Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2886
Views
10
Helpful
5
Replies

BGP aggregate-address with community issue

Go to solution
kmelchior
Level 1
Level 1

‎08-11-2015 06:03 AM - edited ‎03-05-2019 02:02 AM

I have a router that I am advertising routes by matching a community I previously set.

 

The routes come in on VRF A and have a community set, they are then advertised out to my WAN in the 'global VRF' by matching this community. This all works fine until I try to summarize the routes and then all the routes stop getting advertised.

 

Below is a basic edited config and it is all working until I add aggregate-address 172.30.0.0 255.255.0.0 summary-only under ipv4 to summarize the routes learned from VRF A. These routes advertise out fine as individual routes without the aggregate-address command. The routes are in the BGP table.

ip vrf VRF A
 rd 10.10.10.10:612
!
router bgp 1
 bgp log-neighbor-changes
 neighbor 10.10.10.10 remote-as 1
 neighbor 10.10.11.10 remote-as 1
 neighbor 5.5.5.1 remote-as 2
 !
 address-family ipv4
  neighbor 10.10.10.10 activate
  neighbor 10.10.10.10 send-community
  neighbor 10.10.10.10 next-hop-self
  neighbor 10.10.11.10 activate
  neighbor 10.10.11.10 send-community
  neighbor 10.10.11.10 next-hop-self
  neighbor 5.5.5.1 activate
  neighbor 5.5.5.1 route-map BGP_IN in
  neighbor 5.5.5.1 route-map BGP_OUT out
 exit-address-family
 !
 address-family ipv4 vrf A
  aggregate-address 172.20.0.0 255.255.0.0 summary-only
  aggregate-address 172.16.0.0 255.255.0.0 summary-only
  neighbor 10.10.12.1 remote-as 10
  neighbor 10.10.12.1 local-as 20
  neighbor 10.10.12.1 activate
  neighbor 10.10.12.1 send-community
  neighbor 10.10.12.1 allowas-in
  neighbor 6.6.6.1 remote-as 2
  neighbor 6.6.6.1 activate
  neighbor 6.6.6.1 route-map BGP_IN_A in
  neighbor 6.6.6.1 route-map BGP_OUT_A out
 exit-address-family
!
ip bgp-community new-format
ip community-list standard VRF_A_ROUTES permit 0:612
!
route-map BGP_IN_A permit 10
 match ip address prefix-list A_IN
 set local-preference 50
 set community 0:612
!
route-map BGP_OUT_A permit 10
 match ip address prefix-list LDS_OUT
 set as-path prepend 10 10 10
!
route-map BGP_OUT permit 125
 description *** VRF A Routes to Allow and Actions ***
 match community VRF_A_ROUTES
 set as-path prepend 1 1 1 1 1 1

 

 

 

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Peter Paluch
Cisco Employee
Cisco Employee

‎08-11-2015 06:43 AM

Hello,

I assume that you are export VRF routes into the global routing table for the summarization in the address-family ipv4 (i.e. a non-VRF address-family) to take effect, right?

I suggest using the show ip bgp 172.30.0.0 255.255.0.0 to check whether the aggregate address has the intended community set. If not, it may be necessary to set it on this aggregate - the optional attribute-map keyword can be used to modify the attributes of the aggregate once it has been generated.

Best regards,
Peter

View solution in original post

5 Replies 5

Go to solution
Peter Paluch
Cisco Employee
Cisco Employee

‎08-11-2015 06:43 AM

Hello,

I assume that you are export VRF routes into the global routing table for the summarization in the address-family ipv4 (i.e. a non-VRF address-family) to take effect, right?

I suggest using the show ip bgp 172.30.0.0 255.255.0.0 to check whether the aggregate address has the intended community set. If not, it may be necessary to set it on this aggregate - the optional attribute-map keyword can be used to modify the attributes of the aggregate once it has been generated.

Best regards,
Peter

Go to solution
kmelchior
Level 1
Level 1
In response to Peter Paluch

‎08-11-2015 06:57 AM

Yes, the VRF routes are being exported to global for summarization (on a different router though)

 

You know I didn't even look at the summary route to make sure it had the community. I will give this a try, thanks.

Kevin

 


 

0 Helpful

Go to solution
Jose Jara
Level 3
Level 3
In response to kmelchior

‎08-11-2015 01:37 PM

Hello,

in this configuration the aggregate generated it's going to clean the attributes attached to the specific prefixes that contribute to generate this summary. It will attach the atomic-aggregate attribute indicating that it has occurred loss of information.

In order to maintain the communities in the aggregate you need to add the as-set option in the aggregate:

aggregate-address 172.20.0.0 255.255.0.0 summary-only as-set

Hope this helps,

Jose.

Go to solution
paul driver
VIP
VIP
In response to Jose Jara

‎08-11-2015 03:51 PM

Hello

@Jose

I am not sure why adding the as-set argument would allow the aggregate to be allowed,as its a loop prevention argument and as such I believe this can and would have the opposite effect and NOT advertise the aggregate to the bgp peers, Due to the fact these peers will probably see their own asn within the summarized route pertaining to their own specific route.

Regarding the failure - Is the summary route being permitted within the prefix-list LDS_OUT


res

Paul

 


 

 


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
0 Helpful

Go to solution
kmelchior
Level 1
Level 1
In response to paul driver

‎08-12-2015 05:23 AM

The LDS_OUT prefix-list is permitting the summary out. The attribute-map worked perfectly.

 

route-map VRF_AM permit 10

set community 0:612

!

router bgp 1

address-family ipv4

aggregate-address 172.30.0.0 255.255.0.0 summary-only attribute-map VRF_AM

 

The community was then set on the summary route and advertised out as expected.

 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card