05-12-2008 05:47 AM - edited 03-03-2019 09:54 PM
I have an edge router that I will adveretise my ethernet subnet to Verizon via BGP.
My ethernet interface is:
10.10.10.254/16
My BGP config currently is:
router bgp 1
no synchronization
bgp log-neighbor-changes
neighbor 6.1.2.9 remote-as 65000
no auto-summary
If I want to advertise my router etherent interface network to the third octet:
10.10.10.0/24
and not
10.10.0.0/16
Can I do this by adding the statement:
network 10.10.10.0 mask 255.255.255.0
I am asking because my understanding is that the network has to be in the route table in order for BGP to advertise the route and at the moment 10.10.10.0/24 is not in the route table.
It shows up as a connected route of 10.10.0.0/16.
Or will the "no auto summary" take care of that for me?
05-12-2008 05:56 AM
usually it is the other way around. meaning the interface has longer mask, and we need to advertise a summary.
anyways, you can add a more specific route to Null0.
ip route 10.10.10.0 255.255.255.0 null0
and under BGP
network 10.10.10.0 mask 255.255.255.0
pls help all helpful posts
Sam
05-12-2008 06:10 AM
Sam,
This will cause traffic to that /24 to be sent to null0 rather than on the Ethernet interface as it is more specific than the /16 configured on the Ethernet interface.
My question to the original poster would be why not configure the ethernet interface as a /24.
Regards,
05-12-2008 06:16 AM
Harold,
I stand corrected, but would adding AD 200 to null static route avoid this ?
Sam
05-12-2008 06:24 AM
Sam,
No. The AD would only come into play for two routes with the same prefix length.
Regards,
05-12-2008 06:29 AM
Harold,
Thanks for pointing this out, I missed one of the basic routing rules.
I am back to the drawing board.
Regards
Sam
05-12-2008 05:57 AM
HI Wilson, [Pls Rate if HELPS]
The following example permits routes with prefix length up to 24 in network 10.10/16:
ip prefix-list abc permit 10.10.0.0/16 le 24
That was a mis-understanding of Question from my side, add a Route for the Network /24 pointing to NULL0 Interface and advertise with network statement. Because normally BGP will originate the Route for a prefix only if the Route for the same Prefix exists in the Global Routing Table.
Hope I am Informative.
Pls RATE if HELPS
Best Regards,
Guru Prasad R
05-12-2008 06:00 AM
Yes for BGP to advertise the network, the subnet of network should be in routing table.
As Sam told, this can be done by adding a static route the the subnet pointing to null interface. now you should be able to see the network in bgp table.
05-12-2008 07:31 AM
Wow, seven replys, you people must love BGP.
To answer the question about why a 16 bit mask.
We have servers that are using the SVI on the switch that this router is connected to and the SVI is 16 bit mask.
The servers are 10.10.50.0/16, the SVI is 10.10.10.254/16.
There is also a bridged connection to our DR side using this subnet.
Was it determined that I could not use the null route and if not then this will work?:
ip prefix-list abc permit 10.10.0.0/16 le 24
05-12-2008 07:41 AM
Wilson,
Configuring the /24 static route to null0 will definitely not work.
Why couldn't you just advertise the /16?
Regards,
05-12-2008 07:42 AM
It's cos you started a good thread !
no, Null0 not only wont work, but it woudl cause an outage. Apologies for misinfo.
The challenge here is to create a longer prefix ( /24) without affecting ur setup.
2 options:
1-why not advertise the whole /16 and block subnet you wish to secure.
2-"a shot from the hip"...are you able to split /16 and use secondary IP addresses under ethernet. so you create one line for teh /24 you need and few more using summarization to cover the remaining part of /16.
I hope there will be more input from other Netpros regarding option 2
05-12-2008 08:08 AM
Cause an outage huh, is that bad? It sounds kind of bad.
I could advertise the whole 16 bit mask, it just seemed to be better not to.
In reality, I will only be receiving SIP and RTP traffic from Verizon's SBC router, so I should be able to clamp it down pretty well.
I appreciate all the replys.
What about "redistribute connected", will this do the same thing as adding the "network" statement under BGP?
05-12-2008 08:12 AM
Wilson,
Another way would be to have the following configuration, which is kind of a hack.
interface Ethernet0/0
ip address 10.10.10.253 255.255.255.0 secondary
ip address 10.10.10.254 255.255.0.0
This way you could have a network statement for the /24 and it would be advertised as such.
I still prefer advertising the entire /16 though.
Regards,
05-12-2008 08:19 AM
Thanks hritter,
What about "redistribute connected", will this do the same thing as adding the "network" statement under BGP?
05-12-2008 08:22 AM
Wilson,
"redistribute connected" without any filter would redistribute all of the connected subnets on the box. I generally prefer to use the network statement in a case where you only have that one specific subnet to advertise.
Regards,
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide