BGP issue

Hi all;


I have a router with 3 neighbors:


Neighbor     AS       65001       65001   13107400


as you can see in the output, there are two paths toward network in which the second one has been chosen the best route. as I know the AS_CONFED_SEQ is ignored while comparing the routes and whole of AS_SET list is assumed to be "+1". so with regaards to these rules, the two paths must be the same regarding to the AS_PATH parameter. this router then evaluate the best path selection rules up to the step 7, in which the eBGP routes are better than iBGP due to their default Administrative Distance. 

I changed the AD of a BGP route received by the last neighbor on the list from 200 to 201. but despite this change, the router chooses the route with higher AD as this:


R14(config-router)#do sh ip bgp

BGP routing table entry for, version 2

Paths: (2 available, best #2, table default)

  (65001 65000) 13107400 {19661100,32768500}, (aggregated by 13107400 from (

      Origin IGP, metric 0, localpref 100, valid, confed-external, atomic-aggregate

  13107400 {19661100,32768500}, (aggregated by 13107400 (metric 2) from (

      Origin IGP, localpref 100, valid, external, atomic-aggregate, best




changing of AD can be verified if I shutdown the neighbor. 

after changing the distance of the route that are received from the 3rd neighbor on the list, I shutted down the 2 other neighbors:


R14(config-router)#do sh ip route  

  Known via "bgp 65002", distance 201, metric 0


and then I shutted down the 3rd router and enabled other 2 routers and chech the routing table again:


B [200/0] via, 00:01:28


does anyone has any idea about why BGP choose the path with higher AD value?


  • When BGP is doing best path selection it does not care about AD at all. AD is only used when the router is trying to decide what prefix of equal lengths to install. I.E. install the eBGP route over OSPF/EIGRP or install OSPF/EIGRP over iBGP 

    Step 7 states
    "Prefer eBGP over iBGP paths." which does not mention anything about AD. Strictly mentions was this learned from an eBGP neighbor or iBGP neighbor.

    Thus the path that you are selecting is marked as external. (Confed-external implies that it is still an internal path part of a confederation)

     Paths: (2 available, best #2, table default)

      (65001 65000) 13107400 {19661100,32768500}, (aggregated by 13107400 from (

          Origin IGP, metric 0, localpref 100, valid, confed-external, atomic-aggregate

      13107400 {19661100,32768500}, (aggregated by 13107400 (metric 2) from (

          Origin IGP, localpref 100, valid, external, atomic-aggregate, best  
                                                           ^^^ <---- Right here  


    Hope that helps
  • I thought that prefering routes that are learnt from eBGP neighbor over iBGP neighbor is because of the AD. I don't know, maybe I heard it somewhere before. don't you hear it or something like that? 

    and as I know there is no way to change this parameter as it is possible for "origin" code, for example. 

  • if yoy meant "RIB to BGP" by saying "out", I think it will be the same as the process of injecting routes into the BGP by the "network" command or redistributing. did I get what you asked correctly?

  • The bgp best-path selection does select one route as best from the bgp table without taking the AD into account.

    The AD is not included in the bgp path attributes, but the internal or external attributes are included. Because the internal / external is included in the path attribute the best path selection can make a distinction between them.

    If you do a show ip bgp <prefix> it will show if the prefix is internal or external as shown in the earlier outputs, but there is no AD like 20/200 shown.

    For this reason the bgp table does not know the difference in the AD and will only try to install the best from the bgp table to the routing table.

    If the prefix is already in the routing table from another source, the AD will take into account because there are more routes trying to get installed in the routing table.


  • Here with a further description (or beating that dead horse):

    Hi marten and All,

    Route information sources:  BGP, EIGRP, RIP, CONNECTED, OSPP

    Global routing table:  show ip route

    Global routing table's route selection process:  debug ip routing

    Routing information sources offer their best routes to the route selection process.  Offered roues are assigned a metric called administrative distance.  Route selection process runs its best path algorithm using AD. Preferred path for a prefix is installed in global route table                      

    Route information sources use differing metrics for their path preference.  RIP uses hops, EIGRP uses DUAL, OSPF link cost.  A new metric, called administrative distance, is assigned when a path is offered to the RT path selection process.  Route information source or RT process assigns AD.  With each path being assigned an AD, a comparison can be made by the route selection process.  Lowest AD wins!

