RE: [nsp] BGP default-originate

From: Insik_Park@infonet.com
Date: Thu Jan 04 2001 - 20:38:13 EST


This is exactly what I need. When primary default is not available, eBGP
neighbor can use secondary default being injected by different Internet
gateway. What's the difference between your config and my config?

Insik

Scott Whyte <swhyte@cisco.com> on 01/04/2001 04:57:54 PM

To: "Martin, Christian" <cmartin@gnilink.net>
cc: Insik_Park@infonet.com, cisco-nsp@puck.nether.net,
      jared@puck.nether.net

Subject: RE: [nsp] BGP default-originate

On Thu, 4 Jan 2001, Martin, Christian wrote:

> > This worked for me using 12.0(14).
> >
> > Make sure the static route next hop is in the routing table,
> > BGP requires
> > a default route exist in the routing table before advertising
> > it to BGP
> > neighbors.
>
> This is not the case. BGP does not require a default to exist in the
table
> to inject a default with default-originate.

I stand corrected. However, I can get conditional advertisement of
default to an eBGP neighbor using the supplied config; if the static route
is removed or the interface the next hop points to goes down, I send a
withdrawal.

router bgp 100
 neighbor 203.1.1.2 remote-as 200
 neighbor 203.1.1.2 default-originate route-map default-map
!
ip classless
ip route 0.0.0.0 0.0.0.0 172.16.65.161
!
access-list 1 permit 0.0.0.0
route-map default-map permit 10
 match ip address 1
!

after removing 0/0 or shutdown e0, neighbor sees:

1w6d: BGP: 203.1.1.1 rcv UPDATE about 0.0.0.0/0 -- withdrawn
1w6d: BGP: no valid path for 0.0.0.0/0
1w6d: BGP: nettable_walker 0.0.0.0/0 no best path
1w6d: BGP: 203.1.1.1 computing updates, neighbor version 16, table version
17, starting at 0.0.0.0
1w6d: BGP: 203.1.1.1 update run completed, ran for 4ms, neighbor version
16, start version 17, throttled to 17, check point net 0.0.0.0

>
> -Scott
> >
> > On Thu, 4 Jan 2001 Insik_Park@infonet.com wrote:
> >
> > > Hello all,
> > >
> > > I am trying to inject default route 0.0.0.0 to eBGP neighbor using
> > > default-originate and route map, but it doesn't seem to
> > work. Below is the
> > > configuration. Am I missing something? If I use
> > default-originate without
> > > route-map, then it successfully injects default network to
> > eBGP neighbor.
>
> I believe the route-map matching logic, when used with an access-list, is
> there to determine what the next-hop is. Your route-map doesn't perform
> this matching. You would use it to say something like this:

This is incorrect. The route-map takes whatever is in Loc-RIB, applies the
criteria defined, and puts whatever comes out into Adj-RIB-Out for
advertising. ACLs either permit or deny, and if they permit then you've
matched in your route-map. If you want to match next-hop, then match
next-hop and not ip address.

On my test routers, default originate causes 0/0 to go out whether its in
loc-RIB or not. But when I switch to default originate route-map
default-map, we see

23:26:02: BGP: 203.1.1.2 send UPDATE 0.0.0.0/0 -- unreachable
23:26:02: BGP: 203.1.1.2 1 updates enqueued (average=24, maximum=24)

which means we now care whether its in the local routing table or not.

>
> router bgp 200
> neighbor 200.100.1.2 remote-as 400
> neighbor 200.100.1.2 default-originate route-map default-map
> !
> route-map default-map permit 10
> match ip next-hop 1
> !
> access-list 1 permit 192.168.1.1
>
> Then, the route-map would fail if there wasn't a default to the next-hop.
>
> Another way to do it would be with an extended access-list as such:
>
> router bgp 200
> neighbor 200.100.1.2 remote-as 400
> neighbor 200.100.1.2 default-originate route-map default-map
> !
> route-map default-map permit 10
> match ip address 101
> !
> access-list 101 permit ip host 0.0.0.0 host 192.168.1.1
>
> This is sort of a conditional advertisement.
>
>
> For your purposes, you do not need the route-map, as this command only
> injects a default. If you are trying to prevent leakage of other
prefixes,
> use a distribute/prefix list.
>
> chris
>
>
>
>
> > >
> > > !
> > > router bgp 200
> > > neighbor 200.100.1.2 remote-as 400
> > > neighbor 200.100.1.2 default-originate route-map default-map
> > > !
> > > route-map default-map permit 10
> > > match ip address 1
> > > !
> > > access-list 1 permit 0.0.0.0
> > > !
> > > ip route 0.0.0.0 0.0.0.0 195.190.1.1
> > >
> > > ------------------
> > > !
> > > router bgp 400
> > > neighbor 200.100.1.1 remote-as 200
> > >
> > >
> > >
> > >
> >
> >
>

-Scott

--
Scott Whyte     swhyte@cisco.com | Hobbes: "What would *you* call the
Global Solutions Engineering     |          creation of the universe?"
Network Design Consultant        |
CCIE 3340                        | Calvin: "The Horrendous Space Kablooie!"



This archive was generated by hypermail 2b29 : Sun Aug 04 2002 - 04:12:24 EDT