Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

BGP routing table

Posted on 2014-04-01
13
Medium Priority
?
366 Views
Last Modified: 2014-04-08
I advertised several internal subnets (10.10.1.0/24, 10.10.2.0/24, & 10.10.3.0/24) to my provider. I have a Cisco router and I am trying to understand the sh ip route with BGP. I see my subnets as internal but I also see 10.10.0.0/16 with path AS as 65003 and next hop the interface of the other router. So does it mean that the other router advertises the 10.10.0.0/16 to me?

My AS is 65010.

   Network             Next Hop            Metric LocPrf  Weight       Path

*> 0.0.0.0/0          10.10.200.1                    0             0           65003 13999 ?
*> 10.10.0.0/16    10.10.200.1                    0             0           65003 ?
*> 10.10.1.0/24     0.0.0.0                       100         32768       i
*> 10.10.2.0/24     0.0.0.0                       100         32768       i
*> 10.10.3.0/24     0.0.0.0                       100         32768       i
0
Comment
Question by:leblanc
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 3
  • 3
  • +1
13 Comments
 
LVL 17

Accepted Solution

by:
pergr earned 500 total points
ID: 39971347
You can use these commands to see what you advertise, and what routes you receive:

show ip bgp neighbor 10.10.200.1 advertised-routes
show ip bgp neighbor 10.10.200.1 received-routes

But yes, you are receiving that /16 route from your peer.
0
 
LVL 1

Author Comment

by:leblanc
ID: 39972365
That's what I thought and they guarantee me that they did not advertise the 10.2.0.0/16 to us. I will have to configure the soft command to be able to do the show received-routes. This is a Fortinet FW so I have to look for the command syntax. Thx
0
 
LVL 57

Assisted Solution

by:giltjr
giltjr earned 1000 total points
ID: 39972410
Do you have other routes that were advertised by them in your routing table?

Do they have any subnets that fall into the 10.10.0.0/16  range?  

It is possible they may have multiple subnets in the 10.10.0.0/16 range and they are sending a single summarized route instead of all the specific routes that fall within that range.
0
Survive A High-Traffic Event with Percona

Your application or website rely on your database to deliver information about products and services to your customers. You can’t afford to have your database lose performance, lose availability or become unresponsive – even for just a few minutes.

 
LVL 17

Expert Comment

by:pergr
ID: 39972622
In the first post you said it is a Cisco, and now  a FortiGate. Are both involved?
0
 
LVL 1

Author Comment

by:leblanc
ID: 39973872
Sorry for the confusion. It is actually a Fortigate.
0
 
LVL 28

Assisted Solution

by:mikebernhardt
mikebernhardt earned 500 total points
ID: 39975581
It is really odd that they are sending it to you, but you can either:
1. Tell them to stop sending it by changing their advertise policy. You should be able to receive default only if that's what you want. and/or
2. Make an inbound advertise map and block everything except what you want.
0
 
LVL 1

Author Comment

by:leblanc
ID: 39976850
Yes. I told them to check and they say they do not advertise that network. So we have a leak route somewhere in their router then. I am supposed to advertise that network because it is from my LAN.
0
 
LVL 17

Expert Comment

by:pergr
ID: 39977230
I assume this is an MPLS VPN, where you also have other sites.
Is it not possible that you are advertising that /16 from another site?

Did you try to clear the BGP session, and see if the /16 is there again when the session comes back up?
If it is, for sure the provider will be able to see where they are getting it from.
0
 
LVL 1

Author Comment

by:leblanc
ID: 39978096
This is a new site with a new subnet on MPLS VPN. We did clear the session several times. I will reopen the ticket.
0
 
LVL 57

Assisted Solution

by:giltjr
giltjr earned 1000 total points
ID: 39978225
You may want to try the commands to see if they yield any more information

get router info routing-table database

get router info routing-table bgp details or get router info routing-table details
0
 
LVL 28

Expert Comment

by:mikebernhardt
ID: 39978512
Please post the BGP portion of your router configuration.
0
 
LVL 1

Author Comment

by:leblanc
ID: 39978885
The problem was their interface was configured as /16 instead of /30.
0
 
LVL 28

Expert Comment

by:mikebernhardt
ID: 39979003
I guess that would do it :-)
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article explains the fundamentals of industrial networking which ultimately is the backbone network which is providing communications for process devices like robots and other not so interesting stuff.
In this article, we’ll look at how to deploy ProxySQL.
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
Suggested Courses

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question