- If 5.5.5.0/25 exists in the BGP table then advertise the aggregate address 5.5.5.0/24 to both ISPs.
- or the opposite: only If 5.5.5.0/25 does not exist in the BGP table then advertise the aggregate address 5.5.5.0/24 to both ISPs.
When you do an "aggregate-address <network> <netmask> summary-only" under BGP, an aggregate route will be advertised as long as one of the subset route is in the BGP table. However, in the first scenario we are going to check for the existence for 5.5.5.0/25 using an "exist-map" and if that route exists then advertise the aggregate to the ISP_A and ISP_B.
As usual we will get the interfaces configured, BGP, and routing configured.
!
hostname ENT_INTERNAL
!
interface FastEthernet1/0
description connected to wan_edge
ip address 3.3.3.2 255.255.255.0
duplex auto
speed auto
!
router bgp 65001
no synchronization
bgp log-neighbor-changes
redistribute static
neighbor 3.3.3.1 remote-as 65001
neighbor 3.3.3.1 description wan_edge
no auto-summary
!
ip route 5.5.5.0 255.255.255.128 Null0
ip route 5.5.5.128 255.255.255.128 Null0
!
The two static routes are added to point to null0 so we can redistribute these statics into BGP to propagate the routes to WAN_EDGE.
!
hostname WAN_EDGE
!
interface FastEthernet1/0
description connected to isp_a
ip address 1.1.1.1 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet1/1
description connected to isp_b
ip address 2.2.2.1 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet2/0
description connected to ent_internal
ip address 3.3.3.1 255.255.255.0
duplex auto
speed auto
!
router bgp 65001
no synchronization
bgp log-neighbor-changes
aggregate-address 5.5.5.0 255.255.255.0 summary-only
neighbor 1.1.1.2 remote-as 1
neighbor 2.2.2.2 remote-as 2
neighbor 3.3.3.2 remote-as 65001
no auto-summary
!
!
hostname ISP_A
!
interface FastEthernet1/0
description connected to wan_edge
ip address 1.1.1.2 255.255.255.0
duplex auto
speed auto
!
router bgp 1
no synchronization
bgp log-neighbor-changes
neighbor 1.1.1.1 remote-as 65001
no auto-summary
!
!
hostname ISP_B
!
interface FastEthernet1/1
description connected to wan_edge
ip address 2.2.2.2 255.255.255.0
duplex auto
speed auto
!
router bgp 2
no synchronization
bgp log-neighbor-changes
neighbor 2.2.2.1 remote-as 65001
no auto-summary
!
We should first observe how the aggregate command works so we can compare the results after we incorporate the "exist-map" feature. Let's check out the routes in ISP_A and ISP_B to see if 5.5.5.0/24 is being aggregated from WAN_EDGE router.
ISP_A#show ip bgp
BGP table version is 2, local router ID is 1.1.1.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 5.5.5.0/24 1.1.1.1 0 0 65001 i
ISP_B#show ip bgp
BGP table version is 2, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 5.5.5.0/24 2.2.2.1 0 0 65001 i
As you can see both ISP_A and ISP_B has the aggregate route 5.5.5.50/24 from WAN_EDGE and this is because there are subset routes (highlighted in red below) in the WAN_EDGE BGP table. Since these subset routes are being received from ENT_INTERNAL the aggregate is being advertised to ISP_A/ISP_B.
WAN_EDGE#show ip bgp
BGP table version is 9, local router ID is 3.3.3.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
s>i5.5.5.0/25 3.3.3.2 0 100 0 ?
*> 5.5.5.0/24 0.0.0.0 32768 i
s>i5.5.5.128/25 3.3.3.2 0 100 0 ?
Now let's remove 5.5.5.0/25 from WAN_EDGE by just deleting the static route from the originating router ENT_INTERNAL and see if WAN_EDGE is still advertising the aggregate route out.
ENT_INTERNAL#conf t
Enter configuration commands, one per line. End with CNTL/Z.
ENT_INTERNAL(config)#no ip route 5.5.5.0 255.255.255.128 null0
Just checking on ISP_A and the aggregate 5.5.5.0/24 is still being advertised by WAN_EDGE because WAN_EDGE still has a subset route 5.5.5.128/25 from ENT_INTERNAL. Therefore, it is clear that as long as you have one subset route of the aggregate route the aggregate (5.5.5.0/24 in this case) will be advertised.
ISP_A#show ip bgp
BGP table version is 2, local router ID is 1.1.1.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 5.5.5.0/24 1.1.1.1 0 0 65001 i
Now let's put back the static route 5.5.5.0/25 in ENT_INTERNAL and use advertise-map and exist-map in WAN_EDGE BGP config to where the aggregate route 5.5.5.0/24 only gets advertised to ISP_A/ISP_B if 5.5.5.0/25 exists in WAN_EDGE BGP TABLE.
ENT_INTERNAL#conf t
Enter configuration commands, one per line. End with CNTL/Z.
ENT_INTERNAL(config)#ip route 5.5.5.0 255.255.255.128 null0
!
hostname WAN_EDGE
!
access-list 80 permit 5.5.5.0 0.0.0.127
access-list 90 permit 5.5.5.0 0.0.0.255
!
route-map adv-map permit 10
match ip address 90
!
route-map ex-map permit 10
match ip address 80
!
router bgp 65001
neighbor 1.1.1.2 advertise-map adv-map exist-map ex-map
neighbor 2.2.2.2 advertise-map adv-map exist-map ex-map
- Create an access-list to match the route that needs to be in the BGP Table in order for the aggregate to be advertised (access-list 80).
- Create an access-list to match the aggregate route that should be advertised (access-list 90).
- Create a route-map that matches the aggregate route.
- Create a route-map to match the "exists conditional route".
- Attach it to the neighbors.
- May need to clear bgp (clear ip bpg * soft)
ISP_A#show ip bgp
BGP table version is 2, local router ID is 1.1.1.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 5.5.5.0/24 1.1.1.1 0 0 65001 i
WAN_EDGE# show ip bgp neighbors 1.1.1.2
Condition-map ex-map, Advertise-map adv-map, status: Advertise
Alright so we are good. Now let's remove the 5.5.5.0/25 from WAN_EDGE BGP table by removing the static route on ENT_INTERNAL.
!
hostname ENT_INTERNAL
!
ENT_INTERNAL(config)#no ip route 5.5.5.0 255.255.255.128 null0
Let's again check the ISP_A routing table.
!
hostname ISP_A
!
ISP_A#show ip route
1.0.0.0/24 is subnetted, 1 subnets
C 1.1.1.0 is directly connected, FastEthernet1/0
WAN_EDGE# show ip bgp neighbors 1.1.1.2
Condition-map ex-map, Advertise-map adv-map, status: Withdraw
Where did the route 5.5.5.0/24 go? Where is the aggregate? Well the aggregate route is not being advertised by WAN_EDGE because 5.5.5.0/25 does not exist in the WAN_EDGE BGP table.
So there it is ... if statements in BGP. If a <certain route exists in the BGP Table> then advertise <a route>.
You can also do if a <certain route does not exist> then advertise <a route> by "neighbor x.x.x.x advertise-map <route-map> non-exist-map <route-map>.
For example, if you did "neighbor 1.1.1.2 advertise-map adv-map non-exists-map ex-map" then 5.5.5.0/24 will be only advertised to ISP_A when 5.5.5.0/25 does not exist in WAN_EDGE BGP table.
Have you used this before? Where would you use this feature?
Many more articles to come so stay tuned.
Please reshare/subscribe/comment/+1 if you like my posts as it keeps me motivated to write more and spread the knowledge.
Arwin, Ur BGP Posts are excellent.. Really awesome way of explanation. Really appreciate ur effort & time.
ReplyDeleteThanks man, keep it up. Gonna access ur blog regularly. Today i found ur blog.. its really informative.
Thanks for your comment. I will be posting more on here going forward so please be sure to check back. And if you have any specific topic you want me to post on please do let me know.
DeleteKeep up the Good work ..!!
ReplyDelete