[rbak-nsp] SE-400 IP Pool Help

David Freedman david.freedman at uk.clara.net
Sun Dec 7 08:23:25 EST 2008 

Yes, I've had stupid amounts of problems with the "summary-only" keyword in the past, 
it is most certainly broken in my release (6.1.3.1)

Since you are doing this in a VPN content (and hence can't filter iBGP), 
Remove the "redistribute subscriber" and all the aggregate addresses
and only have "redistribute static" then maintain static supernets 
routed to null0 (ip route x.x.x.x/y null0)

like:

router bgp vpn
redistribute static
no redistribute subscriber address
no aggregate-address 200.96.96.0/19 summary-only
no aggregate-address 200.96.204.0/22 summary-only
no aggregate-address 200.96.252.0/22 summary-only
ip route 200.96.96.0/19 null0
ip route 200.96.204.0/22 null0
ip route 200.96.252.0/22 null0

Dave.

------------------------------------------------
David Freedman
Group Network Engineering 
Claranet Limited
http://www.clara.net



-----Original Message-----
From: redback-nsp-bounces at puck.nether.net on behalf of Sherwin Ang
Sent: Sun 12/7/2008 11:46
To: redback-nsp at puck.nether.net
Subject: [rbak-nsp] SE-400 IP Pool Help
 
Hello Redback List,

i've added a new IP Pool to our SE-400 using this configuration:

 interface IPPOOL
  ip address 200.96.0.1/30
!
 interface POOL multibind lastresort
  ip unnumbered IPPOOL
  ip pool 200.96.96.0/19
  ip pool 200.96.204.0/22
  ip pool 200.96.252.0/22

 subscriber default
   ip address pool name POOL
   timeout idle 10
   ppp mtu 1492

Everything works great with regards to the Pool on our PPPoE but the
problem now is how the routes are redistributed and aggregated on our
BGP.

I have this configuration to aggregate and redistribute the routes.

 router bgp vpn
  address-family ipv4 unicast
   export route-target 999:4
   import route-target 999:4
   redistribute connected
   redistribute subscriber address
   redistribute static
   aggregate-address 200.96.96.0/19 summary-only
   aggregate-address 200.96.204.0/22 summary-only
   aggregate-address 200.96.252.0/22 summary-only

it looks correct but when i take a look at the BGP peer's routing
table, it's getting a lot of /32's from the subscriber pool.  i now
have like 8,000+ of them and growing.  The routes are not advertised
without redistribute subscriber.  I tried putting a route-map and a
prefix-filter to match only the supernets (/19's,/22's) but since it's
still sending /32's, it won't match.

I hope someone can point me to the right direction.

Thank you.

-Sherwin
_______________________________________________
redback-nsp mailing list
redback-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/redback-nsp

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/redback-nsp/attachments/20081207/41238fe4/attachment.html>

More information about the redback-nsp mailing list