[c-nsp] BGP Community Problem (I think)

Hobbs deadheadblues at gmail.com
Tue Nov 17 23:52:15 EST 2009 

On Tue, Nov 17, 2009 at 9:05 PM, Skeeve Stevens <Skeeve at eintellego.net>wrote:

> Hey all,
>
> I am confused as to why a BGP feed I take and take with a community and
> redistribute are some 50k routes different.
>
> Details follow:
>
> Platform is:
>
> SYD-A-BDR-A#sh ver
> Cisco IOS Software, 7200 Software (C7200-ADVIPSERVICESK9-M), Version
> 12.4(15)T1, RELEASE SOFTWARE (fc2)
> Technical Support: http://www.cisco.com/techsupport
> Copyright (c) 1986-2007 by Cisco Systems, Inc.
> Compiled Wed 18-Jul-07 13:29 by prod_rel_team
>
> ROM: System Bootstrap, Version 12.3(4r)T3, RELEASE SOFTWARE (fc1)
> BOOTLDR: Cisco IOS Software, 7200 Software (C7200-BOOT-M), Version
> 12.4(15)T1, RELEASE SOFTWARE (fc2)
>
> SYD-A-BDR-A uptime is 1 year, 43 weeks, 4 days, 20 hours, 26 minutes
> System returned to ROM by Reload Command at 08:32:21 UTC Mon Jan 8 2001
> System restarted at 16:49:17 AEST Thu Jan 17 2008
> System image file is "disk2:c7200-advipservicesk9-mz.124-15.T1.bin"
>
>
>
> -          Inbound full route feed
>
>
> 114.x.x.65   4  4xxx 26710538 2546241 130268709    0    0 9w1d       302167
> 114.x.x.66   4  4xxx 25400126 1834326 130268709    1    0 2w5d       302163
>
> -          Tagged with community
>
> route-map PRI-IN permit 10
>  match as-path 50
>  set weight 80
>  set community 17xxx:2000 additive
> !
> route-map PRI-IN permit 12
>  match as-path 52
>  set weight 90
>  set community 17xxx:2002 additive
> !
> route-map PRI-IN permit 20
>  match as-path 2
>  set weight 80
>  set community 17xxx:2001 additive
>
>
> -          Relevant config
>
> ip as-path access-list 2 permit .*
> ip as-path access-list 50 permit ^4xxx$
> ip as-path access-list 52 permit ^4xxx_7xx_1xxx
> !
> ip community-list 200 permit 17xxx:2000
> ip community-list 201 permit 17xxx:2001
> ip community-list 202 permit 17xxx:2002
>
>
> -          Now, this all seems to work.
>
> SYD-A-BDR-A#show ip bgp neighbors 114.x.x.66 received-routes | i Total
> Total number of prefixes 302163
>
> SYD-A-BDR-A#show ip bgp community-list 201 | redirect
> tftp://x.x.x.x/dump/20091118.txt
>
> [root at dump]# more 20091118.txt | grep 193.66 | wc -l
> 301542
> [root at dump]# more 20091118.txt | grep 193.65 | wc -l
> 301543
>
> Now... there is a small difference which can be attributed to a variety of
> things... nothing I'm worried about since it is so close (500 routes).
>
> Next:
>
> route-map BNEA-OUT permit 10
>  match ip address prefix-list US-SEND-BNE-BLOCKS  ! (Just local routes)
> !
> route-map BNEA-OUT permit 20
>  match community 201
> !
> route-map BNEA-OUT permit 30
>  description Community 17xxx:250 mapped to CL 125   ! (Redistributing
> peering routes)
>  match community 125
> !
>
>
> So.. we're tagging 301k routes inbound and examining the community list
> seems to be showing that is working fine, and then we are, using Community
> List 201 - sending that 301k + Local + Peering (7900 routes) to another PoP.
>
> But...
>
> SYD-A-BDR-A#show ip bgp neighbors 203.x.x.6 advertised-routes | i Total
> Total number of prefixes 250915
>
> So this is missing about 51k routes + Peering routes of about 8k... but the
> peering routes seem to be there, so that makes it about 60k transit routes
> that are missing that are not being sent 'in router' onto the next
> neighbour.
>
> I hope I've included most significant information...  if this doesn't make
> sense, let me know and I will explain in more detail?
>
>
> ...Skeeve
>
>
>
> --
> Skeeve Stevens, CEO/Technical Director
> eintellego Pty Ltd - The Networking Specialists
> skeeve at eintellego.net / www.eintellego.net
> Phone: 1300 753 383, Fax: (+612) 8572 9954
> Cell +61 (0)414 753 383 / skype://skeeve
> www.linkedin.com/in/skeeve ; facebook.com/eintellego
> --
> NOC, NOC, who's there?
>
> Disclaimer: Limits of Liability and Disclaimer: This message is for the
> named person's use only. It may contain sensitive and private proprietary or
> legally privileged information. You must not, directly or indirectly, use,
> disclose, distribute, print, or copy any part of this message if you are not
> the intended recipient. eintellego Pty Ltd and each legal entity in the
> Tefilah Pty Ltd group of companies reserve the right to monitor all e-mail
> communications through its networks.  Any views expressed in this message
> are those of the individual sender, except where the message states
> otherwise and the sender is authorised to state them to be the views of any
> such entity. Any reference to costs, fee quotations, contractual
> transactions and variations to contract terms is subject to separate
> confirmation in writing signed by an authorised representative of
> eintellego. Whilst all efforts are made to safeguard inbound and outbound
> e-mails, we cannot guarantee that attachments are!
>  virus-free or compatible with your systems and do not accept any liability
> in respect of viruses or computer problems experienced.
>
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>

Not sure off-hand, but you can do show ip bgp neighbor and far down in the
output you will see a section showing stats about why prefixes were dropped
(route-map, dist-list, etc). What does it say?

More information about the cisco-nsp mailing list