[c-nsp] BGP "network" netmask strangeness

Peter Rathlev peter at rathlev.dk
Wed Jan 28 04:53:00 EST 2009 

Hello,

I've seen something very strange today. Or mayby I just misunderstood
BGP. We have a CPE that does something I don't quite understand. It's a
C3560 running VRF Lite and eBGP inside the VRFs.

In short: I assumed that the BGP "network X mask Y" statement required
the exact prefix to exist in the RIB; that it wasn't enough for some
subnet of this to exist. (Disregarding any redistribute X +
aggregate-address etc.) Am I wrong in assuming that?

Long explanation follows:

For some VRF the CPE has 9 connected access networks, in this case
10.32.176.0/24 through 10.32.183.0/24 and 10.32.194.0/24. The latter was
the first to be configured:

interface Vlan998
 ip vrf forwarding A
 ip address 10.32.194.1 255.255.255.0
!
router bgp 65112
 address-family ipv4 vrf A
  network 10.32.194.0 mask 255.255.255.0
 !
!

This works/worked completely as expected; the prefix 10.32.194.0/24 is
announced via BGP. Recently the other eight connected nets were added:

interface Vlan997
 ip vrf forwarding A
 ip address 10.32.176.0 255.255.255.0
!
interface Vlan996
 ip vrf forwarding A
 ip address 10.32.177.0 255.255.255.0
!
... et cetera

Thus we had nine connected access network, one of them announced by BGP.
By accident the following was then configured:

router bgp 65112
 address-family ipv4 vrf A
  network 10.32.176.0 255.255.248.0
 !
!

This is not the right netmask for any of the connected nets and this
specific prefix doesn't exist in the RIB:

R1#sh ip route vrf A 10.32.176.0 255.255.248.0
% Subnet not in table
R1#

But it exists in the BGP table:

R1#sh ip bgp vpnv4 vrf A reg ^$
BGP table version is 91402, local router ID is x.x.x.x
Status codes: s suppressed, d damped, h history, * valid, > best, i -
internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
Route Distinguisher: 2404:1 (default for vrf A)
*> 10.32.176.0/24   0.0.0.0                  0         32768 i
*> 10.32.194.0/24   0.0.0.0                  0         32768 i
R1#

Now where does it source this from?

R1#sh ip bgp vpnv4 vrf A 10.32.176.0 255.255.255.0
BGP routing table entry for 2404:1:10.32.176.0/24, version 33212
Paths: (1 available, best #1, table A)
  Advertised to update-groups:
     1         
  Local
    0.0.0.0 from 0.0.0.0 (x.x.x.x)
      Origin IGP, metric 0, localpref 100, weight 32768, valid, sourced,
local, best
      Extended Community: RT:2404:1
R1#

If I add a static 10.32.176.0/21 -> Null0 I get both prefixes:

R1#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
R1(config)#ip route vrf A 10.32.176.0 255.255.248.0 Null0
R1(config)#
R1#sh ip bgp vpnv4 vrf A reg ^$
BGP table version is 91404, local router ID is x.x.x.x
Status codes: s suppressed, d damped, h history, * valid, > best, i -
internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
Route Distinguisher: 2404:1 (default for vrf A)
*> 10.32.176.0/24   0.0.0.0                  0         32768 i
*> 10.32.176.0/21   0.0.0.0                  0         32768 i
*> 10.32.194.0/24   0.0.0.0                  0         32768 i
R1#

I haven't tried removing the "network"-statement. There are users on the
net, so I wouldn't do it without asking. Maybe in the afternoon I can
get to do that.

So the question is: Where does 10.32.176.0/24 come from in the BGP
table?

Thank you,
Peter

More information about the cisco-nsp mailing list