The ISPs need to learn routes for the Enterprise’s public IP address space.
Options for advertising routes to the ISP:
- BGP network command
- Redistribution from an IGP
Adding to configurations made on R1, R101, R102, R103 and R104 in the previous lab, we will first configure R2 to be a part of the eBGP process between the Enterprise (AS 100) and the ISPs.
R2's configuration and R101/R102's updated configurations:
R2:
!
interface Loopback2
ip address 2.2.2.2 255.255.255.255
!
router bgp 100
no synchronization
bgp log-neighbor-changes
neighbor 101.101.101.101 remote-as 101
neighbor 101.101.101.101 ebgp-multihop 2
neighbor 101.101.101.101 update-source Loopback2
neighbor 102.102.102.102 remote-as 102
neighbor 102.102.102.102 ebgp-multihop 2
neighbor 102.102.102.102 update-source Loopback2
no auto-summary
!
ip route 101.101.101.101 255.255.255.255 201.1.1.6
ip route 102.102.102.102 255.255.255.255 202.2.2.6
!
R101:
!
interface Loopback101
ip address 101.101.101.101 255.255.255.255
!
router bgp 101
no synchronization
bgp log-neighbor-changes
neighbor 1.1.1.1 remote-as 100
neighbor 1.1.1.1 password ccnp
neighbor 1.1.1.1 ebgp-multihop 2
neighbor 1.1.1.1 update-source Loopback101
neighbor 2.2.2.2 remote-as 100
neighbor 2.2.2.2 ebgp-multihop 2
neighbor 2.2.2.2 update-source Loopback101
neighbor 104.104.104.104 remote-as 104
neighbor 104.104.104.104 password ccnp
neighbor 104.104.104.104 ebgp-multihop 2
neighbor 104.104.104.104 update-source Loopback101
no auto-summary
!
ip route 1.1.1.1 255.255.255.255 201.1.1.1
ip route 2.2.2.2 255.255.255.255 201.1.1.5
ip route 104.104.104.104 255.255.255.255 114.1.1.2
!
R102:
!
interface Loopback102
ip address 102.102.102.102 255.255.255.255
!
router bgp 102
no synchronization
bgp log-neighbor-changes
neighbor 1.1.1.1 remote-as 100
neighbor 1.1.1.1 ebgp-multihop 2
neighbor 1.1.1.1 update-source Loopback102
neighbor 2.2.2.2 remote-as 100
neighbor 2.2.2.2 ebgp-multihop 2
neighbor 2.2.2.2 update-source Loopback102
neighbor 103.103.103.103 remote-as 103
neighbor 103.103.103.103 ebgp-multihop 2
neighbor 103.103.103.103 update-source Loopback102
no auto-summary
!
ip forward-protocol nd
ip route 1.1.1.1 255.255.255.255 202.2.2.1
ip route 2.2.2.2 255.255.255.255 202.2.2.5
ip route 103.103.103.103 255.255.255.255 123.1.1.2
!
R2#show ip bgp summary | begin Neighbor
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
101.101.101.101 4 101 9 9 6 0 0 00:04:40 5
102.102.102.102 4 102 9 9 6 0 0 00:04:01 5
Note: Routers R1 - R5 have OSPF running between them.
Injecting Routes Using the network Command
For OSPF and EIGRP, the network command lists parameters that the router then compares to all its interface IP addresses. If matched, the router enables the IGP routing protocol on those interfaces.
BGP does not use the network command to enable BGP on interfaces - the BGP network command does cause a comparison to occur, but the comparison occurs between the network command’s parameters and the contents of that router’s IP routing table, as follows:
Rule: Look for a route in the router’s current IP routing table that exactly matches the parameters of the network command; if a route for that exact prefix/length exists, put the equivalent prefix/length into the local BGP table.
Let's assume a subnet with a public prefix is connected to R5 and it is required to be advertised to the ISPs.
R5#show ip route 155.55.0.0
Routing entry for 155.55.0.0/19, 1 known subnets
Attached (1 connections)
C 155.55.32.0 is directly connected, Loopback155
This network is advertised through OSPF to R1:
R5#show run | s ospf
...
network 155.55.32.0 0.0.31.255 area 0
R1#show ip route 155.55.0.0
Routing entry for 155.55.0.0/19, 1 known subnets
O 155.55.32.0 [110/75] via 10.1.0.26, 00:03:37, Serial0/2
[110/75] via 10.1.0.13, 00:03:37, Serial0/0
In order for R1 to advertise Lo10's IP address to the ISPs, we have to configure this using the network command:
R1(config)#router bgp 100
R1(config-router)#network 155.55.32.0 mask 255.255.224.0
R1#show ip bgp
BGP table version is 11, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 155.55.32.0/19 10.1.0.13 75 32768 i
* 192.168.40.40/32 102.102.102.102 0 102 103 104 i
*> 101.101.101.101 0 101 104 i
* 192.168.41.41/32 102.102.102.102 0 102 103 104 i
*> 101.101.101.101 0 101 104 i
* 192.168.42.42/32 102.102.102.102 0 102 103 104 i
*> 101.101.101.101 0 101 104 i
* 192.168.43.43/32 102.102.102.102 0 102 103 104 i
*> 101.101.101.101 0 101 104 i
* 192.168.44.44/32 102.102.102.102 0 102 103 104 i
*> 101.101.101.101 0 101 104 i
Note: It adds this prefix to the BGP table only if the exact prefix with that same mask exists in Router R1’s routing table.
R1 then advertises the new prefix to the ISPs - let's verify this on R104:
R104#show ip bgp
BGP table version is 13, local router ID is 192.168.44.44
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
* 155.55.32.0/19 103.103.103.103 0 103 102 100 i
*> 101.101.101.101 0 101 100 i
*> 192.168.40.40/32 0.0.0.0 0 32768 i
*> 192.168.41.41/32 0.0.0.0 0 32768 i
*> 192.168.42.42/32 0.0.0.0 0 32768 i
*> 192.168.43.43/32 0.0.0.0 0 32768 i
*> 192.168.44.44/32 0.0.0.0 0 32768 i
Note: In some cases, the Internet-connected router may not have a single route for the entire public prefix.
When a router knows routes only for subsets of the prefix that needs to be advertised, an additional step is needed when using the network command.
Either configure a static route for the entire range, with outgoing interface null0, on the Internet facing router, or use IGP route summarization to create a summary route for the entire prefix with IGP.
The static route to null0 — a discard route — is not meant to be advertised to other routers. It’s only purpose is to enable the operation of the network command.
Note: The network command uses the mask parameter, but if omitted, IOS assumes a classful network mask (/8, /16, /24).
Note: As of Cisco IOS version 12.3 mainline, BGP defaults to a setting of no auto-summary.
Injecting Routes Using Redistribution
Instead of using a BGP network command to add routes to the BGP table, the Enterprise BGP routers can instead redistribute routes from an IGP into BGP.
First, we should delete the network statement configured above.
R1(config)#router bgp 100
R1(config-router)#no network 155.55.32.0 mask 255.255.224.0
R104#show ip bgp
BGP table version is 15, local router ID is 192.168.44.44
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 192.168.40.40/32 0.0.0.0 0 32768 i
*> 192.168.41.41/32 0.0.0.0 0 32768 i
*> 192.168.42.42/32 0.0.0.0 0 32768 i
*> 192.168.43.43/32 0.0.0.0 0 32768 i
*> 192.168.44.44/32 0.0.0.0 0 32768 i
Next, if we will going to redistribute the same subnet from OSPF to BGP, we should filter other internal routes from being sent to the ISPs.
R1(config)#ip prefix-list 155subnet permit 155.55.32.0/19 le 32
R1(config)#route-map only155 permit
R1(config-route-map)#match ip address prefix-list 155subnet
R1#show route-map
route-map only155, permit, sequence 10
Match clauses:
ip address prefix-lists: 155subnet
Set clauses:
Policy routing matches: 0 packets, 0 bytes
As a result, the subnet is advertised to the ISPs:
R1#show ip bgp
BGP table version is 29, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 155.55.32.0/19 10.1.0.13 75 32768 ?
* 192.168.40.40/32 102.102.102.102 0 102 103 104 i
*> 101.101.101.101 0 101 104 i
* 192.168.41.41/32 102.102.102.102 0 102 103 104 i
*> 101.101.101.101 0 101 104 i
* 192.168.42.42/32 102.102.102.102 0 102 103 104 i
*> 101.101.101.101 0 101 104 i
* 192.168.43.43/32 102.102.102.102 0 102 103 104 i
*> 101.101.101.101 0 101 104 i
* 192.168.44.44/32 102.102.102.102 0 102 103 104 i
*> 101.101.101.101 0 101 104 i
R104#show ip bgp
BGP table version is 40, local router ID is 192.168.44.44
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
* 155.55.32.0/19 103.103.103.103 0 103 102 100 ?
*> 101.101.101.101 0 101 100 ?
*> 192.168.40.40/32 0.0.0.0 0 32768 i
*> 192.168.41.41/32 0.0.0.0 0 32768 i
*> 192.168.42.42/32 0.0.0.0 0 32768 i
*> 192.168.43.43/32 0.0.0.0 0 32768 i
*> 192.168.44.44/32 0.0.0.0 0 32768 i
The BGP aggregate-address Command to Advertise the Entire Public IP Address Prefix
We can use BGP route summarization when we have multiple subset routes of the same subnet in the BGP table, but we want to advertise only the summary to the BGP neighbors and none of the subset routes.
Let's include R5's loopback interfaces into OSPF, so that R1 can learn about them and advertise them into BGP.
R5(config)#router ospf 1
R5(config-router)#network 172.16.0.0 0.0.255.255 a 0
R1 learnes about these routes and inserts them into the routing table:
R1#show ip route
...
O 172.16.14.14 [110/75] via 10.1.0.26, 00:00:07, Serial0/2
[110/75] via 10.1.0.13, 00:00:07, Serial0/0
O 172.16.13.13 [110/75] via 10.1.0.26, 00:00:07, Serial0/2
[110/75] via 10.1.0.13, 00:00:07, Serial0/0
O 172.16.12.12 [110/75] via 10.1.0.26, 00:00:07, Serial0/2
[110/75] via 10.1.0.13, 00:00:07, Serial0/0
O 172.16.11.11 [110/75] via 10.1.0.26, 00:00:09, Serial0/2
[110/75] via 10.1.0.13, 00:00:09, Serial0/0
O 172.16.10.10 [110/75] via 10.1.0.26, 00:00:09, Serial0/2
[110/75] via 10.1.0.13, 00:00:09, Serial0/0
...
Now, if we tell R1 to include these routes into the BGP process, they will be added to the BGP table and advertised all the way to R104:
R1(config)#router bgp 100
R1(config-router)#network 172.16.10.10 mask 255.255.255.255
R1(config-router)#network 172.16.11.11 mask 255.255.255.255
R1(config-router)#network 172.16.12.12 mask 255.255.255.255
R1(config-router)#network 172.16.13.13 mask 255.255.255.255
R1(config-router)#network 172.16.14.14 mask 255.255.255.255
R1(config-router)#do show ip bgp
BGP table version is 34, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 155.55.32.0/19 10.1.0.13 75 32768 ?
*> 172.16.10.10/32 10.1.0.13 75 32768 i
*> 172.16.11.11/32 10.1.0.13 75 32768 i
*> 172.16.12.12/32 10.1.0.13 75 32768 i
*> 172.16.13.13/32 10.1.0.13 75 32768 i
*> 172.16.14.14/32 10.1.0.13 75 32768 i
* 192.168.40.40/32 102.102.102.102 0 102 103 104 i
*> 101.101.101.101 0 101 104 i
* 192.168.41.41/32 102.102.102.102 0 102 103 104 i
*> 101.101.101.101 0 101 104 i
* 192.168.42.42/32 102.102.102.102 0 102 103 104 i
*> 101.101.101.101 0 101 104 i
* 192.168.43.43/32 102.102.102.102 0 102 103 104 i
*> 101.101.101.101 0 101 104 i
* 192.168.44.44/32 102.102.102.102 0 102 103 104 i
*> 101.101.101.101 0 101 104 i
R104#show ip bgp
BGP table version is 45, local router ID is 192.168.44.44
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
* 155.55.32.0/19 103.103.103.103 0 103 102 100 ?
*> 101.101.101.101 0 101 100 ?
* 172.16.10.10/32 103.103.103.103 0 103 102 100 i
*> 101.101.101.101 0 101 100 i
* 172.16.11.11/32 103.103.103.103 0 103 102 100 i
*> 101.101.101.101 0 101 100 i
* 172.16.12.12/32 103.103.103.103 0 103 102 100 i
*> 101.101.101.101 0 101 100 i
* 172.16.13.13/32 103.103.103.103 0 103 102 100 i
*> 101.101.101.101 0 101 100 i
* 172.16.14.14/32 103.103.103.103 0 103 102 100 i
*> 101.101.101.101 0 101 100 i
*> 192.168.40.40/32 0.0.0.0 0 32768 i
*> 192.168.41.41/32 0.0.0.0 0 32768 i
*> 192.168.42.42/32 0.0.0.0 0 32768 i
*> 192.168.43.43/32 0.0.0.0 0 32768 i
*> 192.168.44.44/32 0.0.0.0 0 32768 i
Now, if we want to advertise just the summary route and not all its subnets, we can use the aggregate-address command and the summary-only keyword.
R1(config)#router bgp 100
R1(config-router)#aggregate-address 172.16.0.0 255.255.0.0 summary-only
Let's check R1's and R104's BGP tables and see the summary routes instead of the subset routes:
R1(config-router)#do show ip bgp
BGP table version is 40, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 155.55.32.0/19 10.1.0.13 75 32768 ?
*> 172.16.0.0 0.0.0.0 32768 i
s> 172.16.10.10/32 10.1.0.13 75 32768 i
s> 172.16.11.11/32 10.1.0.13 75 32768 i
s> 172.16.12.12/32 10.1.0.13 75 32768 i
s> 172.16.13.13/32 10.1.0.13 75 32768 i
s> 172.16.14.14/32 10.1.0.13 75 32768 i
...
R104#show ip bgp
BGP table version is 56, local router ID is 192.168.44.44
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
* 155.55.32.0/19 103.103.103.103 0 103 102 100 ?
*> 101.101.101.101 0 101 100 ?
* 172.16.0.0 103.103.103.103 0 103 102 100 i
*> 101.101.101.101 0 101 100 i
*> 192.168.40.40/32 0.0.0.0 0 32768 i
*> 192.168.41.41/32 0.0.0.0 0 32768 i
*> 192.168.42.42/32 0.0.0.0 0 32768 i
*> 192.168.43.43/32 0.0.0.0 0 32768 i
*> 192.168.44.44/32 0.0.0.0 0 32768 i
Note: The summary-only keyword in the aggregate-address command tells IOS to suppress the advertisement the subset routes, as noted by the code “s” beside the routes.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment