Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2317
Views
5
Helpful
22
Replies

BGP issue unwanted advertisments.

Vinayaka Raman
Level 1
Level 1

‎12-11-2012 10:13 AM - edited ‎03-04-2019 06:23 PM

please refer to show ip bgp nei x advertised routes..                

  can someone please explain why is cr 2 advertising the prefixes back to cr1..?

Regards Vinayak
Labels:
Preview file
185 KB
139775-tac.log.zip
0 Helpful
22 Replies 22

Vinayaka Raman
Level 1
Level 1
In response to milan.kulik

‎12-13-2012 09:22 AM

so on CR2

1) neighbor route-map out -> advertise only prefixes whose as-path contain 17776

nei x.x.x.x route-map neix_out out

!

ip as-path access-list 1 permit ^17776$

!

route-map neix_out permit 10

match as-path 1

2) neighbor route-map out -> deny prefixes that contain 17776 only

nei x.x.x.x route-map neix_out out

!

ip as-path access-list 1 permit ^17776$

!

route-map neix_out deny 10

match as-path 1

route-map neix_out permit 20

Regards Vinayak
0 Helpful

Nandan Mathure
Level 1
Level 1
In response to Vinayaka Raman

‎12-13-2012 10:46 AM

Hi Vinayaka,

I found one of the blog posts about this ebgp advertising back the prefixes,

http://lxllx.blogspot.in/2010/05/ebgp-split-horizon.html

You can filter these by using following config:

CR2

!

ip as-path access-list 1 permit _65457_

!

route-map BLOCK65457BACK deny 10

match as-path 1

route-map BLOCK65457BACK permit 20

!

router bgp 65458

neighbor 10.66.0.59 route-map BLOCK65457BACK out

!

Thanks,

Nandan

0 Helpful

Vinayaka Raman
Level 1
Level 1
In response to Nandan Mathure

‎12-18-2012 06:46 AM

Hello Everyone

I have implemented this configuration towards provider A

route-map block_17776_back deny 10

match as-path 1

route-map block_17776_back permit 20

!

router bgp 65458

neighbor 10.117.37.161 route-map block_17776_back out

!

ip as-path access-list 1 permit _17776_

Now I could see CR2 advertises what is expected...

I am still seeking more clarification..i have implemented a outbound route map towards provider 2 to block all the advertisments back to him containing his own as..but how could resolve my advertisment issue towards cr1..can someone explain please...?

CR2(config)#router bgp 65458
CR2(config-router)#
CR2(config-router)#
CR2(config-router)#$ 10.117.37.161 route-map block_17776_back out
CR2(config-router)#
CR2(config-router)#end

CR2#show ip bgp neighbors 10.66.0.59 advertised-routes
BGP table version is 2923, local router ID is 10.66.0.252
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale, m multipath, b backup-path, x best-externa
l, f RT-Filter
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*> 10.60.8.0/22     10.117.37.161                          0 17776 17776 i
*> 10.60.8.248/29   10.117.37.161                          0 17776 17776 i
*> 10.60.12.0/22    10.117.37.161                          0 17776 17776 i
*> 10.60.16.0/22    10.117.37.161                          0 17776 17776 i
*> 10.62.80.0/21    10.117.37.161                          0 17776 17776 i
*> 10.62.80.254/32  10.117.37.161                          0 17776 17776 i
*> 10.64.16.253/32  10.117.37.161                          0 17776 17776 17776 1
7776 17776 i
*> 10.66.0.0/20     10.66.0.60          691456         32768 i
*> 10.114.1.252/30  10.117.37.161                          0 17776 4058 ?
*> 10.117.13.12/30  10.117.37.161                          0 17776 i
*> 10.117.13.14/32  10.117.37.161                          0 17776 i
*> 10.117.32.244/30 10.117.37.161                          0 17776 i
*> 10.117.32.246/32 10.117.37.161                          0 17776 i
*> 10.117.37.24/30  10.117.37.161                          0 17776 i
*> 10.117.37.26/32  10.117.37.161                          0 17776 i
*> 10.117.37.68/30  10.117.37.161                          0 17776 i
*> 10.117.37.70/32  10.117.37.161                          0 17776 i
r> 10.117.37.160/30 10.117.37.161                          0 17776 i
*> 10.117.38.124/30 10.117.37.161                          0 17776 i
*> 10.117.38.126/32 10.117.37.161                          0 17776 i
*> 100.171.4.0/24   10.117.37.161                          0 17776 17776 i
*> 100.179.4.0/24   10.117.37.161                          0 17776 17776 i
*> 100.179.12.0/24  10.117.37.161                          0 17776 17776 i
*> 202.76.81.32/27  10.117.37.161                          0 17776 4058 65500 i
*> 203.85.247.0/29  10.117.37.161                          0 17776 4058 ?
*> 218.97.44.20/30  10.117.37.161                          0 17776 i
*> 218.97.44.22/32  10.117.37.161                          0 17776 i
*> 218.97.45.130/32 10.117.37.161                          0 17776 i

Total number of prefixes 28
CR2#clear ip bgp * So
CR2#clear ip bgp * Soft in
CR2#
CR2#
CR2#clear ip bgp * Soft out
CR2#
CR2#
CR2#show ip bgp neighbors 10.66.0.59 advertised-routes
BGP table version is 2923, local router ID is 10.66.0.252
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale, m multipath, b backup-path, x best-externa
l, f RT-Filter
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*> 10.0.1.48/28     10.66.0.59                             0 65457 65000 65000 i
*> 10.1.0.128/28    10.66.0.59                             0 65457 65000 65000 ?
*> 10.1.0.144/28    10.66.0.59                             0 65457 65000 65000 i
*> 10.1.1.0/30      10.66.0.59                             0 65457 65000 65000 ?
*> 10.1.1.2/32      10.66.0.59                             0 65457 65000 65000 ?
*> 10.1.1.32/27     10.66.0.59                             0 65457 65000 65000 i
*> 10.1.1.96/28     10.66.0.59                             0 65457 65000 65000 i
*> 10.1.1.128/28    10.66.0.59                             0 65457 65000 65000 i
*> 10.1.1.160/28    10.66.0.59                             0 65457 65000 65000 i
*> 10.1.2.32/28     10.66.0.59                             0 65457 65000 65000 i
*> 10.1.2.48/28     10.66.0.59                             0 65457 65000 65000 i
*> 10.1.2.64/28     10.66.0.59                             0 65457 65000 65000 i
*> 10.1.2.80/28     10.66.0.59                             0 65457 65000 65000 i
*> 10.1.2.112/28    10.66.0.59                             0 65457 65000 65000 i
*> 10.1.2.128/28    10.66.0.59                             0 65457 65000 65000 i
*> 10.1.2.144/28    10.66.0.59                             0 65457 65000 65000 i
*> 10.1.2.192/28    10.66.0.59                             0 65457 65000 65000 i
*> 10.1.2.208/28    10.66.0.59                             0 65457 65000 65000 i
*> 10.1.3.0/24      10.66.0.59                             0 65457 65000 65000 ?
*> 10.1.4.0/28      10.66.0.59                             0 65457 65000 65000 i
*> 10.1.4.16/28     10.66.0.59                             0 65457 65000 65000 i
*> 10.1.4.64/26     10.66.0.59                             0 65457 65000 65000 i
*> 10.1.4.128/27    10.66.0.59                             0 65457 65000 65000 i
*> 10.1.4.160/27    10.66.0.59                             0 65457 65000 65000 i
*> 10.1.4.192/27    10.66.0.59                             0 65457 65000 65000 i
*> 10.1.4.224/27    10.66.0.59                             0 65457 65000 65000 i
*> 10.1.5.32/27     10.66.0.59                             0 65457 65000 65000 i
*> 10.1.5.192/26    10.66.0.59                             0 65457 65000 65000 i
*> 10.1.171.16/28   10.66.0.59                             0 65457 65000 65000 i
*> 10.1.180.0/26    10.66.0.59                             0 65457 65000 65000 i
*> 10.1.181.0/28    10.66.0.59                             0 65457 65000 4809 65
000 i
*> 10.1.181.64/28   10.66.0.59                             0 65457 65000 65000 i
*> 10.1.181.80/28   10.66.0.59                             0 65457 65000 65000 i
*> 10.1.189.0/26    10.66.0.59                             0 65457 65000 65000 i
*> 10.1.191.0/27    10.66.0.59                             0 65457 65000 65000 i
*> 10.1.191.96/27   10.66.0.59                             0 65457 65000 65000 i
*> 10.1.191.128/27  10.66.0.59                             0 65457 65000 65000 i
*> 10.1.191.192/27  10.66.0.59                             0 65457 65000 65000 i
*> 10.1.192.0/27    10.66.0.59                             0 65457 65000 65000 i
*> 10.1.200.0/26    10.66.0.59                             0 65457 65000 65000 i
*> 10.1.200.64/26   10.66.0.59                             0 65457 65000 65000 i
*> 10.1.201.0/24    10.66.0.59                             0 65457 65000 65000 ?
*> 10.1.210.32/27   10.66.0.59                             0 65457 65000 65000 i
*> 10.1.248.0/26    10.66.0.59                             0 65457 65000 65000 i
*> 10.1.248.64/26   10.66.0.59                             0 65457 65000 65000 i
*> 10.1.248.128/26  10.66.0.59                             0 65457 65000 65000 i
*> 10.1.248.192/26  10.66.0.59                             0 65457 65000 65000 i
*> 10.1.250.128/26  10.66.0.59                             0 65457 65000 65000 i
*> 10.1.251.64/26   10.66.0.59                             0 65457 65000 65000 i
   Network          Next Hop            Metric LocPrf Weight Path
*> 10.1.252.64/26   10.66.0.59                             0 65457 65000 65000 i
*> 10.1.252.192/26  10.66.0.59                             0 65457 65000 65000 i
*> 10.1.254.0/24    10.66.0.59                             0 65457 65000 65000 ?
*> 10.2.1.64/28     10.66.0.59                             0 65457 65000 65000 i
*> 10.13.0.0/16     10.66.0.59                             0 65457 65000 65000 ?
*> 10.20.20.0/24    10.66.0.59                             0 65457 65000 65000 ?
*> 10.22.0.0/16     10.66.0.59                             0 65457 65000 65000 i
*> 10.40.0.0/22     10.66.0.59                             0 65457 65000 65000 i
*> 10.40.4.0/22     10.66.0.59                             0 65457 65000 65000 i
*> 10.40.8.0/22     10.66.0.59                             0 65457 65000 65000 i
*> 10.40.12.0/22    10.66.0.59                             0 65457 65000 65000 i
*> 10.40.16.0/22    10.66.0.59                             0 65457 65000 65000 i
*> 10.40.20.0/22    10.66.0.59                             0 65457 65000 65000 i
*> 10.40.28.0/22    10.66.0.59                             0 65457 65000 65000 i
*> 10.40.32.0/22    10.66.0.59                             0 65457 65000 65000 i
*> 10.40.40.0/22    10.66.0.59                             0 65457 65000 65000 i
*> 10.40.44.0/22    10.66.0.59                             0 65457 65000 65000 i
*> 10.40.46.0/24    10.66.0.59                             0 65457 65000 65000 ?
*> 10.40.48.0/22    10.66.0.59                             0 65457 65000 65000 i
*> 10.40.52.0/22    10.66.0.59                             0 65457 65000 65000 i
*> 10.40.56.0/22    10.66.0.59                             0 65457 65000 65000 i
*> 10.40.60.0/26    10.66.0.59                             0 65457 65000 65000 i
*> 10.40.64.0/22    10.66.0.59                             0 65457 65000 65000 i
*> 10.40.68.0/22    10.66.0.59                             0 65457 65000 65000 i
*> 10.40.72.0/22    10.66.0.59                             0 65457 65000 65000 i
*> 10.40.74.0/24    10.66.0.59                             0 65457 65000 65000 ?
*> 10.40.84.0/22    10.66.0.59                             0 65457 65000 65000 i
*> 10.40.92.0/22    10.66.0.59                             0 65457 65000 65000 i
*> 10.40.100.0/22   10.66.0.59                             0 65457 65000 65000 i
*> 10.40.104.0/22   10.66.0.59                             0 65457 65000 65000 i
*> 10.40.109.0/24   10.66.0.59                             0 65457 65000 65000 i
*> 10.40.110.0/24   10.66.0.59                             0 65457 65000 65000 i
*> 10.40.112.0/22   10.66.0.59                             0 65457 65000 65000 i
*> 10.40.116.0/22   10.66.0.59                             0 65457 65000 65000 ?
*> 10.40.120.0/26   10.66.0.59                             0 65457 65000 65000 ?
*> 10.40.120.128/27 10.66.0.59                             0 65457 65000 65000 ?
*> 10.40.120.240/29 10.66.0.59                             0 65457 65000 65000 ?
*> 10.40.120.248/29 10.66.0.59                             0 65457 65000 65000 ?
*> 10.40.121.0/24   10.66.0.59                             0 65457 65000 65000 ?
*> 10.40.122.0/24   10.66.0.59                             0 65457 65000 65000 ?
*> 10.40.124.0/22   10.66.0.59                             0 65457 65000 65000 i
*> 10.40.129.0/24   10.66.0.59                             0 65457 65000 65000 i
*> 10.40.132.0/22   10.66.0.59                             0 65457 65000 65000 i
*> 10.40.136.0/22   10.66.0.59                             0 65457 65000 65000 i
*> 10.40.140.0/22   10.66.0.59                             0 65457 65000 65000 i
*> 10.40.142.0/24   10.66.0.59                             0 65457 65000 65000 ?
*> 10.40.144.0/22   10.66.0.59                             0 65457 65000 65000 i
*> 10.40.150.0/24   10.66.0.59                             0 65457 65000 65000 i
*> 10.40.152.0/22   10.66.0.59                             0 65457 65000 65000 i
*> 10.40.156.0/22   10.66.0.59                             0 65457 65000 65000 i
*> 10.40.160.0/22   10.66.0.59                             0 65457 65000 65000 i
*> 10.40.164.0/22   10.66.0.59                             0 65457 65000 65000 i
*> 10.40.168.0/22   10.66.0.59                             0 65457 65000 65000 i
*> 10.40.172.0/22   10.66.0.59                             0 65457 65000 65000 i
*> 10.40.176.0/22   10.66.0.59                             0 65457 65000 65000 i
*> 10.40.180.0/22   10.66.0.59                             0 65457 65000 65000 i

