I am trying to get bgp working in a lab environment between 4 routers. I have 1 central router and 3 branches. 3 of the 4 machines are debian11 machines and 1 branch is a windows server 2019 which I also set up bgp.
"show bgp summary" shows that all neighbours are connected:
ISP# sh bgp summary
IPv4 Unicast Summary:
BGP router identifier 120.116.7.254, local AS number 62000 vrf-id 0
BGP table version 8
RIB entries 9, using 1728 bytes of memory
Peers 3, using 64 KiB of memory
Peer groups 3, using 192 bytes of memory
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd PfxSnt
120.115.7.65 4 64000 95 84 0 0 0 01:19:51 1 0
120.116.9.129 4 63000 30123 30125 0 0 0 1d01h05m 0 0
120.116.7.1 4 61000 1525 1528 0 0 0 00:29:49 0 0
Total number of neighbors 3
The central router named ISP config:
Current configuration:
!
frr version 7.5.1
frr defaults traditional
hostname ISP
log syslog informational
no ipv6 forwarding
service integrated-vtysh-config
!
router bgp 62000
neighbor Branch1 peer-group
neighbor Branch1 remote-as 64000
neighbor Branch2 peer-group
neighbor Branch2 remote-as 63000
neighbor Branch3 peer-group
neighbor Branch3 remote-as 61000
neighbor 120.115.7.65 peer-group Branch1
neighbor 120.116.9.129 peer-group Branch2
neighbor 120.116.7.1 peer-group Branch3
!
address-family ipv4 unicast
network 120.116.7.0/26
network 120.115.7.64/26
network 120.116.9.128/25
redistribute kernel
redistribute connected
neighbor Branch1 route-map Branch1 in
neighbor Branch1 route-map Branch1 out
neighbor Branch2 route-map Branch2 in
neighbor Branch2 route-map Branch2 out
neighbor Branch3 route-map Branch3 in
neighbor Branch3 route-map Branch3 out
exit-address-family
!
route-map Branch3 permit 10
match interface ens161
match peer 120.116.7.1
!
route-map Branch1 permit 20
match peer 120.115.7.65
!
route-map Branch2 permit 30
match peer 120.116.9.129
!
line vty
!
end
One of the branch router's conf:
Current configuration:
!
frr version 7.5.1
frr defaults traditional
hostname Branch3
log syslog informational
no ipv6 forwarding
service integrated-vtysh-config
!
router bgp 61000
neighbor ISP peer-group
neighbor ISP remote-as 62000
neighbor 120.116.7.62 peer-group ISP
!
address-family ipv4 unicast
network 120.116.5.0/26
network 120.116.8.0/24
neighbor ISP route-map ISP in
neighbor ISP route-map ISP out
exit-address-family
!
route-map ISP permit 1
match peer 120.116.7.62
!
line vty
!
end
I don't know what I'm missing since the BGP Windows Server sent his pseudo network(120.116.6.0/24) which I gave him shown here:
K>* 0.0.0.0/0 [0/0] via 10.0.255.254, ens192, 1d01h51m
C>* 10.0.0.0/16 is directly connected, ens192, 1d01h51m
C>* 120.116.7.0/26 is directly connected, ens161, 1d01h51m
C>* 120.115.7.64/26 is directly connected, ens256, 1d01h51m
C>* 120.116.9.128/25 is directly connected, ens224, 1d01h51m
B>* 120.116.6.0/24 [20/0] via 120.116.7.65, ens256, weight 1, 00:58:05
ISP#
(Side note: ens192 is the interface connected to the public internet to install packages)
And like the other networks (that are confiugured) this route won't be advertised forward by ISP. As seen in the Branch config I thought that maybe I could send network advertisements to ISP but no hope.
net.ip4.ip_forward is set to 1
firewalls are all disabled
Why won't FRR send BGP advertisements but receive them fine?
