Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1132
Views
10
Helpful
8
Replies

Dynamic Route /32 Redistribution over BGP

Go to solution
mustafa.chapal
Level 1
Level 1

‎11-17-2022 08:14 AM - last edited on ‎11-17-2022 10:41 PM by Community Manager

Hi,

I have a Cisco ASR 1001-X with full-feed BGP from multiple upstreams and a /24 IP pool is advertised to them.

When this peer 1.2.3.61 advertises a /32 route from the same /24 IP pool example 1.2.3.15/32 with community tagged as 65001:666, the annoucement does not propagate to upstreams through redistribution and is visible when I run the command

show ip bgp 1.2.3.15.

The route is only pushed to upstreams when I create a static route ip route 1.2.3.15 255.255.255.255 null0. I do want to add a static route manually as it does not serve the purpose in cases like blackholing for DDoS mitigation.

Please let me know a way in which the /32 route received from peer gets dynamically added to RIB and redistributed to upstreams through

route-map

without having to add a static route pointing towards null.

Also as you can view the BGP config below, auto-summary and synchronization are disabled.

 

 

 

router bgp 12345
 bgp log-neighbor-changes
 bgp bestpath as-path multipath-relax
 neighbor 1.2.3.61 remote-as 12345
 neighbor 1.2.3.61 transport connection-mode active
 neighbor 1.2.3.61 update-source Port-channel1.100
 neighbor 1.2.3.61 version 4
 neighbor 5.6.8.1 remote-as 7890
 neighbor 5.6.8.1 transport connection-mode active
 neighbor 5.6.8.1 update-source GigabitEthernet0/0/1
 neighbor 5.6.8.1 version 4
 neighbor 5.6.7.1 remote-as 7890
 neighbor 5.6.7.1 transport connection-mode active
 neighbor 5.6.7.1 update-source GigabitEthernet0/0/0
 neighbor 5.6.7.1 version 4
 !
 address-family ipv4
  network 1.2.3.0 mask 255.255.255.0
  redistribute static route-map RTBH
  neighbor 1.2.3.61 activate
  neighbor 1.2.3.61 send-community
  neighbor 1.2.3.61 route-reflector-client
  neighbor 1.2.3.61 soft-reconfiguration inbound
  neighbor 1.2.3.61 prefix-list reserved in
  neighbor 1.2.3.61 prefix-list none out
  neighbor 1.2.3.61 maximum-prefix 1500000
  neighbor 5.6.8.1 activate
  neighbor 5.6.8.1 send-community
  neighbor 5.6.8.1 soft-reconfiguration inbound
  neighbor 5.6.8.1 prefix-list reserved in
  neighbor 5.6.8.1 prefix-list SECONDARY out
  neighbor 5.6.8.1 route-map SECONDARY-IN in
  neighbor 5.6.8.1 route-map SECONDARY-OUT out
  neighbor 5.6.8.1 maximum-prefix 1500000
  neighbor 5.6.7.1 activate
  neighbor 5.6.7.1 send-community
  neighbor 5.6.7.1 soft-reconfiguration inbound
  neighbor 5.6.7.1 prefix-list reserved in
  neighbor 5.6.7.1 prefix-list PRIMARY out
  neighbor 5.6.7.1 route-map PRIMARY-IN in
  neighbor 5.6.7.1 route-map PRIMARY-OUT out
  neighbor 5.6.7.1 maximum-prefix 1500000
  maximum-paths 3
 exit-address-family

ip route 1.2.3.0 255.255.255.0 Null0

route-map RTBH permit 1 
 match tag 666
 set local-preference 250
 set origin igp
 set community 7890:0
!
route-map RTBH permit 2 
 match community 65001:666
 set local-preference 250
 set origin igp
 set community 7890:0

 

 

 

1 Accepted Solution

Accepted Solutions

Go to solution
Harold Ritter
Level 12
Level 12
In response to mustafa.chapal

‎11-17-2022 11:11 AM - edited ‎11-17-2022 11:12 AM

Hi @mustafa.chapal ,

This prefix is in "received-only" state, meaning it has been filtered by the inbound prefix-list named "reserved". Can you verify that the prefix-list permits 1.2.3.15/32?

Regards,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

View solution in original post

0 Helpful
8 Replies 8

Go to solution
Harold Ritter
Level 12
Level 12

‎11-17-2022 09:03 AM - last edited on ‎11-17-2022 10:49 PM by Community Manager

Hi @mustafa.chapal ,

You need to check why this prefix is not propagated to the upstream peer. The

show bgp ipv4 uni 1.2.3.15/32

will give you more information on why it is not propagated. You can post the output from that command if you want us to look at it in more details.

Regards,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México
0 Helpful

Go to solution
MHM Cisco World
VIP
VIP
In response to Harold Ritter

‎11-17-2022 10:37 AM

I think @Harold Ritter that this is default behaviour of BGP, 
the router will advertise the Connect prefix (/24) not Local prefix (/32).
and config static route toward null0 can work and can not, where it can lead to blackhole where all traffic to prefix is toward null and drop.

0 Helpful

Go to solution
Harold Ritter
Level 12
Level 12
In response to MHM Cisco World

‎11-17-2022 11:23 AM - edited ‎11-17-2022 11:26 AM

Hi @MHM Cisco World ,

I am not sure what default behaviour you are referring to. If you receive a /32 from a neighbor, it should be taken in consideration, even though the /24 exist locally for the same prefix. The output provided by the original poster shows that the reason for the prefix not being propagated is something else.

Regards,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México
0 Helpful

Go to solution
mustafa.chapal
Level 1
Level 1
In response to Harold Ritter

‎11-17-2022 11:01 AM 

show bgp ipv4 uni 1.2.3.15/32
BGP routing table entry for 1.2.3.15/32, version 0
Paths: (1 available, no best path)
Multipath: eBGP
  Not advertised to any peer
  Refresh Epoch 1
  Local, (Received from a RR-client), (received-only)
    1.2.3.61 from 1.2.3.61 (1.2.3.61)
      Origin incomplete, localpref 100, valid, internal
      Community: 65001:666
      rx pathid: 0, tx pathid: 0
0 Helpful

Go to solution
Harold Ritter
Level 12
Level 12
In response to mustafa.chapal

‎11-17-2022 11:11 AM - edited ‎11-17-2022 11:12 AM

Hi @mustafa.chapal ,

This prefix is in "received-only" state, meaning it has been filtered by the inbound prefix-list named "reserved". Can you verify that the prefix-list permits 1.2.3.15/32?

Regards,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México
0 Helpful

Go to solution
mustafa.chapal
Level 1
Level 1
In response to Harold Ritter

‎11-17-2022 01:44 PM

Hi @Harold Ritter ,

It was not being filtered in the prefix-list reserved but your message helped me figure out the issue.

I changed the local-preference to a higher number 250 and the route changed to received & used therefore getting prioritized and advertised to upstreams.

Thank you for your help

0 Helpful

Go to solution
Shambhu-Kumar
Cisco Employee
Cisco Employee

‎11-17-2022 10:51 AM

If you want to advertise 1.2.3.15/32.  create loopback with 1.2.3.15/32 and advertise it /24 with network command. remove null 0 route.

0 Helpful

Go to solution
mustafa.chapal
Level 1
Level 1

‎11-17-2022 11:06 AM

@MHM Cisco World @Shambhu-Kumar I am aware that this is the default BGP behaviour which is why I am requesting a work around so /32 route can be advertised automatically without needing to create a static route, add network command or assign IP to interface.

Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card