Friday 15 February 2008

Aggregate with a subset of more specific routes

Unlike in the Aggregate plus more specific routes post, we will limit the prefixes that are leaked as opposed to leaking all the prefixes covered by that specific aggregate.

We use a special type of route-map here called “suppress-maps” to permit or deny more specific routes of an aggregate to be sent.

Setup: Again this is based on the examples in Chapter 11 of Internet Routing Architectures.

Let's clean up from the previous post by stripping the route-map SETNOEXPORT route-map on RTA & RTF

RTA(config)#no route-map SETNOEXPORT out
RTA(config)#no access-list 101
RTA(config-router)#no neighbor 172.16.20.1 send-community
RTA(config-router)#no neighbor 172.16.20.1 route-map SETNOEXPORT out


Next, RTF needs to advertise RTA’s 172.16.220.0 route in BGP & RTA needs to advertise RTF’s 172.16.65.0 route in BGP. In AS 3’s IBGP, these will be suppressed via the bgp suppress-map so they need to be originated from the routers IGP, in this instance OSPF.

Create our suppress-map and access-lists. Adjust our aggregate-address commands:

On RTA:

Aggregate-address 172.16.0.0 255.255.0.0 suppress-map SUPPRESS

access-list 1 permit 172.16.220.0 0.0.0.255
access-list 1 deny any

route-map SUPPRESS permit 10
match ip address 1

On RTF:
Aggregate-address 172.16.0.0 255.255.0.0 suppress-map ALLOW

access-list 1 deny 172.16.220.0 0.0.0.255
access-list 1 permit any

route-map ALLOW permit 10
match ip address 1


You'll see we can easily control updates for network 172.16.220.0 with SUPPRESS & ALLOW route-maps. In RTA we "PERMIT network 172.16.220.0 to be SUPPRESSED", this means this route will not be advertised. Vis-à-vis RTF will "DENY 172.16.220.0 to be SUPPRESSED" , this means the route will be advertised.

Below is output from Show ip bgp on RTA, note how route 172.16.220.0 is marked with "s for Suppressed".

RTA#sh ip bgp
BGP table version is 16, local router ID is 172.16.2.254
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path
* i172.16.0.0 172.16.1.2 0 100 0 i
*> 0.0.0.0 32768 i
*> 172.16.1.0/24 0.0.0.0 0 32768 i
*> 172.16.20.0/24 0.0.0.0 0 32768 i
s i172.16.220.0/24 172.16.1.2 74 100 0 i
s> 0.0.0.0 0 32768 i
*>i192.68.5.0 172.16.1.2 0 100 0 i
* 172.16.20.1 0 1 i
* i192.68.6.0 172.16.1.2 0 100 0 1 i
*> 172.16.20.1 0 0 1 i
RTA#


A traceroute from RTC, as setup in the Internet Routing Architectures example will reveal the route to 172.16.220.0

RTC>traceroute 172.16.220.1

Type escape sequence to abort.
Tracing the route to 172.16.220.1

1 192.68.6.1 12 msec 16 msec 12 msec
2 192.68.5.1 28 msec 28 msec 28 msec
3 172.16.1.1 [AS 3] 28 msec * 24 msec
RTC>
Posted by at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)