What routes is my BGP speaking router telling it's neighbor about?

BillCismar · ‎09-29-2015

Recently in attempt to verify symetrical routing at our network edge, I was checking to see what routes were being advertised to our ISP's BGP speaking router.
Running the command "sho ip bgp neigh xxx.xxx.xxx.xxx advert" I was greated by a list of our 41 aggregated networks, all in rib-failure.

Now I understand that being in rib-failure will not prevent our BGP speaking router from advertising these aggregated routes, but what I want to know is, how then can I now determine which routes *are* being advertised?

Am I truly left to take it on faith that by setting an aggregate, that it will of course be advertised, even should the route to that network and all its subnets should be lost?

John Blakley · ‎09-29-2015

I don't believe you're going to be able to break that down unless you have access to the summary router. If the routes were aggregated with a summary-only option, that's only going to advertise the summary and nothing specific about the routes contained in there. You will only see the aggregated route on your receiving router which you'll then advertise to your peers.

Summary routes help keep networks from having to converge when a route in the summary goes down. The issue is like you said, when a network behind that summary goes down, then nothing upstream knows it because they still have a summary route (outside of the router that created the summary). The only thing you would really be able to do is to accept the summary with the understanding that a network behind that could go down, and your router will never know upstream. When traffic is sent to the failed network, the advertising router of the summary (with the more specific routes) will know that the network is down since it will be removed from their routing table and have to act accordingly.

HTH,

John

HTH, John *** Please rate all useful posts ***

BillCismar · ‎09-29-2015

Thanks for the reply John,

I understand the point of summary routes, but appreciate your being thorough and helpful to other readers who might not understand them.

I do have access to the summary router, our edge router. I can see which routes it is receiving from its internal neighbor. But I still have nothing to confirm which routes are being shared to our ISP other than to call and ask them to send us a copy of their routers information.

From your answer I am taking it that we have to take it on faith that the aggregates are advertised despite the rib-failures.

Seems to me that if that is so (and I do believe it to be so) then when I run "sho ip bgp xxx.xxx.xxx.xxx" where the specified network is a direct match to the aggregate, I should not receive a reply saying :
"Advertisements suppressed by an aggregate.)"

"Not advertised to any peer"

Because clearly we are advertising it.
Right?

So my root question is, how can we determine what routes we are advertising when our own router is saying we aren't advertising any routes but we know for a fact we are?

John Blakley · ‎09-29-2015

Bill,

Forgive me if I'm telling you something that you already know, but the rib-failure is nothing more than the routing table has a better AD and bgp cannot install its route into the table because of that. Think of a route learned from a bgp host with an AD of 20, but the static route on that same router will have an AD of 1. The static route is preferred and will cause bgp to report a rib-failure for that route.

Seems to me that if that is so (and I do believe it to be so) then when I run "sho ip bgp xxx.xxx.xxx.xxx" where the specified network is a direct match to the aggregate, I should not receive a reply saying :
"Advertisements suppressed by an aggregate.)"

"Not advertised to any peer"

Because clearly we are advertising it.
Right?

You are correct in that if you advertise a summary and suppressing the specific routes, you'll see the specific routes are not advertised:

BGP routing table entry for 3.3.1.0/24, version 7
Paths: (1 available, best #1, table Default-IP-Routing-Table, Advertisements suppressed by an aggregate.)
Not advertised to any peer
Local

But the summary itself is:

R3#sh ip bgp 3.3.0.0/22
BGP routing table entry for 3.3.0.0/22, version 6
Paths: (1 available, best #1, table Default-IP-Routing-Table)
Advertised to update-groups:
1
Local, (aggregated by 3 10.23.0.3)
0.0.0.0 from 0.0.0.0 (10.23.0.3)

You are advertising it by summary. I may not be understanding your question, so let me pose another question. Are you asking, on the summary router, how to see the individual routes that are part of your summary? If so, there's no way possible that I'm aware of outside of looking at your bgp table and filtering on suppressed routes:

R3#sh ip bgp | i ^s>

Maybe that'll help? I'm sorry if I'm not understanding....

HTH,

John

HTH, John *** Please rate all useful posts ***

BillCismar · ‎09-29-2015

John,

Thanks for sticking with me on this.

Let me reiterate "when I run "sho ip bgp xxx.xxx.xxx.xxx" where the specified network is a direct match to the aggregate"

I do not expect to see the sub nets of an aggregate listed as advertised to the neighbor. But I do (or more correctly, I *did*) expect to see the actual summary route listed as advertised and more importantly, I *did NOT* expect to see the router telling me that my aggregate was not being advertised to any neighbor when in fact that is exactly what is happening.

So in your example: "R3#sh ip bgp 3.3.0.0/22" results in the "Not advertised to any peer".

In my specific case one our edge routers, has 41 aggregates. According to every command I can come up with, we are not advertising anything at all to our ISP. Of course I know that isn't true... now..., but when I first encountered this late at night while I was concerned about asymmetric routing, it was a bit unsettling.

Within a complex multi homed environment with Multiple MPLS clouds and Remote Internet connections, how can I verify which edge routers are or are not advertising routes when they are all marked out as rib-failures and the routers say they are not advertising even the aggregate routes?

I don't know if this is just an issue of the CISCO code or what, but it seems to me, and to my colleges, that this is unexpected and inhibiting when trying to troubleshoot the enterprise edge.

Oh, and just to keep it all really twisted up; one of the routers actually shows that it is advertising *some* of the aggregates, but not the vast majority. I have not been able to tell why one summary/aggregate is being treated differently than the other. There appears to be no difference thus far between the non rib-failure routes and the rib-failure routes other than the actual network IDs.

John Blakley · ‎09-29-2015

Okay...so I think I know what's going on. Thank you for that info. Let me lab that up...I have an idea...

** Edit **

I can't get it to break on my end. Even if I have the rib-failure, it's still advertising the aggregate like expected. Can you post your bgp config from one of the routers that you're having the issue on?

HTH, John *** Please rate all useful posts ***

BillCismar · ‎09-29-2015

The actual values are changed, but where changed always changed to the same value and in the same network class.

ipv6 multicast rpf use-bgp

ipv6 multicast vrf Mgmt-intf rpf use-bgp

match access-group name copp-system-acl-bgp

router bgp xxxx

bgp log-neighbor-changes

neighbor WCORE peer-group

neighbor WCORE remote-as zzzzz

neighbor WCORE ebgp-multihop 255

neighbor WCORE update-source Loopback0

neighbor 12.abc.de.ef remote-as xxxx

neighbor 12.abc.de.ef description at&t internet connection

neighbor 12.abc.de.ef password 7 ajumbleofnumbers

neighbor 41.gfh.123.5 remote-as yyyy

neighbor 41.gfh.123.5 description wpcdmzrtr

neighbor 41.gfh.123.5 update-source Loopback0

neighbor 444.444.444.444 peer-group WCORE

neighbor 444.444.444.444 description wcore

!

address-family ipv4

aggregate-address 199.1.1.0 255.255.255.0 summary-only

aggregate-address 199.1.2.0 255.255.248.0 summary-only

aggregate-address 198.3.3.0 255.255.255.0 summary-only

aggregate-address 198.4.4.0 255.255.255.0 summary-only

aggregate-address 192.1.1.0 255.255.254.0 summary-only

aggregate-address 192.1.2.0 255.255.254.0 summary-only

aggregate-address 192.2.1.0 255.255.255.0 summary-only

aggregate-address 192.3.8.0 255.255.255.0 summary-only

aggregate-address 192.10.15.0 255.255.255.0 summary-only

aggregate-address 192.10.14.0 255.255.252.0 summary-only

aggregate-address 192.10.17.0 255.255.255.0 summary-only

aggregate-address 160.88.0.0 255.255.0.0 summary-only

aggregate-address 160.87.0.0 255.255.0.0 summary-only

aggregate-address 160.86.0.0 255.255.0.0 summary-only

aggregate-address 160.85.192.0 255.255.192.0 summary-only

aggregate-address 160.85.176.0 255.255.240.0 summary-only

aggregate-address 160.85.168.0 255.255.248.0 summary-only

aggregate-address 160.85.128.0 255.255.224.0 summary-only

aggregate-address 160.85.64.0 255.255.192.0 summary-only

aggregate-address 160.85.48.0 255.255.240.0 summary-only

aggregate-address 160.85.47.0 255.255.255.0 summary-only

aggregate-address 160.85.44.0 255.255.254.0 summary-only

aggregate-address 160.85.40.0 255.255.252.0 summary-only

aggregate-address 160.85.32.0 255.255.248.0 summary-only

aggregate-address 160.85.0.0 255.255.224.0 summary-only

aggregate-address 160.84.0.0 255.255.0.0 summary-only

aggregate-address 160.83.0.0 255.255.0.0 summary-only

aggregate-address 160.82.0.0 255.255.0.0 summary-only

aggregate-address 160.81.0.0 255.255.0.0 summary-only

aggregate-address 160.80.0.0 255.255.0.0 summary-only

aggregate-address 160.79.0.0 255.255.0.0 summary-only

aggregate-address 160.78.0.0 255.255.0.0 summary-only

aggregate-address 160.77.0.0 255.255.0.0 summary-only

aggregate-address 160.76.0.0 255.255.0.0 summary-only

aggregate-address 160.75.0.0 255.255.0.0 summary-only

aggregate-address 160.74.0.0 255.255.0.0 summary-only

aggregate-address 130.194.224.0 255.255.224.0 summary-only

aggregate-address 130.194.208.0 255.255.240.0 summary-only

aggregate-address 130.194.204.0 255.255.252.0 summary-only

aggregate-address 130.194.200.0 255.255.252.0 summary-only

aggregate-address 130.194.196.0 255.255.252.0 summary-only

aggregate-address 130.194.194.0 255.255.254.0 summary-only

aggregate-address 130.194.193.0 255.255.255.0 summary-only

aggregate-address 130.194.192.0 255.255.255.0 summary-only

aggregate-address 130.194.128.0 255.255.192.0 summary-only

aggregate-address 130.194.0.0 255.255.128.0 summary-only

aggregate-address 129.161.0.0 255.255.0.0 summary-only

aggregate-address 129.165.0.0 255.255.0.0 summary-only

neighbor WCORE prefix-list TO-WCORE out

neighbor 12.abc.de.ef activate

neighbor 12.abc.de.ef prefix-list FROM-ISP in

neighbor 12.abc.de.ef route-map TO-ISP out

neighbor 41.gfh.123.5 activate

neighbor 41.gfh.123.5 next-hop-self

neighbor 41.gfh.123.5 prefix-list TO-DMZ out

neighbor 444.444.444.444 activate

exit-address-family

route-map TO-ISP permit 10
match ip address prefix-list US-NORTH
!
route-map TO-ISP permit 20
match ip address prefix-list US-SOUTH
set as-path prepend zzzz zzzz zzzz