Solved: Q about BGP Aggregate with Summary-only option

pkovilic · ‎07-11-2007

In the BSCI (page 7-94), I read concerning the option summary-only : ?when the more specific routes are supressed, they are still present in the BGP table of the router doing the aggregation. However, because the routes are marked as suppressed, they are never advertised to any other router.?

Is that means that the suppressed routes are not advertised either inside the same AS (to a iBGP peer) ?

Regards,

Pascal

mheusing · ‎07-12-2007

Hi Pascal,

With your requirements I would omit the "summary-only" and use a route-map/prefix-list between eBGP peers to filter more specific networks, but allow the aggregate.

Regards, Martin

View solution in original post

mheusing · ‎07-12-2007

Hi Pascal,

From the command reference:

Using the summary-only keyword not only creates the aggregate route (for example, 193.*.*.*) but also suppresses advertisements of more-specific routes to all neighbors. If you want to suppress only advertisements to certain neighbors, you may use the neighbor distribute-list command, with caution. If a more-specific route leaks out, all BGP or multiprotocol BGP routers will prefer that route over the less-specific aggregate you are generating (using longest-match routing).

Using the suppress-map keyword creates the aggregate route but suppresses advertisement of specified routes. You can use the match clauses of route maps to selectively suppress some more-specific routes of the aggregate and leave others unsuppressed. IP access lists and autonomous system path access lists match clauses are supported.

Using the advertise-map keyword selects specific routes that will be used to build different components of the aggregate route, such as AS_SET or community. This form of the aggregate-address command is useful when the components of an aggregate are in separate autonomous systems and you want to create an aggregate with AS_SET, and advertise it back to some of the same autonomous systems. You must remember to omit the specific autonomous system numbers from the AS_SET to prevent the aggregate from being dropped by the BGP loop detection mechanism at the receiving router. IP access lists and autonomous system path access lists match clauses are supported.

So the answer is yes to all your questions unless you further specify exceptions f.e. with "suppress-map".

Hope this helps! Please rate all posts.

Regards, Martin

pkovilic · ‎07-12-2007

Hi Martin,

Thank you very much for your quick answer.

I have 2 routers in the same ASa (R1 & R2) which are doing aggregation of the same class. R3 and R4

are together in another ASb. R1 has a eBGP peering with R3 and R2 with R4. I want

that only the summary is exchanged from ASa to ASb but that

R1 and R2 continue to announce the more specific routes between them.

As I understand from you, if I do (on R1 & R2)the aggegation with the summary-only option, R1 & R2 will stop to announce the more specific routes to the other. Am i right ?

Regards,

Pascal

mheusing · ‎07-12-2007

Hi Pascal,

With your requirements I would omit the "summary-only" and use a route-map/prefix-list between eBGP peers to filter more specific networks, but allow the aggregate.

Regards, Martin

pkovilic · ‎07-12-2007

Thank you it is exactly the answer which I wished !

Regards,

Pascal

Edison Ortiz · ‎07-12-2007

In order to prevent the aggregate route between R1 and R2, you need to create an unsuppress-map.

With my sample config, I'm currently advertising all these networks (to eBGP and iBGP peers).

iBGP peer

*>i20.0.0.0/24 10.141.12.1 0 100 0 ?

*>i20.1.0.0/24 10.141.12.1 0 100 0 ?

*>i20.3.0.0/24 10.141.12.1 0 100 0 ?

*>i20.4.0.0/24 10.141.12.1 0 100 0 ?

eBGP peer

*> 20.0.0.0/24 10.141.15.1 0 0 12 ?

*> 20.1.0.0/24 10.141.15.1 0 0 12 ?

*> 20.3.0.0/24 10.141.15.1 0 0 12 ?

*> 20.4.0.0/24 10.141.15.1 0 0 12 ?

After a summary-only aggregate with /8, it would look like this:

iBGP peer

*>i20.0.0.0 10.141.12.1 0 100 0 i

eBGP peer

*> 20.0.0.0 10.141.15.1 0 0 12 i

Let's say I want to send more specific routes to the iBGP peer, I go to the router generating the aggregate and under its BGP process, I issue:

neighbor [iBGP peer] unsuppress-map [route-map]

The route-map can be a list of IP networks you want to unsuppress. On this example, I chose the unsupress everything.

Here is a sample:

ip access-list standard LOOP

permit 20.0.0.0 0.255.255.255

!

route-map LOOP permit 10

match ip address LOOP

and now the iBGP peer BGP table looks like this.

*>i20.0.0.0/24 10.141.12.1 0 100 0 ?

*>i20.0.0.0 10.141.12.1 0 100 0 i

*>i20.1.0.0/24 10.141.12.1 0 100 0 ?

*>i20.3.0.0/24 10.141.12.1 0 100 0 ?

*>i20.4.0.0/24 10.141.12.1 0 100 0 ?

The BGP speaker generating the aggregate has the following:

R1#sh ip bgp neighbors 10.141.12.2 advertised-routes | be Net

Network Next Hop Metric LocPrf Weight Path

s> 20.0.0.0/24 0.0.0.0 0 32768 ?

*> 20.0.0.0 0.0.0.0 32768 i

s> 20.1.0.0/24 0.0.0.0 0 32768 ?

s> 20.3.0.0/24 0.0.0.0 0 32768 ?

s> 20.4.0.0/24 0.0.0.0 0 32768 ?

R1#sh ip bgp neighbors 10.141.15.5 advertised-routes | be Net

Network Next Hop Metric LocPrf Weight Path

*> 20.0.0.0 0.0.0.0 32768 i

HTH,

pkovilic · ‎07-24-2007

Hi,

Thank you very much for your comments. I appreciate. It seems clear for me.

Regards,

Pascal