05-15-2024 10:22 AM
This is a odd setup ISP supposed connect to same router ISP
No OSPF and static router
R1
interface Loopback0
ip address 1.1.1.1 255.255.255.255
!
interface Ethernet0/0
ip address 192.168.1.2 255.255.255.252
duplex auto
bfd interval 50 min_rx 50 multiplier 5
!
interface Ethernet0/1
ip address 172.16.1.1 255.255.255.252
duplex auto
!
interface Ethernet0/2
no ip address
shutdown
duplex auto
!
interface Ethernet0/3
ip address 172.16.10.1 255.255.255.248
standby 1 ip 172.16.10.3
standby 1 priority 105
standby 1 preempt
standby 1 track 1 decrement 20
duplex auto
!
router bgp 200
bgp router-id 1.1.1.1
bgp log-neighbor-changes
neighbor 2.2.2.2 remote-as 200
neighbor 2.2.2.2 update-source Loopback0
neighbor 192.168.1.1 remote-as 100
neighbor 192.168.1.1 fall-over bfd
!
address-family ipv4
network 1.1.1.1 mask 255.255.255.255
network 100.100.0.0 mask 255.255.0.0
network 172.16.10.0 mask 255.255.255.0
neighbor 2.2.2.2 activate
neighbor 2.2.2.2 next-hop-self
neighbor 2.2.2.2 soft-reconfiguration inbound
neighbor 192.168.1.1 activate
neighbor 192.168.1.1 soft-reconfiguration inbound
neighbor 192.168.1.1 route-map to-in-route-map in
neighbor 192.168.1.1 route-map to-out-route-map out
exit-address-family
!
no ip http server
no ip http secure-server
ip route 2.2.2.2 255.255.255.255 172.16.1.2
ip route 100.100.0.0 255.255.0.0 Null0
ip route 172.16.10.0 255.255.255.0 Null0
!
!
ip prefix-list to-out-prefix seq 10 permit 245.45.24.0/24
ip prefix-list to-out-prefix seq 20 permit 37.23.65.87/32
ip prefix-list to-out-prefix seq 30 permit 100.100.0.0/16
ipv6 ioam timestamp
!
route-map to-in-route-map permit 10
set local-preference 200
!
route-map to-out-route-map permit 10
match ip address prefix-list to-out-prefix
!
route-map to-out-route-map permit 20
***************************************************************************************************************
*************************************************************************************************************
R2
interface Loopback0
ip address 2.2.2.2 255.255.255.255
!
interface Ethernet0/0
ip address 192.168.1.66 255.255.255.252
duplex auto
!
interface Ethernet0/1
ip address 172.16.1.2 255.255.255.252
duplex auto
!
interface Ethernet0/2
no ip address
shutdown
duplex auto
!
interface Ethernet0/3
ip address 172.16.10.2 255.255.255.248
standby 1 ip 172.16.10.3
standby 1 preempt
duplex auto
!
router bgp 200
bgp router-id 2.2.2.2
bgp log-neighbor-changes
neighbor 1.1.1.1 remote-as 200
neighbor 192.168.1.65 remote-as 100
!
address-family ipv4
network 2.2.2.2 mask 255.255.255.255
network 100.100.0.0 mask 255.255.0.0
network 172.16.10.0 mask 255.255.255.0
neighbor 1.1.1.1 activate
neighbor 1.1.1.1 next-hop-self
neighbor 1.1.1.1 soft-reconfiguration inbound
neighbor 192.168.1.65 activate
neighbor 192.168.1.65 soft-reconfiguration inbound
neighbor 192.168.1.65 route-map to-out-route-map out
exit-address-family
no ip http server
no ip http secure-server
ip route 1.1.1.1 255.255.255.255 172.16.1.1
ip route 100.100.0.0 255.255.0.0 Null0
ip route 172.16.10.0 255.255.255.0 Null0
!
!
ip prefix-list to-out-prefix seq 10 permit 245.45.24.0/24
ip prefix-list to-out-prefix seq 20 permit 37.23.65.87/32
ip prefix-list to-out-prefix seq 30 permit 100.100.0.0/16
!
ip prefix-list to-out-prepend seq 5 permit 100.100.0.0/16
ip prefix-list to-out-prepend seq 10 permit 1.1.1.1/32
ip prefix-list to-out-prepend seq 15 permit 2.2.2.2/32
ip prefix-list to-out-prepend seq 20 permit 172.16.10.0/24
ipv6 ioam timestamp
!
route-map to-out-route-map permit 10
match ip address prefix-list to-out-prepend
set as-path prepend 200 200 200
!
route-map to-out-route-map permit 20
match ip address prefix-list to-out-prefix
!
route-map to-out-route-map permit 30
************************************************************************************************************
************************************************************************************************************
ISP
bgp log-neighbor-changes
neighbor 192.168.1.2 remote-as 200
neighbor 192.168.1.2 fall-over bfd
neighbor 192.168.1.66 remote-as 200
neighbor 192.168.10.2 remote-as 100
!
address-family ipv4
network 3.3.3.3 mask 255.255.255.255
network 30.30.0.0 mask 255.255.0.0
neighbor 192.168.1.2 activate
neighbor 192.168.1.2 default-originate
neighbor 192.168.1.2 soft-reconfiguration inbound
neighbor 192.168.1.66 activate
neighbor 192.168.1.66 default-originate
neighbor 192.168.1.66 soft-reconfiguration inbound
neighbor 192.168.10.2 activate
neighbor 192.168.10.2 next-hop-self
neighbor 192.168.10.2 soft-reconfiguration inbound
exit-address-family
!
05-15-2024 11:50 AM
Hello @DellBananaALK
Configurations seem to be good.
Using the Null0 interface for route summarization is good... However, be cautious with using it for the whole subnet '172.16.10.0/24'. It might be better to use a more specific route to avoid accidentally blackholing legitimate traffic.
05-15-2024 01:06 PM
I'm looking for best practices and any recommendation to or changes ?
05-15-2024 01:30 PM
I see your topolgy but I dont know where is LO connect abd prefix.
Also how you use bgp multihop and fall over bfd? Yoh need bfd multihop
MHM
05-15-2024 01:39 PM
ISP is not far, it's very close by and I think less few miles or walking distance
It's safe to use
I added the second route-map and add permit and made it blank so it allow everything doesn't make any changes so much it's allowing everything
Question was route-map with access-list you don't need a second route-map to allow?
it's different from prefix-list
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide