Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

BGP advertise question

Need help with final step in BGP config.

ISP1       ISP2      ISP3

    \         /              |

     \       /               |

      ISP4 .........customer 

      (me)        (199.x.x.0/24)

I am ISP4 and I peer with ISP1/ISP2 for my IPs. My customer is peered with ISP3. I will be failover ISP for my customer. ISP1/ISP2 have agreed to accept my customers IPs if I advertise them.

My current working config (ISP4):

router bgp ISP4

no synchronization

bgp log-neighbor-changes

network 67.x.x.0 mask 255.255.248.0

neighbor 12.x.x.x remote-as ISP1

neighbor 12.x.x.x version 4

neighbor 12.x.x.x soft-reconfiguration inbound

neighbor 12.x.x.x route-map ISP1 out

neighbor 208.x.x.x remote-as ISP2

neighbor 208.x.x.x version 4

neighbor 208.x.x.x soft-reconfiguration inbound

neighbor 208.x.x.x advertise-map ISP2 non-exist-map ISP1

no auto-summary

ip as-path access-list 1 permit ^$

access-list 1 permit 67.x.x.0 0.0.7.255

route-map ISP2 permit 30

match ip address 1

route-map ISP2 permit 40

match as-path 1

route-map ISP1 permit 10

match ip address 1

route-map ISP1 permit 20

match as-path 1

----------------------------------------------------

current working customer config:

router bgp CUST

bgp log-neighbor-changes

network 199.x.x.0

neighbor 173.x.x.x remote-as ISP3

neighbor 173.x.x.x version 4

neighbor 173.x.x.x soft-reconfiguration inbound

neighbor 173.x.x.x route-map ISP3 out

ip as-path access-list 1 permit ^$

access-list 1 permit 199.x.x.0 0.0.0.255

route-map ISP3 permit 10

match ip address 1

route-map ISP3 permit 20

match as-path 1

-----------------------------------------------------

I will add customer as a neighbor in my router using a prefix-list in:

neighbor 199.x.x.0 remote-as CUST

neighbor 199.x.x.0 version 4

neighbor 199.x.x.0 prefix-list CUST

ip prefix-list CUST seq 5 permit 199.x.x.0/24

I will add me as a neighbor to customer router as failover:

neighbor 67.x.x.x remote-as ISP4

neighbor 67.x.x.x version 4

neighbor 67.x.x.x soft-reconfiguration inbound

neighbor 67.x.x.x advertise-map ISP4 non-exist-map ISP3

route-map ISP4 permit 30

match ip address 1

route-map ISP4 permit 40

match as-path 1

The question I have (provided the above is correct to start with!), is will I need to add the customers subnet to MY access list or will my session advertise his IPs if he is advertising them to me? I obviously don't want his IPs routed to me if his primary is up.

Thanks in advance.

1 ACCEPTED SOLUTION

Accepted Solutions

BGP advertise question

Hi,

a) to your question:

You are advertising to your ISP1 and ISP2 those prefixes which:

either  match access-list 1 (i.e., 67.x.x.0 0.0.7.255)

or match  ip as-path access-list 1 (i.e., ^$).

As your customer prefix will be

199.x.x.0 0.0.0.255 coming with an AS_PATH ^CUST$, none of the above conditions will be fulfilled, so the prefix will NOT be advertised to ISP1 nor ISP2.

So you would need to modify your outbound route-maps.

b) I'm afraid your

neighbor 67.x.x.x advertise-map ISP4 non-exist-map ISP3

configuration will not work the way you'd like to.

As the

non-exist-map ISP3

matches

ip as-path access-list 1 (i.e., permit ^$) or  access-list 1 (i.e., 199.x.x.0 0.0.0.255),

there will probably always exist a matching prefix and the customer would never advertise his prefix to you.

So IMHO, you should match some prefix received from ISP3 in the non-exist-map.

See

http://www.cisco.com/en/US/docs/ios/12_1/iproute/command/reference/1rdbgp.html#wp1150201

for details.

HTH,

Milan

1 REPLY

BGP advertise question

Hi,

a) to your question:

You are advertising to your ISP1 and ISP2 those prefixes which:

either  match access-list 1 (i.e., 67.x.x.0 0.0.7.255)

or match  ip as-path access-list 1 (i.e., ^$).

As your customer prefix will be

199.x.x.0 0.0.0.255 coming with an AS_PATH ^CUST$, none of the above conditions will be fulfilled, so the prefix will NOT be advertised to ISP1 nor ISP2.

So you would need to modify your outbound route-maps.

b) I'm afraid your

neighbor 67.x.x.x advertise-map ISP4 non-exist-map ISP3

configuration will not work the way you'd like to.

As the

non-exist-map ISP3

matches

ip as-path access-list 1 (i.e., permit ^$) or  access-list 1 (i.e., 199.x.x.0 0.0.0.255),

there will probably always exist a matching prefix and the customer would never advertise his prefix to you.

So IMHO, you should match some prefix received from ISP3 in the non-exist-map.

See

http://www.cisco.com/en/US/docs/ios/12_1/iproute/command/reference/1rdbgp.html#wp1150201

for details.

HTH,

Milan

209
Views
0
Helpful
1
Replies