BGP Restriction

divine007 · ‎06-29-2012

Hello All,

I have 2 links from thesame isp. So segments are divided between the links and advertise using prefix-list for restriction

Now one of the link is having issues, so i decided to send all the traffic on the other link, but i realise that since there is no restriction the faulty link while the bgp is still up, all the segments inside the bgp session are advertise there because BGP is still up, now looking like there is a look, i thought of using advertise map at the level of the neighbor but recieve only a BGP default route from my upstream.

I cant shut BGP down because my neighbor ip addresss comes through BGP and my IPSEC GRE tunnels use this ip address

What else can i use in other to restrict this

Regards

smitesh kharecha · ‎07-02-2012

Hi,

Match the default route with AS-Path access-list, it will work.

ip as-path access-list 2 permit ^$

ip prefix-list DEFROUTE seq 10 permit 0.0.0.0/0

route-map NON-EXISTTYP permit 10
match ip address prefix-list DEFROUTE
match as-path 2

HTH,

Smitesh

PS: Please rate helpful posts...

adnane dakna · ‎07-03-2012

just to complete the solution suggested by smitesh ,

apply the route map NON-EXISTTYP in neighboor : neigboor <@IP> route-map NON-EXISTTYP in

divine007 · ‎07-03-2012

If i use

ip prefix-list DEFROUTE seq 10 permit 0.0.0.0/0

Wont all the prefix be allowed through, i believe 0.0.0.0/0 means anything??

Regards

smitesh kharecha · ‎07-03-2012

Hi,

It will match all, however since you want to have conditional advertisement, even in case your primary link goes down, you will receive default via your secondary link and Access-list will still match. Hence, match default route in conditional advertisement is not a good option; unless you are receiving two default set of IP prefixes from both ISPs.

HTH,

Smitesh

milan.kulik · ‎07-03-2012

Hi,

IMHO,

ip prefix-list DEFROUTE seq 10 permit 0.0.0.0/0

matches only the deafult route.

If you want to match all prefixes, you would need to add

ip prefix-list DEFROUTE seq 10 permit 0.0.0.0/0 le 32

But generally , I'm missing your idea here: What do you want to achieve?

BR,

Milan

smitesh kharecha · ‎07-03-2012

Hi Adnane,

I beg to differ here, since this scenario we are doing conditional route-advertisement, we will use advertise-map instead of route-map as you suggested.

HTH,

Smitesh

divine007 · ‎07-03-2012

Am getting something, tell me now that i recieve only a default BGP route from my upstream provider inside my bgp table

How will this works, since i need this routes inside my bgp routing table

Regards

adnane dakna · ‎07-03-2012

it's better to post schema architecture with more clarifications , that will help us to converge toward right way

divine007 · ‎07-03-2012

Attached above the schema of my case.

Regards

adnane dakna · ‎07-03-2012

For problem 1 : us I understand you don't want to take any route from link , to do so just create a prefix list and apply it to incoming route in link 1

ip prefix-list myprefix deny 0.0.0.0/0

neighbor @IP prefix-list mypref in

and apply command : clear ip bgp * soft

compare th result of two commands : show ip bgp neighbors @IP received-routes and show ip bgp @IP routes , it show yuo if your filter is working .

for Problem 2 I send you my solution soon

divine007 · ‎07-06-2012

Tell me, can i influence BGP returning traffic, when i receive only a B* route from my upstream provider?

Regards