BGP issue unwanted advertisments.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-11-2012 10:13 AM - edited 03-04-2019 06:23 PM
please refer to show ip bgp nei x advertised routes..
can someone please explain why is cr 2 advertising the prefixes back to cr1..?
- Labels:
-
Routing Protocols
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-13-2012 09:22 AM
so on CR2
1) neighbor
nei x.x.x.x route-map neix_out out
!
ip as-path access-list 1 permit ^17776$
!
route-map neix_out permit 10
match as-path 1
2) neighbor
nei x.x.x.x route-map neix_out out
!
ip as-path access-list 1 permit ^17776$
!
route-map neix_out deny 10
match as-path 1
route-map neix_out permit 20
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-13-2012 10:46 AM
Hi Vinayaka,
I found one of the blog posts about this ebgp advertising back the prefixes,
http://lxllx.blogspot.in/2010/05/ebgp-split-horizon.html
You can filter these by using following config:
CR2
!
ip as-path access-list 1 permit _65457_
!
route-map BLOCK65457BACK deny 10
match as-path 1
route-map BLOCK65457BACK permit 20
!
router bgp 65458
neighbor 10.66.0.59 route-map BLOCK65457BACK out
!
Thanks,
Nandan
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-18-2012 06:46 AM
Hello Everyone
I have implemented this configuration towards provider A
route-map block_17776_back deny 10
match as-path 1
route-map block_17776_back permit 20
!
router bgp 65458
neighbor 10.117.37.161 route-map block_17776_back out
!
ip as-path access-list 1 permit _17776_
Now I could see CR2 advertises what is expected...
I am still seeking more clarification..i have implemented a outbound route map towards provider 2 to block all the advertisments back to him containing his own as..but how could resolve my advertisment issue towards cr1..can someone explain please...?
CR2(config)#router bgp 65458
CR2(config-router)#
CR2(config-router)#
CR2(config-router)#$ 10.117.37.161 route-map block_17776_back out
CR2(config-router)#
CR2(config-router)#end
CR2#show ip bgp neighbors 10.66.0.59 advertised-routes
BGP table version is 2923, local router ID is 10.66.0.252
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, x best-externa
l, f RT-Filter
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 10.60.8.0/22 10.117.37.161 0 17776 17776 i
*> 10.60.8.248/29 10.117.37.161 0 17776 17776 i
*> 10.60.12.0/22 10.117.37.161 0 17776 17776 i
*> 10.60.16.0/22 10.117.37.161 0 17776 17776 i
*> 10.62.80.0/21 10.117.37.161 0 17776 17776 i
*> 10.62.80.254/32 10.117.37.161 0 17776 17776 i
*> 10.64.16.253/32 10.117.37.161 0 17776 17776 17776 1
7776 17776 i
*> 10.66.0.0/20 10.66.0.60 691456 32768 i
*> 10.114.1.252/30 10.117.37.161 0 17776 4058 ?
*> 10.117.13.12/30 10.117.37.161 0 17776 i
*> 10.117.13.14/32 10.117.37.161 0 17776 i
*> 10.117.32.244/30 10.117.37.161 0 17776 i
*> 10.117.32.246/32 10.117.37.161 0 17776 i
*> 10.117.37.24/30 10.117.37.161 0 17776 i
*> 10.117.37.26/32 10.117.37.161 0 17776 i
*> 10.117.37.68/30 10.117.37.161 0 17776 i
*> 10.117.37.70/32 10.117.37.161 0 17776 i
r> 10.117.37.160/30 10.117.37.161 0 17776 i
*> 10.117.38.124/30 10.117.37.161 0 17776 i
*> 10.117.38.126/32 10.117.37.161 0 17776 i
*> 100.171.4.0/24 10.117.37.161 0 17776 17776 i
*> 100.179.4.0/24 10.117.37.161 0 17776 17776 i
*> 100.179.12.0/24 10.117.37.161 0 17776 17776 i
*> 202.76.81.32/27 10.117.37.161 0 17776 4058 65500 i
*> 203.85.247.0/29 10.117.37.161 0 17776 4058 ?
*> 218.97.44.20/30 10.117.37.161 0 17776 i
*> 218.97.44.22/32 10.117.37.161 0 17776 i
*> 218.97.45.130/32 10.117.37.161 0 17776 i
Total number of prefixes 28
CR2#clear ip bgp * So
CR2#clear ip bgp * Soft in
CR2#
CR2#
CR2#clear ip bgp * Soft out
CR2#
CR2#
CR2#show ip bgp neighbors 10.66.0.59 advertised-routes
BGP table version is 2923, local router ID is 10.66.0.252
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, x best-externa
l, f RT-Filter
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 10.0.1.48/28 10.66.0.59 0 65457 65000 65000 i
*> 10.1.0.128/28 10.66.0.59 0 65457 65000 65000 ?
*> 10.1.0.144/28 10.66.0.59 0 65457 65000 65000 i
*> 10.1.1.0/30 10.66.0.59 0 65457 65000 65000 ?
*> 10.1.1.2/32 10.66.0.59 0 65457 65000 65000 ?
*> 10.1.1.32/27 10.66.0.59 0 65457 65000 65000 i
*> 10.1.1.96/28 10.66.0.59 0 65457 65000 65000 i
*> 10.1.1.128/28 10.66.0.59 0 65457 65000 65000 i
*> 10.1.1.160/28 10.66.0.59 0 65457 65000 65000 i
*> 10.1.2.32/28 10.66.0.59 0 65457 65000 65000 i
*> 10.1.2.48/28 10.66.0.59 0 65457 65000 65000 i
*> 10.1.2.64/28 10.66.0.59 0 65457 65000 65000 i
*> 10.1.2.80/28 10.66.0.59 0 65457 65000 65000 i
*> 10.1.2.112/28 10.66.0.59 0 65457 65000 65000 i
*> 10.1.2.128/28 10.66.0.59 0 65457 65000 65000 i
*> 10.1.2.144/28 10.66.0.59 0 65457 65000 65000 i
*> 10.1.2.192/28 10.66.0.59 0 65457 65000 65000 i
*> 10.1.2.208/28 10.66.0.59 0 65457 65000 65000 i
*> 10.1.3.0/24 10.66.0.59 0 65457 65000 65000 ?
*> 10.1.4.0/28 10.66.0.59 0 65457 65000 65000 i
*> 10.1.4.16/28 10.66.0.59 0 65457 65000 65000 i
*> 10.1.4.64/26 10.66.0.59 0 65457 65000 65000 i
*> 10.1.4.128/27 10.66.0.59 0 65457 65000 65000 i
*> 10.1.4.160/27 10.66.0.59 0 65457 65000 65000 i
*> 10.1.4.192/27 10.66.0.59 0 65457 65000 65000 i
*> 10.1.4.224/27 10.66.0.59 0 65457 65000 65000 i
*> 10.1.5.32/27 10.66.0.59 0 65457 65000 65000 i
*> 10.1.5.192/26 10.66.0.59 0 65457 65000 65000 i
*> 10.1.171.16/28 10.66.0.59 0 65457 65000 65000 i
*> 10.1.180.0/26 10.66.0.59 0 65457 65000 65000 i
*> 10.1.181.0/28 10.66.0.59 0 65457 65000 4809 65
000 i
*> 10.1.181.64/28 10.66.0.59 0 65457 65000 65000 i
*> 10.1.181.80/28 10.66.0.59 0 65457 65000 65000 i
*> 10.1.189.0/26 10.66.0.59 0 65457 65000 65000 i
*> 10.1.191.0/27 10.66.0.59 0 65457 65000 65000 i
*> 10.1.191.96/27 10.66.0.59 0 65457 65000 65000 i
*> 10.1.191.128/27 10.66.0.59 0 65457 65000 65000 i
*> 10.1.191.192/27 10.66.0.59 0 65457 65000 65000 i
*> 10.1.192.0/27 10.66.0.59 0 65457 65000 65000 i
*> 10.1.200.0/26 10.66.0.59 0 65457 65000 65000 i
*> 10.1.200.64/26 10.66.0.59 0 65457 65000 65000 i
*> 10.1.201.0/24 10.66.0.59 0 65457 65000 65000 ?
