I am having a issue with BGP conditional advertisement using an exist-map.
My scenario is as below
R1 connected to ISP1
R2 connected to ISP2
R1 and R2 have IBGP peering
I have split my /24 prefix into two /25 prefixes for inbound load sharing of the links.
When using an advertise map, all routes seem to get advertised (including the ones that I dont want to announce). Its almost like the map is not taking effect at all. It works fine when I use the route-map option instead of advertise map.
I have lab'd this on Version 12.4(25c) on GNS3.
Please find the relevant config as attached (I have attached only the config for R1 & ISP1).
Would be great if you could provide some suggestions to resolve this issue
The config provides both redundancy and load-sharing:
- you advertise both /25 prefixes from both of your routers, conditionally based on the existence of 184.108.40.206/32 in BGP table; this allows for redundancy/failover
- you advertise one /25 with AS-path prepended on one router, and the other /25 with AS-path prepending on the other router; this allows for load-sharing inbound
Thanks Heaps for confirming the config!
However, thing to be considered:
- the end functionality relies on the reliability of the exist-map/prefix; for example, if the tracked route of 220.127.116.11/32 is your BGP router interconnect, downstream facing your network, you will stop advertising your public prefixes only if the link goes down; this is ok, as long as the BGP border routers and the downstream layer3 device are directly attached, not through a switch; if there is s switch in between, maybe the downstream layer 3 device fails, but the link of your BGP router stays up, and you still advertise the prefixes, which may not be what you want; You also have to look downstream and take into account all possible failure scenarios, and maybe use another prefix in your exist-map, which the existence or inexistence of that prefix means that the downstream path is functional or not functional
You are right. The tracked route is the Point-to-point link to my firewall & there is a L2 switch between the router & the firewall. I have tweaked the bgp timers down to 15 45 for the peering between the firewall & the internet router. Will add another prefix from the downstream as well.
- also ensure that the ISP makes use of the AS-path; maybe the ISP has a local-preference policy configuration, which in the BGP best-path selection process is before AS-path and will in the end route all traffic towards your public IP's, via a single link; you need to speak with your ISP and ensure he's routing for a /25 via your BGP router1 and for the other /25 via your BGP router2
At the moment, my internet is operating in a active-passive design & I am using as-path prepend on the passive link ( for the whole /24) as recommended by the ISP & seems to be working fine thus far . I am in conversations with them to accept my /25 advertisements. Will let you know how I go.
Do you use Cisco DNA Center? Have you used and are you willing to provide your feedback in using the Cisco DNA Center help and documentation?
If so, we’d like you to complete the survey linked below. Your feedback will help provide more effective and easi...
Listen: https://smarturl.it/CCRS9E18Follow us: https://twitter.com/CiscoChampion Reaching the height of your career is no simple feat. It often requires a combination of pursuing the right education, building the right professional network and being ...
In a typical production SD-WAN deployment, we would probably have many remote sites connected via many different Internet connections to a centralized data center or a regional hub. In most regions in the world, Internet providers will always use some typ...