cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1553
Views
5
Helpful
16
Replies
pvzcisco07
Beginner

BGP Conditional Advertisement using Exist-Map

Hi Guys,

I am having a issue with BGP conditional advertisement using an exist-map.

My scenario is as below

R1 connected to ISP1

R2 connected to ISP2

R1 and R2 have IBGP peering

I have split my /24 prefix into two /25 prefixes for inbound load sharing of the links.

When using an advertise map, all routes seem to get advertised (including the ones that I dont want to announce). Its almost like the map is not taking effect at all. It works fine when I use the route-map option instead of advertise map.

I have lab'd this on Version 12.4(25c) on GNS3.

Please find the relevant config as attached (I have attached only the config for R1 & ISP1).

Would be great if you could provide some suggestions to resolve this issue

 

16 REPLIES 16


@Cristian Matei wrote:

Hi,

 

   The config provides both redundancy and load-sharing:

         - you advertise both /25 prefixes from both of your routers, conditionally based on the existence of 11.11.11.11/32 in BGP table; this allows for redundancy/failover

        - you advertise one /25 with AS-path prepended on one router, and the other /25 with AS-path prepending on the other router; this allows for load-sharing inbound

Thanks Heaps for confirming the config!

 

However, thing to be considered:

        - the end functionality relies on the reliability of the exist-map/prefix; for example, if the tracked route of 11.11.11.11/32 is your BGP router interconnect, downstream facing your network, you will stop advertising your public prefixes only if the link goes down; this is ok, as long as the BGP border routers and the downstream layer3 device are directly attached, not through a switch; if there is s switch in between, maybe the downstream layer 3 device fails, but the link of your BGP router stays up, and you still advertise the prefixes, which may not be what you want; You also have to look downstream and take into account all possible failure scenarios, and maybe use another prefix in your exist-map, which the existence or inexistence of that prefix means that the downstream path is functional or not functional

You are right. The tracked route is the Point-to-point link to my firewall & there is a L2 switch between the router & the firewall. I have tweaked the bgp timers down to 15 45 for the peering between the firewall & the internet router. Will add another prefix from the downstream as well.

        - also ensure that the ISP makes use of the AS-path; maybe the ISP has a local-preference policy configuration, which in the BGP best-path selection process is before AS-path and will in the end route all traffic towards your public IP's, via a single link; you need to speak with your ISP and ensure he's routing for a /25 via your BGP router1 and for the other /25 via your BGP router2

At the moment, my internet is operating in a active-passive design & I am using as-path prepend on the passive link ( for the whole /24) as recommended by the ISP & seems to be working fine thus far . I am in conversations with them to accept my /25 advertisements. Will let you know how I go.

Thanks again for all your help!

 

Regards,

Cristian Matei.


 

Hi,

 

   @pvzcisco07 I'm glad it helped.

 

Regards,

Cristian Matei.