http://www.techrepublic.com/article/how-to-use-ip-and-bgp-to-troubleshoot-internet-connectivity/
http://www.analogx.com/contents/download/network/htrace/freeware.htm
http://www.visualware.com/demo/index.html
http://www.traceroute.org/
Nslookup on the website gives us the IP 108.162.200.103
Traceroute shows us that we go to next gen -> equinx
-> web server (notice that number 13335 in the equnix datacentre)
AAPT have a looking glass here http://looking-glass.connect.com.au/lg
show ip bgp 108.162.200.103
It gives the results below
look for the route with "best" this is the one that is used
The second path in red is used. The AS numbers go from
source to destination so we went from
1221 (Telstra Australia) -> 10026 (pacnet Hong Kong)
-> 13335 (Cloudflare US)
If we didn’t see any route or a route to the wrong AS number
we could see a problem. It’s also a good idea to check with another looking
glass (this one is in Canada)
852 (telus Canada) -> 13335 (Cloudflare US) -> 13335
-> 13335
Get the public IP of the site you have an issue with.
Use network tools and route views to see if its working
On your router
sh ip bgp sum
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
1.1.1.1 4 55555 2206452 12134255 72040489 0 0 18w4d 4
2.2.2.2 4 4444 103782 47 72040260 0 0 00:38:24 600792
3.3.3.249 4 1234 17399 31813 72040260 0 0 00:56:51 91673
3.3.3.250 4 1234 20209 172 72040260 0 0 02:29:59 91672
We want to see a number there. If its switching between Active/Idle its bad. Try ping the neighbor contact the other end.
sh ip bgp nei 3.3.3.250 advertised-routes
We should see the same networks that are in the BGP config for that neighbor. If we see 0 prefixes we have an issue.
You can also do a debug ip icmp on the router and ping the public IP to see if traffic is hitting the router.
You should have a neighbor with the other router or via a failover cable but not both.
Filter lists are for controlling routes advertised
Look for "filter-list" and "ip as-path"
Prepends are for controlling paths in
BOGONS are usually a list for blocking IP ranges commonly used for IP spoofing
Get the public IP of the site you have an issue with.
Use network tools and route views to see if its working
On your router
sh ip bgp sum
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
1.1.1.1 4 55555 2206452 12134255 72040489 0 0 18w4d 4
2.2.2.2 4 4444 103782 47 72040260 0 0 00:38:24 600792
3.3.3.249 4 1234 17399 31813 72040260 0 0 00:56:51 91673
3.3.3.250 4 1234 20209 172 72040260 0 0 02:29:59 91672
We want to see a number there. If its switching between Active/Idle its bad. Try ping the neighbor contact the other end.
sh ip bgp nei 3.3.3.250 advertised-routes
We should see the same networks that are in the BGP config for that neighbor. If we see 0 prefixes we have an issue.
You can also do a debug ip icmp on the router and ping the public IP to see if traffic is hitting the router.
You should have a neighbor with the other router or via a failover cable but not both.
Filter lists are for controlling routes advertised
Look for "filter-list" and "ip as-path"
Prepends are for controlling paths in
BOGONS are usually a list for blocking IP ranges commonly used for IP spoofing
No comments:
Post a Comment