[c-nsp] BGP routes disappearing

Hank Nussbacher hank at interall.co.il
Mon Jun 10 06:28:50 EDT 2024 

On 10/06/2024 11:20, Saku Ytti wrote:
> I don't think there is enough information here to understand the
> problem.

Since you asked:

Router B is exaBGP sending announcements to router A (128.139.220.90).
192.0.2.1 is a GigE interface on router A.  I want to null0 all traffic 
which is easy to do but I also want a record of every attempt someone 
tried to reach one of these null0 routes.  Think of something like:
https://www.team-cymru.com/ty/cisco-router-traditional-bogons

So I want an ACL like:
ipv4 access-list log-traffic
  10 permit ipv4 any any log

But an ACL can't be placed on a null0 interface nor on a loopback 
interface so I created a fake VLAN and route the traffic there (to 
192.0.2.1), and there I can install an ACL and log the traffic:
RP/0/RSP0/CPU0:2024 Jun 10 10:27:44 : ipv4_acl_mgr[343]: 
%ACL-IPV4_ACL-6-IPACCESSLOGP : access-list log-traffic (10) deny udp 
128.139.6.11(40652) -> 192.0.2.1(53), 1 packet

In any event, I solved it.

Thanks,
Hank


> 
> So you have
> 
> RouterA - RouterB
> 
> RouterA is 192.0.2.1/24 RouterB is 128.139.197.146
> 
> RouterB advertises bunch of /32s to routerA, with next-hop
> 192.0.2.1?
> 
> This seems nonsensical to me, where is routerA supposed to send the 
> packets? So I must be misunderstanding what you're doing.
> 
> But you probably can look at the disappeared routers in adjRIB for 
> some clue, or turn on debugging on BGP, to see why they are 
> invalidated.
> 
> I'm expecting invalid next-hop, next-hop loop or BGP session itself 
> has the most-specific route to the BGP session over the BGP session.
> 
> 
> 
> 
> On Mon, 10 Jun 2024 at 11:09, Hank Nussbacher via cisco-nsp 
> <cisco-nsp at puck.nether.net> wrote:
>> 
>> I have a simple iBGP peer defined as follows:
>> 
>> neighbor 128.139.197.146 remote-as 378 update-source Loopback0 
>> address-family ipv4 unicast
>> 
>> 
>> I have a GigE interface defined as:
>> 
>> interface GigabitEthernet0/0/0/43.1 ipv4 address 192.0.2.1
>> 255.255.255.0 encapsulation dot1q 1
>> 
>> This iBGP peer feeds me /32s with nexthop set as 192.0.2.1/32.
>> Problem is all routes disappear.
>> 
>> Neighbor        Spk    AS MsgRcvd MsgSent   TblVer  InQ OutQ
>> Up/Down St/PfxRcd 128.139.197.146   0   378   10437  627880
>> 10060119    0    0 00:15:41          0
>> 
>> 
>> If the feed sets the IP to 192.0.2.2 then the BGP routes appear in
>> the routing table.  If I then change the IP address on interface 
>> GigabitEthernet0/0/0/43.1 to 192.0.2.2 then the routes disappear as
>> well after having made it into the routing table.
>> 
>> 
>> I am obviously missing something very simple.  Clue-bat welcome.
>> 
>> 
>> Thanks,
>> 
>> Hank
>> 
>> 
>> 
>> _______________________________________________ cisco-nsp mailing
>> list  cisco-nsp at puck.nether.net 
>> https://puck.nether.net/mailman/listinfo/cisco-nsp archive at
>> http://puck.nether.net/pipermail/cisco-nsp/
> 
> 
>

More information about the cisco-nsp mailing list