[c-nsp] BGP leak prefixes over IPv4 tunnel

Stephen Wilcox steve.wilcox at packetrade.com
Wed Jul 11 05:09:49 EDT 2007


On Wed, Jul 11, 2007 at 03:49:24PM +0800, Nick Kraal wrote:
> Hi all,
> 
> A memory loss problem here.
> 
> We/ISP_A are trying to leak prefixes (which are not seen on the public 
> Internet) to a remote network/ISP_B via BGP. At this point of time we 
> are planning to build this via BGP over a IPv4 tunnel interface.
> 
> 
> ISP_A-------Transit_Provider-------ISP_B  :physical connection
>     ==================================
>     Tunnel /30 WAN address from ISP_A      :tunneled 'WAN' connection
>     ==================================
> 
> The BGP session is built on the tunnel /30 'WAN' address, and are 
> announcing ISP_A and the leak prefixes to ISP_B via this arrangement. 
> And ISP_B will announce their prefixes via the this tunneled session also.
> 
> The BGP and route map configurations are standard vanilla. I seem to 
> remember some issues caused by BGP loop detection, and need some static 
> routes to be involved. This is where the memory fails.

Hi Nick,
 it should work fine but you need to make sure you have stable routing in place (static or otherwise) to bring the tunnel up before you start messing with BGP.

Once that is done you must ensure that the route to the tunnel endpoint via the real network remains the preferred one ie do not point a more specific down the tunnel or use a higher preference; you might want to prefix filter your BGP sessions to ensure this never occurs.

Steve


More information about the cisco-nsp mailing list