BGP route map (in/out) question

36223 · ‎06-10-2022

Can someone explain how you know whether to apply a route map inbound or outbound when attempting to set weight, local preference, AS path prepend for a given BGP neighbor?

I've seen a lot of situations where route-maps which contain local preference being applied inbound with eBGP neighbors and other instances where route-maps with AS path prepending applied outbound with eBGP neighbors, but when would you use the opposite direction for each case?

David Ruess · ‎06-10-2022

Hello,

There are a multitude of reasons to use one over the other, some including access to devices. Maybe you only have control over one of the two devices exchanging routes. You wouldn't be able to configure a route map (or any changes) on the device you dont have control over so you configure the one you do have access to.

As far as local preference, from I understand is, well, local. You wouldn't necessarily configure a local preference for one router just to send to another device.

AS path prepending kind of refers back to my original statement. Maybe you don't have control over the sending router so you change the route as it comes into your routing control.

Hope that helps.

-David

Jon Marshall · ‎06-10-2022

You usually wouldn't use the opposite because of what you are trying to do.

Local preference is applied to inbound routes to manipulate outbound traffic ie. you can't tell another AS what local preference it should use.

AS path prepending is doing the opposite, you apply it to outbound routes to influence traffic inbound to your AS.

Jon

Flavio Miranda · ‎06-10-2022

Hi

Basic what you need to consider is which kind of traffic you want o influence. I mean, AS prepend aim to influence how the traffic comes to you, so you apply inbound.

Local preference has to be set inbound on routes being received to influence the outbound routing behaviour.

Jon Marshall · ‎06-10-2022

Just so we don't confuse the OP you don't apply AS path prepending inbound, you apply it to outbound routes to influence inbound traffic.

Jon

MHM Cisco World · ‎06-10-2022

OK,
first weight don't have OUT it have only IN
second

Prefix->IN route-map -> Router BGP best path -> OUT route-map ->Other Router

if you want to make effect in your router then you use IN route-map
match prefix and set LP or AS-Path Prepend (this point for AS-path prepend It rear why?
because we usually use AS-Path Prepend using our AS BUT if router see it AS in AS-Path it will drop the prefix "loop prevent")

if you want to make effect in other router "Neighbor" you use OUT route-map.

MHM Cisco World · ‎06-10-2022

One More thing I want to ADD
for example LP

I have one EBGP-R3 and two IBGP router R1 & R2
between IBGP I can use LP IN/OUT "as I mention above in my comment"
but
between EBGP-R3 and R1 & R2 I ALWAYS use IN Why??
because there are some attribute available in BGP update between IBGP BUT it missing in BGP update between EBGP.
and that make EBGP-R3 can not use LP OUT.

Giuseppe Larosa · ‎06-12-2022

Hello @36223 ,

you need to think what each BGP attribute means

Local preference is a non transitive attribute that is propagated within a single AS, so we set local preference inbound by rising it from default value 100 to a greater value for selected received prefixes to make the router the preferred exit point for traffic destined to those received prefixes.

On the other hand AS path prepending of your own AS number is a way to attempt to influence / create a hierarchy on incoming traffic destined to advertised prefixes, so they are set in selective way on a subset of local prefixes ( or customer prefixes) to not attract incoming / return traffic. Prepended advertisements look like to have a longer AS path attribute and so they should become less preferred. However, this is not deterministic because there is no guarantee that the non prepended version of the adversiment will reach the remote AS ( ISPs can play on this). For this reason prepending is to be considered an attempt with good probabilty to achieve some form or control on incoming traffic.

>> But when would you use the opposite direction for each case?

Never see explanation above and @Jon Marshall 's posts.

Hope to help

Giuseppe

MHM Cisco World · ‎06-12-2022

..

Giuseppe Larosa · ‎06-12-2022

Hello @MHM Cisco World ,

that blog space is managed by a world wide well known Instructor Ivan Pepelnjack that wrote a few posts here in CSC many years ago and he hosts articles from Nicola Modena that was my colleague at Cypress Consulting. ( Modena is CCIE R/S and JNCIE SP)

I don't know what the OP of this thread knowledge level is, so my answer "never" is actually an answer for him/her to avoid to confuse him/her.

You have a CCIE level knowledge and you are able to understand the potential of information contained in the link you have posted. This is a public forum with much more visibility then ipspace blog. Int these times I would consider carefully the security issues that are hidden in that article.

Hope to help

Giuseppe

MHM Cisco World · ‎06-13-2022

Hi @Giuseppe Larosa
if I am good that because you and some other expert, I learn many advance thing from Your.
Thanks A Lot, Your reply always professional.

for link I use MacBook and there is no antivirus, do you think that I need one? I see Apple is second after Linux in security and that why I don't have any antivirus.

Giuseppe Larosa · ‎06-14-2022

Hello @MHM Cisco World ,

>> or link I use MacBook and there is no antivirus, do you think that I need one?

I apologize if I was not clear I'm not discussing the security of ipspace blog website, however I would recommend you to install an antivirus on your MAcbook as they are not exempted from security isses.

Hope to help

Giuseppe