cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1666
Views
0
Helpful
1
Replies

Suppress BGP advertisements

Oerlikon_NZ
Level 1
Level 1

Hi 

The company I work for are BGP multi homed with two different providers for Internet transit.  The company has a primary & secondary data centre from which they each connect to a single provider.  AS prepending & local pref are used to prefer transit via the primary Internet transit provider which is also peered via the secondary data centre (due to legacy reasons).  There is a single WAN link connecting the two data centres.

I'm trying to use EEM scripting to suppress outbound advertisements & filter all routes inbound via the primary Internet transit if the WAN link connecting the two data centres goes down.  This is because a black hole condition will occur, with traffic going out the secondary Internet transit, but trying to return via the primary Internet transit.  The return traffic can't pass over the WAN link from the secondary data centre to the primary data centre.  

I've written several EEM scripts on the primary border router to suppress BGP advertisements to the primary provider, & also filter ALL inbound routes.  This is triggered by a tracked object when the WAN link goes down, & a OSPF learned route is no longer seen in the table of the primary border router.  This all works fine.  The problem I have is when the link & tracked object change to UP, the delay I have set in the script (to help ensure stability) is not triggering one of the EEM scripts then to re-advertise networks & allow all inbound routes.  I can't really see any way around this, without causing more problems if the WAN link is bouncing up & down, during the trigger delay period.  Can anyone help or suggest a another way of doing this?

I think my problem is with the "trigger delay 1800" & that during this time if the WAN link comes back up the "event track 1 state up" is never invoked...
 

ip prefix-list PL-DENY-ALL-ROUTES description Filter ALL routes inc default route

ip prefix-list PL-DENY-ALL-ROUTES seq 5 deny 0.0.0.0/0 le 32

 

track 1 ip route 192.168.213.2 255.255.255.255 reachability

!

 

route-map RM-SUPPRESS-TO-PrimaryTrans permit 10

 description Don't advertise public networks to PrimaryTrans

 set community 19701:1666 additive

!

 

event manager environment q "

event manager applet Suppress_192.168.208.0_21_PrimaryTrans 

 event track 1 state down

 action 05 cli command "enable"

 action 10 cli command "configure terminal"

 action 15 cli command "router bgp 65501"

 action 20 cli command "address-family ipv4"

 action 25 cli command "network 192.168.208.0 mask 255.255.248.0 route-map RM-SUPPRESS-TO-PrimaryTrans"

 action 30 cli command "neighbor 10.10.10.1 prefix-list PL-DENY-ALL-ROUTES in"

 action 35 cli command "do clear ip bgp 10.10.10.1 soft in"

 action 40 cli command "do clear ip bgp 10.10.10.1 soft out"

 action 45 cli command "end"

 

event manager applet DC-to-DC_WAN_Down 

 event syslog occurs 1 pattern "%TRACKING-5-STATE: 1 ip route 192.168.213.2/32 reachability Up->Down"

 trigger delay 1800

 action 05 cli command "enable"

 action 10 cli command "configure terminal"

 action 15 cli command "event manager applet Advertise_192.168.208.0_21_PrimaryTrans"

 action 20 cli command "event track 1 state up"

 action 25 cli command "action 05 cli command enable"

 action 30 cli command "action 10 cli command $q configure terminal$q"

 action 35 cli command “action 15 cli command $q router bgp 65501$q”

 action 40 cli command "action 20 cli command $q address-family ipv4$q"

 action 45 cli command "action 25 cli command $q network 192.168.208.0 mask 255.255.248.0$q"

 action 50 cli command "action 30 cli command $q neighbor 10.10.10.1 prefix-list PL-ONLY-DEFAULT-ROUTE in$q"

 action 55 cli command "action 35 cli command end"

 action 60 cli command "action 40 cli command $q clear ip bgp 10.10.10.1 soft out$q"

 action 65 cli command "action 45 cli command $q clear ip bgp 10.10.10.1 soft in$q"

 action 70 cli command "end"

 

event manager applet DC-to-DC_WAN_Up 

 event syslog occurs 1 pattern "EEM:Advertise_192.168.208.0_21_PrimaryTrans"

 trigger delay 20

 action 05 cli command "enable"

 action 10 cli command "configure terminal"

 action 15 cli command "no event manager applet Advertise_192.168.208.0_21_PrimaryTrans"

 action 20 cli command "end"

!

 

 

1 Accepted Solution

Accepted Solutions

Joe Clarke
Cisco Employee
Cisco Employee

You don't want to use trigger delay here.  Instead, you want to configure a countdown applet.  The applet that detects the track "up" condition should configure an applet that counts down 1800 seconds.  If it is allowed to reach 0, then it should do the reconfiguration as desired.  In your "down" applet, add a statement that will remove this countdown applet.  This way, if the track goes down during the 1800 second hold down, the countdown applet will not reach 0, and thus the reconfiguration will not occur.

 

Make sense?

View solution in original post

1 Reply 1

Joe Clarke
Cisco Employee
Cisco Employee

You don't want to use trigger delay here.  Instead, you want to configure a countdown applet.  The applet that detects the track "up" condition should configure an applet that counts down 1800 seconds.  If it is allowed to reach 0, then it should do the reconfiguration as desired.  In your "down" applet, add a statement that will remove this countdown applet.  This way, if the track goes down during the 1800 second hold down, the countdown applet will not reach 0, and thus the reconfiguration will not occur.

 

Make sense?

Review Cisco Networking for a $25 gift card