02-29-2016 11:03 AM - edited 03-05-2019 03:27 AM
Hi, we are adding secondary ISP to multihome our network.
Secondary ISP will be used as a backup only.
We requested that secondary ISP advertise full routing table and default route. We don't need full routing table from them, but would like to have this option just in case.
The problem is - I need to filter all routes except for a default and also apply local preference with a low value to routes coming from the secondary ISP.
I applied the following route-map, but while it's applying local pref, it's not filtering out networks.
route-map BACKUP_INET_IN permit 10
match ip address prefix-list DEFAULT
set local-preference 50
ip prefix-list DEFAULT seq 5 permit 0.0.0.0/0
I know I could've done something like this:
ip prefix-list BACKUP_INET_IN seq 5 permit 0.0.0.0/0
but this will not apply local pref.
02-29-2016 11:32 AM
Should work fine.
I just did a quick test and it worked for me.
Do you have an IBGP peering on that router ?
Jon
02-29-2016 11:39 AM
hm, strange.
Yes, I do have ibgp with our second router and also have ebgp with core nexus switches.
It's really weird that it worked for you, because when I do
sh ip bgp neighbor x.x.x.x
its showing me that I am receiving lots of networks:
Sent Rcvd
Prefix activity: ---- ----
Prefixes Current: 3 255576 (Consumes 29948412 bytes)
Prefixes Total: 5 106215978
Implicit Withdraw: 0 99812841
Explicit Withdraw: 2 6147561
Used as bestpath: n/a 255571
Used as multipath: n/a 0
Saved (soft-reconfig): n/a 320355 (Consumes 16658460 bytes)
02-29-2016 11:50 AM
The routes are definitely showing the same next hop IP as the default route ?
Jon
02-29-2016 11:56 AM
Yes, they are. I actually had to call ISP and ask them to only advertise default for now and after reset Rcvd counter dropped to 1, so I am absolutely sure all those networks came from the secondary ISP.
I even modified route map and added implicit deny, but was still getting full update from the ISP
route-map BACKUP_INET_IN permit 10
match ip address prefix-list DEFAULT
set local-preference 50
route-map BACKUP_INET_IN deny 20
02-29-2016 11:58 AM
Which platform are you using.
I tested with IOS and like I say just copied your original configuration and it worked absolutely fine which to be honest I expected it would.
Jon
02-29-2016 12:00 PM
It's Cisco 2921, 15.1(2)T5
At least I am glad my route-map looks correct. I will try to play with it again during our next maintenance window.
Thanks for your fast responses.
03-04-2016 03:04 PM
Hello
I guess what you are seeing there is unprocessed prefixes relating to the bgp adj-rib-in table from your bgp peer(s) which where the routes are stored before any bgp policy is applied which there after will then be sent to the loc-rib table and should then just show your default.
The only way you can negate routes from being sent in the first place is via Outbound Route Filtering (ORF) or ask your ISP not to send them
Do you have soft reconfiguration enabled, this will also increase you memory/cpu utilsation and it isnt required on newer ios as the route refresh feature was introduced.
This feature will decrease your router memory/cpu overhead. And still allow you to soft reset your peerings Paul
res
02-29-2016 12:41 PM
ip prefix-list LIST permit 0.0.0.0/0 will match default route
ip prefix-list LIST permit 0.0.0.0/0 le 32 will match all the routes.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: