09-15-2009 08:56 PM - edited 03-04-2019 06:04 AM
I have an MPLS cloud into which I am injecting some local routes from two different end points of the cloud. One site (A) is the primary site and should always be selected for network 1.235.0.0/24, while site B should always be the backup. In addition site A should advertise 1.16.205.0/24 and site B should advertise 1.16.224.0/24.
I have no issue with site A. It injects both networks into the cloud. Site B, however, gives me a head ache. I cannot get it to inject the 1.16.224.0 network unless I do not advertise the 1.235.0.0 network at all.
I would like to advertise 1.235.0.0/24 with such a weight that site B is never selected unless site A is down. At eh same time I want 1.16.224.0 be advertised full time.
Here is my Site A config (working just fine)
Site A
router bgp 22223
no synchronization
bgp log-neighbor-changes
network 1.235.0.0 mask 255.255.255.0
network 1.16.205.0 mask 255.255.255.0
neighbor 1.16.205.3 remote-as 65001
neighbor 1.16.205.3 transport path-mtu-discovery
neighbor 1.16.205.3 timers 15 45
neighbor 1.16.205.4 remote-as 65001
neighbor 1.16.205.4 transport path-mtu-discovery
neighbor 1.16.205.4 timers 15 45
maximum-paths 2
no auto-summary
!
Here is my current Site B config (only advertising 1.235.0.0/24.
Site B
router bgp 22223
no synchronization
bgp log-neighbor-changes
network 1.235.0.0 mask 255.255.255.0
network 1.16.224.0 mask 255.255.255.0
neighbor 1.16.224.3 remote-as 65001
neighbor 1.16.224.3 transport path-mtu-discovery
neighbor 1.16.224.3 route-map d-out out
neighbor 1.16.224.4 remote-as 65001
neighbor 1.16.224.4 transport path-mtu-discovery
neighbor 1.16.224.4 route-map d-out out
maximum-paths 2
distribute-list 3 in
no auto-summary
!
access-list 1 permit 1.235.0.0 0.0.0.255
access-list 2 permit 1.16.224.0 0.0.0.225
access-list 3 permit any
route-map d-out permit 10
match ip address 1
set as-path prepend 27548 27548
I have tried a number of things, such as adding the 1.16.224.0/24 network to access-list 1, creating a second route-map allowing access-list 2, but nothing has worked.
Any help would be appreciated.
Thanks
Joerg
09-15-2009 10:48 PM
You're missing a second route-map statement to allow 1.16.224.0/24 to be advertised.
Complete route-map should be:
route-map d-out permit 10
match ip address 1
set as-path prepend 27548 27548
route-map d-out permit 20
09-16-2009 04:47 AM
I have tried to add the following:
route-map d-out permit 20
match ip address 2
However, this did not inject the route. Should I not use the "match ip address 2" statement?
Thanks
Joerg
09-16-2009 05:21 AM
Correct. You just need to use 'route-map d-out permit 20' without any match statement and this will ensure that rest of the prefixes(except 1.235.0.0/24) will be advertised without any AS-Prepending. So you don't need access-list 2 altogether.
This will happen here:
In 'route-map d-out permit 10' statement, ACL 1 matches a single network 1.235.0.0/24 and set statement will prepend AS numbers. Now if you do not specify 'route-map d-out permit 20' statement, rest of the prefixes(including 1.16.224.0) will be matched by invisible route-map statement 'deny any' and prevents them from being advertised. So by using permit statement 20 at the end of route-map, you will ensure that these prefixes get default treatment(no AS path prepending).
09-16-2009 05:36 AM
Great. Thanks!
I will add the statement this weekend.
I appreciate the help.
Joerg
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: