nocandy
asked on
BGP prefix announcement issue
I currently have the following setup:
2 independent ISP's (ISPA and ISPB)
I have 2 /24's each able to be advertised to each ISP
I have 2 routers. R1 is connected to ISPA and R2 is connected to ISPB. R1 and R2 are connected to each other.
On R1, I have static routes to null0 for each /24 along with the bgp config. Each /24 is working fine. However, when I add the static routes to null0 on the 2nd router, connectivity gets lost on the first router. If I remove the static routes to null0 on the 2nd router, things start to work properly again.
Any idea why this is?
2 independent ISP's (ISPA and ISPB)
I have 2 /24's each able to be advertised to each ISP
I have 2 routers. R1 is connected to ISPA and R2 is connected to ISPB. R1 and R2 are connected to each other.
On R1, I have static routes to null0 for each /24 along with the bgp config. Each /24 is working fine. However, when I add the static routes to null0 on the 2nd router, connectivity gets lost on the first router. If I remove the static routes to null0 on the 2nd router, things start to work properly again.
Any idea why this is?
Right, do you have an IGP or iBGP running?
harbor235 ;}
harbor235 ;}
ASKER
There's ibgp running. I'll post my running config once I get back to my PC.
Without seeing your config, my guess is that you need to add a distance to those static routes. This will let the router prefer the IBGP route if it exists, which has a distance of 200. But you'd only want to do this on the OTHER router.
For example if the network for Router 1 was 32.1.32.0/24, then on router 2 you'd have
ip route 32.1.32.0 255.255.255.0 null0 250
For example if the network for Router 1 was 32.1.32.0/24, then on router 2 you'd have
ip route 32.1.32.0 255.255.255.0 null0 250
ASKER
Router 1 config
------------------------
ip prefix-list BOGONS description Bad Routes to Block In
ip prefix-list BOGONS seq 10 deny 0.0.0.0/8 le 32
ip prefix-list BOGONS seq 15 deny 10.0.0.0/8 le 32
ip prefix-list BOGONS seq 20 deny 127.0.0.0/8 le 32
ip prefix-list BOGONS seq 25 deny 172.16.0.0/12 le 32
ip prefix-list BOGONS seq 30 deny 192.0.2.0/24 le 32
ip prefix-list BOGONS seq 35 deny 192.168.0.0/16 le 32
ip prefix-list BOGONS seq 40 deny 224.0.0.0/3 le 32
ip prefix-list BOGONS seq 9999 permit 0.0.0.0/0 le 27
!
ip prefix-list PERMIT-TO-CENTURYLINK seq 5 permit 50.200.166.0/24
ip prefix-list PERMIT-TO-CENTURYLINK seq 10 permit 65.126.16.0/24
ip prefix-list PERMIT-TO-CENTURYLINK seq 15 deny 0.0.0.0/0 le 32
ip route 0.0.0.0 0.0.0.0 65.121.237.189
ip route 65.126.16.0 255.255.255.0 50.200.166.12
ip route 65.126.16.0 255.255.255.0 null0 distance 250
router bgp
local-as 36171
timers keep-alive 300 hold-time 300
neighbor 50.202.75.50 remote-as 36171
neighbor 50.202.75.50 next-hop-self
neighbor 50.202.75.50 timers keep-alive 100 hold-time 600
neighbor 50.202.75.50 update-source ethernet 8/24
neighbor 50.202.75.50 soft-reconfiguration inbound
neighbor 65.121.237.189 remote-as 209
neighbor 65.121.237.189 soft-reconfiguration inbound
next-hop-enable-default
next-hop-recursion
network 65.126.16.0/24
network 50.200.166.0/24
neighbor 65.121.237.189 prefix-list BOGONS in
neighbor 65.121.237.189 prefix-list PERMIT-TO-CENTURYLINK out
neighbor 65.121.237.189 route-map in centurylink-in
neighbor 65.121.237.189 route-map out centurylink-out
Router 2 Config
-------------------------
ip prefix-list AS36171 description External Netblocks
ip prefix-list AS36171 seq 5 permit 65.126.16.0/24
ip prefix-list AS36171 seq 10 permit 50.200.166.0/24
ip prefix-list AS36171 seq 1000 deny 0.0.0.0/0 le 32
!
