BGP: Route Aggregation - Suppress-map and unsuppress-map

BGP: Route Aggregation - Suppress-map and unsuppress-map

·         In the last post, we learnt about Route aggregation in BGP and summay-only and AS-SET keywords

·         In this post, I will configure suppress-map and unsuppress-map, simply means selective advertising of the prefixes based on the requirement.

Let me take the same topology as in the previous post

·         R1: AS 100

·         R2: AS 200

·         R3: AS 300

·         R4: AS 400

·         R5: AS 500

·         R2 is advertising 23.1.1.2 and 23.1.2.2 into its BGP

·         R3 is advertising 23.1.3.3 and 23.1.4.3 into its BGP

Let me see the BGP Configs before configuring aggregation

R1(config-router)#do show run | begin router bgp

router bgp 100

 no synchronization

 bgp router-id 1.1.1.1

 bgp log-neighbor-changes

 neighbor 10.1.12.2 remote-as 200

 neighbor 10.1.13.3 remote-as 300

 neighbor 10.1.14.4 remote-as 400

 neighbor 10.1.15.5 remote-as 500

 no auto-summary

!

R2(config-router)#do show run | begin router bgp

router bgp 200

 no synchronization

 bgp router-id 2.2.2.2

 bgp log-neighbor-changes

 network 23.1.1.0 mask 255.255.255.0

 network 23.1.2.0 mask 255.255.255.0

 neighbor 10.1.12.1 remote-as 100

 no auto-summary

!

R3(config-router)#do show run | begin router bgp

router bgp 300

 no synchronization

 bgp router-id 3.3.3.3

 bgp log-neighbor-changes

 network 23.1.3.0 mask 255.255.255.0

 network 23.1.4.0 mask 255.255.255.0

 neighbor 10.1.13.1 remote-as 100

 no auto-summary

!

R4(config-router)#do show run | begin router bgp

router bgp 400

 no synchronization

 bgp router-id 4.4.4.4

 bgp log-neighbor-changes

 neighbor 10.1.14.1 remote-as 100

 no auto-summary

!

R5(config-router)#do show run | begin router bgp

router bgp 500

 no synchronization

 bgp router-id 5.5.5.5

 bgp log-neighbor-changes

 neighbor 10.1.15.1 remote-as 100

 no auto-summary

!

R2(config-router)#do show ip bgp

BGP table version is 11, local router ID is 2.2.2.2

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

              r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path

*> 23.1.1.0/24      0.0.0.0                  0         32768 i

*> 23.1.2.0/24      0.0.0.0                  0         32768 i

*> 23.1.3.0/24      10.1.12.1                              0 100 300 i

*> 23.1.4.0/24      10.1.12.1                              0 100 300 i

R2(config-router)#

R3(config-router)#do show ip bgp

BGP table version is 11, local router ID is 3.3.3.3

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

              r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path

*> 23.1.1.0/24      10.1.13.1                              0 100 200 i

*> 23.1.2.0/24      10.1.13.1                              0 100 200 i

*> 23.1.3.0/24      0.0.0.0                  0         32768 i

*> 23.1.4.0/24      0.0.0.0                  0         32768 i

R3(config-router)#

R1(config-router)#do show ip bgp

BGP table version is 15, local router ID is 1.1.1.1

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

              r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path

*> 23.1.1.0/24      10.1.12.2                0             0 200 i

*> 23.1.2.0/24      10.1.12.2                0             0 200 i

*> 23.1.3.0/24      10.1.13.3                0             0 300 i

*> 23.1.4.0/24      10.1.13.3                0             0 300 i

R1(config-router)#

R4(config-router)#do show ip bgp

BGP table version is 15, local router ID is 4.4.4.4

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

              r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path

*> 23.1.1.0/24      10.1.14.1                              0 100 200 i

*> 23.1.2.0/24      10.1.14.1                              0 100 200 i

*> 23.1.3.0/24      10.1.14.1                              0 100 300 i

*> 23.1.4.0/24      10.1.14.1                              0 100 300 i

R4(config-router)#

R5(config-router)#do show ip bgp

BGP table version is 15, local router ID is 5.5.5.5

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

              r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path

*> 23.1.1.0/24      10.1.15.1                              0 100 200 i

*> 23.1.2.0/24      10.1.15.1                              0 100 200 i

*> 23.1.3.0/24      10.1.15.1                              0 100 300 i

*> 23.1.4.0/24      10.1.15.1                              0 100 300 i

R5(config-router)#

Observations:

·         All BGP neighbors are Up

·         All routers received the 4 prefixes advertised by R2 and R3

Now:

1.  R5 wants only 23.1.2.2/32, 23.1.4.3/32 and will use summary route to reach other 2 prefixes.

2.  R4 wants all the routes including the Summary route.

·         For point 1, I can use suppress-map while configuring aggregation in R1

·         The prefixes matched by a route-map (using an access-list) are suppressed

·         Since R5 wants 23.1.2.2 and 23.1.4.3, the access-list should match the other 2 prefixes which we want to suppress (23.1.1.2 and 23.1.3.3)