  • peetypeety ✭✭✭

    I look at the issue two different ways:

    "Left to right":

    The router chooses the best route for a given IP address through three levels of decision-making. First, the longest route wins, so a /31 route (being more specific) is the ideal information source over a /22 route (being less specific) for the two addresses covered by the /31. Second, if two protocols (and I'm considering 'connected/local' and 'static' as protocols in this context) present the same prefix to the RIB, the protocol with the lowest AD wins.  Third, within a given protocol, there's a published algorithm used to pick the best path amongst multiple choices within the protocol.

    "Right to left":

    Each protocol has a published path selection algorithm, and it's up to that protocol to choose what it considers to be the best path for a given prefix. This can be as simple as hop count, or it could be cumulative metric (Djikstra (sp)), or it could be a complex multi-step ritual like BGP. Once each protocol has chosen its own best path(s), these are presented to the RIB, and the RIB selects from multiple paths for a given prefix by using AD, since the metrics presented by each protocol are likely unrelated. As those AD-winning routes are installed into the RIB, the FIB is built using longest-match rules.

    Same concepts, just different presentation. With respect to BGP picking external vs. internal, if you look at the R->L explanation, you'll see that AD isn't a factor until after the protocol has chosen its best path, so the BGP PSA does not rely on AD; instead, it uses exactly the rules as published by Cisco. It's only after an EBGP or IBGP path is selected that it's presented to the RIB, where AD is used to pick between the xBGP path and any other non-BGP paths for the same prefix.

  • Hi Peety and All,

    Your post got me reading a bit.  Cisco appears to emphasize "Left to right" for understanding why a router selects a route that it does for a packet; 1)  longest match; 2) lowest AD; 3) lowest metric.  It places emphasis on which road to take to get from point A to point B, rather than knowing how the carburetor works.

    "Right to left" is useful when you're planning a method for altering a path selection.  Where to alter a process is key first step.

    Well worded.//RandB

  • peetypeety ✭✭✭

    Inbound BGP routes (if they pass through ACLs/route maps) go into the BGP RIB. Best routes go to the main RIB, and get announced to appropriate neighbors. Routes from other protocols redistributed into BGP go into the BGP RIB as well, for advertisement out.

    Otherwise, the main RIB doesn't feed the BGP RIB. This is unlike EIGRP.

  • thanks for all of you for detailed explanations. the reason behind this question was a note that I barely remember; it had stated that BGP selects the routes from the eBGP neighbor over iBGP because of the AD. after labbing up, I have realized that that was not right glad to have confirmation from you. 

  • Hi Martinl and All, 

    Like your explanation, too.  Took me awhile to get back.  Here is Strawman diagram I doodled this afternoon.


  • Hi martinl and All,

    This is a "strawman".  Know it is not correct.

    A presentation at SANOG by Cisco has a slide on ATF.  Reads like it is new process that receives IP ROUTE notifications and passes info on to its clients.  Says BGP is a client, and is also saying that IGPs can be or are clients.  Changes in RIB sent to ATF, then sent to its clients.  Tied in with fast convergence:  BGP Next-Hop Tracking along with BGP Fast Peer Deactivation.

    Other stuff I used as a reference page 14 of BGP Design and Implementation.  Diagram showing that scanner is not directly connected to BGP Router.

    Scanner has me puzzled.  The more I read about it, the more that I think it runs BestPath algorithm; as does the BGP Router process.  Some sort of handoff?  But who knows?  Cisco says that Scanner validates BestPaths and Next-Hops as well as aggregation, dampening, route injection, redistribution and network commands.  wheh  All given in the url above.

    So many functions, that I question whether what they say or my reading is correct.  But if correct, it would explain why Scanner is not connected to BGP Router.  

    Main idea in all of this is to produce something visual.  From a diagram, associate functions, commands, and debug.

Sign In or Register to comment.