IBGP within VPN tunnel

terrorgenterrorgen OG
in Technical

Hello,
I am new to BGP. I understand how BGP works at a higher level as well as use case for eBGP. However I a still not clear on a particular use case where iBGP is run inside a VPN tunnel. Would somebody be so kind to educate me the advantage of doing so?

We, the All Seeing Eye, possessing the knowledge of anything and everything, hereby declare that Our proclaimed pronoun be "We/Our/Ours".

https://lowendspirit.com/discussion/comment/221016/#Comment_221016

Comments

  • spliticesplitice Hosting ProviderOG

    Have you see DN42?

    X4B - DDoS Protection: Affordable Anycast DDoS protection including Layer 7 mitigation with PoPs in the Europe, Asia, North and South America.
    Latest Offer: Brazil Launch 2020 Offer

  • terrorgenterrorgen OG

    DN42 is still using eBGP, since everyone needs to get their own ASN, although a private one.
    Some people run iBGP within their own ASN, which is what I am curious about.

    We, the All Seeing Eye, possessing the knowledge of anything and everything, hereby declare that Our proclaimed pronoun be "We/Our/Ours".

    https://lowendspirit.com/discussion/comment/221016/#Comment_221016

  • hzrhzr OG
    edited November 2019

    It's the exact same thing as eBGP. I can send several /24s to my aggregation router IBGP between smaller areas, which sends on a single /20 ebgp to upstream .

    It's also can using heartbeat-esque keepalive /32s for HA/failover.

    Thanked by (1)terrorgen
  • spliticesplitice Hosting ProviderOG

    @terrorgen said:
    Some people run iBGP within their own ASN, which is what I am curious about.

    You can do that with DN42 too. When I was hooked up I did so I could connect my home on a dynamic IP via a VPS.

    We run iBGP between all our Filtering PoPs and between our Route sources (2) and each PoP for centralized BGP configuration. No aggregation just route relay with some filtering & community adjustments.

    Thanked by (1)terrorgen

    X4B - DDoS Protection: Affordable Anycast DDoS protection including Layer 7 mitigation with PoPs in the Europe, Asia, North and South America.
    Latest Offer: Brazil Launch 2020 Offer

  • terrorgenterrorgen OG

    @hzr said:
    It's the exact same thing as eBGP. I can send several /24s to my aggregation router IBGP between smaller areas, which sends on a single /20 ebgp to upstream .

    It's also can using heartbeat-esque keepalive /32s for HA/failover.

    what is the advantage compared to static route?

    We, the All Seeing Eye, possessing the knowledge of anything and everything, hereby declare that Our proclaimed pronoun be "We/Our/Ours".

    https://lowendspirit.com/discussion/comment/221016/#Comment_221016

  • spliticesplitice Hosting ProviderOG
    edited November 2019

    Usually it's for failover so the failing end can be withdrawn if it's session fails.

    X4B - DDoS Protection: Affordable Anycast DDoS protection including Layer 7 mitigation with PoPs in the Europe, Asia, North and South America.
    Latest Offer: Brazil Launch 2020 Offer

Sign In or Register to comment.

© LowEndSpirit 2025

ipv6 ready