RE: RE: conditional default advertising in BGP with multiple

From: Usankin, Andrew (Andrew.Usankin@twtelecom.com)
Date: Tue Oct 23 2007 - 13:23:56 ART

 Perfect! I'm going to lab it right away to se how it works.

By the way you missed one command in router bgp 100:
default-information originate.

Anyway thanks for advise Con!

Andrew

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Con Spathas
Sent: Tuesday, October 23, 2007 2:31 AM
To: 'Koen Zeilstra'; 'Benedict Munyao'
Cc: ccielab@groupstudy.com
Subject: RE: RE: conditional default advertising in BGP with multiple
routes tomonitor

Thought I'd kick my $0.02 in - imho I don't think I'd ever use this
possible solution in production but kinda fun in a lab - however here
goes:

I setup BGP peering with 2 routers - R1 <-> R2.
The goal - have R1 only send R2 a 0/0 via BGP if 2 seperate routes were
reachable on R1.

On R1 I setup a boolean track and added a static route for 0/0 to null
watching the boolean track.

!
track 1 list boolean and
 object 2
 object 3
!
ip route 0.0.0.0 0.0.0.0 Null0 track 1
!

The 2 track objects (2 & 3) are just 2 connected interfaces - but I
suppose you could track anything in the the routing table:

!
track 2 ip route 1.1.1.0 255.255.255.0 reachability
!
track 3 ip route 2.2.2.0 255.255.255.0 reachability !

Finally I setup BGP - the iffy part here is getting 0/0 into the bgp
table so I added the 0.0.0.0 network to keep it simple.

!
router bgp 100
 no synchronization
 bgp log-neighbor-changes
 network 0.0.0.0
 neighbor 100.100.100.2 remote-as 1000
 no auto-summary
!

Careful filtering would need to be in place to even consider doing
something like this in production.
Imagine the potential havoc if you unleashed a 0/0 into BGP!!!! <grin>

So now if I kill either of the 1.1.1.0/24 or the 2.2.2.0/24 networks on
R1 - the static 0/0 route will be withdrawn from the routing table and
thus the bgp table.
This in turn will cause BGP to withdraw the 0/0 route to R2. Therefore
both tracked routes must be reachable before the 0/0 gets sent to the
neighbor.

Anyhow with the limited testing I did it seems like a possible solution
to the AND problem.

Cheers.

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Koen Zeilstra
Sent: Tuesday, 23 October 2007 07:38
To: Benedict Munyao
Cc: ccielab@groupstudy.com
Subject: Re: RE: conditional default advertising in BGP with multiple
routes tomonitor

Correct. However for watching two routes this isn't a solution.

Two match clauses in different subblocks cause the default to be
announced when the first clause is a match. What we need is de default
to be announced when BOTH match clauses have a positive match.

Quoting Benedict Munyao <bmunyao@gmail.com>:

> The first solution examined in this thread included using "neighbor
> default-originate route-map" command. The Doccd clarifies why it only
> uses the "or" logic when comparing the two ACLs:
>
> http://www.cisco.com/univercd/cc/td/doc/product/software/ios124/124cr/
> hirp_r/rte_pih.htm#wp1123413
>
> "Like matches in the same route map subblock are filtered with "or"
> semantics. If any one match clause is matched in the entire route map
> subblock, this match is treated as a successful match. Dissimilar
> match clauses are filtered with "and" semantics. So dissimilar matches

> are filtered logically. If the first set of conditions is not met, the

> second match clause is filtered."
>
> HTH
> Benedict Munyao
>
>
>
> On 10/19/07, Koen Zeilstra <koen@koenzeilstra.com> wrote:
>>
>> Balmik has email this nice solution to me which I would like to share

>> with the group.
>>
>> Balmik, I hope you don't mind that I send this to the group.
>>
>> I have tested this on my lab and the results in various situations on

>> different platforms
>>
>> Situation 1. It only checks line 10 of the route-map, and ignores the

>> rest.
>> Situation 2. It does a OR. So both routes have to dissapear to remove

>> the default instead of one.
>>
>> From:
>>
>> http://www.cisco.com/en/US/products/ps6566/products_feature_guide0918
>> 6a00801a7f7a.html#wp1038479
>>
>> I read that outbound BGP route-maps only are supported. I would say
>> this is a outbound BGP route-map. The only different from standard
>> advertisement is de conditional default. Maybe it is only intended
>> for match and set operations on advertised routes.
>>
>>
>>
>> ----- Forwarded message from balmik@staff.iinet.net.au -----
>> Date: Fri, 19 Oct 2007 14:07:49 +0800
>> From: Balmik Soin <balmik@staff.iinet.net.au>
>> Reply-To: Balmik Soin <balmik@staff.iinet.net.au>
>> Subject: RE: conditional default advertising in BGP with multiple
>> routes tomonitor
>> To: Koen Zeilstra <koen@koenzeilstra.com>, Bob Sinclair
>> <bob@bobsinclair.net>
>> Cc: Saul Arjona <saul.arjona.bueno@gmail.com>
>>
>> (Removing CCIE groupstudy list for this email)
>>
>> I'm not able to test this at the moment, but can I suggest you try a
>> CONTINUE route-map statement to try and get an AND working?
>>
>> Something like a
>>
>> Route-map XXX permit 10
>> Match ip address prefix-list 1
>> Continue 30
>>
>> Route-map XXX deny 20
>>
>> Route-map XXX permit 30
>> Match ip address prefix-list 2
>>
>> I don't know if "continue" will work for these kinds of route-maps,
>> but it's worth a try - if it works, then you can post it to
>> GroupStudy. I just didn't want to post a "perhaps" email to the group

>> without testing it, and ending up wasting people's time :)
>>
>> --
>> Balmik Soin
>> Voice Network Engineer Desk: +61-8-9213-1370
>> Voice Engineering - Network Services Mobile: +61-414-429-266
>> iiNet Limited balmik@staff.iinet.net.au
>>
>>
>> > -----Original Message-----
>> > From: Koen Zeilstra [mailto:koen@koenzeilstra.com]
>> > Sent: Friday, 19 October 2007 1:14 PM
>> > To: Bob Sinclair
>> > Cc: Balmik Soin; Saul Arjona; ccielab@groupstudy.com
>> > Subject: Re: conditional default advertising in BGP with multiple
>> routes
>> > tomonitor
>> >
>> > Yes we do have a solution for the OR, now we still need a solution
>> > for the AND function. Matching both routes for one descision.
>> >
>> >
>> >
>> > Quoting Bob Sinclair <bob@bobsinclair.net>:
>> >
>> > > Koen Zeilstra wrote:
>> > >> Correct. The conditions are never met for ACL 10.
>> > >>
>> > >> I have labbed the original and this solution up, no AND just OR.
>> > >>
>> > > Absolutely right! I stand corrected. So do we have a solution
>> > > for
>> OR?
>> > >
>> > > --
>> > >
>> > >
>> > > Bob Sinclair CCIE 10427 CCSI 30427 www.netmasterclass.net
>> >
>>
>>
>>
>> ----- End forwarded message -----
>>
>> _____________________________________________________________________
>> __ Subscription information may be found at:
>> http://www.groupstudy.com/list/CCIELab.html
>
> ______________________________________________________________________
> _ Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

This archive was generated by hypermail 2.1.4 : Fri Nov 16 2007 - 13:11:18 ART