Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 

BGP- Difficulty with NULL0 Route

Hello

We are a small ISP with links from two larger upstreams.

Take for example , I am advertising 192.168.52.0 / 22 IP Block through ISP1. For this I am putting a Null0 route " ip route 192.168.52.0 255.255.252.0 Null0 " . One of the router's interface is assigned with the IP address 192.168.52.1 /22 - whole customer network is running through that interface.So far so good.

Now I want to introduce ISP2 & advertise only 192.168.52.0/24 IP Block through ISP2. This I cant - the Block is not getting advertised unless and until I add the route " ip route 192.168.52.0 255.255.255.0 Null0 " & as soon as I add this route the interface on which the IP address 192.168.52.1 /22 is assigned stops pinging- and it is turning to a mess.

Any suggestion to how to advertise only the 192.168.52.0/24 block through ISP2 .

Please revert if any clarification is needed.

Abhishek

24 REPLIES
Hall of Fame Super Blue

Re: BGP- Difficulty with NULL0 Route

Abishek

The problem you have is that 192.168.52.0/24 is more specific than 192.168.52.0/22 so you are blackholing the traffic as the more specific route is always chosen.

So

1) add the Null0 route on another device and redistribute

OR

2) add the route but point it in the next-hop direction eg.

L3 switch 192.168.52.2 -> 192.168.52.1/22 Router -> ISP

so for option 1

on the L3 switch add "ip route 192.168.52.0 255.255.255.0 Null0" and then redistribute into your IGP.

Note that this assumes

i) you are running an IGP between the L3 switch and the router

ii) the L3 switch knows about the 192.168.52.x networks

For option 2

add to the router - "ip route 192.168.52.0 255.255.255.0 192.168.52.2

again this assumes that the L3 switch knows about the 192.168.52.x networks.

If you are unclear can you post a topology diagram ?

Jon

Re: BGP- Difficulty with NULL0 Route

Jon-

Thanks for your reply. I am attaching a logical diagram of the network and tried to describe the problem . Hope you have asolution for it.

Abhishek

New Member

Re: BGP- Difficulty with NULL0 Route

Hi,

You should already have the route for 192.168.52.0/22 as configured at the interface GigabitEthernet0/12.

Thus, please try to remove the "ip route 192.168.52.0 255.255.252.0 Null0"

Thanks & Regards,

Hall of Fame Super Silver

Re: BGP- Difficulty with NULL0 Route

Abhishek

There is a reason why you might want to keep the null 0 route for 192.168.52.0/22 even when it duplicates a local route in the routing table. To promote stability in the BGP routing table (and to avoid possible dampening by your upstream provider) you might want to continue to advertise the network/subnet even when it is not locally reachable. Keeping the null 0 route accomplishes this.

Jon as correctly identified the problem as the fact that your new null0 route is more specific than the connected route, and more specific routes are always preferred over less specific routes. Even though I normally advocate that you should not configure static routes specifying the outbound interface rather than the next hop when the outbound interface is Ethernet, I believe that this is a case where that could be useful. The reasons why we usually want to avoid static routes specifying the interface do not apply here - it will cause the router to ARP for any address falling in the range of the static route (but the router already must ARP for all these addresses since they are really on the connected interfce). So I would suggest that this might be a good solution for your issue:

ip route 192.168.52.0 255.255.255.0 gig0/12

HTH

Rick

Bronze

Re: BGP- Difficulty with NULL0 Route

Here alternate approach of using static route is to use BGP inject-map. As aggregate prefix(192.168.52.0/22) is already present in routing table you can use this feature to import specific subnet(192.168.53.0/24) of this aggregate into BGP table. Then use filtering method to control your advertisement to ISPs.

Re: BGP- Difficulty with NULL0 Route

Rick

Thanks for your suggestion.I have done exactly what you have pointed- but could not be sure what will be the possible consequence ,since it is in our production, thats why I reverted back.Please suggest if everything will be alright .

What I have done -

1] removed the route " ip route 192.168.53.0 255.255.255.0 Null0 "

2] added the route " ip route 192.168.52.0 255.255.255.0 gig0/12"

Apparently , everything was working fine . But when I issued " sh ip bgp neighbors < Peer IP - Upstream2 > advertised-routes " it showed -

Network *> 110.172.53.0/24

Nexthop 192.168.55.254

unlike in normal circumstances which shows 0.0.0.0 as the next-hop.

I dont know what may be the result, since the block is getting advertised towards 192.168.55.254.

Please suggest.

Abhishek

Hall of Fame Super Blue

Re: BGP- Difficulty with NULL0 Route

Abhishek

Where does the 110.172.53.0/24 network come into things. I can't see it in your diagram anywhere ?

Jon

Re: BGP- Difficulty with NULL0 Route

Jon

Its like that , I would like to take 192.168.53.0/24 instead of 192.168.52.0/24.

However the configuration for IP Block 192.168.52.0/24 or 192.168.53.0/24 will be same isnt it ?

Please refer to the "sh run" output of the router specified below in the network diagram.

Waiting for your reply.

Abhishek

Re: BGP- Difficulty with NULL0 Route

Please read Point# 2 as -

2] added the route " ip route 192.168.53.0 255.255.255.0 gig0/12"

Sorry for mistyping.

Abhishek

Re: BGP- Difficulty with NULL0 Route

Hi Abhishek,

Have you got the solution now? Just wondering if its solved.

regards

Re: BGP- Difficulty with NULL0 Route

I am stuck at the point , if it is normal to show 110.172.55.254 in the next hop instead of 0.0.0.0 when I am issuing " sh ip bgp neighbor < IP > advertised-routes " command.

If it is yes then the issue is solved .

Any suggestion is most welcome.

Abhishek

Hall of Fame Super Silver

Re: BGP- Difficulty with NULL0 Route

Abhishek

I have not used this particular implementation and can not say authoritatively that it is normal. But I believe that this is in fact the expected behavior. Most of the time when a router originates a route advertisement in BGP it is the next hop and it represents it in the BGP table as 0.0.0.0. In this case the static route is indicating that the next hop is somewhere in the connected subnet but does not know exactly where. So it is using the highest available address in the subnet.

As long as you are advertising the /22 subnet, then this next hop address would be reachable. And I believe that it would not have any negative effect on your network.

HTH

Rick

Silver

Re: BGP- Difficulty with NULL0 Route

Perhaps I am missing something but is this just an announcement issue?

Couldn't you create a prefix-list for this specific IP range

ip prefix-list ISP-A-Announce-OUT seq 5 permit 192.168.52.0/22 le 24

obviously you would need route-map and applied to the bgp neigh statement.

Again, maybe I am missing something.

Hall of Fame Super Blue

Re: BGP- Difficulty with NULL0 Route

Rick

The problem is EBGP cannot advertise a route unless it finds it in the IGP routing table. It's not in the IGP routing table so the only way to get it in there is to add a static route.

Problem is if the next-hop is Null0 all the traffic is blackholed because it's the more specific route.

Jon

Silver

Re: BGP- Difficulty with NULL0 Route

I understand that part but if there is already a ip route in there for the /22 would not the prefix list then use the /24 because of the le 24 at the end of it?

Hall of Fame Super Blue

Re: BGP- Difficulty with NULL0 Route

Rick

I may be misunderstanding what you are getting at but it must be an exact match ie. the network and the subnet mask before it can be advertised.

Jon

Hall of Fame Super Silver

Re: BGP- Difficulty with NULL0 Route

Jon

And that is why I suggested that he not use a null 0 static route but use a static route specifying the outbound interface with the specific prefix and subnet mask that he wants.

Something like this:

ip route 192.168.52.0 255.255.255.0 gig0/12

HTH

Rick

Hall of Fame Super Blue

Re: BGP- Difficulty with NULL0 Route

Rick Burts

"And that is why I suggested that he not use a null 0 static route but use a static route specifying the outbound interface with the specific prefix and subnet mask that he wants."

Yes i realise that. I totally agree with you.

Think you mistook my last post to Rick ie the other Rick (engagerocks), as addressed to you :-).

Jon

Hall of Fame Super Silver

Re: BGP- Difficulty with NULL0 Route

Jon

My apologies. You are correct that I did not realize that there were 2 Rick active in the thread. Thanks for helping me realize this. Your comment to the other Rick now makes sense.

HTH

Rick

Silver

Re: BGP- Difficulty with NULL0 Route

I stand corrected.

I was thinking in reference to permitting and or denying incoming traffic on specific announcements using the le command.

Sorry to muddy up the water

Bronze

Re: BGP- Difficulty with NULL0 Route

Jon/Rick B.

Perhaps my understanding of BGP inject map is wrong but isn't that can be used in this case as you already have aggregate route and you want to inject more specific route?

Re: BGP- Difficulty with NULL0 Route

Yagnesh -

I have checked BGP Inject Maps with cisco docs- it may be possible by inject-maps , but the feature is available only with some specific hardaware/software platforms.I need to depend upon traditional methods available.

All-

Lets do it & monitor it for sometime. I will update you with feedbacks.

Abhishek

Hall of Fame Super Blue

Re: BGP- Difficulty with NULL0 Route

Yagnesh

I've never used this feature but from the looks of it your understanding is perfectly correct, this would indeed be another solution to the same problem.

Jon

Re: BGP- Difficulty with NULL0 Route

All-

The settings are working ok , it is running for the last 3-4 days I have not registered any problems.

Thanks to all.

Abhishek

342
Views
0
Helpful
24
Replies
CreatePlease to create content