BGP - injecting routes with different weights

joerggrau · ‎09-15-2009

I have an MPLS cloud into which I am injecting some local routes from two different end points of the cloud. One site (A) is the primary site and should always be selected for network 1.235.0.0/24, while site B should always be the backup. In addition site A should advertise 1.16.205.0/24 and site B should advertise 1.16.224.0/24.

I have no issue with site A. It injects both networks into the cloud. Site B, however, gives me a head ache. I cannot get it to inject the 1.16.224.0 network unless I do not advertise the 1.235.0.0 network at all.

I would like to advertise 1.235.0.0/24 with such a weight that site B is never selected unless site A is down. At eh same time I want 1.16.224.0 be advertised full time.

Here is my Site A config (working just fine)

Site A

router bgp 22223

no synchronization

bgp log-neighbor-changes

network 1.235.0.0 mask 255.255.255.0

network 1.16.205.0 mask 255.255.255.0

neighbor 1.16.205.3 remote-as 65001

neighbor 1.16.205.3 transport path-mtu-discovery

neighbor 1.16.205.3 timers 15 45

neighbor 1.16.205.4 remote-as 65001

neighbor 1.16.205.4 transport path-mtu-discovery

neighbor 1.16.205.4 timers 15 45

maximum-paths 2

no auto-summary

!

Here is my current Site B config (only advertising 1.235.0.0/24.

Site B

router bgp 22223

no synchronization

bgp log-neighbor-changes

network 1.235.0.0 mask 255.255.255.0

network 1.16.224.0 mask 255.255.255.0

neighbor 1.16.224.3 remote-as 65001

neighbor 1.16.224.3 transport path-mtu-discovery

neighbor 1.16.224.3 route-map d-out out

neighbor 1.16.224.4 remote-as 65001

neighbor 1.16.224.4 transport path-mtu-discovery

neighbor 1.16.224.4 route-map d-out out

maximum-paths 2

distribute-list 3 in

no auto-summary

!

access-list 1 permit 1.235.0.0 0.0.0.255

access-list 2 permit 1.16.224.0 0.0.0.225

access-list 3 permit any

route-map d-out permit 10

match ip address 1

set as-path prepend 27548 27548

I have tried a number of things, such as adding the 1.16.224.0/24 network to access-list 1, creating a second route-map allowing access-list 2, but nothing has worked.

Any help would be appreciated.

Thanks

Joerg

huangedmc · ‎09-15-2009

You're missing a second route-map statement to allow 1.16.224.0/24 to be advertised.

Complete route-map should be:

route-map d-out permit 10

match ip address 1

set as-path prepend 27548 27548

route-map d-out permit 20

joerggrau · ‎09-16-2009

I have tried to add the following:

route-map d-out permit 20

match ip address 2

However, this did not inject the route. Should I not use the "match ip address 2" statement?

Thanks

Joerg

yagnesh_tel · ‎09-16-2009

Correct. You just need to use 'route-map d-out permit 20' without any match statement and this will ensure that rest of the prefixes(except 1.235.0.0/24) will be advertised without any AS-Prepending. So you don't need access-list 2 altogether.

This will happen here:

In 'route-map d-out permit 10' statement, ACL 1 matches a single network 1.235.0.0/24 and set statement will prepend AS numbers. Now if you do not specify 'route-map d-out permit 20' statement, rest of the prefixes(including 1.16.224.0) will be matched by invisible route-map statement 'deny any' and prevents them from being advertised. So by using permit statement 20 at the end of route-map, you will ensure that these prefixes get default treatment(no AS path prepending).

joerggrau · ‎09-16-2009

Great. Thanks!

I will add the statement this weekend.

I appreciate the help.

Joerg