cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
51
Views
0
Helpful
2
Replies
Highlighted
Beginner

BGP with few subnets

Hi team!

I have a question: Now i have my own AS with /22 mask and here is example configuration (with other IPs):

R1:

router bgp 100
bgp log-neighbor-changes
network 150.0.0.0 mask 255.255.252.0 - this pool for ISP
network 150.0.0.0 mask 255.255.255.0 - this pool for DDOS recovery GRE tunnel
neighbor 10.0.0.2 remote-as 100 - iBGP
neighbor 30.0.0.2 remote-as 200 - eBGP
neighbor 30.0.0.2 route-map ISP1_IN in
neighbor 30.0.0.2 route-map ISP1_OUT out

route-map ISP1_IN permit 10
match ip address prefix-list ISP1_IN
set local-preference 300


route-map ISP1_OUT permit 10
match ip address prefix-list ISP1_OUT
set community 100:200


ip prefix-list ISP1_IN seq 5 permit 0.0.0.0/0
ip prefix-list ISP1_OUT seq 5 permit 150.0.0.0/22

R2:

router bgp 100
bgp log-neighbor-changes
network 150.0.0.0 mask 255.255.252.0 
network 150.0.0.0 mask 255.255.255.0 
neighbor 10.0.0.2 remote-as 100
neighbor 30.0.0.2 remote-as 200 
neighbor 30.0.0.2 route-map ISP2_IN in
neighbor 30.0.0.2 route-map ISP2_OUT out

route-map ISP2_IN permit 10
match ip address prefix-list ISP2_IN


route-map ISP2_OUT permit 10
match ip address prefix-list ISP2_OUT
set as-path prepend 100 100


ip prefix-list ISP2_IN seq 5 permit 0.0.0.0/0
ip prefix-list ISP2_OUT seq 5 permit 150.0.0.0/22

Question: what can you say about this configuration? i mean is it normal solution for this situation?

Moreover, when i make "set community (for example) 100:200" at R1  in route-map ISP1_OUT and delete "set as-path prepend 100 100" from R2  route-map ISP2_OUT - > this community makes the  ISP2 more prefer but any IPs from network  150.0.0.0 makes unreachable. Question" why and how?

2 REPLIES 2
Highlighted
VIP Mentor

Hello

when i make "set community (for example) 100:200" at R1  in route-map ISP1_OUT and delete "set as-path prepend 100 100" from R2  route-map ISP2_OUT - > this community makes the  ISP2 more prefer

Not sure i understand here , prefer for what ?- As-prepending would affect incoming traffic towards your 150.x.x.x/22 network.so when you remove the pre-prepending, which by the way is a higher path attribute (PA) than community PA in the bgp path selection process

Then the route path selection would be down to what/how the ISP's are advertising your network based on whatever (if any) PA they receive for your 150x.x.x/22 

but any IPs from network  150.0.0.0 makes unreachable. Question" why and how?

You saying from within your network (150.0.0./22) you cannot access anything off site-  I see you are using LP to prefer ISP1  as your egress path - How is this being propagated to your Lan and does this just happen when you remove the pre-pending?

res
Paul



kind regards
Paul

Please rate and mark posts accordingly if you have found any of the information provided useful.
It will hopefully assist others with similar issues in the future
Highlighted

HI Paul,

Issue solved!

Thank you for response!