Yes, the left router in the diagram is CR1 (with AS 65457).

NLRI already carrying neighboring AS should not be advertised by the router.

Do you have allow-as enabled?:

http://www.cisco.com/en/US/tech/tk365/technologies_configuration_example09186a0080b59d08.shtml

The left router is CR1..


CR2 advertise the routes learnt from CR 1 back to CR1...like a no split horizon condition in any IGP

On CR 1, i notice these are rejected as as-path loop..(show ip bgp nei CR2 command).. So no harm..

My attachments has required output..let me know if you need more information..

I am curious to understand this behaviour and counter measure

Sent from Cisco Technical Support iPad App

Hi Vinayaka,

This is a normal BGP behaviour. BGP unlike other IGP protocols doesnt have split horizon rule for eBGP peerings. Only way it detects the loop is by AS-PATH thats the reason why you see that CR1 drops the updates from CR2. But CR2 kees on advertising the routes to CR1 even though it learned it from the same best next-hop i.e CR1.

Kindly rate if useful

-Nandan Mathure

Thank you Nandan..

I would be more happy if you can show me some documents where I can read more on this..

Hi Vinayaka,

I couldnt find this in cisco documentation but should be somewhere. But you can try this by labbing it up and checking few debugs where you can see the BGP advertisements getting dropped as well.

Thanks,

Nandan

Hi,

if you just lab it up with 2 eBGP speakers and debugging on you'll see that there is no such thing as a neighbour readvertising back prefix to the peer that sent it first.So it could be true but only in some cases which I'm not aware of.

Is it possible to get the sh run | s router bgp|router eigrp output from both CR routers

Regards.

Alain

Don't forget to rate helpful posts.

CR1#show run | s r bgp
router bgp 65457
no synchronization
bgp log-neighbor-changes
network 10.64.16.0 mask 255.255.240.0
network 10.66.0.248 mask 255.255.255.248
aggregate-address 10.66.0.0 255.255.240.0 summary-only
redistribute static
neighbor 10.66.0.56 remote-as 65458
neighbor 152.161.238.37 remote-as 65000
neighbor 152.161.238.37 route-map blocked-sites in
no auto-summary

CR2#show run | s r bgp
router bgp 65458
bgp log-neighbor-changes
network 10.64.16.0 mask 255.255.240.0
network 10.66.0.0 mask 255.255.240.0
network 10.66.0.248 mask 255.255.255.248
aggregate-address 10.66.0.0 255.255.240.0 summary-only
redistribute eigrp 1 route-map routes-to-cpc
neighbor 10.66.0.59 remote-as 65457
neighbor 10.66.0.59 ebgp-multihop 3
neighbor 10.117.37.161 remote-as 17776
neighbor 10.117.37.161 route-map blocked-sites in

Hi,

I don't see the EIGRP config.

Regards.

Alain

Don't forget to rate helpful posts.

CR2#show run | s eigrp
router eigrp 1
network 10.0.0.0
redistribute bgp 65458 metric 60000 50 255 255 1500 route-map routes-from-cpc
redistribute eigrp 1 route-map routes-to-cpc

CR2#show route-map routes-from-cpc
route-map routes-from-cpc, permit, sequence 10
  Match clauses:
    ip address prefix-lists: routes-from-cpc
  Set clauses:
  Policy routing matches: 0 packets, 0 byte

CR2#show route-map routes-to-cpc
route-map routes-to-cpc, permit, sequence 10
  Match clauses:
    ip address prefix-lists: routes-to-cpc
  Set clauses:
  Policy routing matches: 0 packets, 0 bytes
___

CR1#show run | s r e
router eigrp 1
redistribute bgp 65457 route-map Filter_MVIC_routes
network 10.0.0.0
no auto-summary

CR1#show route-map Filter_MVIC_routes
route-map Filter_MVIC_routes, permit, sequence 10
  Match clauses:
    ip address (access-lists): Routes_for_china
  Set clauses:
    metric 4000 200 255 100 1500
  Policy routing matches: 0 packets, 0 bytes
route-map Filter_MVIC_routes, permit, sequence 20
  Match clauses:
    ip address (access-lists): Routes_except_China
  Set clauses:
    metric 4001 100 255 100 1500
  Policy routing matches: 0 packets, 0 bytes

Hi Alain,

this question has been discussed here several times already, see

https://supportforums.cisco.com/message/3042419#3042419

https://supportforums.cisco.com/message/3052601#3052601

https://supportforums.cisco.com/message/3227309#3227309

But no clear conclusion.

So far we can only say:

It's a behaviour which happens under some conditions on Cisco routers.

And it's not breaking any RFC.

Maybe a question for the guys who are writing the IOS code?

BR,

Milan

Hi Milan,

thanks for the links, so although there is nothing in the rfc impeaching a router to advertise back a prefix to an eBGP neighbour and  apparently Cisco does this in some cases. As it is a waste of bw it could be a good idea to filter them out, don't you think even if they will be rejected by the peer ?

Regards.

Alain

Don't forget to rate helpful posts.

Hi Alain,

yes, IMHO, it's always a good idea to check what you are advertising to your BGP neighbours.

We usually use

nei x.x.x.x route-map neix_out out

!

ip as-path access-list 1 permit ^$

!

route-map neix_out permit 10

match as-path 1

or something a little more sophisticated in our corporate network.

But I've also seen big providers simply letting their routers to reject prefixes including their AS numbers, as it's the easiest way.

BR,

Milan