Route redistribution between multiple ASes

andrew.norton · ‎09-18-2013

We have two BGP neighbors with two different carriers MPLS IP VPN products that are advertising private LANs to us (ie. 172.16.x.x/24). We are able to reach the various sites private networks from our core routers but unable to reach the private network from the different AS network spokes.

For example I have a site on carrier A on the 172.16.102.x network that only receives routes from other carrier A routes but doesn't receive the routes advertised via BGP on carrier B. So what is the best method to get the carrier B advertised BGP routes redistributed to carrier A and vice-versa.

Any help would be greatly appreciated.

Harold Ritter · ‎09-18-2013

Hi Andrew,

I assume these two bgp neighbors on the same router? If so, unless you are filtering the routes you advertise to each one of these neighbors, the routes received from one should be advertised to the other and vice versa.

Regards

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

milan.kulik · ‎09-18-2013

Hi,

if the the BGP neigbours are on different customer routers, there is a BGP session necessary between the customer routers to get the carrier B advertised BGP routes redistributed to carrier A and vice-versa.

There might be some problems with clashing AS numbers though, if both providers would be using the same private AS numbers for their customers, e.g.

Best regards,

Milan

andrew.norton · ‎09-19-2013

Both ASes are on the same router and they are in deed different ASNs. Yet when trying to get to the private LANs that are advertised from one service prodivder to another LAN advertised on the other service prodivder it is not working.

milan.kulik · ‎09-19-2013

Hi,

I think you need to take one particular prefix as an example.

Issueing

sh ip bgp x.x.x.x/y

for that prefix received from one provider you should be able to see what is the best path - should be pointing to that provider.

You should also see the BGP Update group number to which that prefix is advertised.

sh ip bgp update-group

command should show you the neighbors within that update group - should be the other provider router.

If the update group list for that particular prefix is empty, then it's not advertised to the other provider.

Probably because your outgoing prefix-list (or route-map) applied for that provider neighbour is not permitting that prefix.

Modify the prefix-list to permit that prefix and it's fixed!

If you see the other neighbour in the update group, you can doublecheck by

sh ip bgp nei z.z.z.z adv

command where z.z.z.z is your neigbour router IP address.

You should see that prefix among the advertised prefixes.

In that case you should ask your provider why he is refusing that prefix.

Bets regards,

Milan

andrew.norton · ‎09-20-2013

I have run the sh ip bgp update-group and it shows my two BGP neighbors as being a memeber of

BGP version 4 update-group 1, external, Address Family: IPv4 Unicast

Yet at the bottom it shows "Has 2 members (* indicates the members currently being sent updates):" and neither IP has a * by it.

The prefix is permitted within the prefix-list for update group 1.

When I do a sh ip bgp nei x.x.x.x advertised-routes

The route shows up for the prefix with the proper ASes. I do a traceroute and it gets to my core router and then stops and doesn't go out the route to the other carrier.

Would this be due to the inbound prefix-list?

milan.kulik · ‎09-20-2013

Hi,

it's possible one (or both) of your providers is not accepting the prefixes containing the other provider AS numbers in the AS_PATH.

Do you have any access to their routers?

If not, have you asked them if they do any filtering of the prefixes received from you?

Best regards,

Milan