Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1637
Views
0
Helpful
6
Replies

How do I isolate a connected network from being advertised in BGP?

kevin-welch
Level 1
Level 1

‎04-11-2012 01:30 PM - edited ‎03-04-2019 03:59 PM

I am setting up a Point to Point VPN and using a public IP address on one of the interfaces on our LAN router, which is using BGP for the MPLS connections. The Network this Public address is from is located on our Border router, out side of the firewall. The problem I'm having is that the BGP on the LAN router is advertising the Public network to the inside and causing routing conflicts. I know BGP is not like EIGRP, but is there any way to set an interface to Passive, like in EIGRP, so the network is not advertised? I know I can do this in EIGRP because I've done it before. I have read just about everything I could find on the Cisco site about it and found nothing. Is there some other way I'm not seeing to achieve the same result of hiding this Public network from BGP?

Thank you.

Labels:
0 Helpful
6 Replies 6

Richard Burts
Hall of Fame
Hall of Fame

‎04-11-2012 01:51 PM

Kevin

There is not any command in BGP equivalent to the passive-interface command in EIGRP, And there is no need for such a command in BGP because BGP works very differently from EIGRP in what it does with the network command.

In EIGRP the routing protocol process looks at the network command and looks for interfaces that match the network command and includes them in the routing process activity. And the passive-interface command is the way to say that even though the interfaces matches that it should not be active in the routing protocol.

BGP does not do this. BGP does not look at or select interfaces. What BGP does with the network command is to look in the routing table and if it finds a network in the routing table that matches the network command then BGP advertises the network.

So it seems to me that there is a simple solution for your issue. If you do not want BGP to advertise that network then remove the network command under BGP for that network.

HTH

Rick

HTH

Rick
0 Helpful

Vasileios Bouloukos MSc, ITIL, CCIE
Level 3
Level 3

‎04-11-2012 02:54 PM

Hi Kevin,

Your topology is not very clear to me.

Do you have any redistribution from BGP to your LAN IGP protocol? In this case you could filter this subnet and not redistribute it to the IGP protocol. This can easily be configured with a route map.

Do you redistribute connected subnets (including this with the public ip) to BGP? If yes, this subnet can be removed again by applying a route map to the redistribution of connected to BGP.

Otherwise you can just remove the BGP  network statement as Richard recommended.

Hope that helps.

Vasilis

0 Helpful

Jeff Van Houten
Level 5
Level 5

‎04-11-2012 08:14 PM

You can use a route-map on the border router to control which addresses are distributed to the internal network.

Sent from Cisco Technical Support iPad App

0 Helpful

kevin-welch
Level 1
Level 1

‎04-12-2012 08:29 AM

Thank you for all the responses to my question, Let me add in some additional information. I do not have the Network for this subnet defined in the BGP table. I do have a redistribute static and a redistribute connected for advertising of the other networks. I just need to isolate the particular subnet from being advertised. I'm  thinking that applying a route map to the redistribution of connected in the BGP statements, as Vasilis suggested, is going to be the way to hopefully fix this.

Thank you

0 Helpful

Richard Burts
Hall of Fame
Hall of Fame
In response to kevin-welch

‎04-12-2012 08:32 AM

Kevin

If you have redistribute connected to get the routes into BGP then a route map to control the redistribution would probably be the optimum solution.

HTH

Rick

HTH

Rick
0 Helpful

Vasileios Bouloukos MSc, ITIL, CCIE
Level 3
Level 3

‎04-13-2012 02:01 AM

Hi Kevin,

I am happy that my post helped you.

You can apply the next configuration to filter the particular subnets to be redistributed to BGP.

router bgp AS

redistribute static route-map static-to-bgp

redistribute connected route-map connected-to-bgp

....

route-map static-to-bgp  deny 10

match ip address prefix-list Public-S-block

route-map static-to-bgp  permit 999

route-map connected-to-bgp  deny 10

match ip address prefix-list Public-C-block

route-map connected-to-bgp permit 999

ip prefix-list Public-S-block permit Public_IPs/XX

ip prefix-list Public-C-block permit Public_IPs/XX 

Please rate the helpful posts!

Regards,

Vasilis

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card