07-29-2009 07:56 AM - edited 03-04-2019 05:35 AM
Hello
We are a small ISP with links from two larger upstreams.
Take for example , I am advertising 192.168.52.0 / 22 IP Block through ISP1. For this I am putting a Null0 route " ip route 192.168.52.0 255.255.252.0 Null0 " . One of the router's interface is assigned with the IP address 192.168.52.1 /22 - whole customer network is running through that interface.So far so good.
Now I want to introduce ISP2 & advertise only 192.168.52.0/24 IP Block through ISP2. This I cant - the Block is not getting advertised unless and until I add the route " ip route 192.168.52.0 255.255.255.0 Null0 " & as soon as I add this route the interface on which the IP address 192.168.52.1 /22 is assigned stops pinging- and it is turning to a mess.
Any suggestion to how to advertise only the 192.168.52.0/24 block through ISP2 .
Please revert if any clarification is needed.
Abhishek
07-29-2009 08:13 AM
Abishek
The problem you have is that 192.168.52.0/24 is more specific than 192.168.52.0/22 so you are blackholing the traffic as the more specific route is always chosen.
So
1) add the Null0 route on another device and redistribute
OR
2) add the route but point it in the next-hop direction eg.
L3 switch 192.168.52.2 -> 192.168.52.1/22 Router -> ISP
so for option 1
on the L3 switch add "ip route 192.168.52.0 255.255.255.0 Null0" and then redistribute into your IGP.
Note that this assumes
i) you are running an IGP between the L3 switch and the router
ii) the L3 switch knows about the 192.168.52.x networks
For option 2
add to the router - "ip route 192.168.52.0 255.255.255.0 192.168.52.2
again this assumes that the L3 switch knows about the 192.168.52.x networks.
If you are unclear can you post a topology diagram ?
Jon
07-30-2009 12:28 AM
07-30-2009 01:52 AM
Hi,
You should already have the route for 192.168.52.0/22 as configured at the interface GigabitEthernet0/12.
Thus, please try to remove the "ip route 192.168.52.0 255.255.252.0 Null0"
Thanks & Regards,
07-30-2009 04:35 AM
Abhishek
There is a reason why you might want to keep the null 0 route for 192.168.52.0/22 even when it duplicates a local route in the routing table. To promote stability in the BGP routing table (and to avoid possible dampening by your upstream provider) you might want to continue to advertise the network/subnet even when it is not locally reachable. Keeping the null 0 route accomplishes this.
Jon as correctly identified the problem as the fact that your new null0 route is more specific than the connected route, and more specific routes are always preferred over less specific routes. Even though I normally advocate that you should not configure static routes specifying the outbound interface rather than the next hop when the outbound interface is Ethernet, I believe that this is a case where that could be useful. The reasons why we usually want to avoid static routes specifying the interface do not apply here - it will cause the router to ARP for any address falling in the range of the static route (but the router already must ARP for all these addresses since they are really on the connected interfce). So I would suggest that this might be a good solution for your issue:
ip route 192.168.52.0 255.255.255.0 gig0/12
HTH
Rick
07-30-2009 05:24 AM
Here alternate approach of using static route is to use BGP inject-map. As aggregate prefix(192.168.52.0/22) is already present in routing table you can use this feature to import specific subnet(192.168.53.0/24) of this aggregate into BGP table. Then use filtering method to control your advertisement to ISPs.
07-30-2009 05:53 AM
Rick
Thanks for your suggestion.I have done exactly what you have pointed- but could not be sure what will be the possible consequence ,since it is in our production, thats why I reverted back.Please suggest if everything will be alright .
What I have done -
1] removed the route " ip route 192.168.53.0 255.255.255.0 Null0 "
2] added the route " ip route 192.168.52.0 255.255.255.0 gig0/12"
Apparently , everything was working fine . But when I issued " sh ip bgp neighbors < Peer IP - Upstream2 > advertised-routes " it showed -
Network *> 110.172.53.0/24
Nexthop 192.168.55.254
unlike in normal circumstances which shows 0.0.0.0 as the next-hop.
I dont know what may be the result, since the block is getting advertised towards 192.168.55.254.
Please suggest.
Abhishek
07-30-2009 06:02 AM
Abhishek
Where does the 110.172.53.0/24 network come into things. I can't see it in your diagram anywhere ?
Jon
07-30-2009 06:17 AM
Jon
Its like that , I would like to take 192.168.53.0/24 instead of 192.168.52.0/24.
However the configuration for IP Block 192.168.52.0/24 or 192.168.53.0/24 will be same isnt it ?
Please refer to the "sh run" output of the router specified below in the network diagram.
Waiting for your reply.
Abhishek
07-30-2009 06:26 AM
Please read Point# 2 as -
2] added the route " ip route 192.168.53.0 255.255.255.0 gig0/12"
Sorry for mistyping.
Abhishek
07-30-2009 06:55 AM
Hi Abhishek,
Have you got the solution now? Just wondering if its solved.
regards
07-30-2009 07:05 AM
I am stuck at the point , if it is normal to show 110.172.55.254 in the next hop instead of 0.0.0.0 when I am issuing " sh ip bgp neighbor < IP > advertised-routes " command.
If it is yes then the issue is solved .
Any suggestion is most welcome.
Abhishek
07-30-2009 07:32 AM
Abhishek
I have not used this particular implementation and can not say authoritatively that it is normal. But I believe that this is in fact the expected behavior. Most of the time when a router originates a route advertisement in BGP it is the next hop and it represents it in the BGP table as 0.0.0.0. In this case the static route is indicating that the next hop is somewhere in the connected subnet but does not know exactly where. So it is using the highest available address in the subnet.
As long as you are advertising the /22 subnet, then this next hop address would be reachable. And I believe that it would not have any negative effect on your network.
HTH
Rick
07-30-2009 09:31 AM
Perhaps I am missing something but is this just an announcement issue?
Couldn't you create a prefix-list for this specific IP range
ip prefix-list ISP-A-Announce-OUT seq 5 permit 192.168.52.0/22 le 24
obviously you would need route-map and applied to the bgp neigh statement.
Again, maybe I am missing something.
07-30-2009 09:42 AM
Rick
The problem is EBGP cannot advertise a route unless it finds it in the IGP routing table. It's not in the IGP routing table so the only way to get it in there is to add a static route.
Problem is if the next-hop is Null0 all the traffic is blackholed because it's the more specific route.
Jon
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide