[c-nsp] suppress bgp updates?

Mark Kent mark at noc.mainstreet.net
Tue Nov 16 20:06:49 EST 2010 

I thought I knew how to nail down BGP announcements so that an edge
router shows a uniform face to the rest of the world, but a recent
experience and experiment tells me I was wrong.

Here is the experiment:

  [upstream]
     |
     |
  [edge]<---->[internal]

"upstream" and "edge" are eBGP peers, "edge" and "internal" are ospf
neighbors.  The idea here is that I manage "edge" and "internal" and
some ISP runs "upstream".  

The config on "edge" is:

router bgp 65530
 no synchronization
 network 192.0.2.0
 neighbor 192.168.0.1 remote-as 65531

ip route 192.0.2.0 255.255.255.0 Null0 240 permanent

My belief was that the above static route would save me from
any internal routing snafu, so that AS65531 will continually
see that path.

Router "upstream" has:

router bgp 65531
 bgp dampening
 neighbor 192.168.0.2 remote-as 65530

with "debug ip bgp updates" turned on, so I can see what is happening.

The "internal" router redistributes static routes into ospf, 
so I introduce changes by alternating between:

internal(config)#ip route 192.0.2.0 255.255.255.0 10.10.10.10

and

internal(config)#no ip route 192.0.2.0 255.255.255.0 10.10.10.10

Whenever I do this, I do see updates making it out to the upstream:

 BGP(0): 192.168.0.2 rcvd UPDATE w/ attr: nexthop 192.168.0.2, origin i, metric 27, path 65530
 BGP(0): 192.168.0.2 rcvd 192.0.2.0/24
 BGP(0): Revise route installing 1 of 1 routes for 192.0.2.0/24 -> 192.168.0.2(main) to main IP table
 BGP(0): 192.168.0.2 rcvd UPDATE w/ attr: nexthop 192.168.0.2, origin i, metric 0, path 65530
 BGP(0): 192.168.0.2 rcvd 192.0.2.0/24

"sh ip bgp dampening flap-statistics" indicates that these updates
count as flaps and eventually lead to dampening (should anyone still do
dampening).  I recognize that the routes are not being withdrawn and
then re-injected, and I am happy for that.

You can see from the above that the metric is changing, and I can fix
this with:

route-map FOO permit 10
 set metric 0
 set origin igp

and

router bgp 65530
 neighbor 192.168.0.1 route-map FOO out

Now updates are recognized as duplicates by the upstream:

 BGP(0): 192.168.0.2 rcvd UPDATE w/ attr: nexthop 192.168.0.2, origin i, metric 0, path 65530
 BGP(0): 192.168.0.2 rcvd 192.0.2.0/24...duplicate ignored
 BGP(0): 192.168.0.2 rcvd UPDATE w/ attr: nexthop 192.168.0.2, origin i, metric 0, path 65530
 BGP(0): 192.168.0.2 rcvd 192.0.2.0/24...duplicate ignored

and these do not count as flaps (at least on this exact cisco7201
masquerading as "upstream").

But what I want is to completely hide all internal turmoil from the
outside world... as long as "edge" is up I want it to show 192.0.2/24
in a constant fashion.  I feel like this was possible in the mid-'90s.
Was I mistaken?

Thanks,
-mark

More information about the cisco-nsp mailing list