cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
46605
Views
25
Helpful
18
Replies

BGP route-map prepend configuration examples

juan-ruiz
Level 1
Level 1

I have two main networks connected to an MPLS cloud.

Network A is the corporate facility it has its own internet.

Network B is the collocation facility it also has its own internet.

On the MPLS cloud I have 100 remote sites that use the internet out of corporate.

I would like to use the internet out the colo site for the remote locations and have the corporate site be the backup.

The BGP configurations for corporate and colo is below.

Corporate router BGP setup

router bgp 65001

network 0.0.0.0 mask 0.0.0.0

network 172.16.0.0 mask 255.255.254.0 ( I do not want to prepend the 172.16.0.0/23 network)

redistribute static metric 254

neighbor 152.176.58.193

remote-as 65000

Colo router BGP setup

router bgp 65001

network 0.0.0.0 mask 0.0.0.0

network 172.16.11.0 mask 255.255.255.0

no auto-summary

neighbor 147.225.85.213 remote-as 65000

I believe the best solution is to perform a BGP prepend at the corporate site.

Can someone assist me with a sample route-map using the above information that applies to corporate?

Thanks a lot

Juan

1 Accepted Solution

Accepted Solutions

The IP source address will be your neighbor IP so if your neighbor is 172.16.11.1 and you want to change the distance for all routes coming from that neighbor, the syntax is:

distance 254 172.16.11.1 0.0.0.0

Keep in mind, all BGP routes - eBGP and iBGP will be modified to the new administrative distance.

HTH,

__

Edison.

View solution in original post

18 Replies 18

Edison Ortiz
Hall of Fame
Hall of Fame

ip prefix-list Quad0 permit 0.0.0.0/0

route-map Quad0

match ip address prefix-list Quad0

set ip as-path prepend 65001 65001

router bgp 65001

neighbor x.x.x.x route-map Quad0 out

HTH,

__

Edison.

Edison,

Thanks a lot for your input.

Quick question:

The 65001 AS is the one the ISP assigned to me which is the same for all my sites.

I use this one not the one that is configured to my neighbor BGP peer x.x.x.x 65000?

Can you also provide me a link that I can review more of the theory regarding this kind of setup?

Kind regards,

Juan

Hello Juan,

your own AS number is the only safe choice for prepending in real world scenario:

the reason is that eBGP has a built loop avoidance mechanism that says:

"don't accept BGP routes if their BGP AS path attribute already contains my AS number"

so if you would prepend your peer AS number you would get a negative effect: prepended routes would be silently discarded on peer side.

Hope to help

Giuseppe

Couldn't find a good Cisco link at the moment but Google turns up a good book online with a portion freely available at this link http://tinyurl.com/ksycqu

Giuseppe has addressed your other query.

HTH,

__

Edison.

Great link thank you.

I made the changes and all went well.

I still have one small issue and I'm not sure how to overcome it.

Here is a quick breakdown of the hardware.

At corporate I have a Cisco layer 3 switch running OSPF only. From this switch I have a Metro E to the Colo to another Layer 3 switch that runs OSPF/BGP.

At Corporate I have a router that connects to the MPLS.

This router has a leg into the layer 3 switch and runs OSPF / BGP

At the colo my layer 3 switch runs both OSPF/BGP.

Everything routes the way it should but when I add the main local networks at corporate BGP configuration (network 172.16.0.0/23) and at colo (172.16.11.0/24) The routes get advertise on the MPLS cloud like they should but that path is not the Metro E anymore (THis is 50 Mbps) it is the MPLS 9 Mbps.

These two networks I would like to keep them on the Metro E segment.

If you care to review here is my protocol configuration for corporate and colo. I have tried several things and non seem to work.

The main goal is to use the Metro E link as the primary between colo and corp.

Remote sites use colo as primary for internet and 172.16.11.0/24

Remote site use corp only for 172.16.0.0/23

Remote sites use corp as secondary for internet.

Corp use MPLS as secondary for internet out colo.

CORP-ADT-RT-001#show run | be router

router ospf

network 172.16.9.10 0.0.0.0 area 0

network 192.168.200.254 0.0.0.0 area 0

redistribute bgp subnets metric 100

!

ip prefix-list MATCHALL seq 10 permit 0.0.0.0/0 le 32

ip prefix-list NOPREPEND seq 10 permit 172.0.0.0/23

!

route-map PREPEND permit 1

match ip address prefix-list NOPREPEND

set metric 10

route-map PREPEND permit 10

match ip address prefix-list MATCHALL

set as-path prepend 65001 65001 65001 65001

!

router bgp 65001

no auto-summary

no synchronization

distance bgp 100 100 100

network 0.0.0.0 mask 0.0.0.0

network 152.176.58.192 mask 255.255.255.252

redistribute static metric 254

neighbor 152.176.58.193

no default-originate

route-map PREPEND out

soft-reconfiguration inbound

remote-as 65000

!

COLO-CSC-SW-001#show run | be router

router ospf 1

log-adjacency-changes

redistribute bgp 65001 metric 50 subnets

network 172.16.9.0 0.0.0.7 area 0

network 172.16.11.0 0.0.0.255 area 0

network 172.16.12.9 0.0.0.0 area 0

network 172.16.13.0 0.0.0.255 area 0

network 192.168.200.252 0.0.0.0 area 0

!

router bgp 65001

no synchronization

bgp log-neighbor-changes

network 0.0.0.0

neighbor 147.225.85.213 remote-as 65000

no auto-summary

!

In anycase thanks a lot for your help.

Regards,

Juan

eBGP routes will be preferred over the OSPF routes due to the Administrative Distance (eBGP = 20 - OSPF = 110)

If you want to want to choose the OSPF link over the BGP link, you will have to decide to either increase the eBGP AD or decrease the OSPF AD.

You can also send summaries on BGP while keeping the specific routes on OSPF but this requires some planning to avoid any subnet overlapping.

HTH,

__

Edison.

Thanks again Edison and makes perfect sense because.

The BGP distance command is what I should use.

Should I configure the distance for the neighbor or the distance for external, internal, and local?

If I configure the distance for external, internal, and local is it fine to make the distance 120 for all of them or should I apply different values?

Thanks a lot

Juan

Per neighbor administrative distance isn't allowed in IOS, you need to change the administrative distance globally (affecting all incoming BGP routes) under the BGP process.

By default, External is 20 and iBGP and local are 200. Leave the last 2 as 200 and change eBGP to 120.

HTH,

__

Edison.

Edison,

I will try these changes and give you an update next week.

Thank so much for your assistance.

During this process I'm also studying for my CCNP and with your assistance a lot of light bulbs are flashing as I read the redistribution chapters and BGP.

Much appreciated.

Regards,

Juan

Glad to be of help on your current network issue and good luck on your studies.

Feel free to post back on these forums whenever you run into a problem with your Cisco products.

Regards,

Hello Edison,

Actually, I believe that there is a way to define something akin' to per-neighbor administrative distance.

See the BGP command "distance" (no "distance bgp"). It allows you to set an administrative distance for a defined source of information and possibly for networks announced by that source. You can define a different administrative distance individually for each neighbor, thereby overriding the default iBGP and eBGP administrative distance.

As an example, the command

distance 254 10.0.12.2 0.0.0.0

will assign the administrative distance of 254 to all routes advertised from the BGP peer 10.0.12.2.

Best regards,

Peter

Peter,

Yes, that's one option.

you could also send summary roue thorugh bgp and keep ospf more spicific this way the more spicific will be chosen regardless the AD number

if colo and corp with the same BGP AS goes through the cloud for each other i believe isp is using as-overide?

should admin distance be changed to prefer OSPF, it will fix both sites to use metro-E backdoor, but it will affect remote site's to go through OSPF route as well, due to remote ip redistribute into OSPF.

per neighbor admin distance is feasible but not practical if there are a lot of remote ip.

would this come down to ip address design as per Marwan's suggestion, provided both sites can summarise the routes.

if there is a better solution please let me know.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: