Information Technology Reference
In-Depth Information
After the IGP has reconverged, the BGP path-selection process replaces the path from R6,
with the path from R4 as the new best path, based on the lowest IGP metric.
The iBGP session between R11 and R6 is still intact. Until the BGP Scanner detects the
metric change and, thus, a new path is selected, R6 is still the best path. When traffic reaches
R4 en route to R6, it follows the EIGRP route into the regional network rather than continu-
ing to R6. This is because R4 has the EIGRP route to 10.2.0.0/16.
NOTE
If the link failure causes a core router to be disconnected from the core, the prefixes adver-
tised by that core router have an unreachable next hop. The BGP Scanner removes these
prefixes from the BGP path-selection process. This is equivalent to a device failure in the
core. The reconvergence time does not depend on BGP withdrawal or update messages dur-
ing a failure.
During link or device recovery, reconvergence to the optimal path is delayed by the time it
takes for the iBGP sessions to reform and advertise their prefixes. This cannot occur until
the IGP has reconverged, so the total reconvergence time is additive. Traffic loss might
occur during recovery because of the delta between the IGP and BGP reconverging. This
issue is discussed in Chapter 3, “Tuning BGP Performance.”
Administrative Control
Administrative control is not well-divided in this scenario, because no clear boundaries are
created. The core routers all run the core IGP process in addition to running the regional
IGP process. The use of shared resources requires all administrative groups to have access
to those resources.
If the core IGP and BGP processes are administered by a group other than the one that
administers regional IGP processes, both groups require access to the regional core routers.
IGPs are not designed with the expectation of administrators having access to only a subset
of the routers. BGP also was not designed with the expectation of having disparate groups
administering the same AS.
Routing Policy
It is sometimes desirable to prevent two regions from communicating with each other. In
this design, however, every core router must have full routing information, because it might
be acting as a transit router between two other regions. This disallows the use of route fil-
tering to block connectivity between two regions. The best method of limiting connectivity is
inbound packet filtering on the core router interfaces connecting with the regional network.
