BGP questions

Unanswered Question
Mar 24th, 2009


We're moving to an MPLS solution. Currently, we run BGP with our provider. We've installed a vwic2 inside of a router that has a vwic2 already installed.

vWIC2:1 IP:

vWIC2:2 IP:

int FA0/0 IP:

router bgp 5

network mask

network mask

network mask

neighbor remote-as 5555 (our router because it's P2P)

neighbor remote-as 6666 (provider AS)

The provider is saying that we will be okay to connect the circuit to the new vWIC and bring up the interface, and BGP is smart enough to not create a loop. I'm a little concerned since we are partnering with our router for the 172.20.x.x subnet and the other subnet is going to them.

Is this really not going to cause problems?



I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
lamav Tue, 03/24/2009 - 08:34

John, you lost me.

Whats the problem?

You have 2 WAN interfaces with 2 diffferent IP addresses, each peering with an IP address on their own subnet....

I must be missing something...

John Blakley Tue, 03/24/2009 - 08:37

We peer with AT&T, and we're moving off of IP frame relay to MPLS.

There's no "problem." I want to make sure I don't have a routing loop by peering with the same provider, and advertising my local network. They are "different" providers per se in that we have different addresses that we're peering with.



Edison Ortiz Tue, 03/24/2009 - 08:49

If you want to prevent from becoming a 'transit' router, you can advertise just the prefixes originated within your network with the following route-map:

ip as-path access-list 1 permit ^$

route-map LOCAL-NETS

match as-path 1

router bgp xxx

neighbor x.x.x.x route-map LOCAL-NETS out

The ISP should have their method from preventing the routes coming from the other connection to be advertised through you but you can implement this safety feature as well.




John Blakley Tue, 03/24/2009 - 08:56


We weren't told that we needed to do this. What does the permit ^$ mean?

Is the provider incorrect that we should be able to peer with two different IPs in their same network (172.20.x.x and 172.30.x.x)? They're supposed to provide a service that they call "interworking" which allows the "new" 172.30.x.x addresses to talk to our 172.20.x.x addresses that haven't been migrated over yet. I'm concerned about this because of the new and old connections in the same router, and wondering if it'll create a loop.

I may not have to worry about that part since they are the provider. =)


Edison Ortiz Tue, 03/24/2009 - 10:35

What does the permit ^$ mean?

As stated on my previous post; advertise only prefixes originated from my AS.

Even if the ISP is doing their job, it's common practice to implement this configuration on a WAN edge router when BGP peering to multiple providers.

Is the provider incorrect that we should be able to peer with two different IPs in their same network (172.20.x.x and 172.30.x.x)?

No, they are not incorrect.

and wondering if it'll create a loop.

No loop should be created. What could happen if the ISP fails to implement this correctly, it's that you may become a transit AS.



CriscoSystems Tue, 03/24/2009 - 10:49

^$ is a POSIX-compliant regular expression that will match any string it's compared against.

^ causes the regular expression to match whatever strings follow it; e.g. the regular expression ^abs will match "absolute," "abs," and "absquatulate." $ causes the regexp to match anything preceeding it.


This Discussion