06-07-2023 05:11 AM - last edited on 06-22-2023 01:55 AM by Translator
Dear all,
I have a following topology in my lab:
R1 (as 208097) -- > R2 ISP (as16010) -- R3 (as 35805)
|
R4 (as 10101)
I want to
prepend
my announce for AS35805 only with
as-path access-list
and
route-map
like this:
R1
interface FastEthernet0/0
ip address 2.2.2.1 netmask 255.255.255.252
duplex auto
speed auto
router bgp 20809
no synchronization
bgp router-id 1.1.1.254
bgp log-neighbor-changes
network 1.1.1.0 netmask 255.255.255.0
neighbor 2.2.2.2 remote-as 16010
neighbor 2.2.2.2 route-map BGP_OUT_RMAP out
ip as-path access-list 50 permit ^20809 16010 35805$
ip as-path access-list 50 deny .*
ip prefix-list MM seq 10 permit 1.1.1.0/24
route-map BGP_OUT_RMAP permit 10
match ip address prefix-list MM
match as-path 50
set as-path prepend 20809 20809
But it doesn't work
Does it possible?
Solved! Go to Solution.
06-07-2023 08:01 AM - last edited on 06-22-2023 01:56 AM by Translator
Okay,
I'm waiting with great interest.. It's only possible to manipulate with R1 and R5-PRIMARY, and issue only with inbound traffic.
With outbound all is done via
route-map
, local preference and
as-path acl
06-07-2023 07:06 AM - last edited on 06-21-2023 10:31 PM by Translator
R5-Primary - to R5-ISP1 is primary (AS20809 - AS 34797)
R1 to R1 (AS20809 - AS16010) is backup.
When both links are active, I want to use R1 only for incomming traffic from AS 16010 and
prepend
path from all AS, connected next to AS16010, but as I understand it is not possible...
06-07-2023 07:28 AM - last edited on 06-21-2023 10:32 PM by Translator
No I can done, it easy If there is BGP between ISP primary and AS10101/AS35805,
in R5 primary router did you receive any
prefix
from AS10101/AS35805 via ISP primary ??
06-07-2023 07:46 AM - last edited on 06-21-2023 10:33 PM by Translator
Yes,
prefixes
from 35805 and 10101 come from AS 34797.
06-07-2023 05:43 AM - last edited on 06-21-2023 10:34 PM by Translator
Hello @mirage,
try instead of
ip as-path access-list 50 permit ^20809 16010 35805$
ip as-path access-list 50 permit ^20809_16010_35805$
06-07-2023 05:49 AM
Thanks for reply,
but it does not work..
06-07-2023 05:56 AM - last edited on 06-21-2023 10:35 PM by Translator
Ok @mirage,
From R1 you have one RM in OUT - Then you work on the Outbound - You want to adjust the subnet [1.1.1.0/24] announced from R1 to R2 ISP and because you wanna play with
AS-PREPEND
you want to play with the flow in entrance to R1 towards subnet 1.1.1.0/24 ---
Why you do not just
prepending
without the
AS-PATH ACL ?
What is your final goal ?
06-07-2023 06:54 AM
I've uploaded full topology image.
R5 to ISP has a 1gig channel, and R1 to ISP has 500 meg, so I want to use backup ISP channel for only AS16010 when primary link is active, any other AS must forward traffic to AS20809 via PRIMARY ISP and R5-PRIMARY.
When it fails, R1-to-R2(Backup isp) makes active for all incomming traffic.
06-07-2023 06:01 AM - last edited on 06-22-2023 02:04 AM by Translator
after perform the change you should clear
clear bgp ipv4 un neighbor 2.2.2.2 soft out
06-07-2023 06:16 AM - last edited on 06-22-2023 02:08 AM by Translator
Hello @mirage ,
you would like to perform
AS path prepend
only towards AS 35805 that is not directly connected to you ?
This is not possible.
You can decide to perform
As path prepending for prefix 1.1.1.0/24
toward your only eBGP peer in AS 16010
the
prefix
is locally injected in BGP in R1
>> network 1.1.1.0 netmask 255.255.255.0
so from the point of view of R1 the
AS path
attribute is empty, you can check this
with
show ip bgp 1.1.1.0
on R1
attempting to match on
As path ^20809 16010 35805$
would mean to be on R3 not on R1. It is R3 that sees that
AS path on the prefix 1.1.1.0/24
not R1.
Hope to help
Giuseppe
06-07-2023 06:59 AM
Thanks for answer,
To prepend full path for AS16010 is not a solution for me. If not possible, I think that all my best is done. Many thanks for your attention.
06-07-2023 07:09 AM
Many Thanks for all for your time an attention!!
06-07-2023 07:48 AM
But as I know, link between 16010 and 35805 and between 10101 and 16010 is better, then 34797 and 35808
06-07-2023 11:19 AM - last edited on 06-22-2023 01:59 AM by Translator
Using the
AS-PATH
I can change the path from R2 instead of go direct it go through the R1 and R3 AS300
what I do in R2 (backup)
R2#show running-config
Building configuration...
Current configuration : 2114 bytes
!
upgrade fpd auto
version 15.0
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R2
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
!
!
!
ip source-route
no ip icmp rate-limit unreachable
ip cef
!
!
!
!
no ip domain lookup
no ipv6 cef
!
multilink bundle-name authenticated
!
!
!
!
!
!
!
!
!
redundancy
!
!
ip tcp synwait-time 5
!
!
!
!
!
!
!
!
interface Loopback0
ip address 2.2.2.2 255.255.255.255
!
!
interface FastEthernet0/0
ip address 10.0.0.2 255.255.255.0
duplex half
!
!
interface Serial1/0
no ip address
shutdown
serial restart-delay 0
!
!
interface Serial1/1
no ip address
shutdown
serial restart-delay 0
!
!
interface Serial1/2
no ip address
shutdown
serial restart-delay 0
!
!
interface Serial1/3
no ip address
shutdown
serial restart-delay 0
!
!
interface FastEthernet2/0
ip address 100.0.0.2 255.255.255.0
duplex auto
speed auto
!
!
interface FastEthernet2/1
no ip address
shutdown
duplex auto
speed auto
!
!
interface FastEthernet3/0
no ip address
shutdown
duplex auto
speed auto
!
!
interface FastEthernet3/1
no ip address
shutdown
duplex auto
speed auto
!
!
router bgp 100
no synchronization
bgp log-neighbor-changes
network 2.2.2.2 mask 255.255.255.255
neighbor 10.0.0.1 remote-as 100
neighbor 10.0.0.1 next-hop-self
neighbor 10.0.0.1 route-map MHM in
neighbor 100.0.0.4 remote-as 400
neighbor 100.0.0.4 route-map MHMb in
no auto-summary
!
ip forward-protocol nd
no ip http server
no ip http secure-server
!
ip as-path access-list 100 permit ^300_600$
ip as-path access-list 100 permit ^300_500$
!
!
no cdp log mismatch duplex
!
!
!
!
route-map MHMb permit 10
set weight 500
!
route-map MHM permit 10
match as-path 100
set weight 1000
!
route-map MHM permit 20
!
!
!
control-plane
!
!
!
mgcp fax t38 ecm
mgcp behavior g729-variants static-pt
!
!
!
gatekeeper
shutdown
!
!
line con 0
exec-timeout 0 0
privilege level 15
logging synchronous
stopbits 1
line aux 0
exec-timeout 0 0
privilege level 15
logging synchronous
stopbits 1
line vty 0 4
login
!
06-07-2023 05:26 PM
Thanks for reply, I will try and write results..
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide