Solved

BGP routing table

Posted on 2014-04-01
13
353 Views
Last Modified: 2014-04-08
I advertised several internal subnets (10.10.1.0/24, 10.10.2.0/24, & 10.10.3.0/24) to my provider. I have a Cisco router and I am trying to understand the sh ip route with BGP. I see my subnets as internal but I also see 10.10.0.0/16 with path AS as 65003 and next hop the interface of the other router. So does it mean that the other router advertises the 10.10.0.0/16 to me?

My AS is 65010.

   Network             Next Hop            Metric LocPrf  Weight       Path

*> 0.0.0.0/0          10.10.200.1                    0             0           65003 13999 ?
*> 10.10.0.0/16    10.10.200.1                    0             0           65003 ?
*> 10.10.1.0/24     0.0.0.0                       100         32768       i
*> 10.10.2.0/24     0.0.0.0                       100         32768       i
*> 10.10.3.0/24     0.0.0.0                       100         32768       i
0
Comment
Question by:leblanc
  • 5
  • 3
  • 3
  • +1
13 Comments
 
LVL 17

Accepted Solution

by:
pergr earned 125 total points
ID: 39971347
You can use these commands to see what you advertise, and what routes you receive:

show ip bgp neighbor 10.10.200.1 advertised-routes
show ip bgp neighbor 10.10.200.1 received-routes

But yes, you are receiving that /16 route from your peer.
0
 
LVL 1

Author Comment

by:leblanc
ID: 39972365
That's what I thought and they guarantee me that they did not advertise the 10.2.0.0/16 to us. I will have to configure the soft command to be able to do the show received-routes. This is a Fortinet FW so I have to look for the command syntax. Thx
0
 
LVL 57

Assisted Solution

by:giltjr
giltjr earned 250 total points
ID: 39972410
Do you have other routes that were advertised by them in your routing table?

Do they have any subnets that fall into the 10.10.0.0/16  range?  

It is possible they may have multiple subnets in the 10.10.0.0/16 range and they are sending a single summarized route instead of all the specific routes that fall within that range.
0
 
LVL 17

Expert Comment

by:pergr
ID: 39972622
In the first post you said it is a Cisco, and now  a FortiGate. Are both involved?
0
 
LVL 1

Author Comment

by:leblanc
ID: 39973872
Sorry for the confusion. It is actually a Fortigate.
0
 
LVL 28

Assisted Solution

by:mikebernhardt
mikebernhardt earned 125 total points
ID: 39975581
It is really odd that they are sending it to you, but you can either:
1. Tell them to stop sending it by changing their advertise policy. You should be able to receive default only if that's what you want. and/or
2. Make an inbound advertise map and block everything except what you want.
0
Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 
LVL 1

Author Comment

by:leblanc
ID: 39976850
Yes. I told them to check and they say they do not advertise that network. So we have a leak route somewhere in their router then. I am supposed to advertise that network because it is from my LAN.
0
 
LVL 17

Expert Comment

by:pergr
ID: 39977230
I assume this is an MPLS VPN, where you also have other sites.
Is it not possible that you are advertising that /16 from another site?

Did you try to clear the BGP session, and see if the /16 is there again when the session comes back up?
If it is, for sure the provider will be able to see where they are getting it from.
0
 
LVL 1

Author Comment

by:leblanc
ID: 39978096
This is a new site with a new subnet on MPLS VPN. We did clear the session several times. I will reopen the ticket.
0
 
LVL 57

Assisted Solution

by:giltjr
giltjr earned 250 total points
ID: 39978225
You may want to try the commands to see if they yield any more information

get router info routing-table database

get router info routing-table bgp details or get router info routing-table details
0
 
LVL 28

Expert Comment

by:mikebernhardt
ID: 39978512
Please post the BGP portion of your router configuration.
0
 
LVL 1

Author Comment

by:leblanc
ID: 39978885
The problem was their interface was configured as /16 instead of /30.
0
 
LVL 28

Expert Comment

by:mikebernhardt
ID: 39979003
I guess that would do it :-)
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Join & Write a Comment

If you are thinking of adopting cloud services, or just curious as to what ‘the cloud’ can offer then the leader according to Gartner for Infrastructure as a Service (IaaS) is Amazon Web Services (AWS).  When I started using AWS I was completely new…
If your business is like most, chances are you still need to maintain a fax infrastructure for your staff. It’s hard to believe that a communication technology that was thriving in the mid-80s could still be an essential part of your team’s modern I…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now