cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
609
Views
0
Helpful
5
Replies

BGP4 issue

chrislau388
Level 1
Level 1

I have a dual links to an ISP. If without this route-map, the connection work fine. However, if I use the following route map, my client failed to access 13.1.0.0/24 and 14.1.0.0/24 subnet!

Can I know why? My intention to use the route map is to make sure all the incoming traffic to 13.1.0.0 and 14.1.0.0 subnets are via the NL ISP

router bgp 400

neighbor 172.11.1.25 remote-as 288

neighbor 172.11.1.25 description To US

neighbor 172.11.1.25 version 4

neighbor 172.11.1.25 soft-reconfiguration inbound

neighbor 172.11.1.25 route-map set_metric_toUS out

neighbor 172.11.1.29 remote-as 288

neighbor 172.11.1.29 description To NL Node

neighbor 172.11.1.29 version 4

neighbor 172.11.1.29 soft-reconfiguration inbound

neighbor 172.11.1.29 route-map set_metric_toNL out

network 11.1.0.0 mask 255.255.255.0

network 13.1.0.0 mask 255.255.255.0

network 14.1.0.0 mask 255.255.255.0

no auto-summ

!

!

route-map set_metric_toUS permit 10

match ip address 10

set metric 10

!

route-map set_metric_toUS permit 20

set metric 20

!

access-list 10 permit 11.1.0.0 0.0.0.255

!

route-map set_metric_toNL permit 10

match ip address 10

set metric 20

!

route-map set_metric_toNL permit 20

set metric 10

!

2 Accepted Solutions

Accepted Solutions

chris.lau
Level 1
Level 1

You ACL is fine, but the "set metric" value is only locally significant to the US and NL ISP!

Try to do this:

access-list 20 permit 13.1.0.0 0.0.0.255

access-list 20 permit 14.1.0.0 0.0.0.255

!

access-list 10 permit 11.1.0.0 0.0.0.255

!

route-map set_metric_toUS permit 10

match ip address 20

set as-path prepend 400 400

!

route-map set_metric_toUS permit 20

!

!

route-map set_metric_toNL permit 10

match ip address 10

set as-path prepend 400 400

!

route-map set_metric_toNL permit 20

!

!

View solution in original post

bvsnarayana03
Level 5
Level 5

Your configuration looks ok. It says that 11.x will be advertised with MED 10 to US & rest of n/w will be advertised with MED 20 to US. Thus 13 & 14 n/w will be advertised as MED 10 to NL. Sincce lower metric routes are preferred, hence traffic to 13 & 14 must come from NL. The point is, if the client is receiving the routes to 13 & 14 at all.

Do you see these as advertise routes in "sh bgp neighbor 172.11.1.29 advertised-routes". Similarly at the other end, check sh ip bgp.

View solution in original post

5 Replies 5

andrew.prince
Level 10
Level 10

You are only allowing the distribution of the 11.1.0.0 0.0.0.255, remember at the end of any ACL there is an implicit deny all, so the following acl reads:-

access-list 10 permit 11.1.0.0 0.0.0.255

access-list 10 Deny any any (you don't see this)

Try adding the following:-

access-list 20 permit 11.1.0.0 0.0.0.255

access-list 20 permit 13.1.0.0 0.0.0.255

access-list 20 permit 14.1.0.0 0.0.0.255

Then change:-

route-map set_metric_toNL permit 10

match ip address 20

HTH.

a.alekseev
Level 7
Level 7

let's check how you route-map works :)

do

sh ip bgp route-map set_metric_toUS

sh ip bgp route-map set_metric_toNL

chris.lau
Level 1
Level 1

You ACL is fine, but the "set metric" value is only locally significant to the US and NL ISP!

Try to do this:

access-list 20 permit 13.1.0.0 0.0.0.255

access-list 20 permit 14.1.0.0 0.0.0.255

!

access-list 10 permit 11.1.0.0 0.0.0.255

!

route-map set_metric_toUS permit 10

match ip address 20

set as-path prepend 400 400

!

route-map set_metric_toUS permit 20

!

!

route-map set_metric_toNL permit 10

match ip address 10

set as-path prepend 400 400

!

route-map set_metric_toNL permit 20

!

!

Thank you. You solved my problem.

bvsnarayana03
Level 5
Level 5

Your configuration looks ok. It says that 11.x will be advertised with MED 10 to US & rest of n/w will be advertised with MED 20 to US. Thus 13 & 14 n/w will be advertised as MED 10 to NL. Sincce lower metric routes are preferred, hence traffic to 13 & 14 must come from NL. The point is, if the client is receiving the routes to 13 & 14 at all.

Do you see these as advertise routes in "sh bgp neighbor 172.11.1.29 advertised-routes". Similarly at the other end, check sh ip bgp.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: