Re: bgp

Building on what has already been suggested, I believe you could accomplish
this using the exist-map combined with the logic suggested by Uchil.
Basically, create a conditional static route to a fake network that is tied
to a tracker that tracks the firewall interface.

ip route 100.100.100.100 255.255.255.255 null0 track 1 <---
100.100.100.100/32 is your fake route. Only install this static route IF
tracker 1 is up which would be configured to track if 1.1.1.2 is up

next, use the exist-map feature of BGP to essentially say "only advertise
1.1.1.0/24 IF I have 100.100.100.100/32 in my BGP table".
100.100.100.100/32 will of course only be in your BGP table if the tracker
is up. Of course in BGP you would have to have network statements for the
fake route too and probably would want to filter the update so you don't
advertise the fake network : )

I have not tested this, but I think it should work.

On Thu, Nov 26, 2009 at 6:10 AM, Shaughn Smith <shaughn.s_at_cvnnet.co.za>wrote:

> How will that help ? You aren't creating the EBGP session from the
> firewall to the ISP. The firewall cant run BGP (if it's PIX or ASA)
>
> Why don't you create an OSPF relationship between the firewall and
> router. Then create a "dummy" network address/host on the firewall and
> advertise that into OSPF.
>
> Then redistribute that into BGP on the router. Create your
> advertise-map/no-exist map etc, so when the firewall goes down and that
> network/host disappears then so does your advertisement of 1.1.1.0/24
>
> -----Original Message-----
> From: nobody_at_groupstudy.com [mailto:nobody_at_groupstudy.com] On Behalf Of
> MDevarajan_at_inautix.co.in
> Sent: Thursday, November 26, 2009 11:55 AM
> To: jack daniels
> Cc: Cisco certification; nobody_at_groupstudy.com
> Subject: Re: bgp
>
> I have one idea , Create a another EBGP between Switch and ISP and
> advertise (1..1.1.24 ) , When firewall is down EBGP will go down and
> netwrol will withdrawn.
>
> Please correct me if I wrong..
>
> Mohan
>
>
>
>
>
>
> jack daniels <jckdaniels12_at_gmail.com>
> Sent by: nobody_at_groupstudy.com
> 11/26/2009 02:36 AM
> Please respond to
> jack daniels <jckdaniels12_at_gmail.com>
>
>
> To
> Cisco certification <ccielab_at_groupstudy.com>
> cc
>
> Subject
> bgp
>
>
>
>
>
>
> Hi All,
>
> I have a customer scenario where
>
>
> ISP 2.2.2.1----2.2.2.2 router1.1.1.1/24 -------Switch -----------
> 1.1.1.2/24FW------LAN
>
>
> ISP and router are running BGP. Now I want to advertise the 1.1.1.0/24
> when
> FW is up if FW is down I dont want to advertise this subnet. I have
> redundancy so will use redundant media and firewall . my querriery is
> how
> not to advertise in BGP 1.1.1.0/24when my FW is down.
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
>
>
>
>
>
>
>

-- 
Regards,
Joe Astorino CCIE #24347 (R&S)
Sr. Technical Instructor - IPexpert
Mailto: jastorino_at_ipexpert.com
Telephone: +1.810.326.1444
Live Assistance, Please visit: www.ipexpert.com/chat
eFax: +1.810.454.0130
IPexpert is a premier provider of Classroom and Self-Study Cisco CCNA (R&S,
Voice & Security), CCNP, CCVP, CCSP and CCIE (R&S, Voice, Security & Service
Provider) Certification Training with locations throughout the United
States, Europe and Australia. Be sure to check out our online communities at
www.ipexpert.com/communities and our public website at www.ipexpert.com
Blogs and organic groups at http://www.ccie.net