IBGP within VPN tunnel

Hello,
I am new to BGP. I understand how BGP works at a higher level as well as use case for eBGP. However I a still not clear on a particular use case where iBGP is run inside a VPN tunnel. Would somebody be so kind to educate me the advantage of doing so?

The all seeing eye sees everything...

Comments

  • spliticesplitice Hosting ProviderOG

    Have you see DN42?

    X4B - DDoS Protection: Affordable Anycast DDoS protection including Layer 7 mitigation with PoPs in the Europe, Asia, North and South America.
    Latest Offer: Brazil Launch 2020 Offer

  • DN42 is still using eBGP, since everyone needs to get their own ASN, although a private one.
    Some people run iBGP within their own ASN, which is what I am curious about.

    The all seeing eye sees everything...

  • hzrhzr OG
    edited November 2019

    It's the exact same thing as eBGP. I can send several /24s to my aggregation router IBGP between smaller areas, which sends on a single /20 ebgp to upstream .

    It's also can using heartbeat-esque keepalive /32s for HA/failover.

    Thanked by (1)terrorgen
  • spliticesplitice Hosting ProviderOG

    @terrorgen said:
    Some people run iBGP within their own ASN, which is what I am curious about.

    You can do that with DN42 too. When I was hooked up I did so I could connect my home on a dynamic IP via a VPS.

    We run iBGP between all our Filtering PoPs and between our Route sources (2) and each PoP for centralized BGP configuration. No aggregation just route relay with some filtering & community adjustments.

    Thanked by (1)terrorgen

    X4B - DDoS Protection: Affordable Anycast DDoS protection including Layer 7 mitigation with PoPs in the Europe, Asia, North and South America.
    Latest Offer: Brazil Launch 2020 Offer

  • @hzr said:
    It's the exact same thing as eBGP. I can send several /24s to my aggregation router IBGP between smaller areas, which sends on a single /20 ebgp to upstream .

    It's also can using heartbeat-esque keepalive /32s for HA/failover.

    what is the advantage compared to static route?

    The all seeing eye sees everything...

  • spliticesplitice Hosting ProviderOG
    edited November 2019

    Usually it's for failover so the failing end can be withdrawn if it's session fails.

    X4B - DDoS Protection: Affordable Anycast DDoS protection including Layer 7 mitigation with PoPs in the Europe, Asia, North and South America.
    Latest Offer: Brazil Launch 2020 Offer

Sign In or Register to comment.