When you enable it within your BGP instance and you elected to suppress the contributing routes from being advertised to your peers by using the "summary-only" keyword. In some cases though, you may not want to suppress the contributing routes for certain peers and want a way to disable this global behaviour on an individual peer basis.
Through the application of the swiss army knife known as a route-map in conjunction with the "unsuppress-map" keyword on your neighbor declaration; it is possible to allow the more-specific routes to still be transmitted.
In my configuration example, I have three routers, R4, R5 and R6 in a string where R5 is directly peering with R4 and R6.
R4 Configuration
hostname R4
interface Loopback0
ip address 4.4.4.4 255.255.255.255
!
interface FastEthernet0/0
description To R5 Fa0/0
ip address 100.100.45.4 255.255.255.0
duplex auto
speed auto
!
router bgp 64512ip address 4.4.4.4 255.255.255.255
!
interface FastEthernet0/0
description To R5 Fa0/0
ip address 100.100.45.4 255.255.255.0
duplex auto
speed auto
!
no synchronization
bgp router-id 4.4.4.4
bgp log-neighbor-changes
network 4.4.4.4 mask 255.255.255.255
neighbor 100.100.45.5 remote-as 64513
no auto-summary
!
R5 Initial Configuration
hostname R5
interface Loopback0
ip address 5.5.5.5 255.255.255.255
!
interface Loopback10
ip address 192.168.1.1 255.255.255.0
!
interface Loopback11
ip address 192.168.2.1 255.255.255.0
!
interface Loopback12
ip address 192.168.3.1 255.255.255.0
!
interface Loopback20
ip address 172.16.0.1 255.255.255.0
!
interface Loopback21
ip address 172.16.7.1 255.255.255.0
!
interface FastEthernet0/0ip address 5.5.5.5 255.255.255.255
!
interface Loopback10
ip address 192.168.1.1 255.255.255.0
!
interface Loopback11
ip address 192.168.2.1 255.255.255.0
!
interface Loopback12
ip address 192.168.3.1 255.255.255.0
!
interface Loopback20
ip address 172.16.0.1 255.255.255.0
!
interface Loopback21
ip address 172.16.7.1 255.255.255.0
!
description R4 Fa0/0
ip address 100.100.45.5 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet0/1
description R5 Fa0/1
ip address 100.100.56.5 255.255.255.0
duplex auto
speed auto
!
router bgp 64513
no synchronization
bgp router-id 5.5.5.5
bgp log-neighbor-changes
network 5.5.5.5 mask 255.255.255.255
network 172.16.0.0 mask 255.255.255.0
network 172.16.7.0 mask 255.255.255.0
network 192.168.1.0
network 192.168.2.0
network 192.168.3.0
aggregate-address 172.16.0.0 255.255.248.0 summary-only
aggregate-address 192.168.0.0 255.255.252.0 summary-only
neighbor 100.100.45.4 remote-as 64512
neighbor 100.100.56.6 remote-as 64514
no auto-summary
R6 Configuration
hostname R6
interface Loopback0
ip address 6.6.6.6 255.255.255.255
!
interface FastEthernet0/1
description R5 Fa0/1
ip address 100.100.56.6 255.255.255.0
duplex auto
speed auto
!
router bgp 64514
no synchronization
bgp log-neighbor-changes
network 6.6.6.6 mask 255.255.255.255
neighbor 100.100.56.5 remote-as 64513
no auto-summary
!
As you can see there are some loopbacks on R5 which are summarised thanks to the "aggregate-address" commands and with the "summary-only" keyword, the contributing routes will be suppressed from advertisement.
Lets have a look at what R4 and R6 see:
R4#sh ip route bgp
5.0.0.0/32 is subnetted, 1 subnets
B 5.5.5.5 [20/0] via 100.100.45.5, 00:09:48
6.0.0.0/32 is subnetted, 1 subnets
B 6.6.6.6 [20/0] via 100.100.45.5, 00:10:18
172.16.0.0/21 is subnetted, 1 subnets
B 172.16.0.0 [20/0] via 100.100.45.5, 00:09:48
B 192.168.0.0/22 [20/0] via 100.100.45.5, 00:09:48
5.0.0.0/32 is subnetted, 1 subnets
B 5.5.5.5 [20/0] via 100.100.45.5, 00:09:48
6.0.0.0/32 is subnetted, 1 subnets
B 6.6.6.6 [20/0] via 100.100.45.5, 00:10:18
172.16.0.0/21 is subnetted, 1 subnets
B 172.16.0.0 [20/0] via 100.100.45.5, 00:09:48
B 192.168.0.0/22 [20/0] via 100.100.45.5, 00:09:48
4.0.0.0/32 is subnetted, 1 subnets
B 4.4.4.4 [20/0] via 100.100.56.5, 00:10:29
5.0.0.0/32 is subnetted, 1 subnets
B 5.5.5.5 [20/0] via 100.100.56.5, 00:09:59
172.16.0.0/21 is subnetted, 1 subnets
B 172.16.0.0 [20/0] via 100.100.56.5, 00:09:59
B 192.168.0.0/22 [20/0] via 100.100.56.5, 00:09:59
Which certainly matches what R5 says it's doing:
R5#sh ip bgp neighbors 100.100.45.4 advertised-routes
BGP table version is 16, local router ID is 5.5.5.5
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 4.4.4.4/32 100.100.45.4 0 0 64512 i
*> 5.5.5.5/32 0.0.0.0 0 32768 i
*> 6.6.6.6/32 100.100.56.6 0 0 64514 i
*> 172.16.0.0/21 0.0.0.0 32768 i
*> 192.168.0.0/22 0.0.0.0 32768 i
Total number of prefixes 5
R5#sh ip bgp neighbors 100.100.56.6 advertised-routes
BGP table version is 16, local router ID is 5.5.5.5
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 4.4.4.4/32 100.100.45.4 0 0 64512 i
*> 5.5.5.5/32 0.0.0.0 0 32768 i
*> 6.6.6.6/32 100.100.56.6 0 0 64514 i
*> 172.16.0.0/21 0.0.0.0 32768 i
*> 192.168.0.0/22 0.0.0.0 32768 i
Total number of prefixes 5
Lets say for arguments sake we want to see the specific routes from 192.168.0.0/22 to appear on R4 and the specific routes from 172.16.0.0/21 to appear on R6
The way we do this is to set the neighbor to have an unsuppress-map (a route-map) which when matched will allow the contributing routes to be transferred. In this example, the route-map for R4 is matching the route with an access list, and the route-map for R6 is using a prefix-list
R5(config)#router bgp 64513
R5(config-router)#neighbor 100.100.45.4 unsuppress-map UnsuppressR4
R5(config-router)#neighbor 100.100.56.6 unsuppress-map UnsuppressR6
R5(config-router)#route-map UnsuppressR4
R5(config-route-map)#match ip address 4
R5(config-route-map)#exit
R5(config)#access-list 4 permit 192.168.0.0 0.0.3.255
R5(config)#route-map UnsuppressR6
R5(config-route-map)#match ip address prefix-list R6
R5(config-route-map)#exit
R5(config)#ip prefix-list R6 permit 172.16.0.0/21
After clearing the peerings (clear ip bgp *) and waiting for BGP to come up and stabilise, lets see what R5 is advertising to its peers
Below we can see that R5 is advertising some routes with the "s" flag which means that they were suppressed but we're advertising them:
R5#sh ip bgp neighbors 100.100.45.4 advertised-routes
BGP table version is 16, local router ID is 5.5.5.5
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 5.5.5.5/32 0.0.0.0 0 32768 i
*> 6.6.6.6/32 100.100.56.6 0 0 64514 i
*> 172.16.0.0/21 0.0.0.0 32768 i
*> 192.168.0.0/22 0.0.0.0 32768 i
s> 192.168.1.0 0.0.0.0 0 32768 i
s> 192.168.2.0 0.0.0.0 0 32768 i
s> 192.168.3.0 0.0.0.0 0 32768 i
R4>sh ip route bgp
5.0.0.0/32 is subnetted, 1 subnets
B 5.5.5.5 [20/0] via 100.100.45.5, 00:02:45
6.0.0.0/32 is subnetted, 1 subnets
B 6.6.6.6 [20/0] via 100.100.45.5, 00:03:31
172.16.0.0/21 is subnetted, 1 subnets
B 172.16.0.0 [20/0] via 100.100.45.5, 00:02:45
B 192.168.1.0/24 [20/0] via 100.100.45.5, 00:02:45
B 192.168.2.0/24 [20/0] via 100.100.45.5, 00:02:45
B 192.168.3.0/24 [20/0] via 100.100.45.5, 00:02:45
B 192.168.0.0/22 [20/0] via 100.100.45.5, 00:02:45
Now here is a problem with R5... we aren't advertising the specific routes for the 172.16.0.0/21 network to R6!
R5#sh ip bgp neighbors 100.100.56.6 advertised-routes
BGP table version is 16, local router ID is 5.5.5.5
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 4.4.4.4/32 100.100.45.4 0 0 64512 i
*> 5.5.5.5/32 0.0.0.0 0 32768 i
*> 172.16.0.0/21 0.0.0.0 32768 i
*> 192.168.0.0/22 0.0.0.0 32768 i
Total number of prefixes 4
The problem is that the prefix-list is only matching on the summary route and not the contributing routes. All we need to do is fix up the prefix-list and all should be well
R5(config)#no ip prefix-list R6 permit 172.16.0.0/21
R5(config)#ip prefix-list R6 permit 172.16.0.0/21 le 24
R5(config)#do clear ip bgp 100.100.56.6 soft
R5(config)#do sh ip bgp nei 100.100.56.6 adv
BGP table version is 16, local router ID is 5.5.5.5
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 4.4.4.4/32 100.100.45.4 0 0 64512 i
*> 5.5.5.5/32 0.0.0.0 0 32768 i
s> 172.16.0.0/24 0.0.0.0 0 32768 i
*> 172.16.0.0/21 0.0.0.0 32768 i
s> 172.16.7.0/24 0.0.0.0 0 32768 i
*> 192.168.0.0/22 0.0.0.0 32768 i
Total number of prefixes 6
Things are now working as expected and R6 agrees
R6>sh ip route bgp
4.0.0.0/32 is subnetted, 1 subnets
B 4.4.4.4 [20/0] via 100.100.56.5, 00:09:45
5.0.0.0/32 is subnetted, 1 subnets
B 5.5.5.5 [20/0] via 100.100.56.5, 00:08:58
172.16.0.0/16 is variably subnetted, 3 subnets, 2 masks
B 172.16.7.0/24 [20/0] via 100.100.56.5, 00:02:03
B 172.16.0.0/24 [20/0] via 100.100.56.5, 00:02:03
B 172.16.0.0/21 [20/0] via 100.100.56.5, 00:08:58
B 192.168.0.0/22 [20/0] via 100.100.56.5, 00:08:58
No comments:
Post a Comment