Solved: Configuring new Public IP pool in exiting BGP configuration

satheeshckl · ‎01-10-2019

Dear Team,

We have two router running in BGP and configured with one APNIC ip pool (103.251.10.0/24) . Now we got another Pool (103.251.56.0/24) from APNIC . Could someone please give idea to configure this pool in router because i have not that much deep knowledge in BGP. Attached the configuration of routers and architecture for reference.

Thanks

Satheesh

balaji.bandi · ‎01-10-2019

You are only looking to anounce in BGP below configuraiton will help you, (if you looking more, you need explain what you looking to do with this IP address, then we can suggest other configuration based on inputs.

R1

router bgp 144137
bgp router-id 192.168.10.1
bgp log neighbor changes detail
address-family ipv4 unicast
network 103.251.10.0/24
network 103.251.56.0/24

R2
router bgp 144137
bgp router-id 192.168.10.2
bgp log neighbor changes detail
address-family ipv4 unicast
network 103.251.10.0/24
network 103.251.56.0/24

reset the bgp soft

clear ip bgp * soft

Make sure you send the same request to uplink ISP to anounce the same IP range, so the IP address routable to your network.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

View solution in original post

balaji.bandi · ‎01-10-2019

You are only looking to anounce in BGP below configuraiton will help you, (if you looking more, you need explain what you looking to do with this IP address, then we can suggest other configuration based on inputs.

R1

router bgp 144137
bgp router-id 192.168.10.1
bgp log neighbor changes detail
address-family ipv4 unicast
network 103.251.10.0/24
network 103.251.56.0/24

R2
router bgp 144137
bgp router-id 192.168.10.2
bgp log neighbor changes detail
address-family ipv4 unicast
network 103.251.10.0/24
network 103.251.56.0/24

reset the bgp soft

clear ip bgp * soft

Make sure you send the same request to uplink ISP to anounce the same IP range, so the IP address routable to your network.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Richard Burts · ‎01-12-2019

Satheesh

One thing in your question is clear. You now have a second block of IP addresses. And it is clear that you need to advertise that block of IP addresses and the suggestion from BB is clear how to accomplish that. Beyond that it is not clear what you want to do with the new address block. Your post seems to suggest some type of pool. But it is not clear what kind of pool. Is it a pool of addresses to use for address translation? Is it a pool of addresses to use for DHCP for devices in your network that should have public IP? Is it a pool of addresses to use for VPN? Can you clarify how you wish to use these addresses? If we knew that we might be able to provide better advice.

HTH

Rick

HTH

Rick

satheeshckl · ‎01-13-2019

Rick thanks for your time to review my doubts, We are using this Pool for address translation. We are a hosting provider and the present pool is used for NATing. The new pool (103.251.56.0/24) will be used for the same purpose.

Thanks,

Satheesh S P

satheeshckl · ‎01-13-2019

Thanks BB, We are using this IP pool for NAT. Presently our servers are connected to firewall. The private IP of all the servers are NATed with the public pool(103.251.10.0/24). The New pool (103.251.56.0/24) will be used for the same purpose.

The present default route from firewall pointing to 103.251.10.1 and the whole pool is subnetted and assigned /25 to one ISP1 and other /25 to ISP2. So if I configure this new pool how we can route traffic from firewall through the newly assigned NATed IP.

For eg: My server Private IP 10.10.2.5

Server NAT IP : 103.251.56.5

balaji.bandi · ‎01-13-2019

As long as you have all the routing in place, in the FW you can do natting as you do for hosting Services. you should be ok,

test and advise.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

satheeshckl · ‎01-13-2019

Thanks for your reply BB. This will help me lot....I got more confidence to do this configuration ....

Thanks and regards,

Satheesh

Richard Burts · ‎01-15-2019

Satheesh

I agree with BB that if you will be using the new address block for address translation similar to what you are doing with the current address block that you can do the same things with the new address block that you do with the existing address block. I do have a question and perhaps a suggestion. You mention ISP1 and ISP2. Are these 2 connections to the same ISP or are they really separate ISPs? The reason for asking is that in general advertising a /25 to an ISP will not be accepted. When you implement the new address block perhaps it would be better to advertise the first /24 to one ISP and the new /24 to the second ISP.

HTH

Rick

HTH

Rick

satheeshckl · ‎01-15-2019

Rick,

We have different ISP's and /24 pool only given to ISP's for advertising . We configured internally one ACL to manage outbound traffic.You are right, ISP's can't accept /25 for advertising.

Thanks for your suggestion.

Satheesh

Richard Burts · ‎01-15-2019

Satheesh

I misunderstood what you were saying about /25. Thanks for the clarification. So you will use the new address block similar to what you do with the existing block.

HTH

Rick

HTH

Rick