Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 368
  • Last Modified:

BGP routing table

I advertised several internal subnets (10.10.1.0/24, 10.10.2.0/24, & 10.10.3.0/24) to my provider. I have a Cisco router and I am trying to understand the sh ip route with BGP. I see my subnets as internal but I also see 10.10.0.0/16 with path AS as 65003 and next hop the interface of the other router. So does it mean that the other router advertises the 10.10.0.0/16 to me?

My AS is 65010.

   Network             Next Hop            Metric LocPrf  Weight       Path

*> 0.0.0.0/0          10.10.200.1                    0             0           65003 13999 ?
*> 10.10.0.0/16    10.10.200.1                    0             0           65003 ?
*> 10.10.1.0/24     0.0.0.0                       100         32768       i
*> 10.10.2.0/24     0.0.0.0                       100         32768       i
*> 10.10.3.0/24     0.0.0.0                       100         32768       i
0
leblanc
Asked:
leblanc
  • 5
  • 3
  • 3
  • +1
4 Solutions
 
pergrCommented:
You can use these commands to see what you advertise, and what routes you receive:

show ip bgp neighbor 10.10.200.1 advertised-routes
show ip bgp neighbor 10.10.200.1 received-routes

But yes, you are receiving that /16 route from your peer.
0
 
leblancAccountingAuthor Commented:
That's what I thought and they guarantee me that they did not advertise the 10.2.0.0/16 to us. I will have to configure the soft command to be able to do the show received-routes. This is a Fortinet FW so I have to look for the command syntax. Thx
0
 
giltjrCommented:
Do you have other routes that were advertised by them in your routing table?

Do they have any subnets that fall into the 10.10.0.0/16  range?  

It is possible they may have multiple subnets in the 10.10.0.0/16 range and they are sending a single summarized route instead of all the specific routes that fall within that range.
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
pergrCommented:
In the first post you said it is a Cisco, and now  a FortiGate. Are both involved?
0
 
leblancAccountingAuthor Commented:
Sorry for the confusion. It is actually a Fortigate.
0
 
mikebernhardtCommented:
It is really odd that they are sending it to you, but you can either:
1. Tell them to stop sending it by changing their advertise policy. You should be able to receive default only if that's what you want. and/or
2. Make an inbound advertise map and block everything except what you want.
0
 
leblancAccountingAuthor Commented:
Yes. I told them to check and they say they do not advertise that network. So we have a leak route somewhere in their router then. I am supposed to advertise that network because it is from my LAN.
0
 
pergrCommented:
I assume this is an MPLS VPN, where you also have other sites.
Is it not possible that you are advertising that /16 from another site?

Did you try to clear the BGP session, and see if the /16 is there again when the session comes back up?
If it is, for sure the provider will be able to see where they are getting it from.
0
 
leblancAccountingAuthor Commented:
This is a new site with a new subnet on MPLS VPN. We did clear the session several times. I will reopen the ticket.
0
 
giltjrCommented:
You may want to try the commands to see if they yield any more information

get router info routing-table database

get router info routing-table bgp details or get router info routing-table details
0
 
mikebernhardtCommented:
Please post the BGP portion of your router configuration.
0
 
leblancAccountingAuthor Commented:
The problem was their interface was configured as /16 instead of /30.
0
 
mikebernhardtCommented:
I guess that would do it :-)
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

  • 5
  • 3
  • 3
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now