BGP Filtering

thierry.pouzergues · ‎05-18-2017

Hello All,

The ISP router announces a global IP network "169.254.20.0/24" to my router via BGP . However, I want to take into account only 2 IP addresses "169.254.20.117" and "169.254.20.181" into this global network announcement.

For high availability reason, if the global IP network "169.254.20.0/24" is not learnt via the ISP router (this network is announced by the ISP but it's not its own network), my router has to use the default route announced by my Direct Internet Access.

How can I configure the BGP of my router to have this behaviour?

Thanks for your support.

Thierry

Julio E. Moisa · ‎05-18-2017

Hi

You could try using BGP injector.

Please check this link, it should be useful.

https://supportforums.cisco.com/discussion/13213236/redistributing-sub-set-subnet-mind-bender

:-)

>> Marcar como útil o contestado, si la respuesta resolvió la duda, esto ayuda a futuras consultas de otros miembros de la comunidad. <<

thierry.pouzergues · ‎05-18-2017

Hi Julio,

In fact, my router is connected to Internet (it receives a default Gateway via BGP) and to a specific ISP router (it receives a global IP network "169.254.20.0/24" via BGP). My router announces a default Gateway to my LAN. The goal is to send all the Internet traffic to Internet except the 2 IP addresses "169.254.20.117" and "169.254.20.181" that are sent to the specific ISP.

However, the router of the specific ISP sends me a global IP network "169.254.20.0/24". As I want to send only the 2 IP addresses "169.254.20.117" and "169.254.20.181" to the specific ISP, I don't want to take into account this global IP network "169.254.20.0/24".

For me, the BGP injector feature is not the good one.

Do you have any advices?

Thanks

Jon Marshall · ‎05-18-2017

Use a filter to deny the route advertisement from the ISP then use either PBR or more likely simply add two static routes for those specific IPs pointing to the ISP as the next hop IP.

You would also need to use IP SLA with either solution to failover to the default route if the ISP goes down.

Also bear in mind the traffic may go out via the more specific ISP but the return traffic may come back in via the other ISP, it all depends on whose addressing you are using and how it is advertised.

That is all I can suggest but Julio may have other solutions.

Jon

thierry.pouzergues · ‎05-19-2017

Hi Jon,

Your solution is the solution already in place on my router but using BGP to remove the BGP advertisement and have 2 static routes + IP SLA is not a good solution. Moreover, the current IP SLA only verifies the interconnection. If the interconnection is UP but the BGP advertisement no longer announces the global network, my router always sends the traffic to this ISP.

For the return traffic, my router announces a /24 to Internet but only a /32 to this specific ISP, so no asymmetric routing.

Thierry

Jon Marshall · ‎05-19-2017

I agree it is not a good solution but the only good solution is to get your ISP to advertise only those specific IPs which I assume they won't do.

In terms of the BGP advertisement not being received you can monitor the routing table with EEM so perhaps you could write a script and together with IP SLA cover all bases.

Jon

thierry.pouzergues · ‎05-19-2017

Hi Jon,

You are right, the best solution should be to configure EEM.

Thanks Jon and Julio for your advices