RE: Conditional Advertise

It's using the logic of a conditional announcement, but it's not a BGP
conditional route announcement using an exist-map. That's what I was
referring to. It seems to be a short coming of the implementation.

-ryan

From: Narbik Kocharians [mailto:narbikk_at_gmail.com]
Sent: Saturday, August 29, 2009 4:45 PM
To: Ryan West
Cc: Divin Mathew John; S Malik; smorris_at_ine.com; Anantha Subramanian
Natarajan; Sagar Rane; ccielab_at_groupstudy.com
Subject: Re: Conditional Advertise

The second solution did NOT advertise another route, so it should be fine in
the real world or an exam.
On Sat, Aug 29, 2009 at 1:40 PM, Ryan West
<rwest_at_zyedge.com<mailto:rwest_at_zyedge.com>> wrote:
Narbik,

I agree that this would work, but it's really a hack in the end. You're
telling BGP to announce another route when those two conditions exist by
creating another route advertisement in BGP. In the lab and the real world,
this means you have to filter that fictitious route from all your
announcements and having at least a distribute list out to each neighbor. I
understand that it's needed for the conditional route announcement (another
short coming IMO), but it seems rather ugly when the solution should be
allowing for *continue* in the route-map.

-ryan

-----Original Message-----
From: nobody_at_groupstudy.com<mailto:nobody_at_groupstudy.com>
[mailto:nobody_at_groupstudy.com<mailto:nobody_at_groupstudy.com>] On Behalf Of
Divin Mathew John
Sent: Saturday, August 29, 2009 3:55 PM
To: Narbik Kocharians
Cc: S Malik; smorris_at_ine.com<mailto:smorris_at_ine.com>; Anantha Subramanian
Natarajan; Sagar Rane; ccielab_at_groupstudy.com<mailto:ccielab_at_groupstudy.com>
Subject: Re: Conditional Advertise
it would be awesome if you could just list out the methods (technologies
being used)

On Sun, Aug 30, 2009 at 1:11 AM, Narbik Kocharians
<narbikk_at_gmail.com<mailto:narbikk_at_gmail.com>>wrote:

> There are few ways to do this, in the following i am showing you just 2
> ways:
> Try this, so if netw 1.0.0.0 and 11.0.0.0 are BOTH up, only then, network
> 2.0.0.0 should be advertised:
>
> The topology should be as follows:
> R1 -------- R2 -------- R3
>
> R1 is advertising 1.0.0.0/8<http://1.0.0.0/8> and
11.0.0.0/8<http://11.0.0.0/8>
> R2 is advertising 2.0.0.0/8<http://2.0.0.0/8>
>
> *Set up a boolean logic and identify network 1.0.0.0/8<http://1.0.0.0/8> and
11.0.0.0/8:*<http://11.0.0.0/8:*>
> R2(config)#Track 1 list boolean *AND
> *R2(config-track)#object 2
> R2(config-track)#object 3
> R2(config-track)#track 2 ip route 1.0.0.0 255.0.0.0 reach
> R2(config-track)#track 3 ip route 11.0.0.0 255.0.0.0 reach
> *Setup a fake route and tie "Track 1" to the fake route and advertise the
> fake route in BGP:*
>
> R2(config)#ip route 200.1.1.1 255.255.255.255 null0 *track 1*
>
> R2(config)#router bgp 200
> R2(config-route-map)#Network 200.1.1.1 mask 255.255.255.255
>
> *Identify network 2.0.0.0/8<http://2.0.0.0/8> and the fake network:*
>
> R2(config)#ip prefix-list NET permit 200.1.1.1/32<http://200.1.1.1/32>
> R2(config)#ip prefix-list NET2 permit 2.0.0.0/8<http://2.0.0.0/8>
>
> *Configure a route-map called "Adv" and reference the prefix-list that
> references network 2.0.0.0/8:*<http://2.0.0.0/8:*>
>
> R2(config)#route-map Adv permit 10
> R2(config-route-map)#match ip addr prefix NET2
>
> *Configure a route-map called "EXIST" and reference the prefix-list that
> references network 200.1.1.1/32<http://200.1.1.1/32> (The fake network):*
>
> R2(config-route-map)#route-map EXIST permit 10
> R2(config-route-map)#match ip addr prefix NET
>
> *Configure an advertise-map and an exist map:*
>
> R2(config-route-map)#router bgp 200
> R2(config-router)#neigh 10.1.23.3 advertise-map Adv exist-map EXIST
>
> *If the first example does not turn you on, then, try this one:*
>
> same topology as before.
>
> *On R2*
>
> *track 1 list boolean and
> object 2
> object 3
> !
> track 2 ip route 1.0.0.0 255.0.0.0 reachability
> track 3 ip route 11.0.0.0 255.0.0.0 reachability*
>
> *Instead of creating a loopback interface and assigning
2.0.0.0/8<http://2.0.0.0/8> to it,
> just create a static route to Null0, as long as the static route is there,
> BGP will advertise it, since "Track 1" is referenced by the static route,
> this network (2.0.0.0/8<http://2.0.0.0/8>) will only be there if the boolean
logic is true:*
>
> * Router bgp 200
> Network 2.0.0.0
>
> *
> *ip route 2.0.0.0 255.0.0.0 Null0 track 1*
>
> * *
>
>
> On Sat, Aug 29, 2009 at 8:25 AM, S Malik
<ccie.09_at_gmail.com<mailto:ccie.09_at_gmail.com>> wrote:
>
>> Scott,
>> I already thought of using sla tracking, some how it does not seem to be
>> fitting in it.
>>
>> Only as-path is the option that I could match after a prefix list under
>> the
>> same clause and I think even this as-path should be the associated
>> attribute
>> of the prefix we matched earlier.
>>
>>
>> On Sat, Aug 29, 2009 at 10:39 AM, Scott Morris
<smorris_at_ine.com<mailto:smorris_at_ine.com>> wrote:
>>
>> > No, they'd all be or, or, or, or....
>> >
>> > If you have the ability (likely not in CCIE) to use a static route, you
>> can
>> > put a track condition on it. With the tracking mechanisms, we have much
>> > more boolean control on and, or, not, etc. But not in a route-map!
>> Bummer
>> > there.
>> >
>> >
>> >
>> >
>> > *Scott Morris*, CCIE*x4* (R&S/ISP-Dial/Security/Service Provider) #4713,
>> >
>> > JNCIE-M #153, JNCIS-ER, CISSP, et al.
>> >
>> > JNCI-M, JNCI-ER
>> >
>> > evil_at_ine.com<mailto:evil_at_ine.com>
>> >
>> >
>> > Internetwork Expert, Inc.
>> >
>> > http://www.InternetworkExpert.com<http://www.internetworkexpert.com/>
<http://www.internetworkexpert.com/><
>> http://www.internetworkexpert.com/>
>> >
>> > Toll Free: 877-224-8987
>> >
>> > Outside US: 775-826-4344
>> >
>> >
>> > Knowledge is power.
>> >
>> > Power corrupts.
>> >
>> > Study hard and be Eeeeviiiil......
>> >
>> >
>> > Divin Mathew John wrote:
>> >
>> > From wht Malik Qoouted..
>> > route-map ABC permit 10
>> > match ip add prefi P Q R
>> > match Ip add prefix XYZ
>> >
>> >
>> > means
>> >
>> > if((P OR Q OR R) AND (X OR Y OR Z)
>> > then exceute SET
>> >
>> > On Sat, Aug 29, 2009 at 7:26 PM, Divin Mathew John
>> <divinjohn_at_gmail.com<mailto:divinjohn_at_gmail.com>>wrote:
>> >
>> >> For this u gotta use the CONTINUE Clause in route-maps
>> >>
>> >> Filtering Traffic Using Continue Clauses in a BGP Route Map
>> >>
>> >> Perform this task to filter traffic using continue clauses in a BGP
>> route
>> >> map. In Cisco IOS Release 12.3(2)T, 12.0(24)S, 12.2(33)SRB, and later
>> >> releases, the continue clause was introduced into BGP route map
>> >> configuration. The continue clause allows for more programmable policy
>> >> configuration and route filtering and introduced the capability to
>> execute
>> >> additional entries in a route map after an entry is executed with
>> successful
>> >> match and set clauses. Continue clauses allow the network operator to
>> >> configure and organize more modular policy definitions so that specific
>> >> policy configurations need not be repeated within the same route map.
>> Before
>> >> the continue clause was introduced, route map configuration was linear
>> and
>> >> did not allow any control over the flow of a route map.
>> >>
>> >> In Cisco IOS Release 12.0(31)S, 12.4(4)T, 12.2(33)SRB, and later
>> releases,
>> >> support for continue clauses for outbound route maps was introduced.
>> >> Route Map Operation Without Continue Clauses
>> >>
>> >> A route map evaluates match clauses until a successful match occurs.
>> After
>> >> the match occurs, the route map stops evaluating match clauses and
>> starts
>> >> executing set clauses, in the order in which they were configured. If a
>> >> successful match does not occur, the route map "falls through" and
>> evaluates
>> >> the next sequence number of the route map until all configured route
>> map
>> >> entries have been evaluated or a successful match occurs. Each route
>> map
>> >> sequence is tagged with a sequence number to identify the entry. Route
>> map
>> >> entries are evaluated in order starting with the lowest sequence number
>> and
>> >> ending with the highest sequence number. If the route map contains only
>> set
>> >> clauses, the set clauses will be executed automatically, and the route
>> map
>> >> will not evaluate any other route map entries.
>> >> Route Map Operation with Continue Clauses
>> >>
>> >> When a continue clause is configured, the route map will continue to
>> >> evaluate and execute match clauses in the specified route map entry
>> after
>> a
>> >> successful match occurs. The continue clause can be configured to go to
>> (or
>> >> jump to) a specific route map entry by specifying the sequence number,
>> or
>> if
>> >> a sequence number is not specified, the continue clause will go to the
>> next
>> >> sequence number. This behavior is called an "implied continue." If a
>> match
>> >> clause exists, the continue clause is executed only if a match occurs.
>> If
>> no
>> >> successful matches occur, the continue clause is ignored.
>> >> Match Operations with Continue Clauses
>> >>
>> >> If a match clause does not exist in the route map entry but a continue
>> >> clause does, the continue clause will be automatically executed and go
>> to
>> >> the specified route map entry. If a match clause exists in a route map
>> >> entry, the continue clause is executed only when a successful match
>> occurs.
>> >> When a successful match occurs and a continue clause exists, the route
>> map
>> >> executes the set clauses and then goes to the specified route map
>> entry.
>> If
>> >> the next route map entry contains a continue clause, the route map will
>> >> execute the continue clause if a successful match occurs. If a continue
>> >> clause does not exist in the next route map entry, the route map will
>> be
>> >> evaluated normally. If a continue clause exists in the next route map
>> entry
>> >> but a match does not occur, the route map will not continue and will
>> "fall
>> >> through" to the next sequence number if one exists.
>> >> Set Operations with Continue Clauses
>> >>
>> >> Set clauses are saved during the match clause evaluation process and
>> >> executed after the route-map evaluation is completed. The set clauses
>> are
>> >> evaluated and executed in the order in which they were configured. Set
>> >> clauses are executed only after a successful match occurs, unless the
>> route
>> >> map does not contain a match clause. The continue statement proceeds to
>> the
>> >> specified route map entry only after configured set actions are
>> performed.
>> >> If a set action occurs in the first route map and then the same set
>> action
>> >> occurs again, with a different value, in a subsequent route map entry,
>> the
>> >> last set action may override any previous set actions that were
>> configured
>> >> with the same set command unless the set command permits more than one
>> >> value. For example, the set as-path prepend command permits more than
>> one
>> >> autonomous system number to be configured.
>> >>
>> >>
>> >>
>>
>>
http://www.cisco.com/en/US/docs/ios/12_4t/ip_route/configuration/guide/t_brbe
>>
xt.html#wp1061585<http://www.cisco.com/en/US/docs/ios/12_4t/ip_route/configur
ation/guide/t_brbext.html#wp1061585<http://www.cisco.com/en/US/docs/ios/12_4t
/ip_route/configuration/guide/t_brbext.html#wp1061585>>
>> >>
>> >> On Sat, Aug 29, 2009 at 7:20 PM, S Malik
<ccie.09_at_gmail.com<mailto:ccie.09_at_gmail.com>> wrote:
>> >>
>> >>> Natraajan,
>> >>> you are correct, ACL & Prefix-list under same clause don't go
>> together.
>> >>> Please see following link quoting example and I wrongly understood
>> AND/OR
>> >>> logic from there,
>> >>>
>> >>>
>> >>>
>>
>>
http://books.google.com/books?id=-SM1Jeu07UYC&pg=RA1-PA273&lpg=RA1-PA273&dq=r
>> >>>
>> >>>
>>
>>
oute-map+logical+AND&source=bl&ots=w8TcsNnJHf&sig=jvVGIhjeOBFS6njdfBjFzn4cnyY
>> >>>
>> >>>
>>
>>
&hl=en&ei=fDGZSs_kAcuf8Qau8uSfBQ&sa=X&oi=book_result&ct=result&resnum=2#v=one
>> >>>
>> page&q=route-map%20logical%20AND&f=false<
>> http://books.google.com/books?id=-SM
>>
>>
1Jeu07UYC&pg=RA1-PA273&lpg=RA1-PA273&dq=r%0Aoute-map+logical+AND&source=bl&ot
>>
>>
s=w8TcsNnJHf&sig=jvVGIhjeOBFS6njdfBjFzn4cnyY%0A&hl=en&ei=fDGZSs_kAcuf8Qau8uSf
>>
>>
BQ&sa=X&oi=book_result&ct=result&resnum=2#v=one%0Apage&q=route-map%20logical%
>>
20AND&f=false<http://books.google.com/books?id=-SM1Jeu07UYC&pg=RA1-PA273&lpg=
RA1-PA273&dq=r%0Aoute-map+logical+AND&source=bl&ots=w8TcsNnJHf&sig=jvVGIhjeOB
FS6njdfBjFzn4cnyY%0A&hl=en&ei=fDGZSs_kAcuf8Qau8uSfBQ&sa=X&oi=book_result&ct=r
esult&resnum=2#v=one%0Apage&q=route-map%20logical%20AND&f=false>
>> >
>> >>>
>> >>>
>> >>> On Sat, Aug 29, 2009 at 9:28 AM, Anantha Subramanian Natarajan <
>> >>>
anantha.natarajan_at_gravitant.com<mailto:anantha.natarajan_at_gravitant.com>>
wrote:
>> >>>
>> >>> > Hi Scott,
>> >>> >
>> >>> > If I understand properly from you ,I tried that,it give an error
>> >>> > mentioning u can't use the prefix-list and access-list on the same
>> >>> route-map
>> >>> > sequence as below
>> >>> >
>> >>> > *"% prefix-list and access-list can not co-exist in one route-map
>> >>> > sequence"*
>> >>> >
>> >>> > Thanks
>> >>> >
>> >>> > Regards
>> >>> > Anantha Subramanian Natraajan
>> >>> >
>> >>> > On Sat, Aug 29, 2009 at 8:25 AM, Scott Morris
<smorris_at_ine.com<mailto:smorris_at_ine.com>>
>> >>> wrote:
>> >>> >
>> >>> >> If they're the same TYPE (e.g. two ACLs) then the router will redo
>> >>> things
>> >>> >> for you onto the same line, making the logic an OR. Kind of
>> obnoxious
>> >>> if
>> >>> >> you ask me. :)
>> >>> >>
>> >>> >> But if you do two DIFFERENT things (e.g. one prefix list and one
>> ACL)
>> >>> you
>> >>> >> can have the AND logic working.
>> >>> >>
>> >>> >>
>> >>> >>
>> >>> >>
>> >>> >> *Scott Morris*, CCIE*x4* (R&S/ISP-Dial/Security/Service Provider)
>> >>> #4713,
>> >>> >>
>> >>> >> JNCIE-M #153, JNCIS-ER, CISSP, et al.
>> >>> >>
>> >>> >> JNCI-M, JNCI-ER
>> >>> >>
>> >>> >> evil_at_ine.com<mailto:evil_at_ine.com>
>> >>> >>
>> >>> >>
>> >>> >> Internetwork Expert, Inc.
>> >>> >>
>> >>> >>
http://www.InternetworkExpert.com<http://www.internetworkexpert.com/><http://
www.internetworkexpert.com/>
>> <http://www.internetworkexpert.com/><
>> >>> http://www.internetworkexpert.com/>
>> >>> >>
>> >>> >> Toll Free: 877-224-8987
>> >>> >>
>> >>> >> Outside US: 775-826-4344
>> >>> >>
>> >>> >>
>> >>> >> Knowledge is power.
>> >>> >>
>> >>> >> Power corrupts.
>> >>> >>
>> >>> >> Study hard and be Eeeeviiiil......
>> >>> >>
>> >>> >>
>> >>> >>
>> >>> >>
>> >>> >> S Malik wrote:
>> >>> >>
>> >>> >> One thing is sure that same line is O, when we assign two ACL under
>> >>> one
>> >>> >> clause, it is shown in one line and treated as OR.
>> >>> >>
>> >>> >> On Sat, Aug 29, 2009 at 7:53 AM, Anantha Subramanian Natarajan
>> >>>
<anantha.natarajan_at_gravitant.com<mailto:anantha.natarajan_at_gravitant.com>>
wrote:
>> >>> >>
>> >>> >>
>> >>> >>
>> >>> >> Hi Sugar Can,
>> >>> >>
>> >>> >> Can you try inside the route-map as below
>> >>> >>
>> >>> >> Match ip address prefix-list <prefix-list1><prefix-list2>
>> >>> >>
>> >>> >> I think whenever we specify the match criteria on same line ,it is
>> an
>> >>> AND
>> >>> >> operation
>> >>> >>
>> >>> >> Regards
>> >>> >> Anantha Subramanian Natarajan
>> >>> >>
>> >>> >> On Sat, Aug 29, 2009 at 12:57 AM, Sagar Rane
<sagar.ccie_at_gmail.com<mailto:sagar.ccie_at_gmail.com>
>> >
>> >>> <sagar.ccie_at_gmail.com<mailto:sagar.ccie_at_gmail.com>> wrote:
>> >>> >>
>> >>> >>
>> >>> >>
>> >>> >> Hi All,
>> >>> >>
>> >>> >> I have requirement where, bgp should check its bgp routing table
>> for
>> >>> two
>> >>> >> routes eq (10.1.1.0/24<http://10.1.1.0/24> and
20.2.2.2/32<http://20.2.2.2/32>) and only if both routes
>> are
>> >>> >> present,
>> >>> >> it should originate a route advertisement of
192.168.10.0/24<http://192.168.10.0/24>.
>> >>> >>
>> >>> >> I have tried advertise-map and exist map, but how can we used
>> >>> exist-map
>> >>> >>
>> >>> >>
>> >>> >> to
>> >>> >>
>> >>> >>
>> >>> >> check both the routes at the same time?
>> >>> >>
>> >>> >> Anyway how we can meet this requirement please let me know.
>> >>> >>
>> >>> >> Regards,
>> >>> >> Sagar
>> >>> >>
>> >>> >>
>> >>> >> Blogs and organic groups at
http://www.ccie.net<http://www.ccie.net/>
>> >>> >>
>> >>> >>
>> >>>
>> _______________________________________________________________________
>> >>> >> Subscription information may be found
>> >>> at:http://www.groupstudy.com/list/CCIELab.html
>> >>> >>
>> >>> >> Blogs and organic groups at
http://www.ccie.net<http://www.ccie.net/>
>> >>> >>
>> >>> >>
>> >>>
>> _______________________________________________________________________
>> >>> >> Subscription information may be found
>> >>> at:http://www.groupstudy.com/list/CCIELab.html
>> >>> >>
>> >>> >> Blogs and organic groups at
http://www.ccie.net<http://www.ccie.net/>
>> >>> >>
>> >>> >>
>> >>>
>> _______________________________________________________________________
>> >>> >> Subscription information may be found at:
>> >>> http://www.groupstudy.com/list/CCIELab.html
>> >>>
>> >>>
>> >>> Blogs and organic groups at http://www.ccie.net<http://www.ccie.net/>
>> >>>
>> >>>
>> _______________________________________________________________________
>> >>> Subscription information may be found at:
>> >>> http://www.groupstudy.com/list/CCIELab.html
>> >>>
>> >>>
>> >>>
>> >>>
>> >>>
>> >>>
>> >>>
>> >>>
>> >>
>> >>
>> >> --
>> >>
>> >>
>> >> Anatole France <http://www.quotationspage.com/quote/27546.html> - "If
>> >> fifty million people say a foolish thing, it is still a foolish thing."
>> >
>> >
>> >
>> >
>> > --
>> >
>> > Sent from Cochin, KL, India
>> > Rodney Dangerfield <http://www.quotationspage.com/quote/34016.html> -
>> "I
>> > went to a fight the other night, and a hockey game broke out."
>>
>>
>> Blogs and organic groups at http://www.ccie.net<http://www.ccie.net/>
>>
>> _______________________________________________________________________
>> Subscription information may be found at:
>> http://www.groupstudy.com/list/CCIELab.html
>>
>>
>>
>>
>>
>>
>>
>>
>
>
> --
> Narbik Kocharians
> CCSI#30832, CCIE# 12410 (R&S, SP, Security)
> www.MicronicsTraining.com<http://www.micronicstraining.com/>
> Sr. Technical Instructor
>

--
Sent from Cochin, KL, India
Jeph Jacques <http://www.quotationspage.com/quote/40492.html>  - "There are
two ways to pass a hurdle: leaping over or plowing through... There needs to
be a ...
Blogs and organic groups at http://www.ccie.net<http://www.ccie.net/>