Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2629
Views
5
Helpful
5
Replies

BGP - Announcing new Network

Go to solution
csaravanan-sym
Level 1
Level 1

‎03-07-2011 12:11 PM - edited ‎03-04-2019 11:40 AM

Hello,

We have received an new subnet alloted from ARIN and need to advertise this new network to our BGP neighbors

The ISPs have agreed to announce our new subnet

The router is connected to an switch where Firewall's external interface is also connected

We are doing NATing in the firewall.

Please let me know the steps we need to follow to advertise the new subnet as well as to use this new network for NATing

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Rajesh SB
Level 1
Level 1
In response to csaravanan-sym

‎03-08-2011 10:11 AM

Hi ,

For advertising prefix in BGP doesn't require to configure the prefix as a loopback or secondary ip in the router. A simple static route is require pointing to a Null interface.BGP does not install an entry in       the BGP table unless there is an exact match in the IP routing table. The prefix should be either learnt through IGP or a static route with a minimum length /24  pointing to a valid next-hop. in this scenario the next-hop would be the netscreen interface ip .If a static route is added with respective mask then the static route entry will be present in the RIB . BGP will check the RIB and if found exact match it will start advertise.Ensure the network statement is configured with respective mask .

If you have any queries please let us know .

Regards

Rajesh SB

View solution in original post

0 Helpful
5 Replies 5

Go to solution
Richard Burts
Hall of Fame
Hall of Fame

‎03-07-2011 08:55 PM

There are several things about your situation that you have not told us and that will impact what solution is best. For example you tell us that there is more than one ISP but you do not tell us whether you are already running BGP with them (in which case the solution is to add another network to the BGP configuration) or whether you are not running BGP with them (in which case the solution is how to start a BGP configuration.

You also do not tell us whether you received your own AS number when you received the address block. Whether you have your own AS number impacts how the BGP would be configured.

In general the solution will probably be something like this:

- configure your firewall to do address translation using the new address block.

- configure a static route on your outside router for the new address block with your firewall as the next hop.

- advertise the new network to the ISP using BGP.

When you have provided the details that I identified we may be able to give you better advice.

HTH

Rick

HTH

Rick
0 Helpful

Go to solution
Rajesh SB
Level 1
Level 1

‎03-07-2011 10:29 PM

Hi,

Please find the below update to advertise a new prefix to a peer.

1) if you received a new prefix with your own AS block.

   >> Need to register in APNIC or RADB database.

   >> Create your AS set in the database for your AS block.

2) If you want to advertise the prefix to your BGP peer.

   Need to originate the prefix with network statement.
   If the exact prefix length is not present in the routing table need to add a null route for the prefix to get advertised.
   Need to configure prefix-list entry for the prefix to get advertised if the outbound has filter.
   Ensure the both inbound and outbound has proper filter policy configured.
   Ensure the EBGP session is authenticated with MD5.  
   Ensure the BGP max-prefix limit is configured with the peer.
   Need to do soft reset the peer with soft in soft out.(soft reconfiguration should be configured)
   The propagation of the prefix to internet will taken care by your peering ISP. (Will take 24hrs to 48 hrs to get propagated in internet)

3) CLI/GUI to the device and ensure the nating is done on the firewall .Do let us know if the firewall is CISCO fIrewall.

Note: If you require further clarification on this please broadacast.


Regards

Rajesh SB

Go to solution
csaravanan-sym
Level 1
Level 1
In response to Rajesh SB

‎03-08-2011 07:37 AM

Thanks Rajesh, Rick for answering my questions

Rajesh I am usign Netscreen Firewall

I have other question, so in order for me to advertise the new network from my router

Should I go with adding a loop back address of the new network on my router or add a secondary IP of the new network

Please explain

0 Helpful

Go to solution
Rajesh SB
Level 1
Level 1
In response to csaravanan-sym

‎03-08-2011 10:11 AM

Hi ,

For advertising prefix in BGP doesn't require to configure the prefix as a loopback or secondary ip in the router. A simple static route is require pointing to a Null interface.BGP does not install an entry in       the BGP table unless there is an exact match in the IP routing table. The prefix should be either learnt through IGP or a static route with a minimum length /24  pointing to a valid next-hop. in this scenario the next-hop would be the netscreen interface ip .If a static route is added with respective mask then the static route entry will be present in the RIB . BGP will check the RIB and if found exact match it will start advertise.Ensure the network statement is configured with respective mask .

If you have any queries please let us know .

Regards

Rajesh SB

0 Helpful

Go to solution
csaravanan-sym
Level 1
Level 1
In response to Rajesh SB

‎03-10-2011 02:18 PM

Thanks Rajesh for the answer

0 Helpful
Customers Also Viewed These Support Documents