Saturday 28 January 2017

BGP Scenarios Based Q&A

1. Refer to the below figure.



















AS#1 and AS#2 have multiple EBGP connections with each other. AS#1 wants all return traffic that is destined to the prefix 10.10.10.1/32 to enter through the router R1 from AS#2. In order to achieve this routing policy, the AS 1 advertises a lower MED from R1, compared to a higher MED from R3, to their respective BGP neighbor for the prefix 10.10.10.0/24. Will this measure guarantee that the routing policy is always in effect?

A. Yes, because MED plays a deterministic role in return traffic engineering in BGP.
B. Yes, because a lower MED forces BGP best-path route selection in AS #2 to choose R1 as the best path for 10.10.10.0/24.
C. Yes, because a lower MED in AS #2 is the highest BGP attribute in BGP best-path route selection.
D. No, AS #2 can choose to alter the weight attribute in R2 for BGP neighbor R1, and this weight value is cascaded across AS #2 for BGP best-path route selection.
E. No, AS #2 can choose to alter the local preference attribute to overwrite the best-path route selection over the lower MED advertisement from AS #1. This local preference attribute is cascaded across AS #2 for the BGP best-path route selection.

Answer: E

2. Refer to the below . All iBGP routes should have the iBGP peer as the next hop address. Why is this not the case for BGP routes learned between R1 and R2?























































A. R2 is missing the next-hop-self option under the neighbor command for R1
B. ISP-A is missing the next-hop-self option under the neighbor command for R1
C. ISP-B is missing the next-hop-self option under the neighbor command for R1
D. R2, ISP-A, and ISP-B are missing the next-hop-self option under the neighbor command for R1

Answer: A
Explanation
In this case networks 10.0.0.0, 172.17.0.0, 172.18.0.0, 192.168.60.0, 192.168.70.0 are networks learned and advertised from R2. We see that the next-hop of these networks are 209.165.202.158 while they should be 209.165.202.130. With the next-hop of 209.165.202.158, R1 may not know how to send traffic to above networks and the traffic is dropped. To avoid this failure we should configure the ‘next-hop-self’ under the neighbor command for R1 like this:
R2(config-router)#neighbor 209.165.202.129 next-hop-self

3.Refer to the below By default, when RTB passes BGP advertisements from RTA about network 192.168.2.0 to RTC, what address will be listed as the next-hop address?












A. 10.1.1.1
B. 10.1.1.2
C. 192.168.1.49
D. 192.168.1.50

Answer: D
Explanation
This is a rule for BGP advertisement:
“For EBGP, the next hop is always the IP address of the neighbor specified in the neighbor command. For IBGP, the protocol states that the next hop advertised by EBGP should be carried into IBGP“.

In this case, when RTA (in AS 65000, which is an EBGP for RTB) advertises a route to RTB, it specifies its interface (192.168.1.50) as the next-hop. But when RTB passes this advertisement to RTC, it specifies RTA interface (also 192.168.1.50) as the next-hop (IBGP). This can cause some routing failures because if RTC does not know a way to reach RTA interface via IGP (OSPF, EIGRP…), it will drop that packet. To fix this problem, add the “neighbor 10.1.1.2 next-hop-self” command under BGP mode in RTB.

4.The Border Gateway Protocol (BGP) is the core routing protocol of the Internet. Refer to the exhibit. Routers A and B are running BGP but the session is active. What command needs to be added to establish the BGP session?











hostname A
!
interface loopback 0
ip address 10.10.10.2 255.255.255.255
!
interface serial 0/0
ip address 172.16.10.2 255.255.255.252
!
interface serial 0/1
ip address 172.16.10.5 255.255.255.252
!
router bgp 65444
neighbor 10.10.10.1 remote-as 65111
neighbor 10.10.10.1 update-source loopback 0
neighbor 10.10.10.1 ebgp-multihop

A. ip route 10.10.10.1 255.255.255.255 s0/0
     ip route 10.10.10.1 255.255.255.255 s0/ 1
B. no synchronization
C. network 10.10.10.0
D. neighbor 10.10.10.1 next-hop-self

Answer: A
Explanation
In this case we want to achieve load balancing so the loopback interface must be used to establish neighborship.
If we check the routing table of router A, we will see that there is no entry for the remote network 1.1.1.1/32 -> router A does not know how to reach the loopback interface on router B -> a TCP session can’t be established to router B. Therefore we need to tell router A a way to reach router B.


5.Refer to the exhibit. Router RIP is attempting to establish BGP neighbor relationships with routers RT1 and RT3. On the basis of the information that is presented in the exhibit, which two statements are true? (Choose two)























A – RTR has a BGP password set but neighbor 10.0.0.1 does not
B – RTR has a BGP password set but neighbor 10.0.0.5 does not
C – RTR has a BGP password set but neighbor 10.0.0.1 has an incorrect password set
D – RTR has a BGP password set but neighbor 10.0.0.5 has an incorrect password set
E – Neighbor 10.0.0.1 has a BGP password set but RTR does not
F – Neighbor 10.0.0.5 has a BGP password set but RTR does not

Answer: A D
Explanation:
You can configure MD5 authentication between two BGP peers, MD5 authentication must be configured with the same password on both BGP peers; otherwise, the connection between them will not be made. If a router has a password configured for a peer, but the other peer does not, a message “No MD5 digest from…” will appear on the console while the routers attempt to establish a Multicast Source Discovery Protocol (MSDP) session between them. Therefore A is correct because RT1 (with an ip address of 10.0.0.1) is not configured with a password.
Similarly, if the two routers have different passwords configured, a message “Invalid MD5 digest from…” will appear on the screen.

6.What technique should be used on BGP edge routers to prevent a multi-homed autonomous system from becoming a transit system?

A. Advertise with a high MED value all networks that are discovered via external BGP.
B. Remove the AS-Path information on all routes in the BGP table prior to advertising externally.
C. Only advertise networks externally if they have been discovered via internal BGP.
D. Use an outgoing distribution list to filter all networks not originating from inside the autonomous system.
E. Set the no-export community attribute on all networks that are advertised externally.
F. Set the origin code to incomplete for all networks that are discovered via external BGP.

Answer: D
Explanation
A transit AS is an AS that routes traffic from one external AS to another external AS. Let’s see an example below:




Suppose your company has 2 internet links to 2 different ISPs. If one connection to the ISP goes down, your traffic can be sent through the other ISP. It is a good way to make sure your company can access the internet any time. But if your routers are not configured carefully, your company AS may become a transit AS. For example, AS 65002 learned the route 10.10.10.0/24 from ISP1. If R2 advertises that route to ISP2 then ISP2 may use it to send traffic to that network -> your company becomes a transit AS.
There are two popular ways to prevent a multi-homed autonomous system from becoming a transit system:
+ Use a distribute-list or filter-list to filter all networks not originating from inside the autonomous system.
+ Use the no-export community attribute on all networks not originating from inside the autonomous system.
Answer E seems to be correct but in fact it is not because “all networks that are advertised externally” include networks originating from inside and outside our AS. We should only filter networks originating from outside our AS. In some cases, the routers in our company may advertise some internal networks (for remote access, for example).

7. Refer to the exhibit. It is desired to set up a BGP neighbor relationship between routers R1 and R4. BGP packets between them could travel through R2 or R3. What is the simplest configuration that will allow for failover?




A. Configure BGP neighbor relationships between all interfaces on R1 and R4.
B. Install a direct connection between R1 and R4.
C. Configure loopback interfaces on R1 and R4 to provide the update source address for BGP packets.
D. Configure only one neighbor relationship between R1′s 192.168.1.2 interface and R4′s 172.16.10.2 interface.

Answer: C
Explanation
Assume R4 only uses this configuration:
R4(config)#router bgp 65000
R4(config-router)#neighbor 192.168.1.2 remote-as 65000
Then if R1 sends BGP packets to R4 via R3, the source IP address of the packets is 192.168.2.2. But R4 does not recognize this IP address because 192.168.2.2 is not configured in the “neighbor” command of R4. Therefore the IBGP session between R1 & R4 is not established -> these packets will be dropped.
The simplest configuration to allow R1 and R4 communicate via both R2 & R3 is to use a loopback interface address rather than a physical interface address as the source IP address for all BGP packets. To do this, use the command:
R4(config-router)#neighbor 1.1.1.1 update-source loopback0
(In which 1.1.1.1 is the loopback interface of R1). In practical, we should establish neighborship with the loopback interface rather than the physical interface because if the physical interface goes down, the neighborship would be lost while a loopback interface never goes down.
Also, when configuring “1.1.1.1″ as the neighbor, you must configure on R1 the “neighbor 4.4.4.4 update-source loopback0” command so that the source IP address of packets sent from R1 (loopback0 – 1.1.1.1) will be matched with the neighbor command configured on R4.

8.Refer to the exhibit. Router RT-1 and router RT-2 both advertise network 131.25.0.0/16 to router RT-3 via internal BGP. What is the reason that router RT-3 chose router RT-1 as its best path to network 131.25.0.0/16.




A. It advertises the best AS-path.
B. It advertises the best origin code.
C. It advertises the best MED.
D. It advertises the best local preference.
E. It has a better router ID.
F. It advertises a lower autonomous system.

Answer: E
Explanation
Recall the route selection decision process in BGP:
Consider only (synchronized) routes with no AS loops and a valid next hop, and then:
Route selection decision process (from top to bottom)      In this question…
Prefer highest weight (local to router)      RT-3 is not an exit point
Prefer highest local preference (global within AS) same local preference of 100
Prefer route originated by the local router (next hop = 0.0.0.0)       both routes are from IBGP
Prefer shortest AS path   same
Prefer lowest origin code (IGP < EGP )       both are incomplete (EGP > IGP > Incomplete)
Prefer lowest MED (exchanged between autonomous systems)      both MEDs are 0
Prefer EBGP path over IBGP path both are IBGP
Prefer the path through the closest IGP neighbor (IGP cost)             not used because IBGPs are used
Prefer oldest route for EBGP paths.           not used
Prefer the path with the lowest neighbor BGP router ID.    the router-id 162.105.11.1 is lower than 165.105.3.2
Prefer the path with the lowest neighbor IP address.          


9. Refer to the exhibit. Router RT-1 chooses one path to network 198.133.219.0/24. Indicate the reason Router RT-1 chooses this “best” path.




























A. In making its decision about the best path, RT-1 gives precedence to the origin code.
B. In making its decision about the best path, RT-1 gives precedence to the BGP MED values.
C. IP address 128.107.2.2 is lower than 128.107.255.2.
D. In making its decision about the best path, RT-1 prefers the IGP metrics.
E. RT-1 prefers internal BGP routes.
F. IP address 128.107.254.2 is lower than 128.107.255.2.

Answer: A
Explanation
As explained above, the IGP is preferred over incomplete.

10. Refer to the exhibit. Autonomous systems 200 and 300 have EBGP sessions established with their directly connected routers in autonomous system 100. IGP has been configured on all routers in autonomous system 100 and they successfully exchange routing updates. Traffic originated in autonomous system 200 cannot reach the destination autonomous system 300. What configuration should be done on the routers in autonomous system 100 in order for the traffic coming from autonomous system 200 to be forwarded to autonomous system 300?


















A. IBGP session must be established between routers R1 and R3, and the synchronization must be turned on.
B. IBGP session must be established between routers R1 and R3, and the synchronization must be turned off.
C. IBGP session must be established between routers R1 R2 and R2 R3. and the synchronization must be turned on.
D. IBGP session must be established between routers R1 R2 and R2 R3, and the synchronization must be turned off.
E. IBGP speakers within autonomous 100 must be fully meshed, and the synchronization must be turned on.
F. IBGP speakers within autonomous 100 must be fully meshed, and the synchronization must be turned off.

Answer: F
Explanation
The synchronization rule states that if an AS provides transit service to another AS, BGP should not advertise a route until all of the routers within the AS have learned about the route via an IGP. To understand why this rule exists, let’s take an example if this rule is not there.


















Suppose Rt-A wants RT-B to access its local LAN 1.1.1.0, so it advertises this network through R1. R1 and R3 are running IBGP so R1 sends this update to R3 through R2 (using the next-hop-self to use its own interface’s IP address). In turn, R3 announces to RT-B that it can reach 1.1.1.0 via R3.

Now Rt-B really wants to send traffic to 1.1.1.0 so it will send to R3. R3 does a look up and sees that the network can be reachable via R1. It then does a lookup for R1′s IP address and sees that it is reachable via R2 -> so it forwards packets to R2. But R2, running IGP (like OSPF), does not find an entry for 1.1.1.0 so R2 drops all the packets for that network – a black-hole is created!

That is why the BGP synchronization rule is born. With this rule, when R3 receives an advertisement for 1.1.1.0 from R1, it adds that route to its BGP table and before sending advertisement to RT-B, it first checks its IGP routing table to see whether an entry exists for that route. In this example, R3′s IGP routing table does not know how to reach 1.1.1.0 so R3 will not advertise this network to RT-B. This route is only advertised to RT-B when IGP makes an entry in the routing table for 1.1.1.0.

Well, now you understand the importance of BGP Synchronization rule but now I wish to explain why this rule causes trouble in fully-meshed IBGP!

















Synchronization prevents fully-meshed IBGP from working properly. Because no IGP is running so R3 cannot advertise any route to RT-B even if no black-hole exists in this topology.

Note: A “fully-meshed” can be a physical fully-meshed topology or a topology where all routers in the same AS established IBGP connections with each other (although they do not need to be directly connected). So in the topology above, the connection between R1 & R3 is represented by a dashed line, which means it can be physically connected or not (but an IBGP connection must be established on both routers).

Therefore if all routers in AS 100 is fully-meshed, the synchronization rule must be turned off -> F is correct.

11. Which BGP option is required when load sharing over multiple equal-bandwidth parallel links from a single CE router to a single ISP router over eBGP?

A. eBGP Multipath
B. eBGP Multihop
C. BGP Synchronization
D. Public AS numbers

Answer: B
Explanation
The eBGP multihop allows a neighbor connection between two external peers that do not have direct connection. The multihop is only for eBGP and not for iBGP. For example, in the topology below router A wants to establish neighbor relationship with the loopback0 of router B (to allow load balancing), which does not have direct connection so it must use “ebgp-multihop”









For your reference, the full configurations of both router A & B are shown below:

A# int loopback 0
ip address 10.10.10.2 255.255.255.255
router bgp 1
neighbor 10.10.10.1 remote-as 2
neighbor 10.10.10.1 ebgp-multihop
neighbor 10.10.10.1 update-source loopback 0
network 10.10.10.2 mask 255.255.255.255
ip route 10.10.10.1 255.255.255.255 172.16.10.1
ip route 10.10.10.1 255.255.255.255 172.16.10.6

B# int loopback 0
ip address 10.10.10.1 255.255.255.255
router bgp 2
neighbor 10.10.10.2 remote-as 1
neighbor 10.10.10.2 ebgp-multihop
neighbor 10.10.10.2 update-source loopback 0
network 10.10.10.1 mask 255.255.255.255
ip route 10.10.10.2 255.255.255.255 172.16.10.2
ip route 10.10.10.2 255.255.255.255 172.16.10.5
Note: If router B wants to establish neighbor relationship with the directly connected interface of router A, it only needs these commands:

B#
router bgp 2
neighbor 172.16.10.2 remote-as 1
But notice the traffic from router B would be sent to 172.16.10.2 interface only and load balancing would not take place.

12. Refer to the exhibit. On the basis of the configuration that is provided, how would the BGP updates that come from router R1 be replicated inside autonomous system 65200?





































A. All BGP updates that are received on router R2 will be sent to routers R3 and R4. Routers R3 and R4 will then forward those BGP updates to router R5.
B. All BGP updates that are received on router R2 will not be sent to routers R3 and R4.
C. All BGP updates that are received on router R2 will be sent directly to router R5.
D. None of the BGP updates that are received on router R2 will ever be received by router R5.

Answer: D
Explanation
All BGP updates that are received on router R2 will be sent to routers R3 and R4 but R3 & R4 will not forward those BGP updates to R5. This is called the BGP split-horizon rule (which states that a route learned from one IBGP neighbor will not be advertised to another IBGP neighbor) -> A is not correct.
The BGP updates received on router R2 will be sent to R3 and R4 without violating the BGP split-horizon rule because R2 receives updates from an EBGP (R1), not IBGP -> B is not correct.
From the configuration of R2, we learn that R2 did not establish neighbor relationship with R5 so they are not neighbors -> no BGP updates will be sent from R2 to R5 -> C is not correct.
The BGP split-horizon rule prevents updates received on R2 from being sent to R5 -> D is correct.


13. Why should iBGP sessions be fully meshed within a Transit AS?

A. BGP requires redundant TCP sessions between iBGP peers.
B. A full mesh allows for optimal routing within the Transit AS.
C. Routes learned via iBGP are never propagated to other eBGP peers.
D. Routes learned via iBGP are never propagated to other iBGP peers.
E. Routes learned via eBGP are never propagated to other iBGP peers.

Answer: D
Explanation
BGP split-horizon rule states that a route learned from one IBGP neighbor will not be advertised to another IBGP neighbor so IBGP sessions should be fully meshed. For example in the topology below, routes learned from R1 about AS 200 will be advertised to R2. For R2, the route learned from R1 is a route learned from one IBGP neighbor so R2 will not advertise this route to R3 and AS 100 can never be a transit AS -> IBGP sessions should be fully meshed within a transit AS -> D is correct.


















14.Refer to the exhibit. Currently the two eBGP links between AS100 and AS200 have an average inbound load of 65% and 20% respectively. After further investigation, traffic to 10.10.1.16/28 accounts for 45%, and traffic to 10.10.1.32/28 and to 10.10.1.48/28 each account for 20% of the inbound load. The BGP attributes are currently set at their default values in both autonomous systems.
If you want to influence how AS200 sends traffic to AS100, which eBGP configurations would you configure in AS100 to influence AS200 to use the eBGP links more evenly? (Choose two.)
























A. neighbor 192.168.30.2 route-map as_50 out
B. neighbor 192.168.20.2 route-map as_50 out
C. route-map as_50 permit 10
match ip address 50
set metric 150
access-list 50 permit 10.10.1.16 0.0.0.240

D. route-map as_50 permit 10
match ip address 50
set metric 150
access-list 50 permit 10.10.1.32 0.0.0.240

Answer: B D
Explanation
Note: The wildcard masks in the access-list are not correct, they should be 0.0.0.15 instead of 0.0.0.240.
First let’s recall about MED. If you want to influence external neighbors about the path it sends traffic then MED, also called the metric, should be used. A lower MED value is preferred over a higher value. The default MED value is 0.
Also, an important point I wish to notice in this question is: for Policy-based routing, if no match is made, the packets are forwarded normally via the routing table.
In answer C & B (combined), the MED for prefix 10.10.1.16/28 through router A is set to 150. This would make traffic for this route (45%) go through router B (because the MED default value is 0, which is lower than 150). Since the access-list will also NOT match prefixes: 10.10.1.32/28 & 10.10.1.48/28 – traffic for these two prefixes will be forwarded just normally (via the routing table) ->
Traffic for prefix: 10.10.1.32/28 will continue to go via the upper E-A link (now just 20% total load), while traffic for prefixes 10.10.1.16/28 and 10.10.1.48/28 will be going through the lower F-B link (now 65% total load) -> Original unbalanced (65/20) load is maintained, although it has been reversed between the upper (A-E) and lower (B-F) link -> C is not correct.
For more information about Policy-based routing matches you can read this article: http://www.ciscopress.com/articles/article.asp?p=426637&seqNum=2
If answer D is applied for router A, the MED for 10.10.1.32 set to 150 would make traffic for this route go through router B (because the MED default value is 0, which is lower than 150). So router A will be responsible for 45% traffic and router B will receive 40% traffic -> D is correct.

15.Refer to the exhibit. A client has asked you to consult on an eBGP loading question. Currently the AS 100 eBGP links have an average outbound load of 65% and 20% respectively. On further investigation, traffic from 10.10.24.0 accounts for 45%, and 10.10.25.0 and 10.10.32.0 accounts for 20% each of the outbound load. The customer wants to spread the load between the two eBGP links more evenly. The BGP attributes are currently set at their default values.
If you are located at AS 100 and want to influence how AS 100 sends traffic to AS 200, what BGP attribute could you configure to cause AS 100 outbound traffic to load the eBGP links more evenly?


























A. On router A, set the default local-preference to 50.
B. On router B, set the default metric to 150.
C. On router B, configure a route map for 10.10.25.0/24 with a local preference of 150 linked to neighbor 192.168.30.2.
D. On router B, set the default local-preference to 150.

Answer: C
Explanation
To make the eBGP links more evenly we should use the link B-F for network 10.10.25.0/24 so that the total traffic going through B-F link is about 40%. In this case we should apply a route map on B to set the local preference of 10.10.25.0/24 to a higher value than 100. But notice that we must use a second clause to permit other traffic if not they will be filtered out.

Note: The default value for local preference is 100. A path with higher local preference is preferred.

16.Refer to the exhibit. What will RTB do with a packet sourced from within AS 64200 with a destination address of 192.168.25.1?























A. It will be dropped because network 192.168.25.0 is not in the RTA routing table.
B. It will be dropped because network 192.168.25.0 is not in the RTB routing table.
C. It will be forwarded to the null 0 interface of RTB and dropped.
D. It will be forwarded to the RTB 192.168.25.0 network.

Answer: D
Explanation
First I want to make it clear that the above configuration belongs to RTB (with AS 64100).
The “network” statement in other routing protocols (EIGRP, OSPF, RIP…) is used to enable routing protocol on the interfaces within that “network” statement. But in BGP, the function of a network statement is to tell the router to search the IP routing table for a particular network, and if that network is found, originate it into the BGP database. But notice that you must have an exact match in the IP routing table to appear the network in the BGP routing table (in this case we don’t see the auto-summary command so we suppose it is disabled in this case). For example:
+ network 10.10.10.0/8 will appear in BGP if network 10.10.10/8 appears in the IP routing table.
+ network 10.10.10.0/24 will appear in BGP if network 10.10.10.0/24 appears in the IP routing table.

Therefore, in this question the static route “ip route 192.168.24.0 255.255.252.0 null0″ was used to put a route to 192.168.24.0/22 into the routing table (although it points to Null0 but this command really makes that route appears in the routing table). Notice this network 192.168.24.0/22 also coverts network 192.168.25.0 -> RTB will forward that packet to 192.168.25.0 network.

17. Refer to the exhibit. All routers are configured for BGP. EBGP routes received on router R2 show up in the BGP table on routers R1 and R3 but not in their IP routing table. What would cause this? (Choose two)










A. Synchronization in autonomous system 100 is turned is on.
B. Synchronization in autonomous system 100 is turned is off.
C. EBGP multihop is not configured on routers R1 and R3.
D. Routers R1 and R3 do not receive the same routes via an IGP.
E. The BGP routers in autonomous system 100 are not logically fully-meshed.

Answer: A D
Explanation
The synchronization rule states BGP should not advertise a route until all of the routers within the AS have learned about the route via an IGP so in this case if R1 and R3 have not learned that route via IGP, they cannot appear in their routing tables.

18. Refer to the exhibit.
































Why is R2 unable to ping the loopback interface of R4?

A. The local preference is too high.
B. The weight is too low.
C. The next hop is not reachable from R2.
D. The route originated from within the same AS.

Answer: C

19. Refer to the exhibit.













R2 is mutually redistributing between EIGRP and BGP.
Which configuration is necessary to enable R1 to see routes from R3?

A. The R3 configuration must include ebgp-multihop to the neighbor statement for R2.
B. The R2 BGP configuration must include bgp redistribute-internal.
C. R1 must be configured with next-hop-self for the neighbor going to R2.
D. The AS numbers configured on R1 and R2 must match.

Answer: B

20.Refer to the exhibit. All iBGP routes should have the iBGP peer as the next hop address. Why is this not the case for BGP routes learned between R1 and R2?


























A. R2 is missing the next-hop-self option under the neighbor command for R1
B. ISP-A is missing the next-hop-self option under the neighbor command for R1
C. ISP-B is missing the next-hop-self option under the neighbor command for R1
D. R2, ISP-A, and ISP-B are missing the next-hop-self option under the neighbor command for R1

Answer: A
Explanation
In this case networks 10.0.0.0, 172.17.0.0, 172.18.0.0, 192.168.60.0, 192.168.70.0 are networks learned and advertised from R2. We see that the next-hop of these networks are 209.165.202.158 while they should be 209.165.202.130. With the next-hop of 209.165.202.158, R1 may not know how to send traffic to above networks and the traffic is dropped. To avoid this failure we should configure the ‘next-hop-self’ under the neighbor command for R1 like this:
R2(config-router)#neighbor 209.165.202.129 next-hop-self.

No comments:

Post a Comment

Note: only a member of this blog may post a comment.