Re: bgp

HI :) Thanks a lot guys :) it was a great help .... I did it sucess with
your help

On Thu, Nov 26, 2009 at 4:57 PM, Joe Astorino <jastorino_at_ipexpert.com>wrote:

> Building on what has already been suggested, I believe you could
> accomplish this using the exist-map combined with the logic suggested by
> Uchil. Basically, create a conditional static route to a fake network that
> is tied to a tracker that tracks the firewall interface.
>
> ip route 100.100.100.100 255.255.255.255 null0 track 1 <---
> 100.100.100.100/32 is your fake route. Only install this static route IF
> tracker 1 is up which would be configured to track if 1.1.1.2 is up
>
> next, use the exist-map feature of BGP to essentially say "only advertise
> 1.1.1.0/24 IF I have 100.100.100.100/32 in my BGP table".
> 100.100.100.100/32 will of course only be in your BGP table if the tracker
> is up. Of course in BGP you would have to have network statements for the
> fake route too and probably would want to filter the update so you don't
> advertise the fake network : )
>
> I have not tested this, but I think it should work.
>
>
> On Thu, Nov 26, 2009 at 6:10 AM, Shaughn Smith <shaughn.s_at_cvnnet.co.za>wrote:
>
>> How will that help ? You aren't creating the EBGP session from the
>> firewall to the ISP. The firewall cant run BGP (if it's PIX or ASA)
>>
>> Why don't you create an OSPF relationship between the firewall and
>> router. Then create a "dummy" network address/host on the firewall and
>> advertise that into OSPF.
>>
>> Then redistribute that into BGP on the router. Create your
>> advertise-map/no-exist map etc, so when the firewall goes down and that
>> network/host disappears then so does your advertisement of 1.1.1.0/24
>>
>> -----Original Message-----
>> From: nobody_at_groupstudy.com [mailto:nobody_at_groupstudy.com] On Behalf Of
>> MDevarajan_at_inautix.co.in
>> Sent: Thursday, November 26, 2009 11:55 AM
>> To: jack daniels
>> Cc: Cisco certification; nobody_at_groupstudy.com
>> Subject: Re: bgp
>>
>> I have one idea , Create a another EBGP between Switch and ISP and
>> advertise (1..1.1.24 ) , When firewall is down EBGP will go down and
>> netwrol will withdrawn.
>>
>> Please correct me if I wrong..
>>
>> Mohan
>>
>>
>>
>>
>>
>>
>> jack daniels <jckdaniels12_at_gmail.com>
>> Sent by: nobody_at_groupstudy.com
>> 11/26/2009 02:36 AM
>> Please respond to
>> jack daniels <jckdaniels12_at_gmail.com>
>>
>>
>> To
>> Cisco certification <ccielab_at_groupstudy.com>
>> cc
>>
>> Subject
>> bgp
>>
>>
>>
>>
>>
>>
>> Hi All,
>>
>> I have a customer scenario where
>>
>>
>> ISP 2.2.2.1----2.2.2.2 router1.1.1.1/24 -------Switch -----------
>> 1.1.1.2/24FW------LAN
>>
>>
>> ISP and router are running BGP. Now I want to advertise the 1.1.1.0/24
>> when
>> FW is up if FW is down I dont want to advertise this subnet. I have
>> redundancy so will use redundant media and firewall . my querriery is
>> how
>> not to advertise in BGP 1.1.1.0/24when my FW is down.
>>
>>
>> Blogs and organic groups at http://www.ccie.net
>>
>> _______________________________________________________________________
>> Subscription information may be found at:
>> http://www.groupstudy.com/list/CCIELab.html
>>
>>
>> Blogs and organic groups at http://www.ccie.net
>>
>> _______________________________________________________________________
>> Subscription information may be found at:
>> http://www.groupstudy.com/list/CCIELab.html
>>
>>
>> Blogs and organic groups at http://www.ccie.net
>>
>> _______________________________________________________________________
>> Subscription information may be found at:
>> http://www.groupstudy.com/list/CCIELab.html
>>
>>
>>
>>
>>
>>
>>
>>
>
>
> --
> Regards,
>
> Joe Astorino CCIE #24347 (R&S)
> Sr. Technical Instructor - IPexpert
> Mailto: jastorino_at_ipexpert.com
> Telephone: +1.810.326.1444
> Live Assistance, Please visit: www.ipexpert.com/chat
> eFax: +1.810.454.0130
>
> IPexpert is a premier provider of Classroom and Self-Study Cisco CCNA (R&S,
> Voice & Security), CCNP, CCVP, CCSP and CCIE (R&S, Voice, Security & Service
> Provider) Certification Training with locations throughout the United
> States, Europe and Australia. Be sure to check out our online communities at
> www.ipexpert.com/communities and our public website at www.ipexpert.com

Blogs and organic groups at http://www.ccie.net
Received on Thu Nov 26 2009 - 19:54:27 ART