 is directly connected, Loopback0

    But in IPv6 all link-local addresses are forwarded to Null0 interface.

    L   FF00::/8 [0/0]
         via ::, Null0

     

    Multiple interfaces share the same link-local address as well. The main reason we should type the outgoing interface name while pinging to Link-local address:

    -  Without the indication of where the output interface is, the router couldn't able to proceed the packet because Link-local address is never advertised to neighbor means neighbor couldn't install the link-local address(neighbor's) on routing table.

    Now reason of using the update-source in BGP using link-local is same as pinging to link-local address (Without the indication of where the output interface is, the router
    couldn't able to proceed the packet because Link-local address is never
    advertised to neighbor)

    Not only on BGP, we should specify the outgoing interface while creating the IPv6 static route with link-local address as a next-hop:

    R1(config)#ipv6 route 2001::2/128 FE80::2

    % Interface has to be specified for a link-local nexthop

    R1(config)#ipv6 route 2001::2/128 Serial0/0.1 FE80::2

     

    Please correct me if I am wrong.

    HAPPY STUDY

    Good Discussion about this on Cisco Forum:

    https://supportforums.cisco.com/thread/2038718

    [:D]

     

    Question for everyone: why do you need the "update-source" :)

     

  • Vitya,

    I am using this paltform and IOS version:

    R1#show version
    Cisco IOS Software, 3700 Software (C3725-ADVENTERPRISEK9-M), Version 12.4(15)T7, RELEASE SOFTWARE (fc3)

    I will try on Serial interface as well.

     

    Thanks for you reply, nnn

    IPV6 neighbor equires that the interface for the neighbor be identified by using the update-source command

    Sure enough the update-source has been specified in the config, otherwise there wouldn't be an B   2000:1:0:1::/64 [20/0] entry in the routing table. Peering was there and up, no question about that.

     

    To me it looks like this is an isolated issue that shows up only when you do the manual FR dlci mapping with no inverse arp. Clearly Ethernet doesn't suffer from that.

    I'll try to recreate this on a more recent/stable IOS but if you could check it out on your hardware and use serial interface for peering that would also be good.

     

  • Hello vitya,

    I configured BGP using link-local address over FR.

    See the example with complete verfication,

    1. Point-to-Point subinterface

    R3#show running-config interface s0/0.200
    Building configuration...

    Current configuration : 175 bytes
    !
    interface Serial0/0.200 point-to-point
     snmp trap link-status
     ipv6 address FE80::2 link-local
     ipv6 address 2001::2/64
     ipv6 enable
     frame-relay interface-dlci 201
    end


    R1#show running-config int s0/0.100
    Building configuration...

    Current configuration : 175 bytes
    !
    interface Serial0/0.100 point-to-point
     snmp trap link-status
     ipv6 address FE80::1 link-local
     ipv6 address 2001::1/64
     ipv6 enable
     frame-relay interface-dlci 102
    end
    !
    R3#show running-config | section router bgp
    router bgp 2
     no synchronization
     bgp router-id 2.2.2.2
     bgp log-neighbor-changes
     neighbor FE80::1 remote-as 1
     neighbor FE80::1 update-source Serial0/0.200
     no auto-summary
     !
     address-family ipv6
      neighbor FE80::1 activate
      network 2002::2/128
     exit-address-family
    !
    R1#show running-config | section router bgp
    router bgp 1
     no synchronization
     bgp router-id 1.1.1.1
     bgp log-neighbor-changes
     neighbor FE80::2 remote-as 2
     neighbor FE80::2 update-source Serial0/0.100
     no auto-summary
     !
     address-family ipv6
      neighbor FE80::2 activate
      network 2002::1/128
     exit-address-family

    R1#show bgp ipv6 unicast summary

    <removed>

    Neighbor        V    AS MsgRcvd MsgSent   TblVer  InQ OutQ Up/Down  State/PfxRcd
    FE80::2         4     2       6       6        3    0    0 00:02:05        1
    !
    R3#show bgp ipv6 unicast su
    R3#show bgp ipv6 unicast summary
    <removed>
    Neighbor        V    AS MsgRcvd MsgSent   TblVer  InQ OutQ Up/Down  State/PfxRcd
    FE80::1         4     1       6       6        3    0    0 00:02:20        1