*> 10.1.210.32/27 10.66.0.59 0 65457 65000 65000 i
*> 10.1.248.0/26 10.66.0.59 0 65457 65000 65000 i
*> 10.1.248.64/26 10.66.0.59 0 65457 65000 65000 i
*> 10.1.248.128/26 10.66.0.59 0 65457 65000 65000 i
*> 10.1.248.192/26 10.66.0.59 0 65457 65000 65000 i
*> 10.1.250.128/26 10.66.0.59 0 65457 65000 65000 i
*> 10.1.251.64/26 10.66.0.59 0 65457 65000 65000 i
Network Next Hop Metric LocPrf Weight Path
*> 10.1.252.64/26 10.66.0.59 0 65457 65000 65000 i
*> 10.1.252.192/26 10.66.0.59 0 65457 65000 65000 i
*> 10.1.254.0/24 10.66.0.59 0 65457 65000 65000 ?
*> 10.2.1.64/28 10.66.0.59 0 65457 65000 65000 i
*> 10.13.0.0/16 10.66.0.59 0 65457 65000 65000 ?
*> 10.20.20.0/24 10.66.0.59 0 65457 65000 65000 ?
*> 10.22.0.0/16 10.66.0.59 0 65457 65000 65000 i
*> 10.40.0.0/22 10.66.0.59 0 65457 65000 65000 i
*> 10.40.4.0/22 10.66.0.59 0 65457 65000 65000 i
*> 10.40.8.0/22 10.66.0.59 0 65457 65000 65000 i
*> 10.40.12.0/22 10.66.0.59 0 65457 65000 65000 i
*> 10.40.16.0/22 10.66.0.59 0 65457 65000 65000 i
*> 10.40.20.0/22 10.66.0.59 0 65457 65000 65000 i
*> 10.40.28.0/22 10.66.0.59 0 65457 65000 65000 i
*> 10.40.32.0/22 10.66.0.59 0 65457 65000 65000 i
*> 10.40.40.0/22 10.66.0.59 0 65457 65000 65000 i
*> 10.40.44.0/22 10.66.0.59 0 65457 65000 65000 i
*> 10.40.46.0/24 10.66.0.59 0 65457 65000 65000 ?
*> 10.40.48.0/22 10.66.0.59 0 65457 65000 65000 i
*> 10.40.52.0/22 10.66.0.59 0 65457 65000 65000 i
*> 10.40.56.0/22 10.66.0.59 0 65457 65000 65000 i
*> 10.40.60.0/26 10.66.0.59 0 65457 65000 65000 i
*> 10.40.64.0/22 10.66.0.59 0 65457 65000 65000 i
*> 10.40.68.0/22 10.66.0.59 0 65457 65000 65000 i
*> 10.40.72.0/22 10.66.0.59 0 65457 65000 65000 i
*> 10.40.74.0/24 10.66.0.59 0 65457 65000 65000 ?
*> 10.40.84.0/22 10.66.0.59 0 65457 65000 65000 i
*> 10.40.92.0/22 10.66.0.59 0 65457 65000 65000 i
*> 10.40.100.0/22 10.66.0.59 0 65457 65000 65000 i
*> 10.40.104.0/22 10.66.0.59 0 65457 65000 65000 i
*> 10.40.109.0/24 10.66.0.59 0 65457 65000 65000 i
*> 10.40.110.0/24 10.66.0.59 0 65457 65000 65000 i
*> 10.40.112.0/22 10.66.0.59 0 65457 65000 65000 i
*> 10.40.116.0/22 10.66.0.59 0 65457 65000 65000 ?
*> 10.40.120.0/26 10.66.0.59 0 65457 65000 65000 ?
*> 10.40.120.128/27 10.66.0.59 0 65457 65000 65000 ?
*> 10.40.120.240/29 10.66.0.59 0 65457 65000 65000 ?
*> 10.40.120.248/29 10.66.0.59 0 65457 65000 65000 ?
*> 10.40.121.0/24 10.66.0.59 0 65457 65000 65000 ?
*> 10.40.122.0/24 10.66.0.59 0 65457 65000 65000 ?
