03-25-2015 04:44 AM - edited 03-10-2019 12:30 PM
Dear all,
I just wanted to know what your thoughts are on the following issue that I have. I have an internal Router that receives various subnets of the 10.0.0.0/8 from internal core routers via an IGP. I have an IPBGP peering with a WAN router which has a static route 10.0.0.0/8 pointing back.
I need to advertise a specific subnet say 10.64.0.0/10. from the internal router to the WAN router who will then advertise to an EBGP peer.
However, when I do this I lose connectivity to the WAN router because it seems it ignores the 10.0.0.0/8 in favor of 10.64.0.0/10 because it is more specific.
I have added 10.0.0.0/10, 10.64.0.0/10 & 10.128.0.0/10 as static routes to the WAN router and I no longer lose connectivity. Any ideas of a better
solution ?
03-25-2015 05:35 AM
Losing connectivity to the WAN router doesn't make sense.
If the WAN router needs to route an IP back you that falls within the 10.64.0.0/10 it uses the more specific route.
If the IP is not in that range but is a 10.x.x.x IP then it should use the static route.
What does the WAN router's IP routing table look like ie. is there a route for 10.0.0.0/8 in there now ?
Jon
03-25-2015 07:14 AM
Hi Jon,
You are correct and there is a static route to the 10.0.0.0/8 pointing back. There is a firewall in between the internal router and the WAN router because the firewall does Nat IP addresses. So the more specific route of 10.64.0.0/10 would apply
03-25-2015 07:21 AM
Okay I really have no idea what you are talking about :-)
You added more specific routes to the WAN router and it works but not with the 10.0.0.0/8 entry.
What has that got to do with NAT on the firewall ?
Surely the question is why is your WAN router ignoring that entry and only works with more specific routes ?
Jon
03-25-2015 09:53 AM
Hi Jon,
Ignore the firewall, I was just giving background information. Yes my question is if I have a 10.0.0.0/8 and try to advertise 10.64.0.0/10 why does it ignore the 10.0.0.0/8 and lose connectivity.
03-25-2015 10:42 AM
What does the IP routing table look like when you advertise the 10.64.0.0/10 subnet ?
Is the static entry still in there ?
Are both routes pointing back to the same next hop IP ?
Jon
03-25-2015 12:57 PM
I'm only advertising the 10.64.0.0/10 using the network statement in BGP. This gets advertised to the EBGP peer connected to the WAN router. My static routing table has the 3 /10 subnets I mentioned earlier as well as 10.0.0.0/8.
03-25-2015 02:26 PM
Yes but the original problem was that without the additional subnets you had static entries for you lost connectivity.
And you said it was because 10.64.0.0/10 was more specific.
But that is irrelevant because a static route will always be in the routing table unless you are modifying the AD.
Which means regardless of whether you are advertising a more specific subnet with BGP it makes no difference from the WAN routers perspective unless the subnet you are advertising via BGP is using a different next hop IP.
What is the next hop IP for the 10.0.0.0/8 static route on the WAN router ?
And what is the next hop IP for the 10.64.0.0/10 BGP route on the WAN router ?
Note not the static route you added but the BGP route.
Jon
03-25-2015 02:47 PM
03-25-2015 03:03 PM
No problem.
Just reread my answers and apologies if they came across a bit "stroppy".
They weren't meant to, I was just finding it a bit difficult to follow.
Hope you get it sorted.
Jon
03-26-2015 03:32 AM
Hi Jon,
I am just happy that you have taken time out to assist. Thank you so much and I will check and let you know when I have figured out the cause.
Take care
03-26-2015 06:46 AM
Okay, thanks.
I don't know whether you are getting e-mail notifications for any new posts or whether you have already checked but I added a post above as to what might be the cause.
It sounds very much like the behaviour you see when "no ip classless" is enabled on router but it never occurred to me because "ip classless" is the default now and with CEF that also changes the behaviour.
Just wanted to mention it just in case.
Jon
03-25-2015 03:19 PM
Like I say I think came across a bit bluntly and I apologise again.
I won't try and keep this thread going but one thought occurred.
Can you check on the WAN router if you have "no ip classless" enabled.
It is unlikely with a modern IOS but it may explain why you are not using the main static route once you add a more specific route from the same major network.
Jon
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: