cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3526
Views
5
Helpful
16
Replies

BGP Conditional Advertisement using Exist-Map

pvzcisco07
Level 1
Level 1

Hi Guys,

I am having a issue with BGP conditional advertisement using an exist-map.

My scenario is as below

R1 connected to ISP1

R2 connected to ISP2

R1 and R2 have IBGP peering

I have split my /24 prefix into two /25 prefixes for inbound load sharing of the links.

When using an advertise map, all routes seem to get advertised (including the ones that I dont want to announce). Its almost like the map is not taking effect at all. It works fine when I use the route-map option instead of advertise map.

I have lab'd this on Version 12.4(25c) on GNS3.

Please find the relevant config as attached (I have attached only the config for R1 & ISP1).

Would be great if you could provide some suggestions to resolve this issue

 

16 Replies 16


@Cristian Matei wrote:

Hi,

 

   The config provides both redundancy and load-sharing:

         - you advertise both /25 prefixes from both of your routers, conditionally based on the existence of 11.11.11.11/32 in BGP table; this allows for redundancy/failover

        - you advertise one /25 with AS-path prepended on one router, and the other /25 with AS-path prepending on the other router; this allows for load-sharing inbound

Thanks Heaps for confirming the config!

 

However, thing to be considered:

        - the end functionality relies on the reliability of the exist-map/prefix; for example, if the tracked route of 11.11.11.11/32 is your BGP router interconnect, downstream facing your network, you will stop advertising your public prefixes only if the link goes down; this is ok, as long as the BGP border routers and the downstream layer3 device are directly attached, not through a switch; if there is s switch in between, maybe the downstream layer 3 device fails, but the link of your BGP router stays up, and you still advertise the prefixes, which may not be what you want; You also have to look downstream and take into account all possible failure scenarios, and maybe use another prefix in your exist-map, which the existence or inexistence of that prefix means that the downstream path is functional or not functional

You are right. The tracked route is the Point-to-point link to my firewall & there is a L2 switch between the router & the firewall. I have tweaked the bgp timers down to 15 45 for the peering between the firewall & the internet router. Will add another prefix from the downstream as well.

        - also ensure that the ISP makes use of the AS-path; maybe the ISP has a local-preference policy configuration, which in the BGP best-path selection process is before AS-path and will in the end route all traffic towards your public IP's, via a single link; you need to speak with your ISP and ensure he's routing for a /25 via your BGP router1 and for the other /25 via your BGP router2

At the moment, my internet is operating in a active-passive design & I am using as-path prepend on the passive link ( for the whole /24) as recommended by the ISP & seems to be working fine thus far . I am in conversations with them to accept my /25 advertisements. Will let you know how I go.

Thanks again for all your help!

 

Regards,

Cristian Matei.


 

Hi,

 

   @pvzcisco07 I'm glad it helped.

 

Regards,

Cristian Matei.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco