7

I've got 2 Cisco routers, each with a single Internet feed, providing BGP with default route only, which allows us to advertise certain routes out each feed. We're not using the full DFZ because although we usually run all Cisco 3925s, we currently have a Cisco 2911 in temporarily and it hasn't enough RAM to process the DFZ.

The routers share a Layer2 LAN, using a Campus vLAN (Router-On-A-Stick) configuration and we'd really like to take advantage of this shared LAN connectivity and gain some Internet feed resilience, using BGP to not only advertise the primary route via its natural home, but also the route that belongs to the other platform's router, but with that secondary route AS-Path Prepended, to make it less desirable than the route advertised via its natural home router & vice versa.

We also have a separate (currently non-live) site with 2 routers and a (currently) spare pair of /24s which I'm using to experiment with, but I've been unsuccessful getting a primary route and an AS-path prepended secondary route, advertised at the same time, via the same BGP neighbour. My testing is on AS39152 with routes 91.192.234.0/24 and 91.192.235.0/24, advertising to AS29550, using this to show the results of my testing: -

% telnet route-server.as3257.net             
route-server.as3257.net> sho ip bgp regexp 29550 39152
BGP table version is 25589080, local router ID is 213.200.87.253
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*> 91.192.234.0/24  213.200.64.93           18             0 3257 5089 29550 39152 i
*> 91.192.235.0/24  213.200.64.93           18             0 3257 2914 29550 39152 i

My goal is to get results like this, from a single router's BGP advertisement (you'll almost definitely need to scroll to the right, to see my point): -

   Network          Next Hop            Metric LocPrf Weight Path
*> 91.192.234.0/24  213.200.64.93           18             0 3257 5089 29550 39152 i
*> 91.192.235.0/24  213.200.64.93           18             0 3257 2914 29550 39152 39152 39152 39152 i

I read through http://blog.ipspace.net/2008/02/bgp-essentials-as-path-prepending.html but what I'm looking for is a way to mix prefixes with and without AS-path prepending and I haven't yet found what I'm after. This may be because it's not possible, or more likely (I hope), that I just don't know what search terminology to use.

I've not put any of my config in the question, as it's simply not working and don't know if it's even possible - I can share it if it helps.

Is what I'm trying to achieve actually possible and if so, please could you share an example config?

furriephillips
  • 75
  • 7

2 Answers2

0

What you're trying to do is possible through the use of IP prefix lists and match statements. As an example:

ip prefix-list PREFERRED seq 5 permit 91.192.234.0/24
!
router bgp 39152
 neighbor 10.1.0.2 remote-as 29550
 neighbor 10.1.0.2 description Simply Transit
 address-family ipv4
  neighbor 10.1.0.2 route-map simply-transit out
!
route-map simply-transit permit 10
 match ip address prefix-list PREFERRED
!
route-map simply-transit permit 20
 set as-path prepend 39152 39152 39152

The first rule matches your preferred network. It does not pad the AS path. The second rule matches anything not matched by the first rule. It pads the AS path.

Note that if you use this scheme and then check an external route server, you're not going to see your prepended routes (or you shouldn't anyway). Your upstream carrier is only going to forward its best routes, and it will exclude your prepended routes in favor of your unpadded routes. The rest of the world outside your upstream provider will only see the favored, unpadded routes.

hrunting
  • 943
  • 4
  • 7
  • I preferred using the prefix-list as suggested, but added a little more explicit matching for the ease of reading & understandability. – furriephillips Jul 19 '14 at 19:32
0

This is what I ended up doing. It makes sense to me and I think it's explicit enough (all the prefixes are listed), that a co-worker could read the config and understand it.

RTR1 Config - Primary for .234, secondary for .235

conf t
!
router bgp 39152
 address-family ipv4
  neighbor 172.16.15.14 route-map OUR_ROUTES out
 exit-address-family
!
route-map OUR_ROUTES permit 10
 description Match Our Primary BGP Ranges
 match ip address 10
 exit
!
route-map OUR_ROUTES permit 20
 description Match Our Secondary BGP Ranges
 match ip address 20
 set as-path prepend 39152 39152 39152
 exit
!
access-list 10 remark OUR_PRIMARY_ROUTES
access-list 10 permit 91.192.234.0
!
access-list 20 remark OUR_SECONDARY_ROUTES
access-list 20 permit 91.192.235.0
!
end

RTR2 Config - Primary for .235, secondary for .234

conf t
!
router bgp 39152
 address-family ipv4
  neighbor 172.16.17.18 route-map OUR_ROUTES out
 exit-address-family
!
route-map OUR_ROUTES permit 10
 description Match Our Primary BGP Ranges
 match ip address 10
 exit
!
route-map OUR_ROUTES permit 20
 description Match Our Secondary BGP Ranges
 match ip address 20
 set as-path prepend 39152 39152 39152
 exit
!
access-list 10 remark OUR_PRIMARY_ROUTES
access-list 10 permit 91.192.235.0
!
access-list 20 remark OUR_SECONDARY_ROUTES
access-list 20 permit 91.192.234.0
!
end

BGP Looking Glass with only RTR1 online

route-server.as3257.net>sho ip bgp regexp 29550 39152 | begin Network
   Network          Next Hop            Metric LocPrf Weight Path
*> 91.192.234.0/24  213.200.64.93           18             0 3257 5089 29550 39152 i
*> 91.192.235.0/24  213.200.64.93           18             0 3257 2914 29550 39152 39152 39152 39152 i

BGP Looking Glass with only RTR2 online

route-server.as3257.net>sho ip bgp regexp 29550 39152 | begin Network
   Network          Next Hop            Metric LocPrf Weight Path
*> 91.192.234.0/24  213.200.64.93           18             0 3257 5089 29550 39152 39152 39152 39152 i
*> 91.192.235.0/24  213.200.64.93           18             0 3257 2914 29550 39152 i

BGP Looking Glass with both RTR1 & RTR2 online

route-server.as3257.net>sho ip bgp regexp 29550 39152 | begin Network
   Network          Next Hop            Metric LocPrf Weight Path
*> 91.192.234.0/24  213.200.64.93           18             0 3257 5089 29550 39152 i
*> 91.192.235.0/24  213.200.64.93           18             0 3257 2914 29550 39152 i

The following configs use prefix-lists but with explicit matching on each route-map rule. The prefix-lists are less likely to be confusing to my colleagues, than ACLs.

RTR1 Config

conf t
!
router bgp 39152
 address-family ipv4
  neighbor 172.16.15.14 route-map OUR_ROUTES out
 exit-address-family
!
ip prefix-list BGP_PRIMARY_ROUTES seq 5 permit 91.192.234.0/24
!
ip prefix-list BGP_SECONDARY_ROUTES seq 5 permit 91.192.235.0/24
!
route-map OUR_ROUTES permit 10
 description Match Our Primary BGP Ranges
 match ip address prefix-list BGP_PRIMARY_ROUTES
 exit
!
route-map OUR_ROUTES permit 20
 description Match Our Secondary BGP Ranges
 match ip address prefix-list BGP_SECONDARY_ROUTES
 set as-path prepend 39152 39152 39152
 exit
!
end

RTR2 Config

conf t
!
router bgp 39152
 address-family ipv4
  neighbor 172.16.17.18 route-map OUR_ROUTES out
 exit-address-family
!
ip prefix-list BGP_PRIMARY_ROUTES seq 5 permit 91.192.235.0/24
!
ip prefix-list BGP_SECONDARY_ROUTES seq 5 permit 91.192.234.0/24
!
route-map OUR_ROUTES permit 10
 description Match Our Primary BGP Ranges
 match ip address prefix-list BGP_PRIMARY_ROUTES
 exit
!
route-map OUR_ROUTES permit 20
 description Match Our Secondary BGP Ranges
 match ip address prefix-list BGP_SECONDARY_ROUTES
 set as-path prepend 39152 39152 39152
 exit
!
end
furriephillips
  • 75
  • 7