static to bgp redistribution issue - Page 2

Vinayaka Raman · ‎08-25-2012

Hello All,

I had a problem this morning and need your suggestion. We had a limited window so could not extend the troublesooting

router bgp 65457

no synchronization

bgp log-neighbor-changes

network 10.52.232.248 mask 255.255.255.248

aggregate-address 10.52.232.0 255.255.248.0 summary-only

redistribute static

neighbor 147.225.59.241 remote-as 65000

neighbor 147.225.59.241 route-map increase_weight in

default-metric 100000

no auto-summary

show run | s ip route

ip route 10.50.252.0 255.255.255.0 10.52.237.250 21

ip route 10.52.236.0 255.255.252.0 10.52.232.58

ip route 192.168.235.251 255.255.255.255 10.52.237.250

route-map increase_weight, permit, sequence 10

Match clauses:

ip address (access-lists): 10

Set clauses:

weight 40000

Policy routing matches: 0 packets, 0 bytes

route-map increase_weight, permit, sequence 20

Match clauses:

Set clauses:

Policy routing matches: 0 packets, 0 bytes

show access-lists 10

Standard IP access list 10

10 permit 10.50.252.0, wildcard bits 0.0.0.255 (5248 matches)

show ip bgp 10.50.252.0

BGP routing table entry for 10.50.252.0/24, version 781545

Paths: (1 available, best #1, table Default-IP-Routing-Table)

Not advertised to any peer

65000 65000, (aggregated by 65457 10.50.252.254)

147.225.59.241 from 147.225.59.241 (159.24.197.199)

Origin IGP, localpref 100, weight 40000, valid, external, atomic-aggregate, best

show ip route 10.50.252.0

Routing entry for 10.50.252.0/24

Known via "bgp 65457", distance 20, metric 0

Tag 65000, type external

Advertised by bgp 65457 (self originated)

Last update from 147.225.59.241 01:51:08 ago

Routing Descriptor Blocks:

* 147.225.59.241, from 147.225.59.241, 01:51:08 ago

Route metric is 0, traffic share count is 1

AS Hops 2

Route tag 65000

10.50.252.0/24 is the prefix advertsied by remote site A

We want CR1 (in data center) to advertise 10.50.252.0/24 as soon as remote site MPLS goes down.

So we increased the weight by calling in bound route-map on CR1, so that CR1 learns this from its

ebgp peer(as long as the remote site MPLS is up). When remote site MPLS is down, we found that the route

is not advertised to any peer.

unfortunately, i lost the show ip bgp 10.50.252.0/24 on cr1 when remote site MPLS was down. there was

a route with weight 32768 but "not advertised to peer) not sure why

Regards Vinayak

Vinayaka Raman · ‎09-07-2012

Thank you both

I would prefer doing it this way:

1. On remote site, I will prepend out the back up prefix with local as 5 times. I do not have any other bgp prefix with as path : 65000 65000 65000 65000 65000 in my current bgp table. Keeping in mind that 65457 will be rewritten as 65000 due to as override.

2. On HQ, I match this as-path using inbound route-map (via as-path acl) and set weight to 40,000 which is better than my locally sourced route.

In this way, I distinguish primary and backup route. Am I in the right track??

Regards Vinayak

milan.kulik · ‎09-07-2012

Hi,

no, you are assigning weight 40 000 to all prefixes with IP address=10.50.252.0/24 already.

So in the step 2. you need to match the prefix IP address=10.50.252.0/24 and AS_PATH=^65000 65000$ and deny such a prefix.

HTH,

Milan

Vinayaka Raman · ‎09-07-2012

route-map test, deny, sequence 10

Match clauses:

ip address (access-lists): 10 ------------------------- access-list 10 permit 10.50.252.0/24

Ip as-path ACL 10---------------------Ip as path acl 10 permit 65000 65000

route-map test, permit, sequence 20

Match clauses:

ip address (access-lists): 10 -------------------------access-list 10 permit 10.50.252.0/24

ip as path ACL 20--------------- ip as-path acl 20 permit 65000 65000 65000 65000 65000

Set weight: 40000

route-map test, permit, sequence 30

Match clauses:

Set clauses:

Policy routing matches: 0 packets, 0 bytes

Regards Vinayak

milan.kulik · ‎09-07-2012

Hi,

just be sure Ip as path acl 10 to permit ^65000 65000$ only.

Otherwise it could match also 65000 65000 65000 65000 65000 and the route-map would not work properly.

Or it might be worth to swap sequence 10 and 20 in your route-map?

BR,

Milan

milan.kulik · ‎09-07-2012

Hi Giuseppe,

why do you think that "... the PE node behaviour is not correct even if configured with AS override it should not reflect back the route"?

Thanks,

Milan

paul.capusneanu · ‎09-04-2012

Hi Vinayaka,

I notice you used the 'as soon" expresion in your explanation therefore I would recommend using the ip sla feature from Cisco to track the remote site reachability and insert a floating static route in case it times out.

ip sla monitor 1

type echo protocol ipIcmpEcho 1.1.1.1 source-ipaddr 2.2.2.2

timeout 3000

threshold 2000

frequency 5

!

ip sla schedule 1 life forever start-time now

!

track 1 rtr 1 reachability

For this you need to create an ip sla monitor,schedule, track it, as you can see above and change the static route to

ip route 10.50.252.0 255.255.255.0 10.52.237.250 21 track 1

You will not need a route-map to set any BGP attribute and the timers for ip sla will be at your disposal to change for your environment.

Take care,

PaulC