ip prefix-list BOGONS description Bad Routes to Block In
ip prefix-list BOGONS seq 10 deny 0.0.0.0/8 le 32
ip prefix-list BOGONS seq 15 deny 10.0.0.0/8 le 32
ip prefix-list BOGONS seq 20 deny 127.0.0.0/8 le 32
ip prefix-list BOGONS seq 25 deny 172.16.0.0/12 le 32
ip prefix-list BOGONS seq 30 deny 192.0.2.0/24 le 32
ip prefix-list BOGONS seq 35 deny 192.168.0.0/16 le 32
ip prefix-list BOGONS seq 40 deny 224.0.0.0/3 le 32
ip prefix-list BOGONS seq 9999 permit 0.0.0.0/0 le 27
!
!
ip prefix-list DENY-TO-COMCAST seq 5 deny 0.0.0.0/0
!
ip prefix-list PERMIT-TO-COMCAST seq 5 permit 50.200.166.0/24
ip prefix-list PERMIT-TO-COMCAST seq 10 permit 65.126.16.0/24
ip route 68.86.80.46 255.255.255.255 50.202.75.49
ip route 65.126.16.0 255.255.255.0 50.200.166.12
ip route 50.200.166.0 255.255.255.0 null0 distance 255
ip route 65.126.16.0 255.255.255.0 null0 distance 255
router bgp
local-as 36171
timers keep-alive 300 hold-time 300
neighbor 50.202.75.49 remote-as 7922
neighbor 50.202.75.49 password 1 $^d6^2"SZ
neighbor 50.202.75.49 soft-reconfiguration inbound
neighbor 68.86.80.46 remote-as 7922
neighbor 68.86.80.46 ebgp-multihop 255
neighbor 68.86.80.46 soft-reconfiguration inbound
neighbor 65.121.237.190 remote-as 36171
neighbor 65.121.237.190 next-hop-self
neighbor 65.121.237.190 timers keep-alive 100 hold-time 600
neighbor 65.121.237.190 update-source ethernet 9/1
neighbor 65.121.237.190 soft-reconfiguration inbound
next-hop-enable-default
next-hop-recursion
network 50.200.166.0/24
network 65.126.16.0/24
neighbor 50.202.75.49 filter-list 2 out
neighbor 50.202.75.49 prefix-list BOGONS in
neighbor 50.202.75.49 prefix-list PERMIT-TO-COMCAST out
neighbor 68.86.80.46 filter-list 2 out
Router 1 advertised-routes output
--------------------------
#show ip bgp neighbors 65.121.237.189 advertised-routes
There are 1 routes advertised to neighbor 65.121.237.189
Status A:AGGREGATE B:BEST b:NOT-INSTALLED-BEST E:EBGP I:IBGP L:LOCAL
Prefix Next Hop Metric LocPrf Weight Status
1 65.126.16.0/24 0.0.0.0 1 32768 BL
AS_PATH: 36171 36171 36171
Router 2 advertised-routes output
--------------------------
#show ip bgp neighbors 68.86.80.46 advertised-routes
There are 1 routes advertised to neighbor 68.86.80.46
Status A:AGGREGATE B:BEST b:NOT-INSTALLED-BEST E:EBGP I:IBGP L:LOCAL
Prefix Next Hop Metric LocPrf Weight Status
1 65.126.16.0/24 50.200.166.12 1 32768 BL
AS_PATH:
for some reason when I just tried mike's suggestion above to change the distance, the 50.200.166.0/24 block is not being advertised anymore.
Also, for some reason ibgp isn't able to establish the session anymore!
Any ideas?
Thanks
------------------------
ip prefix-list BOGONS description Bad Routes to Block In
ip prefix-list BOGONS seq 10 deny 0.0.0.0/8 le 32
ip prefix-list BOGONS seq 15 deny 10.0.0.0/8 le 32
ip prefix-list BOGONS seq 20 deny 127.0.0.0/8 le 32
ip prefix-list BOGONS seq 25 deny 172.16.0.0/12 le 32
ip prefix-list BOGONS seq 30 deny 192.0.2.0/24 le 32
ip prefix-list BOGONS seq 35 deny 192.168.0.0/16 le 32
ip prefix-list BOGONS seq 40 deny 224.0.0.0/3 le 32
ip prefix-list BOGONS seq 9999 permit 0.0.0.0/0 le 27
!
ip prefix-list PERMIT-TO-CENTURYLINK seq 5 permit 50.200.166.0/24
ip prefix-list PERMIT-TO-CENTURYLINK seq 10 permit 65.126.16.0/24
ip prefix-list PERMIT-TO-CENTURYLINK seq 15 deny 0.0.0.0/0 le 32
ip route 0.0.0.0 0.0.0.0 65.121.237.189
ip route 65.126.16.0 255.255.255.0 50.200.166.12
ip route 65.126.16.0 255.255.255.0 null0 distance 250
router bgp
local-as 36171
timers keep-alive 300 hold-time 300
neighbor 50.202.75.50 remote-as 36171
neighbor 50.202.75.50 next-hop-self
neighbor 50.202.75.50 timers keep-alive 100 hold-time 600
neighbor 50.202.75.50 update-source ethernet 8/24
neighbor 50.202.75.50 soft-reconfiguration inbound
neighbor 65.121.237.189 remote-as 209
neighbor 65.121.237.189 soft-reconfiguration inbound
next-hop-enable-default
next-hop-recursion
network 65.126.16.0/24
network 50.200.166.0/24
neighbor 65.121.237.189 prefix-list BOGONS in
neighbor 65.121.237.189 prefix-list PERMIT-TO-CENTURYLINK out
neighbor 65.121.237.189 route-map in centurylink-in
neighbor 65.121.237.189 route-map out centurylink-out
Router 2 Config
-------------------------
ip prefix-list AS36171 description External Netblocks
ip prefix-list AS36171 seq 5 permit 65.126.16.0/24
ip prefix-list AS36171 seq 10 permit 50.200.166.0/24
ip prefix-list AS36171 seq 1000 deny 0.0.0.0/0 le 32
!
ip prefix-list BOGONS description Bad Routes to Block In
ip prefix-list BOGONS seq 10 deny 0.0.0.0/8 le 32
ip prefix-list BOGONS seq 15 deny 10.0.0.0/8 le 32
ip prefix-list BOGONS seq 20 deny 127.0.0.0/8 le 32
ip prefix-list BOGONS seq 25 deny 172.16.0.0/12 le 32
ip prefix-list BOGONS seq 30 deny 192.0.2.0/24 le 32
ip prefix-list BOGONS seq 35 deny 192.168.0.0/16 le 32
ip prefix-list BOGONS seq 40 deny 224.0.0.0/3 le 32
ip prefix-list BOGONS seq 9999 permit 0.0.0.0/0 le 27
!
!
ip prefix-list DENY-TO-COMCAST seq 5 deny 0.0.0.0/0
!
ip prefix-list PERMIT-TO-COMCAST seq 5 permit 50.200.166.0/24
ip prefix-list PERMIT-TO-COMCAST seq 10 permit 65.126.16.0/24
ip route 68.86.80.46 255.255.255.255 50.202.75.49
ip route 65.126.16.0 255.255.255.0 50.200.166.12
ip route 50.200.166.0 255.255.255.0 null0 distance 255
ip route 65.126.16.0 255.255.255.0 null0 distance 255
router bgp
local-as 36171
timers keep-alive 300 hold-time 300
neighbor 50.202.75.49 remote-as 7922
neighbor 50.202.75.49 password 1 $^d6^2"SZ
neighbor 50.202.75.49 soft-reconfiguration inbound
neighbor 68.86.80.46 remote-as 7922
neighbor 68.86.80.46 ebgp-multihop 255
neighbor 68.86.80.46 soft-reconfiguration inbound
neighbor 65.121.237.190 remote-as 36171
neighbor 65.121.237.190 next-hop-self
neighbor 65.121.237.190 timers keep-alive 100 hold-time 600
neighbor 65.121.237.190 update-source ethernet 9/1
neighbor 65.121.237.190 soft-reconfiguration inbound
next-hop-enable-default
next-hop-recursion
network 50.200.166.0/24
network 65.126.16.0/24
neighbor 50.202.75.49 filter-list 2 out
neighbor 50.202.75.49 prefix-list BOGONS in
neighbor 50.202.75.49 prefix-list PERMIT-TO-COMCAST out
neighbor 68.86.80.46 filter-list 2 out
Router 1 advertised-routes output
--------------------------
#show ip bgp neighbors 65.121.237.189 advertised-routes
There are 1 routes advertised to neighbor 65.121.237.189
Status A:AGGREGATE B:BEST b:NOT-INSTALLED-BEST E:EBGP I:IBGP L:LOCAL
Prefix Next Hop Metric LocPrf Weight Status
1 65.126.16.0/24 0.0.0.0 1 32768 BL
AS_PATH: 36171 36171 36171
Router 2 advertised-routes output
--------------------------
#show ip bgp neighbors 68.86.80.46 advertised-routes
There are 1 routes advertised to neighbor 68.86.80.46
Status A:AGGREGATE B:BEST b:NOT-INSTALLED-BEST E:EBGP I:IBGP L:LOCAL
Prefix Next Hop Metric LocPrf Weight Status
1 65.126.16.0/24 50.200.166.12 1 32768 BL
AS_PATH:
for some reason when I just tried mike's suggestion above to change the distance, the 50.200.166.0/24 block is not being advertised anymore.
Also, for some reason ibgp isn't able to establish the session anymore!
Any ideas?
Thanks
Usually you would have a single router or make sure that you have a session between the routers that covers the routing.
It might be need for your BGP/ibgp to filter out your own segments from being advertised back to you from the ISPs.
It sounds that each ISP provided you with their /24.
Usually people will get their own /24 block and then have a peering session with each ISP to advertise it.
Will await your config posting to see what you have.
It might be need for your BGP/ibgp to filter out your own segments from being advertised back to you from the ISPs.
It sounds that each ISP provided you with their /24.
Usually people will get their own /24 block and then have a peering session with each ISP to advertise it.
Will await your config posting to see what you have.
ASKER
Yes, we got 1 /24 from provider A and another /24 from provider B.
We were not able to get our own allottment from ARIN so we had to go this way.
We were not able to get our own allottment from ARIN so we had to go this way.
ASKER
I got my ibgp session fixed. Had a typo but still have ebgp announcement issue.
ASKER
Ok, so I got the 50.200.166.0/24 block to advertise again by lowering the distance.
On the other router though, if I change the distance to above 200, it still does not advertise the route.
The weird thing is that it does advertise the 65.126.16.0/24 block but not the other /24. Iwould assume both blocks wouldn't be able to be advertised if it was a config problem?
On the other router though, if I change the distance to above 200, it still does not advertise the route.
The weird thing is that it does advertise the 65.126.16.0/24 block but not the other /24. Iwould assume both blocks wouldn't be able to be advertised if it was a config problem?
The difficulty with what you have is whether each ISP A advertises their entire block that included yours.
I.e. they have x.0.0.0/8 while you are publishing x.y.z.0/24
The /8 will take precedence and your /24 will not be seen unless iSP A goes down.
The /24 from each have to be on a transferable.
You can use BGP looking glass to test for your segments to see the paths.
http://www.bgp4.as/looking-glasses
Traceroute.org has a reference to a java BGP tool that you can find neighbors throu whom access to your network/segments.
http://bgplay.routeviews.org/bgplay/
I.e. they have x.0.0.0/8 while you are publishing x.y.z.0/24
The /8 will take precedence and your /24 will not be seen unless iSP A goes down.
The /24 from each have to be on a transferable.
You can use BGP looking glass to test for your segments to see the paths.
http://www.bgp4.as/looking-glasses
Traceroute.org has a reference to a java BGP tool that you can find neighbors throu whom access to your network/segments.
http://bgplay.routeviews.org/bgplay/
ASKER
I did have each ISP issue an LOA so the blocks are advertisable at each ISP so that shouldn't be an issue.
