Solved: BGP advertise route

Chin Chang · ‎04-14-2024

I have an ISR4431 router, and related setting:
ip access-list standard toGCP
10 permit 10.136.0.0 0.0.127.255
20 permit 10.136.128.0 0.0.127.255
30 permit 128.231.0.0 0.0.31.255
40 permit 128.231.32.0 0.0.31.255
!
route-map toGCP
match ip address toGCP
!
router bgp 64581
neighbor 169.254.53.1 remote-as 16550
address-family ipv4
aggregate-address 128.231.32.0 255.255.224.0 summary-only
aggregate-address 128.231.0.0 255.255.224.0 summary-only
aggregate-address 10.136.128.0 255.255.128.0 summary-only
aggregate-address 10.136.0.0 255.255.128.0 summary-only
redistribute eigrp 100 route-map toGCP
neighbor 169.254.53.1 next-hop-self

And show output:
show ip bgp neighbors 169.254.53.1 advertised-routes
Network Next Hop Metric LocPrf Weight Path
*> 10.136.0.0/17 0.0.0.0 32768 i
*> 10.136.0.0/16 10.136.14.94 2816 32768 ?
*> 10.136.128.0/17 0.0.0.0 32768 i
*> 128.231.0.0/19 0.0.0.0 32768 i
*> 128.231.32.0/19 0.0.0.0 32768 i

My question that is I'm not want to advertised 10.136.0.0/16, I want to advertise 4 routes to BGP peer only
128.231.32.0 / 19
128.231.0.0 / 19
10.136.128.0 / 17
10.136.0.0 / 17
How can I do? Expect reply and grateful!

Chin Chang · ‎04-19-2024

ip prefix-list PREFIX permit 10.136.0.0/17 le 24
ip prefix-list PREFIX permit 10.136.128.0/17 le 24
ip prefix-list PREFIX permit 128.231.0.0/17 le 24
ip prefix-list PREFIX permit 128.231.32.0/17 le 24

View solution in original post

MHM Cisco World · ‎04-14-2024

Check below

MHM

Chin Chang · ‎04-14-2024

Hi MHM,
Thank your help, I have not permission with BGP peer, but admin of BGP peer told me, he see total 5 routes from me, includes 10.136.0.0/16, but he require not advertise this by me.

MHM Cisco World · ‎04-14-2024

Let me check in lab' the prefix of agg /17 is large than original prefix /16

Is this work optimal or not' let me check in lab update you after two-theee hours

MHM

MHM Cisco World · ‎04-14-2024

Ip prefix-list 10.136.0.0 seq 5 permit 10.136.0.0/16

!

Route-map prefix deny 10

Match ip address prefix 10.136.0.0

Route-map prefix permit 20

!

router bgp 64581
neighbor 169.254.53.1 route-map prefix out

This happened because agg with summary only not cover the prefix have mask large than agg mask.

Do above and check

MHM

Chin Chang · ‎04-14-2024

I will try it, thank you!

liviu.gheorghe · ‎04-14-2024

Hi @Chin Chang ,

The route 10.136.0.0/16 comes from EIGRP through redistribution in BGP and it's normal to be present in the BGP table because of the way the access-list toGCP is constructed. The first line in the access-list:

10 permit 10.136.0.0 0.0.127.255

permits all networks in the range 10.136.0.0 - 10.136.127.255 which includes the 10.136.0.0/16 because the standard access-list doesn't match the network mask.

If 10.136.0.0/16 is not needed to be redistributed in BGP, I would recommend changing the toGCP access-list to an extended ACL which offers the possibility to match the network mask as well:

ip access-list extended toGCP
10 permit host 10.136.0.0 host 0.0.127.255
20 permit host 10.136.128.0 host 0.0.127.255
30 permit host 128.231.0.0 host 0.0.31.255
40 permit host 128.231.32.0 host 0.0.31.255

In this way you can be sure that only the specified networks get redistributed in BGP.

Hope this helps.

Regards, LG
*** Please Rate All Helpful Responses ***

Chin Chang · ‎04-14-2024

I will try this, thank you!

Georg Pauwen · ‎04-14-2024

Hello,

I have recreated your setup in a lab, I do not see the /16 advertised at all. Can you post the full running config as well as the routing table of ISR 4431 ?

R2#sh ip bgp neighbors 2.2.2.2 advertised-routes
BGP table version is 5, local router ID is 20.20.20.20
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

Network Next Hop Metric LocPrf Weight Path
*> 10.136.0.0/17 1.1.1.1 130816 32768 ?
*> 10.136.128.0/17 1.1.1.1 130816 32768 ?
*> 128.231.0.0/19 1.1.1.1 130816 32768 ?
*> 128.231.32.0/19 1.1.1.1 130816 32768 ?

Chin Chang · ‎04-16-2024

Hi Georg Pauwen,
My lab too, I do not see the /16, but production environment has appear.
Please see attachment.

MHM Cisco World · ‎04-16-2024

Friend there are many perfix in your bgp!!

Must are stale with/32

So either you correct your redistrubte eigrp into bgp by using prefix-list avoide use acl for redistrubte or as I mention control which prefix send to neighbor.

MHM

Chin Chang · ‎04-16-2024

MHM,
Because some reason, we can not test your suggest recently, maybe next week.

Chin Chang · ‎04-19-2024

ip prefix-list PREFIX permit 10.136.0.0/17 le 24
ip prefix-list PREFIX permit 10.136.128.0/17 le 24
ip prefix-list PREFIX permit 128.231.0.0/17 le 24
ip prefix-list PREFIX permit 128.231.32.0/17 le 24

MHM Cisco World · ‎04-19-2024

Thanks for update me'

Glad issue is solved

Have a nice day

MHM