Monday, 2 July 2012

BGP: Conditional Advertisement using non-exist-map:

BGP: Conditional Advertisement using non-exist-map:


·         If we see the BGP Best Path selection order, we have more control over the traffic leaving our Autonomous System than the traffic entering our AS.
·         This is because the attributes used to affect the Outbound traffic (WEIGHT and LOCAL OREFERENCE) comes first in the order, than the attributes used to affect the inbound traffic (AS-PATH and MED)

·         Sometimes this behavior may not be desirable.
·         BGP conditional advertisement gives us an alternative way to affect how traffic enters our AS.
·         If we don’t advertise a route to a specific neighbor, he is forced to come through another neighbor who has the route.

·         This feature is typically used in Multihomed environment.
·         By controlling which prefixes are advertised which neighbors, traffic is forced to route in the appropriate path or link.

Let me take a small topology to configure and verify this feature:



·         R1: AS 100
·         R2: AS 200
·         R3: AS 300
·         R1 is advertising its loopback 1.1.1.1/32 into BGP

·         Under normal conditions, R2 would choose the Ser1/0 link directly connected between R2-R1 to reach R1’s loopback 1.1.1.1/32 (R2 has another route from R3 also)

·         But, what if R1 doesn’t want any inbound traffic on the Ser1/0 link?

·         R1 can use AS-PATH prepending or MED to affect the inbound-traffic from R2.
·         But still R2 can use Weight or Local preference to override this (because these 2 attributes comes first in the BGP Best path selection order)

·         Solution: R1 can use Conditional advertisement feature

·         R1 advertises 1.1.1.1/32 prefix to R2, only if R1-R3 link fails.
·         So, R2 would learn about 1.1.1.1/32 though R3, and R2 would route through R3 to reach 1.1.1.1/32.

·         In case of R1-R3 link failure, R1 advertises the prefix directly to the neighbor R2.

·         We will use of NON-EXIST-MAP and ADVERTISE-MAP to configure this.
·         We need to match the following:
o    R1-R3 link (100.1.31.0/24) in non-exist-map and
o    Prefix to be advertised, 1.1.1.1/32 in advertise-map

·         Once the prefix in non-exist-map (R1-R3) leaves the BGP table, then the prefix matched by Advertise-map gets advertised to the neighbor.

Configuration:

R1#show run | begin router bgp
router bgp 100
 no synchronization
 bgp router-id 1.1.1.1
 bgp log-neighbor-changes
 network 1.1.1.1 mask 255.255.255.255
 neighbor 100.1.12.2 remote-as 200
 neighbor 100.1.31.3 remote-as 300
 no auto-summary
!

R2#show run | begin router bgp
router bgp 200
 no synchronization
 bgp router-id 2.2.2.2
 bgp log-neighbor-changes
 network 2.2.2.2 mask 255.255.255.255
 neighbor 100.1.12.1 remote-as 100
 neighbor 100.1.23.3 remote-as 300
 no auto-summary
!

R3#show run | begin router bgp 300
router bgp 300
 no synchronization
 bgp router-id 3.3.3.3
 bgp log-neighbor-changes
 network 3.3.3.3 mask 255.255.255.255
 neighbor 100.1.23.2 remote-as 200
 neighbor 100.1.31.1 remote-as 100
 no auto-summary
!

R1#show ip bgp summary
BGP router identifier 1.1.1.1, local AS number 100
BGP table version is 4, main routing table version 4
3 network entries using 351 bytes of memory
5 path entries using 260 bytes of memory
6/3 BGP path/bestpath attribute entries using 744 bytes of memory
4 BGP AS-PATH entries using 96 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 1451 total bytes of memory
BGP activity 3/0 prefixes, 5/0 paths, scan interval 60 secs

Neighbor        V    AS MsgRcvd MsgSent   TblVer  InQ OutQ Up/Down  State/PfxRcd
100.1.12.2      4   200       8       8        4    0    0 00:02:35        2
100.1.31.3      4   300       8       8        4    0    0 00:02:01        2
R1#

R2#show ip bgp summary
BGP router identifier 2.2.2.2, local AS number 200
BGP table version is 4, main routing table version 4
3 network entries using 351 bytes of memory
5 path entries using 260 bytes of memory
6/3 BGP path/bestpath attribute entries using 744 bytes of memory
4 BGP AS-PATH entries using 96 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 1451 total bytes of memory
BGP activity 3/0 prefixes, 5/0 paths, scan interval 60 secs

Neighbor        V    AS MsgRcvd MsgSent   TblVer  InQ OutQ Up/Down  State/PfxRcd
100.1.12.1      4   100       8       8        4    0    0 00:02:35        2
100.1.23.3      4   300       8       8        4    0    0 00:01:53        2
R2#

R3#show ip bgp summary
BGP router identifier 3.3.3.3, local AS number 300
BGP table version is 4, main routing table version 4
3 network entries using 351 bytes of memory
5 path entries using 260 bytes of memory
6/3 BGP path/bestpath attribute entries using 744 bytes of memory
4 BGP AS-PATH entries using 96 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 1451 total bytes of memory
BGP activity 3/0 prefixes, 5/0 paths, scan interval 60 secs

Neighbor        V    AS MsgRcvd MsgSent   TblVer  InQ OutQ Up/Down  State/PfxRcd
100.1.23.2      4   200       8       8        4    0    0 00:01:54        2
100.1.31.1      4   100       8       8        4    0    0 00:02:02        2
R3#

Observations:

·         All neighbors are up.

R1#show ip bgp
BGP table version is 4, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*> 1.1.1.1/32       0.0.0.0                  0         32768 i
*  2.2.2.2/32       100.1.31.3                             0 300 200 i
*>                  100.1.12.2               0             0 200 i
*  3.3.3.3/32       100.1.12.2                             0 200 300 i
*>                  100.1.31.3               0             0 300 i
R1#

R2#show ip bgp
BGP table version is 4, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*  1.1.1.1/32       100.1.23.3                             0 300 100 i
*>                  100.1.12.1               0             0 100 i
*> 2.2.2.2/32       0.0.0.0                  0         32768 i
*  3.3.3.3/32       100.1.12.1                             0 100 300 i
*>                  100.1.23.3               0             0 300 i
R2#

R3#show ip bgp
BGP table version is 4, local router ID is 3.3.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*  1.1.1.1/32       100.1.23.2                             0 200 100 i
*>                  100.1.31.1               0             0 100 i
*  2.2.2.2/32       100.1.31.1                             0 100 200 i
*>                  100.1.23.2               0             0 200 i
*> 3.3.3.3/32       0.0.0.0                  0         32768 i
R3#

R2#traceroute 1.1.1.1

Type escape sequence to abort.
Tracing the route to 1.1.1.1

  1 100.1.12.1 36 msec *  48 msec
R2#

Observation:

·         R2 is choosing the directly connected Ser1/0 link to reach R1’a loopback 1.1.1.1/32

Now, let me configure non-exist-map and advertise-map:

R1(config-router)#do show run | begin router bgp 100
router bgp 100
 no synchronization
 bgp router-id 1.1.1.1
 bgp log-neighbor-changes
 network 1.1.1.1 mask 255.255.255.255
 network 100.1.31.0 mask 255.255.255.0
 neighbor 100.1.12.2 remote-as 200
 neighbor 100.1.12.2 advertise-map R1-LOOPBACK non-exist-map R1-R3-LINK
 neighbor 100.1.31.3 remote-as 300
 no auto-summary
!
ip prefix-list R1-LOOPBACK seq 5 permit 1.1.1.1/32
ip prefix-list R1-R3-LINK seq 5 permit 100.1.31.0/24
!
route-map R1-R3-LINK permit 10
 match ip address prefix-list R1-R3-LINK
!
route-map R1-LOOPBACK permit 10
 match ip address prefix-list R1-LOOPBACK
!
R1#show ip bgp neighbors 100.1.12.2 | i Condition
  Condition-map R1-R3-LINK, Advertise-map R1-LOOPBACK, status: Withdraw
R1#

R1#show ip bgp neighbors 100.1.12.2 advertised-routes
BGP table version is 6, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*> 3.3.3.3/32       100.1.31.3               0             0 300 i
*> 100.1.31.0/24    0.0.0.0                  0         32768 i

Total number of prefixes 2
R1#
R1#show ip bgp
BGP table version is 12, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*> 1.1.1.1/32       0.0.0.0                  0         32768 i
*  2.2.2.2/32       100.1.31.3                             0 300 200 i
*>                  100.1.12.2               0             0 200 i
*> 3.3.3.3/32       100.1.31.3               0             0 300 i
*                   100.1.12.2                             0 200 300 i
*> 100.1.31.0/24    0.0.0.0                  0         32768 i
R1#

R2#show ip bgp
BGP table version is 13, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*> 1.1.1.1/32       100.1.23.3                             0 300 100 i
*> 2.2.2.2/32       0.0.0.0                  0         32768 i
*  3.3.3.3/32       100.1.12.1                             0 100 300 i
*>                  100.1.23.3               0             0 300 i
*  100.1.31.0/24    100.1.23.3                             0 300 100 i
*>                  100.1.12.1               0             0 100 i
R2#

R2#traceroute 1.1.1.1 source 2.2.2.2

Type escape sequence to abort.
Tracing the route to 1.1.1.1

  1 100.1.23.3 60 msec 52 msec 28 msec
  2 100.1.31.1 [AS 100] 68 msec *  60 msec
R2#

Observations:

·         R1-R3 link is present in the R1’s BGP table.
·         That’s why R1 is not advertising 1.1.1.1/32 directly to R2
·         R2 is learning about 1.1.1.1/32 through R3

Now, let me shut the R1-R3 link:

R1(config)#int serial 1/1
R1(config-if)#shut
R1(config-if)#
*Jul  2 14:45:33.627: %BGP-5-ADJCHANGE: neighbor 100.1.31.3 Down Interface flap
R1(config-if)#
*Jul  2 14:45:35.607: %LINK-5-CHANGED: Interface Serial1/1, changed state to administratively down
R1(config-if)#

R1#show ip bgp
BGP table version is 9, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*> 1.1.1.1/32       0.0.0.0                  0         32768 i
*> 2.2.2.2/32       100.1.12.2               0             0 200 i
*> 3.3.3.3/32       100.1.12.2                             0 200 300 i
R1#
R1#show ip bgp neighbors 100.1.12.2 | i Condition
  Condition-map R1-R3-LINK, Advertise-map R1-LOOPBACK, status: Advertise
R1#

R1#show ip bgp neighbors 100.1.12.2 advertised-routes
BGP table version is 9, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*> 1.1.1.1/32       0.0.0.0                  0         32768 i

Total number of prefixes 1
R1#

R2#show ip bgp
BGP table version is 22, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*> 1.1.1.1/32       100.1.12.1               0             0 100 i
*> 2.2.2.2/32       0.0.0.0                  0         32768 i
*> 3.3.3.3/32       100.1.23.3               0             0 300 i
R2#
R2#traceroute 1.1.1.1 source 2.2.2.2

Type escape sequence to abort.
Tracing the route to 1.1.1.1

  1 100.1.12.1 44 msec *  48 msec
R2#

Observation:

·         R1-R3 link 100.1.31.0/24 is not present in R1’s BGP table
·         That’s why R1 has advertised 1.1.1.1/32 to R2
Posted by at
Labels: , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)