Hi Paul,

danimelocoton · ‎01-02-2017

Hi colleagues,

Last Saturday we had a problem in our network and a router reloads, due to power faulty at rack and reboots. All networks configured in a subinterface administratively down, began to be advertised through BGP.

The networks announced seems to be connected even if the subinterface was in shutdown. ¿It has sense?. ¿It's a kind of bug?:

We solved the problem by deleting the subinterface with "no int gi0/1.2" command. Only networks with the networks stament and really connected were advertised, as we expected.

As you will see in the config, no network statement was configured for those networks configured in the subinterface. Only "redistributed connected" and the interface was admnistratively down. What's wrong ?.

show ver
Cisco IOS Software, 3800 Software (C3845-SPSERVICESK9-M), Version 12.4(24)T7, RELEASE SOFTWARE (fc2)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2012 by Cisco Systems, Inc.
Compiled Tue 28-Feb-12 12:11 by prod_rel_team

ROM: System Bootstrap, Version 12.4(13r)T11, RELEASE SOFTWARE (fc1)

ROUTER uptime is 2 days, 3 hours, 21 minutes
System returned to ROM by power-on
System restarted at 09:44:06 CET Sat Dec 31 2016
System image file is "flash:c3845-spservicesk9-mz.124-24.T7.bin"

This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to c.omply with U.S. and local laws, return this product immediately.

A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html

If you require further assistance please contact us by sending email to
export@cisco.com

Cisco 3845 (revision 1.0) with 1011711K/36864K bytes of memory.
Processor board ID FCZ13207063
2 Gigabit Ethernet interfaces
DRAM configuration is 64 bits wide with parity enabled.
479K bytes of NVRAM.
62720K bytes of ATA System CompactFlash (Read/Write)

Configuration register is 0x2102

sho ip int brief
Interface IP-Address OK? Method Status Protocol
GigabitEthernet0/0 unassigned YES NVRAM up up
GigabitEthernet0/0.xxxx 10.110.11.86 YES NVRAM up up
GigabitEthernet0/1 unassigned YES NVRAM up up
GigabitEthernet0/1.1 172.17.128.1 YES NVRAM administratively down down

show ip route 172.17.10.6
Routing entry for 172.17.8.0/22
Known via "connected", distance 0, metric 0 (connected, via interface)
Redistributing via bgp 65001
Advertised by bgp 65001
Routing Descriptor Blocks:
* directly connected, via GigabitEthernet0/1.2
Route metric is 0, traffic share count is 1

interface GigabitEthernet0/1.2

encapsulation dot1Q 2
ip address 172.17.8.1 255.255.252.0 secondary
ip address 172.17.12.1 255.255.252.0 secondary
ip address 172.17.24.1 255.255.248.0 secondary
ip address 172.17.16.1 255.255.252.0 secondary
i
ip access-group 100 in

ip flow ingress
shutdown
no cdp enable
arp timeout 300
service-policy input MODELADOR_QoS_IN
end

router bgp 65001
bgp router-id 10.110.11.86
bgp log-neighbor-changes
neighbor 10.110.11.81 remote-as 49565
neighbor 10.110.11.81 timers 60 180
neighbor 10.110.11.82 remote-as 49565
neighbor 10.110.11.82 timers 60 180
!
address-family ipv4
redistribute connected
redistribute static
neighbor 10.110.11.81 activate
neighbor 10.110.11.81 send-community
neighbor 10.110.11.81 soft-reconfiguration inbound
neighbor 10.110.11.81 route-map RCVD in
neighbor 10.110.11.81 route-map SENT out
neighbor 10.110.11.82 activate
neighbor 10.110.11.82 send-community
neighbor 10.110.11.82 soft-reconfiguration inbound
neighbor 10.110.11.82 route-map RCVD in
neighbor 10.110.11.82 route-map SENT out
no auto-summary
no synchronization
network 172.17.128.0 mask 255.255.252.0
network 172.17.136.0 mask 255.255.252.0
network 172.17.140.0 mask 255.255.252.0
aggregate-address 100.65.142.0 255.255.254.0 summary-only
exit-address-family

e.ciollaro · ‎01-03-2017

Hi danimelocoton

I have made a little test using GNS3 and it seems me that everything goes as expected:

R1(config-subif)#do sh run | s 0/1|0/1.1
interface FastEthernet0/1
no ip address
duplex auto
speed auto
interface FastEthernet0/1.1
encapsulation dot1Q 101
ip address 172.16.101.1 255.255.255.0

