cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3262
Views
36
Helpful
15
Replies

Advertising smaller IP address with eBGP and reach the internet.

ossniper
Level 1
Level 1

Hello.

 

Please, I really need help as I am trying to sort out an issue at work.

I am working for a startup company and just acquired a /22 Public iP address. I have 2 Upstream ISP and one downstream customer connection via ebgp.

I decided to advertise the /22 using null0 and divide the iP address space into /23 for load balancing between both ISP using a static route.

The problem I am having is once I configure /30 or /29 on the router interface and test with my laptop I can't reach the internet but can reach the router via icmp. but the /24 can access the internet.


my config: e.g

Public IP Address: 102.100.0.0/22


ip route 102.100.0.0 255.255.252.0 Null0
ip route 102.100.0.0 255.255.254.0 100.100.10.1
ip route 102.100.2.0 255.255.254.0 200.200.20.1

 

ip prefix-list FIRSTBLOCK seq 10 permit 102.100.0.0/24
ip prefix-list FIRSTBLOCK seq 10 permit 102.100.1.0/24

ip prefix-list 2NDBLOCK seq 5 permit 102.100.2.0/30
ip prefix-list 2NDBLOCK seq 10 permit 102.100.3.0/24


router bgp 65000
bgp router-id 10.10.10.10
bgp log-neighbor-changes
neighbor 100.100.10.1 remote-as 65001
neighbor 200.200.20.1 remote-as 65002
neighbor 102.100.0.2 remote-as 65003
!
address-family ipv4
network 102.100.0.0.0 mask 255.255.252.0
network 102.100.0.0 mask 255.255.255.0
network 102.100.1.0 mask 255.255.255.0
network 102.100.0.0 mask 255.255.254.0 /23
network 102.100.2.0 mask 255.255.254.0 /23
network 102.100.2.0 mask 255.255.255.252 /30
network 102.100.3.0 mask 255.255.255.0
neighbor 100.100.10.1 activate
neighbor 100.100.10.1 prefix-list FIRSTBLOCK out
neighbor 200.200.20.1 activate
neighbor 200.200.20.1 prefix-list 2NDBLOCK out
neighbor 102.100.0.2 activate
neighbor 102.100.0.2 prefix-list default out


interface GigabitEthernet0/0/0
description ***ISP-2***
ip address 100.100.10.2 255.255.255.248
ip nat outside
negotiation auto
end


interface GigabitEthernet0/0/4
description ***ISP-1***
ip address 200.200.20.2 255.255.255.254
ip nat outside
negotiation auto
end


interface GigabitEthernet0/0/5.999
description customer 1
encapsulation dot1Q 999
ip address 102.100.0.2 255.255.255.0


!!!!
interface GigabitEthernet0/2/0
description **TESTIN TO PC**
ip address 102.100.2.2 255.255.255.252
negotiation auto
end

 

I will appreciate all advise, insight and feedback, please.

 

Thanks and Best Regards,

 

 

15 Replies 15

the BGP can not advertise the route that not find in routing table, you have only /22 null0 but /23 ... don't have any route for it in your router.

I have the /30 route in my routing table..

 

R1#sh ip route 102.100.2.0
Routing entry for 102.100.2.0/30
Known via "connected", distance 0, metric 0 (connected, via interface)
Advertised by bgp 65000
Routing Descriptor Blocks:
* directly connected, via GigabitEthernet0/2/0
Route metric is 0, traffic share count is 1

 

 

R1#sh ip route
S 102.100.2.0/23 [1/0] via 200.200.20.1
C 102.100.2.0/30 is directly connected, GigabitEthernet0/2/0
L 102.100.2.2/32 is directly connected, GigabitEthernet0/2/0

 

Hello,

 

most ISPs won't accept anything smaller than /24 routes, that would explain your problem.

 

That said, I am not really clear on what you are trying to accomplish. You acquired the /22 from one ISP, and you want to subnet it to reach two ISPs ?

The /22 IP address was acquired from AFRINIC. 

 

ip route 102.100.0.0 255.255.252.0 Null0                      
ip route 102.100.0.0 255.255.254.0 100.100.10.1       to ISP-2
ip route 102.100.2.0 255.255.254.0 200.200.20.1       to ISP-1

 

 

I want to be able to give out /30 or /29 to customers and they should be able to reach the internet..

 

I gave out:

                 102.100.1.0/24

                 102.100.2.0/24

while i am making use of 102.100.0.0/24 for my consumption.

i have subnetted the remaining 102.100.3.0/24 into /29 and /30 so i can give out to new customer. but i can't reach the internet..

 

How do i resolve this issue. 

Thanks.

Why you need static route for 102.100.0.0 toward isp? This your public ip that isp will advertise to interent via ebgp.

Perhaps there is something in what you are attempting to accomplish that I am not understanding. I do understand your logic that if you have a /22 that you would like to divide it and advertise a /23 to one ISP and the other /23 to a second ISP. That does provide some load balancing. (and advertising the /22 to both would provide failover capability) I understand the logic of assigning a /29 to a new (downstream) customer. But I do not understand the logic of your trying to advertise the /29 to the ISPs. The new customer will use the /29. You will need routing logic to reach the /29 (probably a static route with the new customer as the next hop). But why would you want to advertise this to the ISP. The ISP will forward traffic for this /29 to you because you have advertised the /23 to them. They do not need to know about the /29. You do not need to advertise the /29 to the new customer (they already know about it and have configured their network to use it). So why are you trying to advertise the /29?

HTH

Rick

I am the one providing the new customer a /29 network. How will i advertise the /29 network so they can reach the internet since my two ISP will only accept the longer prefixes and i can only advertise between /24 - /22. 

 

Thanks.

Osman Akin

 

Hello,

 

I guess it would help to see a schematic drawing of your topology, to understand how your customers are connected to your network. Are the customers downstream of YOUR router ?

Yes. The customers are downstream to my router... Some of the customers are going to be allocated between a /29 or /30 public ip address. 

Osman Akin

Thanks for the diagram. It does confirm what you have verbally described and that may be helpful.

You asked "How will i advertise the /29 network so they can reach the internet". In my previous response I tried to explain that you do not need to advertise the /29 but apparently it was not in a way that you understood so let me try to respond in a different way.

Let me start from 2 simple questions (which are sort of related): 1)why do we advertise IP addresses? and 2)who do we advertise IP addresses to?

1) we advertise IP addresses to tell other networks if you want to get to these addresses forward that traffic to me because you get to those addresses through me.

2) we advertise IP addresses to other networks who need routing information about those addresses.

With that in mind I will ask another question: 3) do you need to advertise the /29? The answer really is that you do not need to advertise the /29. You do not need to advertise it to the ISP because you are already advertising those addresses because they are contained in the /22 and /23 that you are advertising. You do not need to advertise it to your customer because the customer has those addresses in their network and do not need to forward to you to reach those addresses.

Looking at the issue in a slightly different perspective: you assign the /29 to the customer. They implement the /29 in their network. You do not need to advertise the /29 to the customer because they already know about that network. And you do not need to advertise to the ISP because they already know about that network through the /22 and /23 advertisement.

Probably what you do need to advertise to the customer is a default route (though it could also work just fine if they configure a static default route).

HTH

Rick

Thanks so much. I finally resolved it by removing all /30 and /24 and use the network statement to announce only the whole /22 network and /23 network for load balancing..

 

ip prefix-list FIRSTBLOCK seq 5 permit 102.100.0.0/23
ip prefix-list 2NDBLOCK seq 5 permit 102.100.2.0/23

I really appreciate your time explaining and break it down for me. 

Thanks o much..

 

One more thing. I see that you are advertising the /23 using static routes towards your service providers. This could introduce a routing loop. I would suggest to use static routes to null0 for the /23 just like you do for the /22.

 

Regards,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

 I am grateful for the amount of time and effort you put into  helping me out. I appreciate your insight and will like to ask if it's feasible to configure it this way

 

ip route 102.100.0.0 255.255.252.0 Null0
ip route 102.100.0.0 255.255.254.0 null0 100.100.10.1
ip route 102.100.2.0 255.255.254.0 null0 200.200.20.1

 

or just this..

 

ip route 102.100.0.0 255.255.252.0 Null0
ip route 102.100.0.0 255.255.254.0 null0 
ip route 102.100.2.0 255.255.254.0 null0 

 

Thanks so much..

Hi @ossniper ,

 

It would definitely be the second option.

 

Regards,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México
Review Cisco Networking for a $25 gift card