[c-nsp] BGP conditional advertisemet - NON-EXIST route map'saccess-list problem
RPhookun at lecg.com
RPhookun at lecg.com
Sun Mar 15 17:39:46 EDT 2009
One gotcha I ran into sometime ago - on 12.4 T
the neighbor 192.168.100.1 advertise-map ADVERTISE non-exist-map
NON-EXIST has to be configured in the address-family ipv4
conf t
router bgp 10
address-family ipv4
neighbor 192.168.100.1 advertise-map ADVERTISE non-exist-map NON-EXIST
exit-address-family
Not sure if this is your case.
can you include the output of -
sh ip bgp neigh x.x.x.x
sh ip bgp neigh x.x.x.x advertised routes?
Regards,
./Randy
Burak Dikici <bdikici at gmail.com>
Sent by: cisco-nsp-bounces at puck.nether.net
03/15/2009 02:21 PM
To
RPhookun at lecg.com
cc
Ivan Pepelnjak <ip at ioshints.info>, cisco-nsp-bounces at puck.nether.net,
cisco-nsp at puck.nether.net
Subject
Re: [c-nsp] BGP conditional advertisemet - NON-EXIST route
map'saccess-list problem
I have made a change on the lab with the commands which are written below
,
but ISP-2 still getting my announcment. No success...
ip as-path access-list 1 permit ^200 (ISP-1 AS number)
ip prefix-list AS200-track seq 5 permit 192.168.200.0/24 (subnet
between multihoming router and ISP-1 router)
route-map NON-EXIST permit 10
match ip address prefix-list AS200-track
match as-path 1
router bgp 10
neighbor 192.168.100.1 advertise-map ADVERTISE non-exist-map NON-EXIST
On Sun, Mar 15, 2009 at 11:03 PM, <RPhookun at lecg.com> wrote:
>
> I agree with Ivan in that the tracked prefix in the Non-Exist-Map
should
> be the ISP-1 infrastructure address because in its absence you wouldn't
be
> receiving any other routes from ISP-1
> However, the match of the tracked prefix is from the BGP table *not* the
IP
> routing table and "match-as-path" can be very relevant in some
topologies
> and its absence in the Non-Exist-Map can cause the conditional
advertisement
> feature to break.
>
> Cisco has an excellent example - "Configuring and Verifying the
Conditional
> Advertisement Feature"
>
> ./Randy
>
>
>
>
>
> *"Ivan Pepelnjak" <ip at ioshints.info>*
> Sent by: cisco-nsp-bounces at puck.nether.net
>
> 03/15/2009 12:48 PM
> To
> "'Burak Dikici'" <bdikici at gmail.com>
> cc
> cisco-nsp at puck.nether.net Subject
> Re: [c-nsp] BGP conditional advertisemet - NON-EXIST route
> map'saccess-list problem
>
>
>
>
>
> That's the problem everyone has with the NON-EXIST-MAP :) Usually the
IP
> prefix used to address the ISP-1 infrastructure is the best bet.
>
> The "match as-path" statement in the NON-EXIST-MAP is irrelevant (unless
> I'm
> totally wrong about the match being made with the routes in the IP
routing
> table :).
>
> Ivan
>
>
> _____
>
> From: Burak Dikici [mailto:bdikici at gmail.com]
> Sent: Sunday, March 15, 2009 8:19 PM
> To: Ivan Pepelnjak
> Cc: Mateusz Blaszczyk; cisco-nsp at puck.nether.net
> Subject: Re: [c-nsp] BGP conditional advertisemet - NON-EXIST route
> map'saccess-list problem
>
>
> Hi Ivan ,
>
> Ok than , what should i use for NON-EXIST route-map's access-list ?
Which
> prefix should i trust from ISP-1 (Primary ISP) ?
> Is it necessary to use "match ip address" and "match as-path"
statements
> together in the NON-EXIST route-map ?
>
>
> On Sun, Mar 15, 2009 at 8:46 PM, Ivan Pepelnjak <ip at ioshints.info>
wrote:
>
>
> You can't use "permit any" because it would match any route in the IP
> routing table (including the connected interfaces). The access list used
in
> NON-EXIST-MAP is used on the IP routing table, not on the BGP table
(that's
> why the AS path doesn't work either).
>
> Ivan
>
>
> > -----Original Message-----
> > From: Burak Dikici [mailto:bdikici at gmail.com]
> > Sent: Sunday, March 15, 2009 7:16 PM
> > To: Mateusz Blaszczyk
> > Cc: cisco-nsp at puck.nether.net
>
> > Subject: Re: [c-nsp] BGP conditional advertisemet - NON-EXIST
> > route map'saccess-list problem
> >
>
> > Hi Mateusz ,
> >
> > For better understanding , i have attached the topology
> > screenshot and the router's configuration files. (By the way
> > , this is a lab config.)
> >
> > In the attached Router's configuration ,
> >
> > access-list 65 permit 172.16.1.0 0.0.0.255
> >
> > command is used and with this command bgp conditional
> > advertisement is working fine.
> >
> > But when i use ,
> >
> > access-list 65 permit any
> >
> > command , the conditional advertisement doesn't work.
>
>
>
>
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
>
_______________________________________________
cisco-nsp mailing list cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list