The other issue you have to check each ISPs peering session to make sure they do not exclude (limit the networks you advertise to only reflect the one step allocated to you)
Use the bgp play from the last link above.
Use the bgp play from the last link above.
ASKER
Another piece of info...I was using XO's looking glass and I'm only seeing AS7922 (comcast's) and not Qwest/CenturyLink's AS209 in the path.
Example:
show ip bgp 50.200.166.0/24
BGP routing table entry for 50.200.166.0/24, version 158619622
* * * Advertised to update-groups:
2
* * * 2828 6453 7922 33659 36171, (received & used)
216.156.2.161 from 216.156.2.161 (216.156.2.161)
Origin IGP, metric 2, localpref 100, valid, external
show ip bgp 65.126.16.0/24
BGP routing table entry for 65.126.16.0/24, version 158608856
* * * Advertised to update-groups:
2
* * * 2828 6453 7922 33659 36171, (received & used)
216.156.2.161 from 216.156.2.161 (216.156.2.161)
Origin IGP, metric 2, localpref 100, valid, external
Example:
show ip bgp 50.200.166.0/24
BGP routing table entry for 50.200.166.0/24, version 158619622
* * * Advertised to update-groups:
2
* * * 2828 6453 7922 33659 36171, (received & used)
216.156.2.161 from 216.156.2.161 (216.156.2.161)
Origin IGP, metric 2, localpref 100, valid, external
show ip bgp 65.126.16.0/24
BGP routing table entry for 65.126.16.0/24, version 158608856
* * * Advertised to update-groups:
2
* * * 2828 6453 7922 33659 36171, (received & used)
216.156.2.161 from 216.156.2.161 (216.156.2.161)
Origin IGP, metric 2, localpref 100, valid, external
Centurytel does not seem to be broadcasting/repeating either of your BGP routes.
Path to both networks seems to go through Comcast using routeviews BGP Play.
Using sprint
https://www.sprint.net/lg/lg_start.php
It only finds the Comcast path.
Double check your CenturyTel BGP Peering session and check with them to make sure they are not filtering your networks. I.e. they entered what they expect from you, but there is a typographical error.
Path to both networks seems to go through Comcast using routeviews BGP Play.
Using sprint
https://www.sprint.net/lg/lg_start.php
It only finds the Comcast path.
Double check your CenturyTel BGP Peering session and check with them to make sure they are not filtering your networks. I.e. they entered what they expect from you, but there is a typographical error.
On router 1, you have
ip route 0.0.0.0 0.0.0.0 65.121.237.189
ip route 65.126.16.0 255.255.255.0 50.200.166.12
ip route 65.126.16.0 255.255.255.0 null0 distance 250
On router 2 you have
ip route 65.126.16.0 255.255.255.0 50.200.166.12
ip route 50.200.166.0 255.255.255.0 null0 distance 255
ip route 65.126.16.0 255.255.255.0 null0 distance 255
1. You've got 2 routes to 65.126.16.0 255.255.255.0 on router 1
2. On router 2, you also have 2 routes to that network.
3. On router 2, you used a distance of 255, not 250. 255 means "unreachable" so this is probably why the 50.200 net wasn't being advertised. Try it with a distance of 250 and report back.
4.On router 1, you have a static default route to CenturyLink. you should be getting a default via BGP already from both providers, so drop the static route unless you have some other reason why it's there. If you're trying to prefer one provider, use AS-prepend or local pref in an inbound route map.
ip route 0.0.0.0 0.0.0.0 65.121.237.189
ip route 65.126.16.0 255.255.255.0 50.200.166.12
ip route 65.126.16.0 255.255.255.0 null0 distance 250
On router 2 you have
ip route 65.126.16.0 255.255.255.0 50.200.166.12
ip route 50.200.166.0 255.255.255.0 null0 distance 255
ip route 65.126.16.0 255.255.255.0 null0 distance 255
1. You've got 2 routes to 65.126.16.0 255.255.255.0 on router 1
2. On router 2, you also have 2 routes to that network.
3. On router 2, you used a distance of 255, not 250. 255 means "unreachable" so this is probably why the 50.200 net wasn't being advertised. Try it with a distance of 250 and report back.
4.On router 1, you have a static default route to CenturyLink. you should be getting a default via BGP already from both providers, so drop the static route unless you have some other reason why it's there. If you're trying to prefer one provider, use AS-prepend or local pref in an inbound route map.
ASKER
I have this static route:
ip route 65.126.16.0 255.255.255.0 50.200.166.12
so that a customer can do their own subnetting on their L3 device...so I put that on both routers.
I removed the default route on router 1 as suggested.
I also changed the distance from 255 to 250 and both /24's are being advertised fine. The problem is with router one not advertising the 50.200.166.0/24 network.
So now on router 1 I have:
ip route 65.126.16.0 255.255.255.0 50.200.166.12
ip route 65.126.16.0 255.255.255.0 null0 distance 250
ip route 50.200.166.0 255.255.255.0 null0 distance 250
but advertised-routes only shows this:
)#show ip bgp neighbors 65.121.237.189 advertised-routes
There are 1 routes advertised to neighbor 65.121.237.189
Status A:AGGREGATE B:BEST b:NOT-INSTALLED-BEST E:EBGP I:IBGP L:LOCAL
Prefix Next Hop Metric LocPrf Weight Status
1 65.126.16.0/24 0.0.0.0 1 32768 BL
AS_PATH: 36171 36171 36171
It's not showing the other subnet at all.
Router 2 is showing the advertised routes ok:
#show ip bgp neighbors 68.86.80.46 advertised-routes
There are 2 routes advertised to neighbor 68.86.80.46
Status A:AGGREGATE B:BEST b:NOT-INSTALLED-BEST E:EBGP I:IBGP L:LOCAL
Prefix Next Hop Metric LocPrf Weight Status
1 50.200.166.0/24 0.0.0.0 1 32768 BL
AS_PATH:
2 65.126.16.0/24 50.200.166.12 1 32768 BL
AS_PATH:
Any ideas?
ip route 65.126.16.0 255.255.255.0 50.200.166.12
so that a customer can do their own subnetting on their L3 device...so I put that on both routers.
I removed the default route on router 1 as suggested.
I also changed the distance from 255 to 250 and both /24's are being advertised fine. The problem is with router one not advertising the 50.200.166.0/24 network.
So now on router 1 I have:
ip route 65.126.16.0 255.255.255.0 50.200.166.12
ip route 65.126.16.0 255.255.255.0 null0 distance 250
ip route 50.200.166.0 255.255.255.0 null0 distance 250
but advertised-routes only shows this:
)#show ip bgp neighbors 65.121.237.189 advertised-routes
There are 1 routes advertised to neighbor 65.121.237.189
Status A:AGGREGATE B:BEST b:NOT-INSTALLED-BEST E:EBGP I:IBGP L:LOCAL
Prefix Next Hop Metric LocPrf Weight Status
1 65.126.16.0/24 0.0.0.0 1 32768 BL
AS_PATH: 36171 36171 36171
It's not showing the other subnet at all.
Router 2 is showing the advertised routes ok:
#show ip bgp neighbors 68.86.80.46 advertised-routes
There are 2 routes advertised to neighbor 68.86.80.46
Status A:AGGREGATE B:BEST b:NOT-INSTALLED-BEST E:EBGP I:IBGP L:LOCAL
Prefix Next Hop Metric LocPrf Weight Status
1 50.200.166.0/24 0.0.0.0 1 32768 BL
AS_PATH:
2 65.126.16.0/24 50.200.166.12 1 32768 BL
AS_PATH:
Any ideas?
Why is this route on Router 1?
ip route 65.126.16.0 255.255.255.0 50.200.166.12
That may be your problem.
ip route 65.126.16.0 255.255.255.0 50.200.166.12
That may be your problem.
ASKER
I removed:
ip route 65.126.16.0 255.255.255.0 50.200.166.12
from router 1. still doesn't advertise the 50.200.166.0/24 network.
