10-16-2012 09:56 AM - edited 03-07-2019 09:30 AM
Hi Guys
Another day, another weird happening. Here it goes:
Background:
In our network, we have separated different traffics through the use of VRFs. So we have multiple VRFs which have expanded throughout the network. The connecting point between the VRFs is MP-BGP. In other words we have standalone MP-BGP (MP-BGP without any neighbor statements) configured on select routers that would perform the import and export of the routes into different VRFs. There are "import map" and "export map" configured under VRF configurations to restrict the prefixes that we want to transfer between the VRFs.
Problem:
Today I wanted to update a prefix-list for an Import map throughout the network. I needed to perform this change on two routers. When I added the new permitted prefixes under the prefix-list for the import map, one of the routers reflected the changes by correctly redistributing the routes while the other did not. The non responding router is a Cisco 6509 with IOS image 12.2 (33) SXH3 IP services. The functioning router is a Cisco 7609 with IOS image 12.2 (33) SRC1 IP Advanced Services. To simplify the setup, you can think of the process as below:
Source VRF------>MP-BGP------->Import Map-------->Destination VRF
Troubleshooting Done So Far:
I have spent a good portion of my day looking at this issue. I have verified that:
Weird or What?
Here is what I think the problem is: The import-map on the 6509 does not refresh automatically. Here is how I came to this conclusion:
Now I know a lot of you might suggest to remove the import-map and add it again however this is production and doing that change is not going to happen soon so I would appreciate if any of you guys has any other thoughts on this. This could very well be a bug which we need to further discuss with Cisco.
Thanks
Solved! Go to Solution.
10-18-2012 11:04 AM
Hello Babak,
first of all, I would like to thank you for the complete and clear description of your issue.
Your results might suggest that a different implementation of MP BGP regarding MP BGP feature import map is in two different IOS trains 12,2(33)SXH and 12.2(33)SRC.
This might be the case.
I tried to look at the bug toolkit for 12.2(33)SXH3 with search key "import map" and there are few bugs listed, but none of them is an exact match of your scenario.
this one
CSCts25780
ip vrf import map issue | |
Symptom: changing "ip cpmmunity-list" does not inform route-map and hence routes are not re-evaluated wherever the route-map is being used.Conditions: route-map should have "match community" configuredWorkaround: change route-map directly |
Is related to missing refresh of routes when an ip community list is changed ( invoked in the route-map used in the import map).
So this is the closer one that I see.
I would say it is almost the same issue an object used for match in the route-map has been changed and the route-map is not re-evaluated.
In your case is an ip prefix-list in the bug description is a community-list.
Best Regards
Giuseppe
10-26-2012 11:12 AM
As per lab re-create test, 12.2(33)SXH3 (what you are running) to 12.2(33)SXH6. The problem was present. However in 12.2(33)SXI and later the problem is resolved.
CSCsi53802 https://techzone.cisco.com/t5/Routing-Protocols/623543289-Import-map-not-refreshing-after-editing-prefix-list/td-p/117286does affect 12.2(33)SXH release. The entire train seems to have this issue and the bug is only fixed in 12.2(33)SXI and later.
This fix added a check in the code. Whenever the route-map is changed the import/export process is now aware of it, and rewalks the bgp table to apply the change. I verified that 12.2(33)SXI will dynamically ADD the route and remove the route depending on the prefix-list change.
12.2(33)SRC releases have the fix for this bug too.
10-16-2012 02:03 PM
I removed the import map under the VRF definition and added it again however there is still no hits on the prefix-lists and the subnet's are not being redistributed.
10-18-2012 09:45 AM
I am posting this for the benefit of the community. After a some time, maybe 30 minutes to an hour, after I removed and added back the import-map the routes where being redistributed again. So to summarize, on the 6509 platform I had to manually remove and add the import-map once the associated IP prefix-list was modified for the changes to take effect.
I am happy that this got fixed however I am not still convinced. I think that there is more to it than I understand at the moment. I need to investigate this further.
10-18-2012 11:04 AM
Hello Babak,
first of all, I would like to thank you for the complete and clear description of your issue.
Your results might suggest that a different implementation of MP BGP regarding MP BGP feature import map is in two different IOS trains 12,2(33)SXH and 12.2(33)SRC.
This might be the case.
I tried to look at the bug toolkit for 12.2(33)SXH3 with search key "import map" and there are few bugs listed, but none of them is an exact match of your scenario.
this one
CSCts25780
ip vrf import map issue | |
Symptom: changing "ip cpmmunity-list" does not inform route-map and hence routes are not re-evaluated wherever the route-map is being used.Conditions: route-map should have "match community" configuredWorkaround: change route-map directly |
Is related to missing refresh of routes when an ip community list is changed ( invoked in the route-map used in the import map).
So this is the closer one that I see.
I would say it is almost the same issue an object used for match in the route-map has been changed and the route-map is not re-evaluated.
In your case is an ip prefix-list in the bug description is a community-list.
Best Regards
Giuseppe
10-24-2012 12:58 PM
So this seems like a final solution:
Cisco TAC came up with the following bugs:
BUG ID :- CSCsi53802
Change in prefix-list used by vrf import/export map not processed by BGP
BUG ID :- CSCtj57167
modification to prefix-list nested within vrf import map are not applied
These two bugs are an exact explanation of what I am experiencing however the IOS 12.2 SXH3 is not listed as having this problem. I am talking to them to see if this is a slip. The workaround for this problem is to issue the "clear ip route vrf" command after the prefix-list has been modified.
I am going to try this resolution on the second 6509 that needs the update.
Hopefully this will be useful for someone out there
Thanks Guys.
10-26-2012 10:42 AM
The final piece of the puzzle:
From 12.2(33)SXH3 (what I am running) to 12.2(33)SXH6, the problem is present. However in 12.2(33)SXI and later the problem is resolved.
The code was changed to check the associated route-map, anywhere it was used, once any components of it got changed.
Hope this helps some lost souls out there.
Thanks
10-26-2012 11:12 AM
As per lab re-create test, 12.2(33)SXH3 (what you are running) to 12.2(33)SXH6. The problem was present. However in 12.2(33)SXI and later the problem is resolved.
CSCsi53802 https://techzone.cisco.com/t5/Routing-Protocols/623543289-Import-map-not-refreshing-after-editing-prefix-list/td-p/117286does affect 12.2(33)SXH release. The entire train seems to have this issue and the bug is only fixed in 12.2(33)SXI and later.
This fix added a check in the code. Whenever the route-map is changed the import/export process is now aware of it, and rewalks the bgp table to apply the change. I verified that 12.2(33)SXI will dynamically ADD the route and remove the route depending on the prefix-list change.
12.2(33)SRC releases have the fix for this bug too.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide