BGP Conditional Advertisement problem

Unanswered Question
Jun 21st, 2010

All,

I want a router to only advertise its routes if the serial interface is up. I have a route map that's applied to a neighbor to check if the peer route is in the table. I have another route map which I've tried the following:

My route I'm checking for:

access-list 5 permit 172.15.15.2

route-map EXIST permit 10

match ip address 5

My route-map I'm advertising:

access-list 10 deny any

route-map ADVERTISE permit 10

match ip address 10

I've also tried:

route-map ADVERTISE deny 10

In BGP I set the neighbor:

neighbor 10.5.5.5 advertise-map ADVERTISE non-exist-map EXIST

The problem is I'm showing withdraw for the neighbor, but my routes are still showing up on the peering router. How can I deny all routes from this router if the peering router goes down?

Thanks,

John

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4.5 (2 ratings)
Loading.
francisco_1 Mon, 06/21/2010 - 15:18

You have to use the exist-map instead of non-exist-map.

Below is an example. R3 Has iBGP peering with R2 and advertsing R2 loop back 150.20.20.20 to R8 AS 300 via eth0/0 & R1 AS 100 via serial 1/0.
R3 is only advertsing R2 loop back 150.20.20.20 to R8 on;y if the serial 1/2 is up (I have advertised serial 1/2 interface on R3 using network statement and if the prefix for serial 1/2 (shutdown on R3) is removed from bgp local table, then R3 will withdrawn prefix 150.20.20.20  advertised to R8.


interface Ethernet0/0
DES LINK TO R8 - AS 300
ip address 155.8.37.3 255.255.255.0
half-duplex
!

interface Serial1/0
Des LINK - TO - R1 AS 100
ip address 155.8.0.3 255.255.255.0
encapsulation frame-relay
serial restart-delay 0
!

interface Serial1/2
DES USED FOR BGP EXIST-MAP
ip address 155.8.13.3 255.255.255.0
serial restart-delay 0
clock rate 64000
!

interface Serial1/3
DES Ibgp Peering with R2 - AS 200
ip address 155.8.23.3 255.255.255.0
serial restart-delay 0
clock rate 64000
!


router bgp 200
no synchronization
bgp log-neighbor-changes
network 155.8.13.0 mask 255.255.255.0
timers bgp 9 25
neighbor 155.8.0.1 remote-as 100
neighbor 155.8.23.2 remote-as 200
neighbor 155.8.37.8 remote-as 300
neighbor 155.8.37.8 advertise-map ADVERTISED exist-map NONEXIST
no auto-summary

ip prefix-list SERIAL1/3-MONITOR seq 5 permit 155.8.13.0/24
ip prefix-list R2LO1 seq 5 permit 150.20.20.20/32


route-map ADVERTISED permit 10 ----THis used to advertised R2 LOOPBACK EXTERNALLY
match ip address prefix-list R2LO1

route-map EXIST permit 10
match ip address prefix-list SERIAL1/3-MONITOR


!

Tesing

R3
######

Rack8R3#sh ip bgp
BGP table version is 17, local router ID is 150.8.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*>i150.20.20.20/32  155.8.23.2               0    100      0 i
*> 155.8.13.0/24    0.0.0.0                  0         32768 i  - Prefix for Serial 1/2 locally generated
Rack8R3#


Rack8R3#sh ip bgp neighbors 155.8.37.8 advertised-routes
BGP table version is 17, local router ID is 150.8.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i -
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*>i150.20.20.20/32  155.8.23.2               0    100      0 i   (Advertised to R8 is serial 1/2 is up)
*> 155.8.13.0/24    0.0.0.0                  0         32768 i  (Serial 1/2 exist in local bgp table)

Total number of prefixes 2

After int serial 1/2 is shutdown...

##############################


Rack8R3#sh ip bgp neighbors 155.8.37.8
Condition-map NONEXIST, Advertise-map ADVERTISED, status: Advertise
                                 Sent       Rcvd

shutting interface serial 1/2 on R3
#######################################

Condition-map NONEXIST, Advertise-map ADVERTISED, status: Withdraw


Rack8R3#sh ip bgp neighbors 155.8.37.8 advertised-routes

Total number of prefixes 0

Francisco

John Blakley Tue, 06/22/2010 - 09:32

Thanks Francisco. In the end, I found out what the problem was. When using an access-list for conditional advertisement, you have to put the actual subnet that matches what's in the bgp table, otherwise it doesn't work. I had to deny all routes using a prefix list and this works well.

ip prefix-list ADVERTISE permit 0.0.0.0/0 le 32

ip prefix-list EXIST permit 192.168.1.0/24

route-map ADVERTISE permit 10

match ip address prefix-list ADVERTISE

route-map EXIST permit 10

match ip address prefix-list EXIST

router bgp 65000

neighbor 172.15.15.15 advertise-map ADVERTISE exist-map EXIST

This worked REALLY well. It advertises everything in the BGP table unless the 192.168.1.0 subnet is missing and then advertises nothing to it's peer.

HTH someone in the future with this because I'm sure it's a requirement for many.

Thanks,
John

Actions

This Discussion