[c-nsp] suppress bgp updates?

Brad Hedlund (brhedlun) brhedlun at cisco.com
Tue Nov 16 21:33:41 EST 2010 

Hiding internal routing turmoil, as you state it, works best when you are aggregating/summarizing -- which you are not doing here.  Your RIB entry for 192.168.2.0 changes between static and OSPF routes.  BGP sees this as a route change and does its job of notifying neighbors.

This would work better if you advertised 192.168.0.0/22 from the "edge" router, assuming you own that block of addresses.


Brad Hedlund
--
Sent from my mobile phone
(please excuse brevity, typos)

On Nov 16, 2010, at 8:04 PM, "Mark Kent" <mark at noc.mainstreet.net> wrote:

> I thought I knew how to nail down BGP announcements so that an edge
> router shows a uniform face to the rest of the world, but a recent
> experience and experiment tells me I was wrong.
> 
> Here is the experiment:
> 
>  [upstream]
>     |
>     |
>  [edge]<---->[internal]
> 
> "upstream" and "edge" are eBGP peers, "edge" and "internal" are ospf
> neighbors.  The idea here is that I manage "edge" and "internal" and
> some ISP runs "upstream".  
> 
> The config on "edge" is:
> 
> router bgp 65530
> no synchronization
> network 192.0.2.0
> neighbor 192.168.0.1 remote-as 65531
> 
> ip route 192.0.2.0 255.255.255.0 Null0 240 permanent
> 
> My belief was that the above static route would save me from
> any internal routing snafu, so that AS65531 will continually
> see that path.
> 
> Router "upstream" has:
> 
> router bgp 65531
> bgp dampening
> neighbor 192.168.0.2 remote-as 65530
> 
> with "debug ip bgp updates" turned on, so I can see what is happening.
> 
> The "internal" router redistributes static routes into ospf, 
> so I introduce changes by alternating between:
> 
> internal(config)#ip route 192.0.2.0 255.255.255.0 10.10.10.10
> 
> and
> 
> internal(config)#no ip route 192.0.2.0 255.255.255.0 10.10.10.10
> 
> Whenever I do this, I do see updates making it out to the upstream:
> 
> BGP(0): 192.168.0.2 rcvd UPDATE w/ attr: nexthop 192.168.0.2, origin i, metric 27, path 65530
> BGP(0): 192.168.0.2 rcvd 192.0.2.0/24
> BGP(0): Revise route installing 1 of 1 routes for 192.0.2.0/24 -> 192.168.0.2(main) to main IP table
> BGP(0): 192.168.0.2 rcvd UPDATE w/ attr: nexthop 192.168.0.2, origin i, metric 0, path 65530
> BGP(0): 192.168.0.2 rcvd 192.0.2.0/24
> 
> "sh ip bgp dampening flap-statistics" indicates that these updates
> count as flaps and eventually lead to dampening (should anyone still do
> dampening).  I recognize that the routes are not being withdrawn and
> then re-injected, and I am happy for that.
> 
> You can see from the above that the metric is changing, and I can fix
> this with:
> 
> route-map FOO permit 10
> set metric 0
> set origin igp
> 
> and
> 
> router bgp 65530
> neighbor 192.168.0.1 route-map FOO out
> 
> Now updates are recognized as duplicates by the upstream:
> 
> BGP(0): 192.168.0.2 rcvd UPDATE w/ attr: nexthop 192.168.0.2, origin i, metric 0, path 65530
> BGP(0): 192.168.0.2 rcvd 192.0.2.0/24...duplicate ignored
> BGP(0): 192.168.0.2 rcvd UPDATE w/ attr: nexthop 192.168.0.2, origin i, metric 0, path 65530
> BGP(0): 192.168.0.2 rcvd 192.0.2.0/24...duplicate ignored
> 
> and these do not count as flaps (at least on this exact cisco7201
> masquerading as "upstream").
> 
> But what I want is to completely hide all internal turmoil from the
> outside world... as long as "edge" is up I want it to show 192.0.2/24
> in a constant fashion.  I feel like this was possible in the mid-'90s.
> Was I mistaken?
> 
> Thanks,
> -mark
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/

More information about the cisco-nsp mailing list