[c-nsp] re-advertising eBGP learned prefixes

Andrey Koklin aka at veco.ru
Thu Oct 20 11:13:50 EDT 2011 

On 10/20/2011 18:49, Gert Doering wrote:

> On Thu, Oct 20, 2011 at 06:42:59PM +0400, Andrey Koklin wrote:
>> Yes. But still I cannot persuade R2-AS1 router to advertise prefixes there.
>> Even without AS3 in the path...

> So what's the *export policy* of R2-AS1 towards the AS3 router?

> [..]
>>> So how's your export policies on that router towards the neighbour
>>> that you should see the prefix on?

>> The R3-AS3 router doesn't know these prefixes. It has its own BGP table.

> I'm not sure how that answer relates to anything...

Oh, sorry, seems I've understood you wrongly with my poor English...

> Most likely you have some sort of filter on R2-AS1 that does not permit
> these prefixes - and I'm asking for the config so we can look at it
> and try to see where it's filtering.

Sure, it has simple filtering rules.
Here is the proper config:

-- 8< --
router bgp 65036
 no synchronization
 bgp log-neighbor-changes
 bgp redistribute-internal
 network 10.36.0.0 mask 255.255.0.0
 network 213.129.126.0
 timers bgp 5 20 15
 neighbor 10.36.254.2 remote-as 21017
 neighbor 10.36.254.2 soft-reconfiguration inbound
 neighbor 10.36.254.2 route-map FROM_VPN_CTK in
 neighbor 10.36.254.2 route-map TO_VPN_CTK out
 neighbor 213.129.126.1 remote-as 65036
 neighbor 213.129.126.1 soft-reconfiguration inbound
 default-information originate
 distance bgp 100 100 10
 no auto-summary

ip as-path access-list 100 permit ^$
ip as-path access-list 101 permit _21017_
ip as-path access-list 102 permit _21017_21017_

ip prefix-list TO_VPN_CTK description announced nets through CTK VPN
ip prefix-list TO_VPN_CTK seq 10 permit 0.0.0.0/0
ip prefix-list TO_VPN_CTK seq 20 permit 213.129.126.0/24
ip prefix-list TO_VPN_CTK seq 30 permit 10.36.0.0/16
ip prefix-list TO_VPN_CTK seq 35 permit 10.36.0.0/16 le 28
ip prefix-list TO_VPN_CTK seq 40 permit 10.36.0.0/18 le 28
ip prefix-list TO_VPN_CTK seq 50 permit 10.36.248.0/23 le 24

route-map TO_VPN_CTK permit 10
 match ip address prefix-list TO_VPN_CTK
 match as-path 100
-- 8< --

I've just tried to remove filters. The router started to advertise all
but the needed prefixes, like 10.36.72.32/27...

More information about the cisco-nsp mailing list