Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
453
Views
0
Helpful
2
Replies

eBGP Selective Route Advertisement

Devlin Thornicroft
Level 1
Level 1

‎09-04-2013 10:40 PM - edited ‎03-04-2019 08:57 PM

Hi all

I was wondering if anyone has successfully done something like this, if so, how? It could be that it's dead easy but I'm clearly missing the obvious.

To try describe it as simple as I can I have the following scenario:

<172.16.0.0/16 CORPORATE NETWORK>

                              |

                    ROUTER PE1

                              |

                    ROUTER CE1

                              |

                  <LAYER 3 VPN>

                              |

        BRANCH SITE CE2 (approx 200)

PE1, CE1 and all branch sites (CE2) are all under our administrative control and all derive their IP addressing from the 172.16.0.0/16 address space. The L3 VPN is a service we have bought from our ISP.

Now, between PE1 and CE1 is an eBGP connection. PE1 advertises the entire 172.16.0.0/16 network with all the individual prefixes (approx 1000) to CE1. All good so far. CE1 has an eBGP connection to the ISPs L3 VPN. This VPN is restricted, for budgetary reasons, to accept no more than 500 IP prefixes. The branch sites also have an eBGP connection into the L3 VPN and advertise the LAN /27 into the VPN.

My question is this:

At CE1 is there a simple way with BGP to achieve the following:

- Advertise only the 172.16.0.0/16 summary into the cloud thus not overwhelming the 500 IP prefix limit

- Advertise all individual branch (CE2) prefixes into the corporate network via PE2, in other words, not apply any summarisation going up

If I go for the 'aggregate address x.x.x.x summary-only' arguement on CE1, it will suppress all the individual routes both ways and thus won't advertise the individual branch IP prefixes to PE1. This way we wouldn't see any of the individual branch prefixes in the corporate routing table.

I was looking at the 'un-suppress' feature of BGP to maybe 'free up' the branch routes, but the migration strategy would mean I'd need to be constantly be amending the config to allow each site through as it comes online.

Any thoughts?

Thank you

Labels:
0 Helpful
2 Replies 2

Dmytro Skotnikov
Level 1
Level 1

‎09-05-2013 12:04 AM

Hello Devlin,

You can setup a prefix-list filter toward ISP's BGP neighbor and allows only /16 prefix to move out. In this case there is no need to use aggregation since according to prefix-list it won't allow more specific prefixes.

-- 
Best regards,
Dmitry Skotnikov

-- Best regards, Dmitry Skotnikov
0 Helpful

Devlin Thornicroft
Level 1
Level 1
In response to Dmytro Skotnikov

‎09-05-2013 01:04 AM

Hi Dmytro

Thank you for your advice.

Simple is always best. I will give that a go and hopefully we can close this thread off sucessfully.


Cheers

0 Helpful
Customers Also Viewed These Support Documents