*> 10.40.124.0/22 10.66.0.59 0 65457 65000 65000 i
*> 10.40.129.0/24 10.66.0.59 0 65457 65000 65000 i
*> 10.40.132.0/22 10.66.0.59 0 65457 65000 65000 i
*> 10.40.136.0/22 10.66.0.59 0 65457 65000 65000 i
*> 10.40.140.0/22 10.66.0.59 0 65457 65000 65000 i
*> 10.40.142.0/24 10.66.0.59 0 65457 65000 65000 ?
*> 10.40.144.0/22 10.66.0.59 0 65457 65000 65000 i
*> 10.40.150.0/24 10.66.0.59 0 65457 65000 65000 i
*> 10.40.152.0/22 10.66.0.59 0 65457 65000 65000 i
*> 10.40.156.0/22 10.66.0.59 0 65457 65000 65000 i
*> 10.40.160.0/22 10.66.0.59 0 65457 65000 65000 i
*> 10.40.164.0/22 10.66.0.59 0 65457 65000 65000 i
*> 10.40.168.0/22 10.66.0.59 0 65457 65000 65000 i
*> 10.40.172.0/22 10.66.0.59 0 65457 65000 65000 i
*> 10.40.176.0/22 10.66.0.59 0 65457 65000 65000 i
*> 10.40.180.0/22 10.66.0.59 0 65457 65000 65000 i
CR2#conf t
Enter configuration commands, one per line. End with CNTL/Z.
CR2(config)#router
CR2(config)#router bgp 65458
CR2(config-router)# neighbor 10.117.37.161 route-map block_17776_back $
CR2(config-router)#end
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-18-2012 07:21 AM
Hi,
I believe a similar route-map denying prefixes with matching next-hop=10.66.0.59 could be used oubound to the 10.66.0.59 neighbor?
HTH,
Milan
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-18-2012 10:27 PM
Hello Milan,
let me explain clearly
i did implement the below route-map towards service provider A. 10.117.37.161 is provider A PE router.
route-map block_17776_back deny 10
match as-path 1
route-map block_17776_back permit 20
!
router bgp 65458
neighbor 10.117.37.161 route-map block_17776_back out
!
ip as-path access-list 1 permit _17776_
After i implemented the above route-map the advertisment issue towards provider A is resolved..This is expected..
Again, the advertisment issues towards 10.66.0.59 also got resolved..This is where I did not understand..
so i gathered show ip bgp neigh 10.66.0.59 advertised routes on CR2 before and after implementation..I will included that in the attachement.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-19-2012 06:45 AM
Hi,
I'm not sure.
Possibly there was a single BGP Update Group originally which was splitted into two after the route-map was applied?
BR,
Milan
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-24-2012 10:02 AM
Milan, you are correct ..the update group split into two..
CR2#show ip bgp update-group
BGP version 4 update-group 1, external, Address Family: IPv4 Unicast
BGP Update version : 9526/0, messages 0
Topology: global, highest version: 9526, tail marker: 9526
Format state: Current working (OK, last minimum advertisement interval)
Refresh blocked (not in list, last not in list)
Update messages formatted 2540, replicated 4425, current 0, refresh 0, limit 1000
Number of NLRIs in the update sent: max 276, min 0
Minimum time between advertisement runs is 30 seconds
Has 1 member:
10.66.0.59
BGP version 4 update-group 4, external, Address Family: IPv4 Unicast
BGP Update version : 9526/0, messages 0
Route map for outgoing advertisements is block_17776_back
Topology: global, highest version: 9526, tail marker: 9526
Format state: Current working (OK, last minimum advertisement interval)
Refresh blocked (not in list, last not in list)
Update messages formatted 1578, replicated 1578, current 0, refresh 0, limit 1000
Number of NLRIs in the update sent: max 274, min 0
Minimum time between advertisement runs is 30 seconds
Has 1 member:
10.117.37.161
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-24-2012 04:01 PM
Thanks for everyone’s assistance so far.
I would need some extended assistance in configuring the route summarization.
I have identified cr 1 and cr 2 as a point of summarization.
AT CR2,
Kindly take a look at my bgp table and advertised routes. There are 846 prefixes advertised via provider A to various remote subnets. There are 28 prefixes advertised towards CR1.
If I wanted to aggregate the routes and I see the option is to use aggregate address summary only command….
Please assist how I can achieve summarization in this scenario.
- « Previous
-
- 1
- 2
- Next »
