BGP Aggregate-address help

Unanswered Question
May 29th, 2009

All,

If I have this:

router bgp 12345

no auto-summary

network 199.199.199.203 mask 255.255.255.255

network 199.199.198.0 mask 255.255.240.0

BGP will only advertise 199.199.198.0/20 correct?

And if I have this:

router bgp 12345

no auto-summary

network 199.199.199.203 mask 255.255.255.255

aggregate-address 199.199.198.0 mask 255.255.240.0

Will BGP advertise both networks - 199.199.198.0/20 and 199.199.199.203/32 ?

Hopefully so.

If so, when I change the 'network 199.199.198.0 mask 255.255.240.0' statement to 'aggregate-address 199.199.198.0 mask 255.255.240.0', and do a clear bgp soft out, will I experience an outage for that network?

Thanks!

Matt

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (2 ratings)
Loading.
Harold Ritter Fri, 05/29/2009 - 10:43

Matthew,

> BGP will only advertise 199.199.198.0/20 correct?

BGP will only advertise the route configured through the network statement if there is a perfect match with an entry in the RIB (i.e. 199.199.199.203/32 or 199.199.192.0/20)

> Will BGP advertise both networks - 199.199.198.0/20 and 199.199.199.203/32 ?

It depends. 199.199.199.203/32 would need to exist in the BGP table for the aggregate (199.199.192.0/20) to be generated.

BTW: prefix 199.199.198.0/20 is not valid as it is not on a proper boundary for a /20. The proper /20 aggregate for 199.199.199.203/32 is 199.199.192.0/20

Regards

netwrkgod Fri, 05/29/2009 - 10:55

Thanks for the response! Sorry for the boundry error - I was just changing the real IP addresses and didn't think to check that.

To get the 199.199.199.203/32 route into BGP, can I add: 'ip route 199.199.199.203 255.255.255.255 Null0' on the same router in addition to the previous commands? The specific route is not currently in the RIB - just the supernet is.

This host is a VPN head-end router. We have two Internet providers and I want to force all of the remote VPN users to user provider B and not "load balance" between providers. So these commands would be added to our BGP router that connects to provider B's circuit.

Thanks again.

Harold Ritter Fri, 05/29/2009 - 11:10

Matthew,

Adding a static route to null0 for the /32 will result in traffic to this prefix to be dropped as no more specific route will be found in the RIB obviously. That is probably not what you want.

If you want to force traffic to flow via provider B, you could send a more specific route (prefix length longer than 20) via provider B without going all the way down to a /32. The idea when using a route to null0 is to make sure that you have more specific routing entries in the RIB so you won't blackhole the incoming traffic.

Regards

netwrkgod Fri, 05/29/2009 - 11:19

Ok, so a couple of options come to mind. The first: 'ip route 199.199.199.203 255.255.255.255 GigabitEthernet 0/1' or the second: 'ip route 199.199.199.202 255.255.255.254 GigabitEthernet 0/1' which would include .203 which is ok with me it that's how it has to be to work.

Harold Ritter Sat, 05/30/2009 - 05:20

Matthew,

You mentioned that you have two upstream providers. Are they completely different providers or just two connection to the same provider?

The issue if you have two different providers is that the /31 or /32 that leaked to one SP will never leave its AS as SPs filter and aggregate when advertising to peers outside their AS.

Regards

Harold Ritter Mon, 06/01/2009 - 12:33

Matthew,

You need to advertise a /24 or shorter then. Anything longer than a /24 will most definitely be filtered by your SP.

Regards

Actions

This Discussion