Table of Contents
The disable-connected-check was created precisely for the purpose of peering two directly connected routers on their loopbacks without using the ebgp-multihop.
BGP Disable-Connected-Check
By default there are two precautions when establishing eBGP neighborships:
- Check whether the client is on a directly connected network. If it is not, there won’t be any attempt to form the neighborship. This check can be deactivated on a per-neighbor basis using the neighbor disable-connected-check
- The default TTL value for the packets carrying the BGP messages is 1 unless we configure ebgp-multihop to modify the TTL value. If the ebgp-multihop is configured, the router automatically and implicitly behaves to the neighbor as if the disable-connected-check was configured. In other words, using ebgp-multihop automatically implies disable-connected-check
Related- Troubleshooting indirectly connected eBGP neighbors
Disable-connected-check is not used when we use either TTL-security or eBGP multihop with a numerical argument of 2 or greater hops. In these cases, it automatically gets activated and doesn’t require specific configurations. This is configured under the router BGP process along with the neighbor statement.
Related- TTL Security in BGP
Below scenario will help understand the concept of Disable-Connected-Check in BGP in a more detailed way:
Example Scenario
The devices R1 and R2 are arranged as per the above-shown diagram.
Configuration
R1
interface Loopback0
ip address 1.1.1.1 255.255.255.255
!
interface FastEthernet0/0
ip address 9.9.12.1 255.255.255.0
!
router bgp 100
bgp log-neighbor-changes
neighbor 2.2.2.2 remote-as 200
neighbor 2.2.2.2 disable-connected-check
neighbor 2.2.2.2 update-source Loopback0
!
ip route 2.2.2.2 255.255.255.255 9.9.12.2R2
interface Loopback0
ip address 2.2.2.2 255.255.255.255
!
interface FastEthernet0/0
ip address 9.9.12.2 255.255.255.0
!
router bgp 200
bgp log-neighbor-changes
neighbor 1.1.1.1 remote-as 100
neighbor 1.1.1.1 disable-connected-check
neighbor 1.1.1.1 update-source Loopback0
!
ip route 1.1.1.1 255.255.255.255 9.9.12.1Verification
R1#sh ip bgp Summary
BGP router identifier 1.1.1.1, local AS number 100
BGP table version is 1, main routing table version 1
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
2.2.2.2 4 200 7 7 1 0 0 00:02:57 0
R1# As shown above, neighborship over Loopbacks is being formed without need of “eBGP Multihop” configuration requirement.
Related- BGP Multipath Scenario
Related FAQs
Q.1 What is disable-connected-check in BGP?
“disable-connected-check” is a configuration option that allows BGP sessions to be established between devices even if their directly connected interfaces (as per the IP addresses used in the BGP neighbor configuration) are not on the same subnet.
Q.2 What is TTL in BGP?
TTL stands for Time To Live. It is a field in the IP header that limits the lifetime or hop count of a packet in the network.
Q.3 How to disable BGP synchronization?
BGP synchronization is a legacy rule used with iBGP, that requires a route learned via iBGP must also be known to the IGP (like OSPF or EIGRP) before it can be advertised to external peers (eBGP). It’s meant to prevent routing loops in networks that don’t use route reflectors or full mesh iBGP. But in most modern networks, this is unnecessary, because synchronization is considered obsolete in most scenarios.
Q.4 How do I increase my TTL in BGP?
To increase the TTL in BGP, you use the eBGP multi-hop feature. This is done when BGP peers are not directly connected, like when peering over loopbacks, firewalls, or multiple hops.
Q.5 Why is BGP stuck in Connect State?
“BGP stuck in Connect state” means the router is trying to establish a TCP session with its neighbor but it is not able to complete the connection. This is one of the early states in the BGP finite state machine (FSM) and is a common sign of underlying connectivity issues.
ABOUT THE AUTHOR
You can learn more about her on her linkedin profile – Rashmi Bhardwaj