R1(config-subif)#do sh ip int br
Interface                  IP-Address      OK? Method Status                Protocol
FastEthernet0/0            192.168.12.1    YES NVRAM up                    up
FastEthernet0/1            unassigned      YES manual up                    up
FastEthernet0/1.1          172.16.101.1    YES manual up                    up
FastEthernet1/0            unassigned      YES NVRAM administratively down down
NVI0                       unassigned      NO unset up                    up
Loopback0                  10.1.1.1        YES NVRAM up                    up
Loopback1                  10.11.11.11     YES NVRAM up                    up

R1(config-subif)#do sh run | s ter bgp
router bgp 65001
no bgp default ipv4-unicast
bgp log-neighbor-changes
neighbor 192.168.12.2 remote-as 65002
!
address-family ipv4
redistribute connected
neighbor 192.168.12.2 activate
no auto-summary
no synchronization
exit-address-family

R1(config-subif)#do sh ip bgp nei 192.168.12.2 adv
BGP table version is 26, local router ID is 10.11.11.11
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*> 10.1.1.0/24      0.0.0.0                  0         32768 ?
*> 10.11.11.0/24    0.0.0.0                  0         32768 ?
*> 172.16.101.0/24 0.0.0.0                  0         32768 ?
*> 192.168.12.0     0.0.0.0                  0         32768 ?

Total number of prefixes 4

R1(config-subif)#sh
R1(config-subif)#do sh ip bgp nei 192.168.12.2 adv
BGP table version is 29, local router ID is 10.11.11.11
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*> 10.1.1.0/24      0.0.0.0                  0         32768 ?
*> 10.11.11.0/24    0.0.0.0                  0         32768 ?
*> 192.168.12.0     0.0.0.0                  0         32768 ?

Total number of prefixes 3
R1(config-subif)#

Could you post a sh run int full of physical and logical interf ?

Bye,

enrico

danimelocoton · ‎01-03-2017

Thanks for your reply Enrico. That's the point, network connected is redistributed correctly as you tested .

Now it's not possible to do anything in that subinterface, because we deleted it. Attached in my first post you can see info related to status and protocol for the interface Gi0/1.2....and was forced down. You can see running config for interface Gi0/1.2 too after reboot.

So, no network belonging to that interface should be advertised in BGP...¿Correct?

Bug?.

paul driver · ‎01-03-2017

Hello

Are your referring to a different interface?

GigabitEthernet0/1 unassigned YES NVRAM up up
GigabitEthernet0/1.1 172.17.128.1 YES NVRAM administratively down down

show ip route 172.17.10.6
Routing entry for 172.17.8.0/22
Known via "connected", distance 0, metric 0 (connected, via interface)
Redistributing via bgp 65001
Advertised by bgp 65001
Routing Descriptor Blocks:
* directly connected, via GigabitEthernet0/1.2
Route metric is 0, traffic share count is 1

interface GigabitEthernet0/1.2

res
Paul

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

danimelocoton · ‎01-03-2017

Hi Paul,

Sorry, I didnt copy all show ip int brief command result. This is what I saw:

sho ip int brief
Interface IP-Address OK? Method Status Protocol
GigabitEthernet0/0 unassigned YES NVRAM up up
GigabitEthernet0/0.2032 10.110.11.86 YES NVRAM up up
GigabitEthernet0/1 unassigned YES NVRAM up up
GigabitEthernet0/1.1 172.17.128.1 YES NVRAM administratively down down
GigabitEthernet0/1.2 100.64.236.1 YES NVRAM administratively down down

No, I thought I was becoming crazy when I saw it.. .. Gi01/.2 was down, and shows "Directly Connected" and networks configured in that subinterface were advertised throuhg BGP (due to redistributed connected statement).

paul driver · ‎01-03-2017

Hello
Are these shutdown interfaces on the adverting router or just connected to the advertising router, If the latter then the prefixes would still be advertised.
However if this is on the adverting router then the prefixes should NOT be advertised.

Do you have bgp soft reconfiguration inbound enabled or route refresh or both?
Did you do a soft clear of the bgp rib for the stored prefixes before deleting the sub-interface?

clear ip bgp * soft

res
Paul

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Should Router running BGP and redistributed connected advertise networks when subinterfaces is in shutdown?