    R3#
    R3#show ipv6 route
    IPv6 Routing Table - 5 entries

    <removed>
    C   2001::/64 [0/0]
         via ::, Serial0/0.200
    L   2001::2/128 [0/0]
         via ::, Serial0/0.200
    B   2002::1/128 [20/0]
         via FE80::1, Serial0/0.200
    LC  2002::2/128 [0/0]
         via ::, Loopback0
    L   FF00::/8 [0/0]
         via ::, Null0
    !
    R1#show ipv6 route
    IPv6 Routing Table - 5 entries

    <removed>

    C   2001::/64 [0/0]
         via ::, Serial0/0.100
    L   2001::1/128 [0/0]
         via ::, Serial0/0.100
    LC  2002::1/128 [0/0]
         via ::, Loopback0
    B   2002::2/128 [20/0]
         via FE80::2, Serial0/0.100
    L   FF00::/8 [0/0]
         via ::, Null0

    2. Multipoint subinterface (Frame-relay inverse ARP is disabled)

    R1#show running-config interface s0/0.1
    Building configuration...

    Current configuration : 202 bytes
    !
    interface Serial0/0.1 multipoint
     snmp trap link-status
     ipv6 address FE80::1 link-local
     ipv6 address 2001::1/64
     ipv6 enable
     frame-relay map ipv6 2001::2 102
     frame-relay map ipv6 FE80::2 102
    no frame-relay inverse-arp
    end
    !
    R1#show frame-relay map
    Serial0/0.1 (up): ipv6 2001::2 dlci 102(0x66,0x1860), static,
                  CISCO, status defined, active
    Serial0/0.1 (up): ipv6 FE80::2 dlci 102(0x66,0x1860), static,
                  CISCO, status defined, active

    R1#show ipv6 route
    IPv6 Routing Table - 5 entries


    <removed>

    C   2001::/64 [0/0]
         via ::, Serial0/0.1
    L   2001::1/128 [0/0]
         via ::, Serial0/0.1
    LC  2002::1/128 [0/0]
         via ::, Loopback0
    B   2002::2/128 [20/0]
         via FE80::2, Serial0/0.1
    L   FF00::/8 [0/0]
         via ::, Null0
    R1#ping 2002::1

    Type escape sequence to abort.
    Sending 5, 100-byte ICMP Echos to 2002::1, timeout is 2 seconds:
    !!!!!
    Success rate is 100 percent (5/5), round-trip min/avg/max = 0/0/4 ms
    !
    R3#show running-config interface s0/0.2
    Building configuration...

    Current configuration : 202 bytes
    !
    interface Serial0/0.2 multipoint
     snmp trap link-status
     ipv6 address FE80::2 link-local
     ipv6 address 2001::2/64
     ipv6 enable
     frame-relay map ipv6 2001::1 201
     frame-relay map ipv6 FE80::1 201
    no frame-relay inverse-arp
    end
    !
    R3#show frame-relay map
    Serial0/0.2 (up): ipv6 2001::1 dlci 201(0xC9,0x3090), static,
                  CISCO, status defined, active
    Serial0/0.2 (up): ipv6 FE80::1 dlci 201(0xC9,0x3090), static,
                  CISCO, status defined, active
    !
    R3#show ipv6 route

    IPv6 Routing Table - 5 entries

    <removed>

    C   2001::/64 [0/0]
         via ::, Serial0/0.2
    L   2001::2/128 [0/0]
         via ::, Serial0/0.2
    B   2002::1/128 [20/0]
         via FE80::1, Serial0/0.2
    LC  2002::2/128 [0/0]
         via ::, Loopback0
    L   FF00::/8 [0/0]
         via ::, Null0
    !
    R3#show bgp ipv6 unicast summary

    <removed>

    Neighbor        V    AS MsgRcvd MsgSent   TblVer  InQ OutQ Up/Down  State/PfxRcd
    FE80::1         4     1      60      62        5    0    0 00:08:35        1
    !
    R3#ping 2002::1

    Type escape sequence to abort.
    Sending 5, 100-byte ICMP Echos to 2002::1, timeout is 2 seconds:
    !!!!!
    Success rate is 100 percent (5/5), round-trip min/avg/max = 20/52/140 ms

    My configuration is on this version

    Cisco IOS Software, 3700 Software (C3725-ADVENTERPRISEK9-M), Version 12.4(15)T7, RELEASE SOFTWARE (fc3)

    Any comments?

    HAPPY STUDY

    [:D]

     

  • Looks like I made a mistake when configuring update-source on one of the routers[:D] I either missed it or configured wrong interface. It didn't prevent the routers from peering with each other because one obviously had it right, but the other didn't know where to send traffic to.

    Thanks a lot everyone for you input.

     

     

Sign In or Register to comment.