Conditional advertizing in BGP

Unanswered Question
Jan 18th, 2010
User Badges:

Hi All,


We have a customer who is using our MPLS cloud for data transfer and has a backup via internet. The PE to CE is BGP and backup is using OSPF as routing protocol. Whenever the access circuit goes down at one of the site (Say Site A), the backup kicks in and site is able to access the servers at HO via OSPF. However the other sites loose the reachability to this site (Site A) and we need to manually advertize the subnets of the Site A in BGP at HO so that other sites can reach the Site A. Now we want to make this automated to avoid manual intervention and operations to be smoother.

Can anyone suggest the mechanism? Can we use BGP conditional advertisement feature i.e advertize-map and non-exist-map? If yes then how to itilize this feature?



Regards

Sameer

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4.5 (2 ratings)
Loading.
Marwan ALshawi Mon, 01/18/2010 - 05:01
User Badges:
  • Purple, 4500 points or more
  • Community Spotlight Award,

    Best Publication, December 2015

conditional advertisement could be an option

from  my understanding that if the main link over bgp between your network and their HQ goes down your network will receive the HQ routes through other link using ospf but this is not get advertised to other sites using bgp !!

if this is the case as i said condational advertisement could be an option

let say the HQ advertising 10.1.1.0/24 but the problem with conditional advertisement you need your bgp to watch a route if existed or not if you can let them add a dummy network ( loopback) lets say wih IP 1.1.1.1/32 and advertise it to you through bgp only

if this bgp peering goes down this route will disappear and you can advertise the other network in this example 10.1.1.0

under your PE router connntected to other sites


router bgp xx

network 10.1.1.0 mask 255.255.255.0

neighbor x.x.x.x advertise-map adver non-exit-map exist


where x.x.x.x the remote site that will recieve the route advertisement conditionally and you need to make sure this router receive the routes through bgp or any other routing protocol in the above example 10.1.1.0



ip prefix-list list1 permit 1.1.1.1/32


ip prefix-list list 2 permit 10.1.1.0/24


route-map exist

match ip address prefix-lst list1


route-map adver

match ip address prefix-list list2



good luck

if helpful Rate

sameer.mulgund Mon, 01/18/2010 - 19:59
User Badges:

Thanks a lot for the solution.


I will let u know once done with the design and configuration.


regards

sameer.mulgund Wed, 01/20/2010 - 00:41
User Badges:

Hi all,


How to use this solution to scale? I mean there are around 15 such remote sites and all sites have different subnets. All remote sites connect to HO via MPLS and backup VPN. In the event of MPLS failure, remotes sites connect via VPN to HO however sites should be reachable to rest of the sites.


Regards

Sameer

Giuseppe Larosa Wed, 01/20/2010 - 07:40
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

Hello Sameer,

you should verify if multiple statements like


neighbor x.x.x.x advertise-map adver-siteI non-exist-map exist-siteI


are possible if so you should be able to implement it with 15+15 route-maps and ACLs

if two lines to same neighbor x.x.x.x are not accepted this would be a problem.


An alternate way to advertise sites subnets from HQ with less preferred BGP routes. A possible way could be AS path prepending and it could work

if the ISP accepts the AS path (it can perform AS orverride or it can remove private AS numbers)


in this case you would redistribute OSPF into BGP and you would add AS path prepending.

(depending on primary BGP routes if they have MED=0 you could play on MED= OSPF metric to build secondary routes at HQ)


Hope to help

Giuseppe

sameer.mulgund Thu, 01/21/2010 - 00:06
User Badges:

Hi Giuseppe


thanks again. I think the 2nd solution is scalable. Just wanted to check out of curiosity, if we are building the secondary routing table (BGP) on HQ with AS path prepending or redistribution between OSPF and BGP, routes would be still locally sourced on HQ with weight as 32768. How the routing will take place in case of the link failure at a remote site?

Giuseppe Larosa Thu, 01/21/2010 - 00:18
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

Hello Sameer,

good note.

yes the problem with locally originated BGP routes can be seen after restore: the risk is that the HQ does not accept routes coming from ISP PE.

To overcome this problem I usually force a neigh  weight 40000 on eBGP session to ISP PE.

In this way when restore happens and ISP PE advertises again the primary  route it is preferred over locally generated route for its higher weight.

in case of failure of a remote site, HQ router starts to advertise the missing subnets over the eBGP session with ISP PE.

I tested this solution and for me worked.

For this reason I usually suggest to verify not only network reaction to failure but also what happens after restore.


Hope to help

Giuseppe

sameer.mulgund Thu, 01/21/2010 - 04:23
User Badges:

Hi Giuseppe


Thanks. We will try this option and come back with the results.


Regards

Sameer

mshavrov Wed, 02/17/2010 - 14:24
User Badges:

As I understand (and tested), BGP Conditional Advertising works as described:


1. If certain BGP prefis exists in the BGP table, advertising suppressed.

2. If prefix dissappears, router starts advertising.


I need it opposite way - when route exists, I need to advertise ANOTHER route, when route disappears, I need to withdraw the route from advertising.


In general, we have two sites, interconnected by Layer2 link (DWDM). One location has web host and the router, another location has just router. Router Ethernet interfaces are in the same subnet and interconnected by Layer 2 network. We announce LAN IP addresses through both routers to ISP. However when Layer2 connection between routers goes down, remote router still advertises LAN subnet even though web host is not accessible. So, I need to that "remote router" stop advertising when it cannot access primary router (which is at the same location as web host).

Actions

This Discussion

Related Content