So let me configure suppress-map while summarizing the routes in R1

R1(config)#access-list 15 permit 23.1.1.2

R1(config)#access-list 15 permit 23.1.3.3

R1(config)#route-map SUPPRESS_MAP

R1(config-route-map)#match ip add

R1(config-route-map)#match ip address 15

R1(config-route-map)#router bgp 100

R1(config-route-map)#aggregate-address 23.1.0.0 255.255.0.0 suppress-map SUPPRESS_MAP

R5(config-router)#do show ip bgp

BGP table version is 52, local router ID is 5.5.5.5

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

              r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path

*> 23.1.0.0/16      10.1.15.1                0             0 100 i

*> 23.1.2.2/32      10.1.15.1                              0 100 200 i

*> 23.1.4.3/32      10.1.15.1                              0 100 300 i

R5(config-router)#

R1(config-route-map)#do show ip bgp

BGP table version is 8, local router ID is 1.1.1.1

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

              r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path

*> 23.1.0.0/16      0.0.0.0                            32768 i

s> 23.1.1.2/32      10.1.12.2                0             0 200 i

*> 23.1.2.2/32      10.1.12.2                0             0 200 i

s> 23.1.3.3/32      10.1.13.3                0             0 300 i

*> 23.1.4.3/32      10.1.13.3                0             0 300 i

R1(config-route-map)#

R1(config-route-map)#do debug ip bgp

*Jun 17 20:34:49.851: %BGP-5-ADJCHANGE: neighbor 10.1.12.2 Up

*Jun 17 20:34:49.983: BGP(0): Aggregate processing for IPv4 Unicast

*Jun 17 20:34:49.987: BGP(0): For aggregate 23.1.0.0/16

*Jun 17 20:34:49.987: BGP(0): 23.1.0.0/16 subtree has an entry 23.1.1.2/32

*Jun 17 20:34:49.987: BGP(0): sub-prefix : 23.1.1.2/32

*Jun 17 20:34:49.987: BGP(0): Needs to be re-aggregated

*Jun 17 20:34:49.987: BGP(0): 23.1.0.0/16 subtree has an entry 23.1.1.2/32

*Jun 17 20:34:49.991: BGP(0): 23.1.0.0/16 aggregate has 23.1.1.2/32 more-specific

*Jun 17 20:34:49.991: BGP(0): 23.1.0.0/16 aggregate created, attributes updated

*Jun 17 20:34:49.991: BGP(0): 23.1.0.0/16 subtree has an entry 23.1.0.0/16

*Jun 17 20:34:49.995: BGP(0): 23.1.0.0/16 subtree has another entry 23.1.1.2/32

*Jun 17 20:34:49.995: BGP(0): Found sub-prefix 23.1.1.2/32: suppressed

*Jun 17 20:34:49.999: BGP(0): Found sub-prefix 23.1.2.2/32: Not matched

*Jun 17 20:34:49.999: BGP(0): Found sub-prefix 23.1.3.3/32: suppressed

*Jun 17 20:34:50.003: BGP(0): Found sub-prefix 23.1.4.3/32: Not matched

R1(config-router)#

Observations:

·         My configuration is working

·         The prefixes matched by the route-map are suppressed (23.1.1.2 and 23.1.3.3)

·         R5 is only getting 23.1.2.2/32 and 23.1.4.3/32 along with the summary-route.

Let me see R4’s routing table:

R4(config-router)#do show ip bgp

BGP table version is 78, local router ID is 4.4.4.4

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

              r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path

*> 23.1.0.0/16      10.1.14.1                0             0 100 i

*> 23.1.2.2/32      10.1.14.1                              0 100 200 i

*> 23.1.4.3/32      10.1.14.1                              0 100 300 i

R4(config-router)#

Observations:

·         R4 also has the same output as R5 as I have not done anything specific to this neighbor.

·         Since R4 wants all the prefixes; just for R4, I need to unsuppress the routes that were suppressed by the suppress-map.

·         For this, I need to match the prefixes that have to be unsuppressed, 23.1.1.2 and 23.1.3.3

·         Since I already have the same configs in “route-map SUPPRESS_MAP”, I can use the same route-map.

R1(config-router)#neighbor 10.1.14.4 unsuppress-map SUPPRESS_MAP

R4(config-router)#do show ip bgp

BGP table version is 92, local router ID is 4.4.4.4

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

              r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path

*> 23.1.0.0/16      10.1.14.1                0             0 100 i

*> 23.1.1.2/32      10.1.14.1                              0 100 200 i

*> 23.1.2.2/32      10.1.14.1                              0 100 200 i

*> 23.1.3.3/32      10.1.14.1                              0 100 300 i

*> 23.1.4.3/32      10.1.14.1                              0 100 300 i

R4(config-router)#

** Now R4 has all the routes!!!

·         I observed that it’s not working correctly if I configure prefix-list instead of access-list

·         Need to do more research on this…