I have a question and I think I know the answer although I have been told I am wrong. I don't mind being told I am wrong but can someone help me out with my thought process?

I have this kind of network:


The BGP peering using ebgp multi hop. The TCP BGP session advertises the remote subnets to our BGP router with a next hop of the Telco router. However how will routing work here from our perspective and the perspective of the intermediary L3 device?
The BGP session is brought up with a static route and ebgp multihop to allow the not directly connected session to open.

It is my understanding that for routing to work correctly, I need to change the advertised next hop address (to us) of that of the upstream L3 device. So our BGP router will see routes as (remote subnet/24) next hop upstream L3 device, rather than the Telco BGP router. My reason for this is that if you have a next hop of the BGP router, how will our route know how to route the packet? It would need to do a second route table lookup... The packet would be formulated with a next hop IP of the remote subnet (it has to be right?) but the next hop MAC would be the upstream L3 device... I can't see it any other way. (please help me see?)

Therefore, the upstream L3 device NEEDS to know how to reach the remote subnet. If it does not, it should drop the packet. If it has a default route upstream, then return traffic would be looped back upstream.

_________________
"Right actions in the future are the best apologies for bad actions in the past."

Not knowing the exact value of your bgp multihop i cant be sure, but if its just 2 i would say that the remote L3 device and BGP router is the same. Ie a loopback interface on the L3 device.

In my case it is two however the L3 device (NTE) and the upstream BGP neighbour are in fact different devices. The NTE is a layer 3 switch and the BGP peer is the providers edge router. I am just talking about physical interfaces at the moment, not using loopbacks.

I knocked up a quick network diagram to illustrate the question.

I highlight these two points:
- It's my understanding the next hop MUST be within a directly connected subnet for Ethernet, so we need to use a route-map to change that fact advertised from the PE.
- Regardless, the IP packet will have a destination IP of the remote site. The intermediary device needs to know how to reach those subnets.

My guess is that an IGP is needed between the Telco and their intermediary device (Layer 3 switch)... ?

_________________
"Right actions in the future are the best apologies for bad actions in the past."

Indeed, the intermediary device needs to know how to get to these subnets. It does not matter if the next hop is not locally connected, but if not then the device you are going through still needs to know about these routes. Remember that packet will be sent towards the next-hop, when it hits the intermediary device, the destination IP is still the other site, NOT the next-hop IP.

In your diagram, if the NTE has a default back to your own router, then you will send traffic to the next-hop, only for the NTE to send traffic back to you. Repeat until TTL expired

_________________
www.mellowd.co.uk/ccie/

Thanks. I have just labbed it and confirmed what you say.

I expect the telco will use an IGP or else there is no point in using BGP. At the moment I am still wrong. Who cares it's beer oclock

Cheers Darren,

Tony

_________________
"Right actions in the future are the best apologies for bad actions in the past."

You could use some kind of tunnel to hide your IP packets inside another

_________________
www.mellowd.co.uk/ccie/