Solved: Re: Suppress and Unsuppress

Roel Reyes · ‎08-29-2017

Hi all,

i found a site regarding aggregating routes,

R3(config-router)# aggregate-address 172.16.0.0 255.255.248.0 as-set

R4# show ip bgp
BGP table version is 12, local router ID is 10.0.0.10
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
          r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

Network          Next Hop            Metric LocPrf Weight Path
*> 172.16.0.0/24    10.0.0.9                               0 30 10 ?
*> 172.16.0.0/21    10.0.0.9                 0             0 30 {10,20} ?
*> 172.16.1.0/24    10.0.0.9                               0 30 10 ?
*> 172.16.2.0/24    10.0.0.9                               0 30 10 ?
*> 172.16.3.0/24    10.0.0.9                               0 30 10 ?
*> 172.16.4.0/24    10.0.0.9                               0 30 20 ?
*> 172.16.5.0/24    10.0.0.9                               0 30 20 ?
*> 172.16.6.0/24    10.0.0.9                               0 30 20 ?
*> 172.16.7.0/24    10.0.0.9                               0 30 20 ?

We can see /21 prefix, result from the first config made.

Then

R3(config)# ip access-list standard Suppressed_Routes
R3(config-std-nacl)# permit 172.16.0.0 0.0.3.255
R3(config-std-nacl)# permit 172.16.6.0 0.0.1.255

R3(config)# route-map MySuppressMap
R3(config-route-map)# match ip address Suppressed_Routes

R3(config-router)# aggregate-address 172.16.0.0 255.255.248.0 as-set suppress-map
 MySuppressMap

R4# show ip bgp

Network          Next Hop            Metric LocPrf Weight Path
*> 172.16.0.0/21    10.0.0.9                 0             0 30 {10,20} ?
*> 172.16.4.0/24    10.0.0.9                               0 30 20 ?
*> 172.16.5.0/24    10.0.0.9                               0 30 20 ?

My question is,

what if my config is

aggregate-address 172.16.0.0 255.255.248.0 summary-only as-set

then apply unsuppress on neighbor

neighbor 192.168.1.1 remote-as 20 unsuppress-map UNSUPPRESS

ip access-list standard UNSUPPRESS 
    permit 172.16.4.0 0.0.0.255
    permit 172.16.5.0 0.0.0.255
route-map UNSUPPRESS permit 10 
match ip address UNSUPPRESS

it will yield same result right?

Peter Paluch · ‎08-30-2017

Hi Roel,

My question is,

what if my config is

aggregate-address 172.16.0.0 255.255.248.0 summary-only as-set

then apply unsuppress on neighbor

neighbor 192.168.1.1 remote-as 20 unsuppress-map UNSUPPRESS

ip access-list standard UNSUPPRESS 
    permit 172.16.4.0 0.0.0.255
    permit 172.16.5.0 0.0.0.255
route-map UNSUPPRESS permit 10 
match ip address UNSUPPRESS

it will yield same result right?

Yes, that is correct. The result will be the same - the neighbor will learn the aggregate 172.16.0.0/21 as well as 172.16.4.0/24 and 172.16.5.0/24.

Just as a matter of personal choice, whenever dealing with routes, I prefer using prefix-lists instead of ACLs whenever possible and allowed by the syntax. While ACLs are kind-of-okay, they sometimes have unintuitive behavior when it comes to their application to filter the contents of routing information instead of packet flows. Prefix-lists are much cleaner in this aspect.

Best regards,
Peter

View solution in original post

Peter Paluch · ‎08-30-2017

Hi Roel,

My question is,

what if my config is

aggregate-address 172.16.0.0 255.255.248.0 summary-only as-set

then apply unsuppress on neighbor

neighbor 192.168.1.1 remote-as 20 unsuppress-map UNSUPPRESS

ip access-list standard UNSUPPRESS 
    permit 172.16.4.0 0.0.0.255
    permit 172.16.5.0 0.0.0.255
route-map UNSUPPRESS permit 10 
match ip address UNSUPPRESS

it will yield same result right?

Yes, that is correct. The result will be the same - the neighbor will learn the aggregate 172.16.0.0/21 as well as 172.16.4.0/24 and 172.16.5.0/24.

Just as a matter of personal choice, whenever dealing with routes, I prefer using prefix-lists instead of ACLs whenever possible and allowed by the syntax. While ACLs are kind-of-okay, they sometimes have unintuitive behavior when it comes to their application to filter the contents of routing information instead of packet flows. Prefix-lists are much cleaner in this aspect.

Best regards,
Peter

Roel Reyes · ‎08-31-2017

Thanks Sir!