CR2#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
CR2(config)#router
CR2(config)#router bgp 65458
CR2(config-router)# neighbor 10.117.37.161 route-map block_17776_back $
CR2(config-router)#end


Regards Vinayak
0 Helpful

milan.kulik
Level 10
Level 10
In response to Vinayaka Raman

‎12-18-2012 07:21 AM

Hi,

I believe a similar route-map denying prefixes with matching next-hop=10.66.0.59 could be used oubound to the 10.66.0.59 neighbor?

HTH,

Milan

0 Helpful

Vinayaka Raman
Level 1
Level 1
In response to milan.kulik

‎12-18-2012 10:27 PM

Hello Milan,

let me explain clearly

i did implement the below route-map towards service provider A. 10.117.37.161 is provider A PE router.

route-map block_17776_back deny 10

match as-path 1

route-map block_17776_back permit 20

!

router bgp 65458

neighbor 10.117.37.161 route-map block_17776_back out

!

ip as-path access-list 1 permit _17776_

After i implemented the above route-map the advertisment issue towards provider A is resolved..This is expected..

Again, the advertisment issues towards 10.66.0.59 also got resolved..This is where I did not understand..

so i gathered show ip bgp neigh 10.66.0.59 advertised routes on CR2 before and after implementation..I will included that in the attachement.

Regards Vinayak
140161-After change.txt.zip
0 Helpful

milan.kulik
Level 10
Level 10
In response to Vinayaka Raman

‎12-19-2012 06:45 AM

Hi,

I'm not sure.

Possibly there was a single BGP Update Group originally which was splitted into two after the route-map was applied?

BR,

Milan

0 Helpful

Vinayaka Raman
Level 1
Level 1
In response to milan.kulik

‎12-24-2012 10:02 AM

Milan, you are correct ..the update group split into two..

CR2#show ip bgp update-group

BGP version 4 update-group 1, external, Address Family: IPv4 Unicast
  BGP Update version : 9526/0, messages 0
  Topology: global, highest version: 9526, tail marker: 9526
  Format state: Current working (OK, last minimum advertisement interval)
                Refresh blocked (not in list, last not in list)
  Update messages formatted 2540, replicated 4425, current 0, refresh 0, limit 1000
  Number of NLRIs in the update sent: max 276, min 0
  Minimum time between advertisement runs is 30 seconds
  Has 1 member:
   10.66.0.59

BGP version 4 update-group 4, external, Address Family: IPv4 Unicast
  BGP Update version : 9526/0, messages 0
  Route map for outgoing advertisements is block_17776_back
  Topology: global, highest version: 9526, tail marker: 9526
  Format state: Current working (OK, last minimum advertisement interval)
                Refresh blocked (not in list, last not in list)
  Update messages formatted 1578, replicated 1578, current 0, refresh 0, limit 1000
  Number of NLRIs in the update sent: max 274, min 0
  Minimum time between advertisement runs is 30 seconds
  Has 1 member:
   10.117.37.161

Regards Vinayak
0 Helpful

Vinayaka Raman
Level 1
Level 1
In response to milan.kulik

‎12-24-2012 04:01 PM

Thanks for everyone’s assistance so far.

I would need some extended assistance in configuring the route summarization.

I have identified cr 1 and cr 2 as a point of summarization.

AT CR2,

Kindly take a look at my bgp table and advertised routes. There are 846 prefixes advertised via provider A to various remote subnets. There are 28 prefixes advertised towards CR1.

If I wanted to aggregate the routes and I see the option is to use aggregate address summary only command….

Please assist how I can achieve summarization in this scenario.

Regards Vinayak
140459-summarization.txt.zip
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card