03-17-2020 05:13 PM
Hi Guys,
I am having a issue with BGP conditional advertisement using an exist-map.
My scenario is as below
R1 connected to ISP1
R2 connected to ISP2
R1 and R2 have IBGP peering
I have split my /24 prefix into two /25 prefixes for inbound load sharing of the links.
When using an advertise map, all routes seem to get advertised (including the ones that I dont want to announce). Its almost like the map is not taking effect at all. It works fine when I use the route-map option instead of advertise map.
I have lab'd this on Version 12.4(25c) on GNS3.
Please find the relevant config as attached (I have attached only the config for R1 & ISP1).
Would be great if you could provide some suggestions to resolve this issue
03-18-2020 04:17 PM
@Cristian Matei wrote:Hi,
The config provides both redundancy and load-sharing:
- you advertise both /25 prefixes from both of your routers, conditionally based on the existence of 11.11.11.11/32 in BGP table; this allows for redundancy/failover
- you advertise one /25 with AS-path prepended on one router, and the other /25 with AS-path prepending on the other router; this allows for load-sharing inbound
Thanks Heaps for confirming the config!
However, thing to be considered:
- the end functionality relies on the reliability of the exist-map/prefix; for example, if the tracked route of 11.11.11.11/32 is your BGP router interconnect, downstream facing your network, you will stop advertising your public prefixes only if the link goes down; this is ok, as long as the BGP border routers and the downstream layer3 device are directly attached, not through a switch; if there is s switch in between, maybe the downstream layer 3 device fails, but the link of your BGP router stays up, and you still advertise the prefixes, which may not be what you want; You also have to look downstream and take into account all possible failure scenarios, and maybe use another prefix in your exist-map, which the existence or inexistence of that prefix means that the downstream path is functional or not functional
You are right. The tracked route is the Point-to-point link to my firewall & there is a L2 switch between the router & the firewall. I have tweaked the bgp timers down to 15 45 for the peering between the firewall & the internet router. Will add another prefix from the downstream as well.
- also ensure that the ISP makes use of the AS-path; maybe the ISP has a local-preference policy configuration, which in the BGP best-path selection process is before AS-path and will in the end route all traffic towards your public IP's, via a single link; you need to speak with your ISP and ensure he's routing for a /25 via your BGP router1 and for the other /25 via your BGP router2
At the moment, my internet is operating in a active-passive design & I am using as-path prepend on the passive link ( for the whole /24) as recommended by the ISP & seems to be working fine thus far . I am in conversations with them to accept my /25 advertisements. Will let you know how I go.
Thanks again for all your help!
Regards,
Cristian Matei.
03-19-2020 09:56 AM
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: