Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1621
Views
0
Helpful
25
Replies

Multi BGP help - urgent

interwebmedia
Level 1
Level 1

‎07-01-2009 08:04 AM - edited ‎03-06-2019 06:32 AM

Hello,

Recently we have changed over to BGP for our SINGLE PROVIDER we currently have.

The configuration looks like this:

router bgp AS_NUMBER

no synchronization

bgp router-id ROUTER_ID_IP

bgp log-neighbor-changes

network XXX.XXX.XXX.XXX (1) mask 255.255.252.0

network XXX.XXX.XXX.XXX (2) mask 255.255.252.0

network XXX.XXX.XXX.XXX (3) mask 255.255.252.0

network XXX.XXX.XXX.XXX (4) mask 255.255.252.0

neighbor NEIGHBOR_IP remote-as REMOTE_AS

neighbor NEIGHBOR_IP password BGP_PASS

neighbor NEIGHBOR_IP route-map filter-in in

no auto-summary

!

ip prefix-list only-default seq 5 permit 0.0.0.0/0

!

route-map filter-in permit 10

match ip address prefix-list only-default

!

-------------------------------

NOW, we are going to plug a NEW ISP and want to announce ONLY our NETWORK (4) above.

Meaning this ISP will only route that CLASS C. So they are announcing it on their end and I have to announce that I am routing this CLASS C on the new ISP in my device.

Can someone please provide EXACT configuration commands to put in my router in order to achieve this ??

As well, I told my new ISP to only route this Class C on their network. But what happens if I tell them to route ALL my IP's and I want ONLY this Class C to go through them, can this be achieved? or if they announce it then I cannot control incoming traffic since they are announcing it and therefore I can only control outgoing traffic ?? Can someone please detail this for me?

Waiting for an answer on both questions.

GREATLY appreciated

Thanks

Labels:
0 Helpful
25 Replies 25

Giuseppe Larosa
Hall of Fame
Hall of Fame
In response to interwebmedia

‎09-17-2009 01:28 PM

Hello Elazar,

warning:

you say you would like to send a more specific prefix to cogent.

But your current BGP configuration contains a /22 network not an aggregate that creates a /22 prefix.

You need to have a meaningful route to the desired /24 subnet or the configuration suggested by Craig with a static to null0 even with AD 254 will act as a black hole for this traffic.

Craig:

this point has to be addressed.

How is the /22 prefix present in your router?

Hope to help

Giuseppe

0 Helpful

xcz504d1114
Level 4
Level 4
In response to Giuseppe Larosa

‎09-17-2009 01:39 PM

I definately made some assumptions on his internal configurations, I assumed the /22's were already being advertised by a null route, and I assume he segmented the /24 to a subinterface of some sort, and does not have a giant /22 present without any subnetting.

If he is not subnetting the /22, he will most definately black hole that class C.

The complete configuration and topology needs to be present to make proper design decisions.

Craig

0 Helpful

interwebmedia
Level 1
Level 1
In response to xcz504d1114

‎09-17-2009 03:28 PM

Internally, yes each /22 is separated into /24.

I already have a null route for the /22 in place, actually I have them for all my /22.

So yes they are internally connected to vlans as /24 ...

So 2 questions.

1.Can I go ahead with his config ??

2. How come above I have a suggestion config with all those ip prefix-list .... and in your new config there is none of that? How can they be so different ?

Thank You

0 Helpful

interwebmedia
Level 1
Level 1
In response to interwebmedia

‎09-17-2009 04:07 PM

Hello,

Also, what do I have to make sure to be careful or fix to not have what described here

"Depending on how your internal network is setup you could have some asymmetric routing occuring, so the traffic will exit out MTO and come back in through COGNET or vice versa, since I don't know the rest of your network topology and configuration I can't really help much there. By default BGP will only use one of the links."

Thanks

0 Helpful

xcz504d1114
Level 4
Level 4
In response to interwebmedia

‎09-17-2009 05:01 PM

Again, that depends on your network topology, are there 2 routers or 1? Do you want redundancy? Do you want partial redundancy, or if either link fails it should be redundant for all networks? Is your ISP aware that you are advertising these networks out? If not they will likely filter whatever you advertise. Is there a community you can send your ISP to make a route less preferred on the internet? If you begin to make your links fully redundant, you will run into the case where one ISP is definately "stronger" than the other, and sometime AS prepending isn't enough.

There are a lot of things that I consider when designing a network, and even more so when designing and interface with a network that I don't control (like an ISP).

Can you create a network diagram of your network? And also post the complete configuration of your external routers?

Also, one person recommended to use prefix lists, I recommended to use a route-map, they will accomplish the exact same thing, there are certain circumstances where a prefix list can make configuration easier, but an ACL and route map can accomplish anything a prefix list can.

Craig

0 Helpful

interwebmedia
Level 1
Level 1
In response to xcz504d1114

‎09-17-2009 11:05 PM

so I put in the configuration and I everything crashed at the middle of putting in the configurations.

The neighbor IP was not correct as it was referring to the .6 IP but that is my own configured IP so the neighbor should be .5 but even with putting .5 everything crashed.

Is there anyway I can get ONE on ONE help outside of this public forums from one of you professionals?

Please let me know, you can email me at lazouche@gmail.com

Thank You

0 Helpful

interwebmedia
Level 1
Level 1
In response to xcz504d1114

‎09-18-2009 07:06 AM

so I put in the configuration and I everything crashed at the middle of putting in the configurations.

The neighbor IP was not correct as it was referring to the .6 IP but that is my own configured IP so the neighbor should be .5 but even with putting .5 everything crashed.

Is there anyway I can get ONE on ONE help outside of this public forums from one of you professionals?

Please let me know, you can email me at lazouche@gmail.com

Thank You

0 Helpful

interwebmedia
Level 1
Level 1
In response to xcz504d1114

‎09-21-2009 06:25 AM

anything on this please??

0 Helpful

sungy
Level 1
Level 1

‎09-21-2009 06:54 AM

create an acl with allowing your for /24 and deny everything else...

ip access-list my_routes

permit ip 2.2.2.0 0.0.0.255 any

permit ip 2.2.3.0 0.0.0.255 any

permit ip 2.2.4.0 0.0.0.255 any

permit ip 2.2.5.0 0.0.0.255 any

deny ip any any

and apply distribute-list to that new ISP BGP peer.

neighbor 1.1.1.1 distribute-list my_routes

0 Helpful

sungy
Level 1
Level 1

‎09-21-2009 07:00 AM

they could apply a filter to only learn the /24 you told them to redistribute or they may rely on you to properly advertise your routes. They could also potentially only accept certain number of routes. For example, if you told them 4 routes, they might give you a little head room and drop peering if you go over it 10 or something. You have to ask them, ISP, what kind of policy they have in place.

0 Helpful

interwebmedia
Level 1
Level 1
In response to sungy

‎09-21-2009 12:10 PM

Ok so finally we got it to work as mentionned in the above configs, only thing remaining is that the router chooses COGENT as the default 0.0.0.0, I need all the traffic that is NOT from the XXX.75.188.0 /24 network to go out through MTO and that class C through cogent.

How do I accomplish this?

Thanks

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card