BGP: Advertising Aggregate and More-specifics

Unanswered Question
Jul 25th, 2008
User Badges:

Hello,


I'm looking for the solution that will advertise aggregate and more-specific prefixes.


Example:


R1 (AS100) advertises 172.16.0.0/23 -> ISP1 AS200 (primary link)

R2 (AS100) advertises 172.16.0.0/23 -> ISP2 AS300 (secondary link)


Now I'd like to advertise 172.16.1.0/24 so it uses R2 as ingress/egress point for all traffic as primary link and still use the /23 aggregate.


Please let me know if you need more info.



Thanks,

Marko

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Edison Ortiz Fri, 07/25/2008 - 05:15
User Badges:
  • Super Bronze, 10000 points or more
  • Hall of Fame,

    Founding Member

172.16.1.0/24 is on R2's routing table?


If not, you need to make an entry in R2's routing table in order to advertise such route in BGP.


One way of doing it:


ip route 172.16.1.0 255.255.255.0 null0


access-list 1 permit 172.16.1.0 0.0.0.255


route-map NET172

match ip address 1



router bgp 100

redistribute static route-map NET172


____


If 172.16.1.0/24 is on R2's routing table, you can use the unsuppress-map with BGP.


http://www.cisco.com/en/US/docs/ios/iproute/configuration/guide/irp_bgp_basic_net_ps6350_TSD_Products_Configuration_Guide_Chapter.html#wp1055483



HTH,


__


Edison.


Please rate helpful posts


markopstc Fri, 07/25/2008 - 05:45
User Badges:

Hello Edison,


Thanks for the prompt reply.


Yes, R2 has this network in it's routing table (subinterface IP is in the subnet) and is advertising the network to its iBGP peers.


I'm looking at the moment at the unsupress-map option.


One more thing, at the moment there's a NULL route for /23 on both routers with network command for this supernet:


network 172.16.0.0 255.255.254


My question is whether I have to split this now into:


network 172.16.0.0 255.255.255.0

network 172.16.1.0 255.255.255.0

aggregate-address 172.16.0.0 255.255.254.0 (with unsupress-map)


On both routers?



Regards,

Marko

Edison Ortiz Fri, 07/25/2008 - 05:52
User Badges:
  • Super Bronze, 10000 points or more
  • Hall of Fame,

    Founding Member

The NULL route is created by the aggregate command. Don't be concerned about that.


Just use the unsuppress-map on R2 and this is done at the neighbor statement level, not during aggregation.


Leave the aggregation as is, then unsuppress:


access-list 1 permit 172.16.1.0 0.0.0.255


route-map NET172

match ip address 1


router bgp 100

neighbor x.x.x.x remote-as xxx unsuppress-map route-map NET172

markopstc Fri, 07/25/2008 - 09:57
User Badges:

Edison,


Unfortunatelly I haven't found unsuppress or similar option on R2 (it's non Cisco device and has aggregate suppress only). Maybe there's some other option for this purpose, too? Shall I split the supernet in /24 blocks under the BGP config?


I've noted on public route server that the network is being aggregated by R1 (Cisco) and both routers are advertising aggregated and more-specific routes to their peers.



Regards,

Marko

Edison Ortiz Fri, 07/25/2008 - 11:50
User Badges:
  • Super Bronze, 10000 points or more
  • Hall of Fame,

    Founding Member

Shall I split the supernet in /24 blocks under the BGP config?


How are you planning to split after an aggregate?


You need to be able to aggregate all routes with the exception of the subnet in question.


Being you are dealing with a non-Cisco device, makes it hard to offer any suggestion as I don't know the limitation you may face with the BGP config on such device.


The unsuppress-map was designed for the task at hand.


__


Edison.

markopstc Fri, 07/25/2008 - 16:29
User Badges:

Edison,


Thanks for your help. Please advise on the following:


Plan is to segregate larger prefix (/20) into smaller blocks (21 to 24) that will use different peers in both directions, but still have redundancy in case one of the links fails.


If I make smaller subnet blocks out of /20 using network command - prefixes are not being propagated into the global BGP table, although are advertised to peers.


What am I missing here? Enclosed is the config.



R1 CONFIG (AS100):

no synchronization

no bgp fast-external-fallover

bgp log-neighbor-changes

network a.b.c.d mask 255.255.240.0

neighbor a.b.c.d remote-as 200

...

neighbor a.b.c.d prefix-list EXPORT out

neighbor a.b.c.d route-map SET_PREF out

...

neighbor b.c.d.e remote-as 100

neighbor b.c.d.e prefix-list FROM_R2 in

maximum-paths 4

no auto-summary

ip prefix-list EXPORT seq 5 permit a.b.c.d/20

route-map SET_PREF permit 10

set local-preference 100

ip prefix-list FROM_R2 seq 5 permit a.b.c.e/24 le 24 (subnet from the /20 supernet)

ip prefix-list FROM_R2 seq 10 deny 0.0.0.0/0 le 32


ip route a.b.c.d 255.255.240.0 Null0 120



R2 CONFIG (AS100):

no synchronization

no bgp fast-external-fallover

bgp log-neighbor-changes

network a.b.c.d mask 255.255.240.0

neighbor a.b.c.f remote-as 300

...

neighbor a.b.c.f prefix-list EXPORT out

neighbor a.b.c.f route-map SET_PREF out

...

neighbor b.c.d.f remote-as 100

neighbor b.c.d.f route-map SET_ASPATH

maximum-paths 4

no auto-summary

ip prefix-list EXPORT seq 5 permit a.b.c.d/20

access-list 1 deny a.b.c.e 0.0.0.255

access-list 1 permit any

route-map SET_ASPATH permit 10

match ip address 1

set local-preference 100

set as-path prepend 100 100 100 100

route-map SET_ASPATH permit 20

set local-preference 200

ip route a.b.c.d 255.255.240.0 Null0 120



Regards,

Marko


Edison Ortiz Fri, 07/25/2008 - 18:06
User Badges:
  • Super Bronze, 10000 points or more
  • Hall of Fame,

    Founding Member

neighbor b.c.d.e prefix-list FROM_R2 in

!

!

ip prefix-list FROM_R2 seq 5 permit a.b.c.e/24 le 24 (subnet from the /20 supernet)



But R2 isn't sending a subnet, it's sending an aggregate route. The prefix-list won't match the incoming route.


__


Edison.

markopstc Sat, 07/26/2008 - 02:14
User Badges:

Please advise on the subnetting issue, seems to be more important than configuration I've mentioned.


As soon as split this /20 into longer prefixes (e.g. 2x/21) the complete supernet gets lost. Since I haven't done this in the past, is there some procedure for announcing new/longer prefixes or my upstream provider is using prefix or similar list and is blocking these prefixes (they are being advertised to the peer)?



Regards,

Marko


lgijssel Fri, 07/25/2008 - 05:24
User Badges:
  • Red, 2250 points or more

Start with adding network 172.16.1.0 mask 255.255.255.0 to AS100.

Then create a distribute list that allows 172.16.0.0/23. Apply this to the neighbor config on R1.

Secondly create a list that allows both 172.16.0.0/23 and 172.16.1.0/24. Apply this to the neighbor on R2.

Verify that the route is indeed advertised by using:

sh ip bgp nei advert

The neigbor router may again summarize this network but the route for 172.16.1.0/24 should pop-up in the routing table.


regards,

Leo


Actions

This Discussion