No-Client-To-Client-Reflection
Scenario to verify BGP no-client-to-client-reflection parameter configuration.
In standard iBGP, the split-horizon rule prevents a router from re-announcing routes learned from one iBGP peer to another iBGP peer. Route Reflectors override this rule for their clients, reflecting routes between them to avoid full-mesh requirements.
The no-client-to-client-reflection parameter re-enables a form of split-horizon
specifically between Route Reflector clients. When configured, the RR will not reflect
routes from one client to another client. This is useful when RR clients have direct
iBGP sessions between themselves or when you want finer control over route propagation.
In this test, DUT0 acts as a Route Reflector with two clients: DUT1 and
DUT2. First, with default RR behavior, routes from DUT1 are reflected to DUT2.
Then, after enabling no-client-to-client-reflection, the route is no longer
reflected between clients.
Test BGP No Client To Client Reflection
Description
This test demonstrates the effect of no-client-to-client-reflection on a
Route Reflector. First, with default behavior, DUT0 (RR) reflects routes
from DUT1 to DUT2 (both are RR clients). Then, after enabling
no-client-to-client-reflection, the route from DUT1 is no longer reflected
to DUT2.
Scenario
Note
First we configure the Route Reflector with default behavior (client-to-client reflection enabled).
Step 1: Set the following configuration in DUT0 :
set interfaces ethernet eth0 address 10.10.0.1/24 set interfaces ethernet eth1 address 20.20.0.1/24 set protocols bgp 100 neighbor client1 remote-address 10.10.0.2 set protocols bgp 100 neighbor client1 remote-as 100 set protocols bgp 100 neighbor client1 route-reflector-client set protocols bgp 100 neighbor client2 remote-address 20.20.0.2 set protocols bgp 100 neighbor client2 remote-as 100 set protocols bgp 100 neighbor client2 route-reflector-client set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
Step 2: Set the following configuration in DUT1 :
set interfaces ethernet eth0 address 10.10.0.2/24 set protocols bgp 100 neighbor rr remote-address 10.10.0.1 set protocols bgp 100 neighbor rr remote-as 100 set protocols bgp 100 redistribute connected set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
Step 3: Set the following configuration in DUT2 :
set interfaces ethernet eth1 address 20.20.0.2/24 set protocols bgp 100 neighbor rr remote-address 20.20.0.1 set protocols bgp 100 neighbor rr remote-as 100 set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
Attention
Verify iBGP sessions establish between DUT0 (RR) and both clients.
Step 4: Run command protocols bgp show ip summary at DUT0 and check if output matches the following regular expressions:
10.10.0.2.*Established[\s\S]+20.20.0.2.*EstablishedShow output
IPv4 Unicast Summary: BGP router identifier 20.20.0.1, local AS number 100 VRF default vrf-id 0 BGP table version 1 RIB entries 1, using 128 bytes of memory Peers 2, using 47 KiB of memory Neighbor LocalAddr V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State PfxRcd PfxSnt Desc 10.10.0.2 10.10.0.1 4 100 4 5 1 0 0 00:00:03 Established 1 1 FRRouting/10.4.1 20.20.0.2 20.20.0.1 4 100 3 5 1 0 0 00:00:02 Established 0 1 FRRouting/10.4.1 Total number of neighbors 2
Attention
Verify DUT0 receives route 10.10.0.0/24.
Step 5: Run command protocols bgp show ip at DUT0 and check if output matches the following regular expressions:
10.10.0.0/24Show output
BGP table version is 1, local router ID is 20.20.0.1, vrf id 0 Default local pref 100, local AS 100 local address - Status codes: s suppressed, d damped, h history, u unsorted, * valid, > best, = multipath, i internal, r RIB-failure, S Stale, R Removed Nexthop codes: @NNN nexthop's vrf id, < announce-nh-self Origin codes: i - IGP, e - EGP, ? - incomplete RPKI validation codes: V valid, I invalid, N Not found Network Next Hop Metric LocPrf Weight Path *ui 10.10.0.0/24 10.10.0.2 0 100 0 ? Displayed 1 routes and 1 total paths
Note
With default behavior, DUT2 receives the reflected route.
Step 6: Run command protocols bgp show ip at DUT2 and check if output matches the following regular expressions:
10.10.0.0/24Show output
BGP table version is 0, local router ID is 20.20.0.2, vrf id 0 Default local pref 100, local AS 100 local address - Status codes: s suppressed, d damped, h history, u unsorted, * valid, > best, = multipath, i internal, r RIB-failure, S Stale, R Removed Nexthop codes: @NNN nexthop's vrf id, < announce-nh-self Origin codes: i - IGP, e - EGP, ? - incomplete RPKI validation codes: V valid, I invalid, N Not found Network Next Hop Metric LocPrf Weight Path i 10.10.0.0/24 10.10.0.2 0 100 0 ? Displayed 1 routes and 1 total paths
Note
Now we enable no-client-to-client-reflection to disable route reflection between clients.
Step 7: Modify the following configuration lines in DUT0 :
set protocols bgp 100 parameters no-client-to-client-reflection
Attention
Verify iBGP sessions remain established after configuration change.
Step 8: Run command protocols bgp show ip summary at DUT0 and check if output matches the following regular expressions:
10.10.0.2.*Established[\s\S]+20.20.0.2.*EstablishedShow output
IPv4 Unicast Summary: BGP router identifier 20.20.0.1, local AS number 100 VRF default vrf-id 0 BGP table version 1 RIB entries 1, using 128 bytes of memory Peers 2, using 47 KiB of memory Neighbor LocalAddr V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State PfxRcd PfxSnt Desc 10.10.0.2 10.10.0.1 4 100 4 6 1 0 0 00:00:04 Established 1 0 FRRouting/10.4.1 20.20.0.2 20.20.0.1 4 100 3 6 1 0 0 00:00:03 Established 0 0 FRRouting/10.4.1 Total number of neighbors 2
Attention
Verify DUT2 no longer receives the route due to disabled client-to-client reflection.
Step 9: Run command protocols bgp show ip at DUT2 and check if output does not match the following regular expressions:
10.10.0.0/24Show output
No BGP prefixes displayed, 0 exist