I have a ticket open with CenturyLink to make sure they have the 50.200.166.0/24 block setup on their end as well.
Any other suggestions are appreciated if you guys can think of anything else.
Thanks a bunch
ip route 65.126.16.0 255.255.255.0 50.200.166.12
from router 1. still doesn't advertise the 50.200.166.0/24 network.
I have a ticket open with CenturyLink to make sure they have the 50.200.166.0/24 block setup on their end as well.
Any other suggestions are appreciated if you guys can think of anything else.
Thanks a bunch
Well the problem is that you don't see to be advertising it to them, given the output you posted. I'm going to look into your configs more.
Add
ip route 50.200.166.0 255.255.255.0 null0 distance 250
to router 1
i'm assuming that router 1 doesn't know about 50.200.166.0/24 in its IGP, and router 2 doesn't know about 65.126.16.0/24 in its IGP.
You didn't put up that part of your config, but where do these routes actually exist? If your routers only know about parts of them, then do this on both routers:
network [actual known net or nets that's part of 50.200.166.0]
network [actual known net that's part of 65.126.16.0.0]
aggregate-address 50.200.166.0 mask 255.255.255.0
aggregate-address 65.126.16.0 mask 255.255.255.0
remove the static routes when you're done with this.
Use your outbound prefix-list to only advertise these summaries to your ISPs. they'll be advertised only when they can reach them, and incidentally dynamically create those routes to null 0. Do NOT use the prefix list in your IBGP. You want both routers to know about all subnets.
ip route 50.200.166.0 255.255.255.0 null0 distance 250
to router 1
i'm assuming that router 1 doesn't know about 50.200.166.0/24 in its IGP, and router 2 doesn't know about 65.126.16.0/24 in its IGP.
You didn't put up that part of your config, but where do these routes actually exist? If your routers only know about parts of them, then do this on both routers:
network [actual known net or nets that's part of 50.200.166.0]
network [actual known net that's part of 65.126.16.0.0]
aggregate-address 50.200.166.0 mask 255.255.255.0
aggregate-address 65.126.16.0 mask 255.255.255.0
remove the static routes when you're done with this.
Use your outbound prefix-list to only advertise these summaries to your ISPs. they'll be advertised only when they can reach them, and incidentally dynamically create those routes to null 0. Do NOT use the prefix list in your IBGP. You want both routers to know about all subnets.
ASKER
Ok. So I now have both networks being advertised on both routers. I did the following:
Router 1
--------------
ip prefix-list PERMIT-TO-CENTURYLINK seq 5 permit 50.200.166.0/24
ip prefix-list PERMIT-TO-CENTURYLINK seq 10 permit 65.126.16.0/24
ip prefix-list PERMIT-TO-CENTURYLINK seq 15 deny 0.0.0.0/0 le 32
ip route 65.126.16.0 255.255.255.0 null0 distance 250
ip route 50.200.166.0 255.255.255.0 null0 distance 250
Router 2
--------------
ip prefix-list PERMIT-TO-COMCAST seq 5 permit 50.200.166.0/24
ip prefix-list PERMIT-TO-COMCAST seq 10 permit 65.126.16.0/24
ip route 68.86.80.46 255.255.255.255 50.202.75.49
ip route 65.126.16.0 255.255.255.0 50.200.166.12
ip route 50.200.166.0 255.255.255.0 null0 distance 80
ip route 65.126.16.0 255.255.255.0 null0 distance 80
Now I see the following on Router 1
--------------------------
)#sho ip bgp neighbors 65.121.237.189 advertised-routes
There are 2 routes advertised to neighbor 65.121.237.189
Status A:AGGREGATE B:BEST b:NOT-INSTALLED-BEST E:EBGP I:IBGP L:LOCAL
Prefix Next Hop Metric LocPrf Weight Status
1 50.200.166.0/24 0.0.0.0 1 32768 BL
AS_PATH:
2 65.126.16.0/24 0.0.0.0 1 32768 BL
AS_PATH:
On Router 2
--------------------
#show ip bgp neighbors 68.86.80.46 advertised-routes
There are 2 routes advertised to neighbor 68.86.80.46
Status A:AGGREGATE B:BEST b:NOT-INSTALLED-BEST E:EBGP I:IBGP L:LOCAL
Prefix Next Hop Metric LocPrf Weight Status
1 50.200.166.0/24 0.0.0.0 1 32768 BL
AS_PATH:
2 65.126.16.0/24 50.200.166.12 1 32768 BL
AS_PATH:
Now provider A got back to me a couple minutes ago saying they are seeing both /24's being advertised to them. The only other thing is that I tried configuring an interface on Router 1 with an ip address from the 50.200.166.0/24 block however the ip is not pingable.
Anyone have any ideas why this may be?
Thanks
Router 1
--------------
ip prefix-list PERMIT-TO-CENTURYLINK seq 5 permit 50.200.166.0/24
ip prefix-list PERMIT-TO-CENTURYLINK seq 10 permit 65.126.16.0/24
ip prefix-list PERMIT-TO-CENTURYLINK seq 15 deny 0.0.0.0/0 le 32
ip route 65.126.16.0 255.255.255.0 null0 distance 250
ip route 50.200.166.0 255.255.255.0 null0 distance 250
Router 2
--------------
ip prefix-list PERMIT-TO-COMCAST seq 5 permit 50.200.166.0/24
ip prefix-list PERMIT-TO-COMCAST seq 10 permit 65.126.16.0/24
ip route 68.86.80.46 255.255.255.255 50.202.75.49
ip route 65.126.16.0 255.255.255.0 50.200.166.12
ip route 50.200.166.0 255.255.255.0 null0 distance 80
ip route 65.126.16.0 255.255.255.0 null0 distance 80
Now I see the following on Router 1
--------------------------
)#sho ip bgp neighbors 65.121.237.189 advertised-routes
There are 2 routes advertised to neighbor 65.121.237.189
Status A:AGGREGATE B:BEST b:NOT-INSTALLED-BEST E:EBGP I:IBGP L:LOCAL
Prefix Next Hop Metric LocPrf Weight Status
1 50.200.166.0/24 0.0.0.0 1 32768 BL
AS_PATH:
2 65.126.16.0/24 0.0.0.0 1 32768 BL
AS_PATH:
On Router 2
--------------------
#show ip bgp neighbors 68.86.80.46 advertised-routes
There are 2 routes advertised to neighbor 68.86.80.46
Status A:AGGREGATE B:BEST b:NOT-INSTALLED-BEST E:EBGP I:IBGP L:LOCAL
Prefix Next Hop Metric LocPrf Weight Status
1 50.200.166.0/24 0.0.0.0 1 32768 BL
AS_PATH:
2 65.126.16.0/24 50.200.166.12 1 32768 BL
AS_PATH:
Now provider A got back to me a couple minutes ago saying they are seeing both /24's being advertised to them. The only other thing is that I tried configuring an interface on Router 1 with an ip address from the 50.200.166.0/24 block however the ip is not pingable.
Anyone have any ideas why this may be?
Thanks
I believe based on your cost router1 is less preferred.
The packet is being routed via router2
Do you have a traffic path between the two routers?
The packet is being routed via router2
Do you have a traffic path between the two routers?
I still think you should do what I suggested with aggregate addresses. The problem with your current thing is, your static routes on router 2 are more believable (distance 80) than the IBGP routes it gets from router 1 (distance 200). So if router 2 loses direct connectivity to those networks, you are screwed.
Why do you have this on router 2 also?
ip route 65.126.16.0 255.255.255.0 50.200.166.12
Why do you have this on router 2 also?
ip route 65.126.16.0 255.255.255.0 50.200.166.12
ASKER
I mentioned above in an earlier post that the static route to 50.200.166.12 is for a customer so they can do their own subnetting/vlans on their L3 device. 50.200.166.12 is the ip of their L3 device.
I tried your aggregate address suggested solution and it did not work.
I tried your aggregate address suggested solution and it did not work.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
It would be good if you paste your routing config.