04-03-2020 09:44 AM - edited 04-03-2020 09:46 AM
Hi guys, trying to run lab described here https://www.noction.com/knowledge-base/bgp-inbound-traffic-engineering but I wanted to make it a little bit complex : so subnet 190.0.0.0/16 should goes via PE2 but the rest subnets (I added 172.16.0.0/16) go via PE1 . I have GNS3 with 3600 v12.4 ios, and can use only route-maps. I am trying to do AS-path prepend towards PE1 for specific subnet 190.0.0.0/16 and make it less preferred for inbound traffic only for that subnet. Whatever I tried (empty route-map 20, route-map 20 with match only to ip any any allowed acl ) BGP is sending everything via PE2 :( . Here is config:
R1(config-route-map)# do sho run | s bgp
router bgp 6400
no synchronization
bgp log-neighbor-changes
network 1.1.1.1 mask 255.255.255.255
neighbor 1.1.1.3 remote-as 6400
neighbor 1.1.1.3 update-source Loopback0
neighbor 1.1.1.3 next-hop-self
neighbor 11.0.0.2 remote-as 6500
neighbor 11.0.0.2 route-map BGP_PREFERRED in
neighbor 11.0.0.2 route-map AS-PATH-RPL out
no auto-summary
R1(config-route-map)# do sho run | s route-map
neighbor 11.0.0.2 route-map BGP_PREFERRED in
neighbor 11.0.0.2 route-map AS-PATH-RPL out
route-map BGP_PREFERRED permit 10
set local-preference 200
route-map AS-PATH-RPL permit 10
match policy-list CUST-PS
set as-path prepend 6400 6400 6400
route-map AS-PATH-RPL permit 20
match policy-list PERMI_IN_BGP
R1(config-route-map)# do sho run | s ip access-lis
ip access-list extended CUST-PS < should come via PE2
permit ip 190.0.0.0 0.0.255.255 any
ip access-list extended PERMI_IN_BGP < the rest of the subnets coming via PE1
permit ip host 1.1.1.1 any
permit ip 172.16.0.0 0.0.255.255 any
permit ip 11.0.0.0 0.0.0.3 any
permit ip 10.0.0.0 0.0.0.3 any
PE1# sho ip bgp
Network Next Hop Metric LocPrf Weight Path
*> 0.0.0.0 0.0.0.0 0 32768 i
* i 2.2.2.2 0 100 0 i
*>i1.1.1.2/32 2.2.2.2 0 100 0 6400 i ## 2.2.2.2 is PE2
*>i1.1.1.3/32 2.2.2.2 0 100 0 6400 i
*>i172.16.0.0 2.2.2.2 0 100 0 6400 i
*>i190.0.0.0 2.2.2.2 0 100 0 6400 i
Anyone can recommend solution?
Thanks
Solved! Go to Solution.
04-03-2020 10:37 AM - edited 04-03-2020 10:42 AM
Hello
@Bekzod Fakhriddinov wrote:
can use only route-maps. I am trying to do AS-path prepend towards PE1 for specific subnet 190.0.0.0/16 and make it less preferred for inbound traffic only for that subnet. Whatever I tried (empty route-map 20, route-map 20 with match only to ip any any allowed acl ) BGP is sending everything via PE2s
AS_PATH prepending is mostly used for advertsing a least prefferd path to upstream ebgp peers
Local preferance is used to prefer an exit from your local AS domain
First of all your route-map isnt matching correctly it need to match on the extended access-list of CUST-PS, not a policy list and second that ace entry in your ACL should be a prefix that your advertising towards the ISP.
So in the below example:
route-map AS-PATH-RPL permit 10
no match policy-list CUST-PS
match ip address CUST-PS <-- the prefix in this ACL will be as-prepended towards the ISP
route-map AS-PATH-RPL permit 20 <--This a catch all statment so all other routes wont be prepedned
no match policy-list PERMI_IN_BGP
04-03-2020 10:37 AM - edited 04-03-2020 10:42 AM
Hello
@Bekzod Fakhriddinov wrote:
can use only route-maps. I am trying to do AS-path prepend towards PE1 for specific subnet 190.0.0.0/16 and make it less preferred for inbound traffic only for that subnet. Whatever I tried (empty route-map 20, route-map 20 with match only to ip any any allowed acl ) BGP is sending everything via PE2s
AS_PATH prepending is mostly used for advertsing a least prefferd path to upstream ebgp peers
Local preferance is used to prefer an exit from your local AS domain
First of all your route-map isnt matching correctly it need to match on the extended access-list of CUST-PS, not a policy list and second that ace entry in your ACL should be a prefix that your advertising towards the ISP.
So in the below example:
route-map AS-PATH-RPL permit 10
no match policy-list CUST-PS
match ip address CUST-PS <-- the prefix in this ACL will be as-prepended towards the ISP
route-map AS-PATH-RPL permit 20 <--This a catch all statment so all other routes wont be prepedned
no match policy-list PERMI_IN_BGP
04-03-2020 11:20 AM
Great , it works now. Thank you
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: