BGP: Attribute-map configuration and verification

BGP: Attribute-map configuration and verification

·         Whenever BGP summarizes along with AS-SET key-word, the summarized route inherits the properties of individual routes.

·         Example: If any of the individual route has community value, the summarized route inherits this community value

·         If it is a special community value like no-export, it affects the propagation of the summarized route.

·         We can use ATTRIBUTE-MAP to change the properties (attributes) of the summarized route).

·         Let me take a small topology to configure this:

R1----------------------R2--------------------R3

·         R1: AS 100

·         R2: AS 200

·         R3: AS 300

·         Configure 5 loopbacks 10.1.1.1, 10.1.2.1, 10.1.3.1, 10.1.4.1, 10.1.5.1 in R1 and advertise them into BGP

·         Configure 10.1.1.1 with no-export community

·         Configure aggregate-address in R2 and see the properties of summarized route.

·         Then we will see how to configure ATTRIBUTE-MAP to change this inherited properties

R1(config-router)#do show run | begin router bgp

router bgp 100

 no synchronization

 bgp router-id 1.1.1.1

 bgp log-neighbor-changes

 network 10.1.1.1 mask 255.255.255.255

 network 10.1.2.1 mask 255.255.255.255

 network 10.1.3.1 mask 255.255.255.255

 network 10.1.4.1 mask 255.255.255.255

 network 10.1.5.1 mask 255.255.255.255

 neighbor 100.1.12.2 remote-as 200

 neighbor 100.1.12.2 send-community

 neighbor 100.1.12.2 route-map EXPORT out

 no auto-summary

!

!

ip prefix-list 10 seq 5 permit 10.1.1.1/32

!

route-map EXPORT permit 10

 match ip address prefix-list 10

 set community no-export

!

route-map EXPORT permit 100

!

R1(config-router)#!

R2(config-router)#do show run | begin router bgp 200

router bgp 200

 no synchronization

 bgp log-neighbor-changes

 aggregate-address 10.1.0.0 255.255.0.0

 neighbor 100.1.12.1 remote-as 100

 neighbor 100.1.23.3 remote-as 300

 neighbor 100.1.23.3 send-community

 no auto-summary

!

R2#show ip bgp

BGP table version is 23, local router ID is 2.2.2.2

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

              r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path

*> 10.1.0.0/16      0.0.0.0                            32768 i

*> 10.1.1.1/32      100.1.12.1               0             0 100 i

*> 10.1.2.1/32      100.1.12.1               0             0 100 i

*> 10.1.3.1/32      100.1.12.1               0             0 100 i

*> 10.1.4.1/32      100.1.12.1               0             0 100 i

*> 10.1.5.1/32      100.1.12.1               0             0 100 i

R2#

R2#show ip bgp 10.1.1.1

BGP routing table entry for 10.1.1.1/32, version 22

Paths: (1 available, best #1, table Default-IP-Routing-Table, not advertised to EBGP peer)

  Not advertised to any peer

  100

    100.1.12.1 from 100.1.12.1 (1.1.1.1)

      Origin IGP, metric 0, localpref 100, valid, external, best

      Community: no-export

R2#

R2#show ip bgp 10.1.0.0/16

BGP routing table entry for 10.1.0.0/16, version 23

Paths: (1 available, best #1, table Default-IP-Routing-Table)

  Advertised to update-groups:

     1          2

  Local, (aggregated by 200 2.2.2.2)

    0.0.0.0 from 0.0.0.0 (2.2.2.2)

      Origin IGP, localpref 100, weight 32768, valid, aggregated, local, atomic-aggregate, best

R2#

Observations:

·         I have not configured AS-SET key-word while configuring the aggregate-address

·         So, I don’t see the summarized route inheriting the community no-export that is configured for 10.1.1.1

·         Let me configure AS-SET key-word while configuring the aggregate-address:

R2(config-router)#aggregate-address 10.1.0.0 255.255.0.0 as-set

R2(config-router)#do clear ip bgp *

R2(config-router)#

*Jun 28 09:58:09.627: %BGP-5-ADJCHANGE: neighbor 100.1.12.1 Down User reset

*Jun 28 09:58:09.631: %BGP-5-ADJCHANGE: neighbor 100.1.23.3 Down User reset

R2(config-router)#

*Jun 28 09:58:10.827: %BGP-5-ADJCHANGE: neighbor 100.1.12.1 Up

*Jun 28 09:58:10.915: %BGP-5-ADJCHANGE: neighbor 100.1.23.3 Up

R2(config-router)#end

R2#show i

*Jun 28 10:37:40.207: %SYS-5-CONFIG_I: Configured from console by console

R2#show ip bgp 10.1.0.0/16

BGP routing table entry for 10.1.0.0/16, version 7

Paths: (1 available, best #1, table Default-IP-Routing-Table, not advertised to EBGP peer)

  Not advertised to any peer

  100, (aggregated by 200 2.2.2.2)

    0.0.0.0 from 0.0.0.0 (2.2.2.2)

      Origin IGP, localpref 100, weight 32768, valid, aggregated, local, best

      Community: no-export

R2#

R3#show ip bgp

BGP table version is 41, local router ID is 3.3.3.3

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

              r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path

*> 10.1.2.1/32      100.1.23.2                             0 200 100 i

*> 10.1.3.1/32      100.1.23.2                             0 200 100 i

*> 10.1.4.1/32      100.1.23.2                             0 200 100 i

*> 10.1.5.1/32      100.1.23.2                             0 200 100 i

R3#

Observations:

·         If I configure the aggregate-address with AS-SET key-word, then the summarized route inherited the properties of 10.1.1.1, no-export community.

·         That is the reason why R2 didn’t advertise this summarized route to R3.

·         Configuring the ATTRIBUTE-MAP while configuring the aggregate-address to change the community value:

R2(config)#route-map ATTRIB

R2(config-route-map)#set community none

R2(config-route-map)#router bgp 200

R2(config-router)#aggregate-address 10.1.0.0 255.255.0.0 as-set attribute-map ATTRIB

R2(config-router)#DO CLEAR IP BGP *

R2(config-router)#

*Jun 28 14:06:31.566: %BGP-5-ADJCHANGE: neighbor 100.1.12.1 Down User reset

*Jun 28 14:06:31.570: %BGP-5-ADJCHANGE: neighbor 100.1.23.3 Down User reset

R2(config-router)#

*Jun 28 14:06:32.774: %BGP-5-ADJCHANGE: neighbor 100.1.23.3 Up

*Jun 28 14:06:33.118: %BGP-5-ADJCHANGE: neighbor 100.1.12.1 Up

R2(config-router)#

R2#show ip bgp 10.1.0.0/16

BGP routing table entry for 10.1.0.0/16, version 7

Paths: (1 available, best #1, table Default-IP-Routing-Table)

Flag: 0x820

  Advertised to update-groups:

     1          2

  100, (aggregated by 200 2.2.2.2)

    0.0.0.0 from 0.0.0.0 (2.2.2.2)

      Origin IGP, localpref 100, weight 32768, valid, aggregated, local, best

R2#

R3#show ip bgp

BGP table version is 52, local router ID is 3.3.3.3

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

              r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path

*> 10.1.0.0/16      100.1.23.2               0             0 200 100 i

*> 10.1.2.1/32      100.1.23.2                             0 200 100 i

*> 10.1.3.1/32      100.1.23.2                             0 200 100 i

*> 10.1.4.1/32      100.1.23.2                             0 200 100 i

*> 10.1.5.1/32      100.1.23.2                             0 200 100 i

R3#

Observation:

·         I have set the community value to none using the ATTRIBUTE-MAP

·         That’s why R2 has advertised this route to R3 now.

BGP: Route Aggregation - Suppress-map and unsuppress-map

BGP: Route Aggregation - Suppress-map and unsuppress-map

·         In the last post, we learnt about Route aggregation in BGP and summay-only and AS-SET keywords

·         In this post, I will configure suppress-map and unsuppress-map, simply means selective advertising of the prefixes based on the requirement.

Let me take the same topology as in the previous post

·         R1: AS 100

·         R2: AS 200

·         R3: AS 300

·         R4: AS 400

·         R5: AS 500

·         R2 is advertising 23.1.1.2 and 23.1.2.2 into its BGP

·         R3 is advertising 23.1.3.3 and 23.1.4.3 into its BGP

Let me see the BGP Configs before configuring aggregation

R1(config-router)#do show run | begin router bgp

router bgp 100

 no synchronization

 bgp router-id 1.1.1.1

 bgp log-neighbor-changes

 neighbor 10.1.12.2 remote-as 200

 neighbor 10.1.13.3 remote-as 300

 neighbor 10.1.14.4 remote-as 400

 neighbor 10.1.15.5 remote-as 500

 no auto-summary

!

R2(config-router)#do show run | begin router bgp

router bgp 200

 no synchronization

 bgp router-id 2.2.2.2

 bgp log-neighbor-changes

 network 23.1.1.0 mask 255.255.255.0

 network 23.1.2.0 mask 255.255.255.0

 neighbor 10.1.12.1 remote-as 100

 no auto-summary

!

R3(config-router)#do show run | begin router bgp

router bgp 300

 no synchronization

 bgp router-id 3.3.3.3

 bgp log-neighbor-changes

 network 23.1.3.0 mask 255.255.255.0

 network 23.1.4.0 mask 255.255.255.0

 neighbor 10.1.13.1 remote-as 100

 no auto-summary

!

R4(config-router)#do show run | begin router bgp

router bgp 400

 no synchronization

 bgp router-id 4.4.4.4

 bgp log-neighbor-changes

 neighbor 10.1.14.1 remote-as 100

 no auto-summary

!

R5(config-router)#do show run | begin router bgp

router bgp 500

 no synchronization

 bgp router-id 5.5.5.5

 bgp log-neighbor-changes

 neighbor 10.1.15.1 remote-as 100

 no auto-summary

!

R2(config-router)#do show ip bgp

BGP table version is 11, local router ID is 2.2.2.2

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

              r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path

*> 23.1.1.0/24      0.0.0.0                  0         32768 i

*> 23.1.2.0/24      0.0.0.0                  0         32768 i

*> 23.1.3.0/24      10.1.12.1                              0 100 300 i

*> 23.1.4.0/24      10.1.12.1                              0 100 300 i

R2(config-router)#

R3(config-router)#do show ip bgp

BGP table version is 11, local router ID is 3.3.3.3

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

              r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path

*> 23.1.1.0/24      10.1.13.1                              0 100 200 i

*> 23.1.2.0/24      10.1.13.1                              0 100 200 i

*> 23.1.3.0/24      0.0.0.0                  0         32768 i

*> 23.1.4.0/24      0.0.0.0                  0         32768 i

R3(config-router)#

R1(config-router)#do show ip bgp

BGP table version is 15, local router ID is 1.1.1.1

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

              r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path

*> 23.1.1.0/24      10.1.12.2                0             0 200 i

*> 23.1.2.0/24      10.1.12.2                0             0 200 i

*> 23.1.3.0/24      10.1.13.3                0             0 300 i

*> 23.1.4.0/24      10.1.13.3                0             0 300 i

R1(config-router)#

R4(config-router)#do show ip bgp

BGP table version is 15, local router ID is 4.4.4.4

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

              r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path

*> 23.1.1.0/24      10.1.14.1                              0 100 200 i

*> 23.1.2.0/24      10.1.14.1                              0 100 200 i

*> 23.1.3.0/24      10.1.14.1                              0 100 300 i

*> 23.1.4.0/24      10.1.14.1                              0 100 300 i

R4(config-router)#

R5(config-router)#do show ip bgp

BGP table version is 15, local router ID is 5.5.5.5

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

              r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path

*> 23.1.1.0/24      10.1.15.1                              0 100 200 i

*> 23.1.2.0/24      10.1.15.1                              0 100 200 i

*> 23.1.3.0/24      10.1.15.1                              0 100 300 i

*> 23.1.4.0/24      10.1.15.1                              0 100 300 i

R5(config-router)#

Observations:

·         All BGP neighbors are Up

·         All routers received the 4 prefixes advertised by R2 and R3

Now:

1.  R5 wants only 23.1.2.2/32, 23.1.4.3/32 and will use summary route to reach other 2 prefixes.

2.  R4 wants all the routes including the Summary route.

·         For point 1, I can use suppress-map while configuring aggregation in R1

·         The prefixes matched by a route-map (using an access-list) are suppressed

·         Since R5 wants 23.1.2.2 and 23.1.4.3, the access-list should match the other 2 prefixes which we want to suppress (23.1.1.2 and 23.1.3.3)

So let me configure suppress-map while summarizing the routes in R1

R1(config)#access-list 15 permit 23.1.1.2

R1(config)#access-list 15 permit 23.1.3.3

R1(config)#route-map SUPPRESS_MAP

R1(config-route-map)#match ip add

R1(config-route-map)#match ip address 15

R1(config-route-map)#router bgp 100

R1(config-route-map)#aggregate-address 23.1.0.0 255.255.0.0 suppress-map SUPPRESS_MAP

R5(config-router)#do show ip bgp

BGP table version is 52, local router ID is 5.5.5.5

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

              r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path

*> 23.1.0.0/16      10.1.15.1                0             0 100 i

*> 23.1.2.2/32      10.1.15.1                              0 100 200 i

*> 23.1.4.3/32      10.1.15.1                              0 100 300 i

R5(config-router)#

R1(config-route-map)#do show ip bgp

BGP table version is 8, local router ID is 1.1.1.1

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

              r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path

*> 23.1.0.0/16      0.0.0.0                            32768 i

s> 23.1.1.2/32      10.1.12.2                0             0 200 i

*> 23.1.2.2/32      10.1.12.2                0             0 200 i

s> 23.1.3.3/32      10.1.13.3                0             0 300 i

*> 23.1.4.3/32      10.1.13.3                0             0 300 i

R1(config-route-map)#

R1(config-route-map)#do debug ip bgp

*Jun 17 20:34:49.851: %BGP-5-ADJCHANGE: neighbor 10.1.12.2 Up

*Jun 17 20:34:49.983: BGP(0): Aggregate processing for IPv4 Unicast

*Jun 17 20:34:49.987: BGP(0): For aggregate 23.1.0.0/16

*Jun 17 20:34:49.987: BGP(0): 23.1.0.0/16 subtree has an entry 23.1.1.2/32

*Jun 17 20:34:49.987: BGP(0): sub-prefix : 23.1.1.2/32

*Jun 17 20:34:49.987: BGP(0): Needs to be re-aggregated

*Jun 17 20:34:49.987: BGP(0): 23.1.0.0/16 subtree has an entry 23.1.1.2/32

*Jun 17 20:34:49.991: BGP(0): 23.1.0.0/16 aggregate has 23.1.1.2/32 more-specific

*Jun 17 20:34:49.991: BGP(0): 23.1.0.0/16 aggregate created, attributes updated

*Jun 17 20:34:49.991: BGP(0): 23.1.0.0/16 subtree has an entry 23.1.0.0/16

*Jun 17 20:34:49.995: BGP(0): 23.1.0.0/16 subtree has another entry 23.1.1.2/32

*Jun 17 20:34:49.995: BGP(0): Found sub-prefix 23.1.1.2/32: suppressed

*Jun 17 20:34:49.999: BGP(0): Found sub-prefix 23.1.2.2/32: Not matched

*Jun 17 20:34:49.999: BGP(0): Found sub-prefix 23.1.3.3/32: suppressed

*Jun 17 20:34:50.003: BGP(0): Found sub-prefix 23.1.4.3/32: Not matched

R1(config-router)#

Observations:

·         My configuration is working

·         The prefixes matched by the route-map are suppressed (23.1.1.2 and 23.1.3.3)

·         R5 is only getting 23.1.2.2/32 and 23.1.4.3/32 along with the summary-route.

Let me see R4’s routing table:

R4(config-router)#do show ip bgp

BGP table version is 78, local router ID is 4.4.4.4

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

              r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path

*> 23.1.0.0/16      10.1.14.1                0             0 100 i

*> 23.1.2.2/32      10.1.14.1                              0 100 200 i

*> 23.1.4.3/32      10.1.14.1                              0 100 300 i

R4(config-router)#

Observations:

·         R4 also has the same output as R5 as I have not done anything specific to this neighbor.

·         Since R4 wants all the prefixes; just for R4, I need to unsuppress the routes that were suppressed by the suppress-map.

·         For this, I need to match the prefixes that have to be unsuppressed, 23.1.1.2 and 23.1.3.3

·         Since I already have the same configs in “route-map SUPPRESS_MAP”, I can use the same route-map.

R1(config-router)#neighbor 10.1.14.4 unsuppress-map SUPPRESS_MAP

R4(config-router)#do show ip bgp

BGP table version is 92, local router ID is 4.4.4.4

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

              r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path

*> 23.1.0.0/16      10.1.14.1                0             0 100 i

*> 23.1.1.2/32      10.1.14.1                              0 100 200 i

*> 23.1.2.2/32      10.1.14.1                              0 100 200 i

*> 23.1.3.3/32      10.1.14.1                              0 100 300 i

*> 23.1.4.3/32      10.1.14.1                              0 100 300 i

R4(config-router)#

** Now R4 has all the routes!!!

·         I observed that it’s not working correctly if I configure prefix-list instead of access-list

·         Need to do more research on this…