cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2806
Views
0
Helpful
24
Replies

BGP- Difficulty with NULL0 Route

Hello

We are a small ISP with links from two larger upstreams.

Take for example , I am advertising 192.168.52.0 / 22 IP Block through ISP1. For this I am putting a Null0 route " ip route 192.168.52.0 255.255.252.0 Null0 " . One of the router's interface is assigned with the IP address 192.168.52.1 /22 - whole customer network is running through that interface.So far so good.

Now I want to introduce ISP2 & advertise only 192.168.52.0/24 IP Block through ISP2. This I cant - the Block is not getting advertised unless and until I add the route " ip route 192.168.52.0 255.255.255.0 Null0 " & as soon as I add this route the interface on which the IP address 192.168.52.1 /22 is assigned stops pinging- and it is turning to a mess.

Any suggestion to how to advertise only the 192.168.52.0/24 block through ISP2 .

Please revert if any clarification is needed.

Abhishek

24 Replies 24

Jon Marshall
Hall of Fame
Hall of Fame

Abishek

The problem you have is that 192.168.52.0/24 is more specific than 192.168.52.0/22 so you are blackholing the traffic as the more specific route is always chosen.

So

1) add the Null0 route on another device and redistribute

OR

2) add the route but point it in the next-hop direction eg.

L3 switch 192.168.52.2 -> 192.168.52.1/22 Router -> ISP

so for option 1

on the L3 switch add "ip route 192.168.52.0 255.255.255.0 Null0" and then redistribute into your IGP.

Note that this assumes

i) you are running an IGP between the L3 switch and the router

ii) the L3 switch knows about the 192.168.52.x networks

For option 2

add to the router - "ip route 192.168.52.0 255.255.255.0 192.168.52.2

again this assumes that the L3 switch knows about the 192.168.52.x networks.

If you are unclear can you post a topology diagram ?

Jon

Jon-

Thanks for your reply. I am attaching a logical diagram of the network and tried to describe the problem . Hope you have asolution for it.

Abhishek

Hi,

You should already have the route for 192.168.52.0/22 as configured at the interface GigabitEthernet0/12.

Thus, please try to remove the "ip route 192.168.52.0 255.255.252.0 Null0"

Thanks & Regards,

Abhishek

There is a reason why you might want to keep the null 0 route for 192.168.52.0/22 even when it duplicates a local route in the routing table. To promote stability in the BGP routing table (and to avoid possible dampening by your upstream provider) you might want to continue to advertise the network/subnet even when it is not locally reachable. Keeping the null 0 route accomplishes this.

Jon as correctly identified the problem as the fact that your new null0 route is more specific than the connected route, and more specific routes are always preferred over less specific routes. Even though I normally advocate that you should not configure static routes specifying the outbound interface rather than the next hop when the outbound interface is Ethernet, I believe that this is a case where that could be useful. The reasons why we usually want to avoid static routes specifying the interface do not apply here - it will cause the router to ARP for any address falling in the range of the static route (but the router already must ARP for all these addresses since they are really on the connected interfce). So I would suggest that this might be a good solution for your issue:

ip route 192.168.52.0 255.255.255.0 gig0/12

HTH

Rick

HTH

Rick

Here alternate approach of using static route is to use BGP inject-map. As aggregate prefix(192.168.52.0/22) is already present in routing table you can use this feature to import specific subnet(192.168.53.0/24) of this aggregate into BGP table. Then use filtering method to control your advertisement to ISPs.

Rick

Thanks for your suggestion.I have done exactly what you have pointed- but could not be sure what will be the possible consequence ,since it is in our production, thats why I reverted back.Please suggest if everything will be alright .

What I have done -

1] removed the route " ip route 192.168.53.0 255.255.255.0 Null0 "

2] added the route " ip route 192.168.52.0 255.255.255.0 gig0/12"

Apparently , everything was working fine . But when I issued " sh ip bgp neighbors < Peer IP - Upstream2 > advertised-routes " it showed -

Network *> 110.172.53.0/24

Nexthop 192.168.55.254

unlike in normal circumstances which shows 0.0.0.0 as the next-hop.

I dont know what may be the result, since the block is getting advertised towards 192.168.55.254.

Please suggest.

Abhishek

Abhishek

Where does the 110.172.53.0/24 network come into things. I can't see it in your diagram anywhere ?

Jon

Jon

Its like that , I would like to take 192.168.53.0/24 instead of 192.168.52.0/24.

However the configuration for IP Block 192.168.52.0/24 or 192.168.53.0/24 will be same isnt it ?

Please refer to the "sh run" output of the router specified below in the network diagram.

Waiting for your reply.

Abhishek

Please read Point# 2 as -

2] added the route " ip route 192.168.53.0 255.255.255.0 gig0/12"

Sorry for mistyping.

Abhishek

Hi Abhishek,

Have you got the solution now? Just wondering if its solved.

regards

I am stuck at the point , if it is normal to show 110.172.55.254 in the next hop instead of 0.0.0.0 when I am issuing " sh ip bgp neighbor < IP > advertised-routes " command.

If it is yes then the issue is solved .

Any suggestion is most welcome.

Abhishek

Abhishek

I have not used this particular implementation and can not say authoritatively that it is normal. But I believe that this is in fact the expected behavior. Most of the time when a router originates a route advertisement in BGP it is the next hop and it represents it in the BGP table as 0.0.0.0. In this case the static route is indicating that the next hop is somewhere in the connected subnet but does not know exactly where. So it is using the highest available address in the subnet.

As long as you are advertising the /22 subnet, then this next hop address would be reachable. And I believe that it would not have any negative effect on your network.

HTH

Rick

HTH

Rick

Perhaps I am missing something but is this just an announcement issue?

Couldn't you create a prefix-list for this specific IP range

ip prefix-list ISP-A-Announce-OUT seq 5 permit 192.168.52.0/22 le 24

obviously you would need route-map and applied to the bgp neigh statement.

Again, maybe I am missing something.

Rick

The problem is EBGP cannot advertise a route unless it finds it in the IGP routing table. It's not in the IGP routing table so the only way to get it in there is to add a static route.

Problem is if the next-hop is Null0 all the traffic is blackholed because it's the more specific route.

Jon

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco