cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1458
Views
0
Helpful
12
Replies

Advertise a specific subnet to a BGP neighbour out of an aggregate

chenbs
Level 1
Level 1

Dear all,

I just wanted to know what your thoughts are on the following issue that I have. I have an internal Router that receives various subnets of the 10.0.0.0/8 from internal core routers via an IGP. I have an IPBGP peering with a WAN router which has a static route 10.0.0.0/8 pointing back.

I need to advertise a specific subnet say 10.64.0.0/10. from the internal router to the WAN router who will then advertise to an EBGP peer.

However, when I do this I lose connectivity to the WAN router because it seems it ignores the 10.0.0.0/8 in favor of 10.64.0.0/10 because it is more specific.

 

I have added 10.0.0.0/10, 10.64.0.0/10 & 10.128.0.0/10 as static routes to the WAN router and I no longer lose connectivity. Any ideas of a better

solution ?


 

12 Replies 12

Jon Marshall
Hall of Fame
Hall of Fame

Losing connectivity to the WAN router doesn't make sense.

If the WAN router needs to route an IP back you that falls within the 10.64.0.0/10 it uses the more specific route.

If the IP is not in that range but is a 10.x.x.x IP then it should use the static route.

What does the WAN router's IP routing table look like ie. is there a route for 10.0.0.0/8 in there now ?

Jon

Hi Jon,

You are correct and there is a static route to the 10.0.0.0/8 pointing back. There is a firewall in between the internal router and the WAN router because the firewall does Nat IP addresses. So the more specific route of 10.64.0.0/10 would apply 

Okay I really have no idea what you are talking about :-)

You added more specific routes to the WAN router and it works but not with the 10.0.0.0/8 entry.

What has that got to do with NAT on the firewall ?

Surely the question is why is your WAN router ignoring that entry and only works with more specific routes ?

Jon

 

Hi Jon,

 

Ignore the firewall, I was just giving background information. Yes my question is if I have a 10.0.0.0/8 and try to advertise 10.64.0.0/10 why does it ignore the 10.0.0.0/8 and lose connectivity.

What does the IP routing table look like when you advertise the 10.64.0.0/10 subnet ?

Is the static entry still in there ?

Are both routes pointing back to the same next hop IP ?

Jon

I'm only advertising the 10.64.0.0/10 using the network statement in BGP. This gets advertised to the EBGP peer connected to the WAN router. My static routing table has the 3 /10 subnets I mentioned earlier as well as 10.0.0.0/8.

 

Yes but the original problem was that without the additional subnets you had static entries for you lost connectivity.

And you said it was because 10.64.0.0/10 was more specific.

But that is irrelevant because a static route will always be in the routing table unless you are modifying the AD.

Which means regardless of whether you are advertising a more specific subnet with BGP it makes no difference from the WAN routers perspective unless the subnet you are advertising via BGP is using a different next hop IP.

What is the next hop IP for the 10.0.0.0/8 static route on the WAN router ?

And what is the next hop IP for the 10.64.0.0/10 BGP route on the WAN router ?

Note not the static route you added but the BGP route.

Jon

  1. Hi Jon,
  2. I appreciate you are trying to help but this is not getting anywhere. Even before I advertise via  BGP, I lose connectivity to the WAN router when I add 10.64.0.0/10 in addition to 10.0.0.0/8. The static routes have a next hop of the upstream firewall which cannot do dynamic routing which will solve my problem. I will figure this out and get back to you but your efforts are much appreciated.

 

No problem.

Just reread my answers and apologies if they came across a bit "stroppy".

They weren't meant to, I was just finding it a bit difficult to follow.

Hope you get it sorted.

Jon

Hi Jon,

 

I am just happy that you have taken time out to assist. Thank you so much and I will check and let you know when I have figured out the cause.

 

Take care
 

Okay, thanks.

I don't know whether you are getting e-mail notifications for any new posts or whether you have already checked but I added a post above as to what might be the cause.

It sounds very much like the behaviour you see when "no ip classless" is enabled on router but it never occurred to me because "ip classless" is the default now and with CEF that also changes the behaviour.

Just wanted to mention it just in case.

Jon

Like I say I think came across a bit bluntly and I apologise again.

I won't try and keep this thread going but one thought occurred.

Can you check on the WAN router if you have "no ip classless" enabled.

It is unlikely with a modern IOS but it may explain why you are not using the main static route once you add a more specific route from the same major network.

Jon

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: