Network Bulls
www.networkbulls.com
Best Institute for CCNA CCNP CCSP CCIP CCIE Training in India
M-44, Old Dlf, Sector-14 Gurgaon, Haryana, India
Call: +91-9654672192
So far, this chapter has focused on configuring eBGP peers and the routes learned by Enterprise
routers from eBGP peers at ISPs. These outbound routes let the Enterprise routers
forward packets toward the Internet.
At the same time, the ISPs need to learn routes for the Enterprise’s public IP address space.
This chapter assumes that the choice to use BGP has already been made, so using BGP to
advertise the Enterprise’s public IP address range makes good sense. This short final major
section of this chapter examines the options for advertising these routes. In particular, this
section looks at two options:
■ BGP network command
■ Redistribution from an IGP
Injecting Routes Using the network Command
The BGP network router subcommand differs significantly from the network command
used by IGPs. For OSPF and EIGRP, the network command lists parameters that the
router then compares to all its interface IP addresses. If matched, the router enables the
IGP routing protocol on those interfaces. BGP does not use the network command to enable
BGP on interfaces–in fact, BGP has no concept of being enabled on interfaces at all.
For a point of comparison, note that the show ip ospf interface and show ip eigrp interfaces
commands identify the enabled interfaces for OSPF and EIGRP, respectively, but no
such equivalent BGP command even exists.
The BGP network command does cause a comparison to occur, but the comparison occurs
between the network command’s parameters and the contents of that router’s IP
routing table, as follows:
Look for a route in the router’s current IP routing table that exactly matches the parameters
of the network command; if a route for that exact prefix/length exists, put
the equivalent prefix/length into the local BGP table.
www.CareerCert.info
444 CCNP ROUTE 642-902 Official Certification Guide
Note: The preceding statement, and the remaining logic in this section, assumes a BGP
default setting of no auto-summary. The effect of reversing this setting to auto-summary
is described in the upcoming section “The Effect of auto-summary on the BGP network
Command.”
For example, the Enterprise shown earlier on the left side of both Figures 13-1 and 13-5
might use a private address range and use NAT to translate to use public addresses. For
example, the Enterprise might use private Class A network 10.0.0.0 for all private address
needs and public address block 128.107.0.0/19 for public addresses. Enterprise Router E1
would then need to advertise the public prefix (128.107.0.0/19) to its ISPs, but not the private
address range. Example 13-9 shows an example.
Example 13-9 E1’s Configuration of a network Command to Advertise Prefixes with
eBGP
router bgp 11
network 128.107.0.0 mask 255.255.224.0
E1# sh ip bgp
BGP table version is 9, local router ID is 11.11.11.11
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
* 0.0.0.0 192.168.1.2 0 0 3 i
*> 1.1.1.1 0 0 1 i
*> 128.107.0.0/19 10.1.1.66 3 32768 i
*> 181.0.0.0/8 1.1.1.1 0 1 2 111 111 i
*> 182.0.0.0/8 1.1.1.1 0 1 2 222 i
*> 183.0.0.0/8 1.1.1.1 0 1 2 i
*> 184.0.0.0/8 1.1.1.1 0 1 2 i
*> 185.0.0.0/8 1.1.1.1 0 1 2 i
* 192.135.250.0/28 1.1.1.1 0 1 2 3 4 i
*> 192.168.1.2 0 3 4 i
The network 128.107.0.0 mask 255.255.224.0 command lists both the subnet number
and mask. It adds this prefix to the BGP table only if the exact prefix with that same mask
exists in Router E1’s routing table. In this case, such a route existed, so the show ip bgp
command output that follows now lists 128.107.0.0/19 in the BGP table.
In some cases, the Internet-connected router may not have a single route for the entire
public prefix. For example, with such a large range of public addresses as 128.107.0.0/19,
the Enterprise will most likely have broken that range into subnets, and the Enterprise
router may not have a route for the entire range. For example, Router E1 might see routes
for 128.107.1.0/24, 128.107.2.0/24, and so on but no route for 128.107.0.0/19.
www.CareerCert.info
Chapter 13: External BGP 445
When a router knows routes only for subsets of the prefix that needs to be advertised, an
additional step is needed when using the network command. For instance, the network
128.107.0.0 mask 255.255.224.0 command will not add this prefix to the BGP table even
if routes for subsets of this range exist, such as 128.107.1.0/24. So, either configure a static
route for the entire range, with outgoing interface null0, on the Internet facing router, or
use IGP route summarization to create a summary route for the entire prefix with IGP.
Note: The static route for 128.107.0.0/19 to null0—a discard route—is not meant to be
advertised to other routers. It’s only purpose is to enable the operation of the network
command. This discard route should not cause routing problems on the local router,
because of the more specific routes for subnets inside the same range of addresses.
Finally, the network command examples in this section use the mask parameter, but if
omitted, IOS assumes a classful network mask. For example, a network 9.0.0.0 command
assumes a Class A default mask of 255.0.0.0, and the network 128.1.0.0 command assumes
a Class B default mask of 255.255.0.0.
The Effect of auto-summary on the BGP network Command
As of Cisco IOS version 12.3 mainline, BGP defaults to a setting of no auto-summary,
and the previous section’s discussion of the network command assumed this default setting.
However, if the configuration is changed to auto-summary, then IOS makes a small
change in how it interprets the network command.
The change in logic occurs only when the network command omits its mask parameter;
there is no difference in logic if the mask parameter is explicitly configured. When the
network command refers to a Class A, B, or C network, with no mask parameter configured,
and with auto-summary configured, the router adds a route for that classful network
to the BGP table:
■ If the exact classful route is in the IP routing table
or
■ If any subset routes of that classful network are in the routing table
In summary, of the two actions in the list, the first occurs regardless of the auto-summary
setting, and the second occurs only if auto-summary is configured.
For example, with network 9.0.0.0 configured, regardless of the auto-summary setting, if
a route to 9.0.0.0/8 exists, the router adds 9.0.0.0/8 to the BGP table. However, if the
network 9.0.0.0 (without the mask parameter) and the auto-summary commands were
both configured, and if only a subset route exists (for example, 9.1.1.0/24), but no route
for exactly 9.0.0.0/8 exists, then the router still adds a route for the classful network
(9.0.0.0/8) to the BGP table. This second example demonstrates the additional logic that
occurs with the auto-summary command configured.
www.CareerCert.info
446 CCNP ROUTE 642-902 Official Certification Guide
Injecting Routes Using Redistribution
Instead of using a BGP network command to add routes to the BGP table, the Enterprise
BGP routers can instead redistribute routes from an IGP into BGP. The end goals
are the same:
■ Inject the public address range, but not the private IP address range, into the BGP table.
■ Advertise one route for the public address range, instead of any individual subnets of
the range.
The Enterprise routers that run BGP often already run the IGP as well and have learned
routes for either the entire public range as one route or with subset routes. If a single route
exists for the entire public range, for example the 128.107.0.0/19 range used in the last several
examples, then the engineer simply needs to add a redistribute command to the BGP
configuration to redistribute that route, and only that route, into BGP. If only subset
routes exist, one of several additional steps need to be taken to meet the design goal to inject
one route for the entire public address range.
Example 13-10 shows the majority of the work in a case for which Router E1 has three
subset routes in the 128.107.0.0/19 range: 128.107.1.0/24, 128.107.2.0/24, and
128.107.3.0/24. However, E1 does not have a single route for the entire 128.107.0.0/19 public
prefix. The example shows the redistribution configuration, all of which uses the same
familiar redistribution commands shown in Chapters 9 and 10. The configuration matches
prefixes in the public range and redistributes them into BGP.
Example 13-10 Redistributing OSPF into BGP, but for Public Range Only
router bgp 11
redistribute ospf 1 route-map only-128-107
!
route-map only-128-107 permit
match ip address prefix 128-107
!
ip prefix-list 128-107 permit 128.107.0.0/19 le 32
E1# show ip route 128.107.0.0 255.255.224.0 longer-prefixes
! Legend omitted for brevity
Gateway of last resort is 1.1.1.1 to network 0.0.0.0
128.107.0.0/24 is subnetted, 3 subnets
O 128.107.3.0 [110/3] via 10.1.1.66, 00:05:26, FastEthernet0/0
O 128.107.2.0 [110/3] via 10.1.1.66, 00:05:26, FastEthernet0/0
O 128.107.1.0 [110/3] via 10.1.1.66, 00:05:36, FastEthernet0/0
E1# show ip bgp 128.107.0.0/19 longer-prefixes
BGP table version is 11, local router ID is 11.11.11.11
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
www.CareerCert.info
Chapter 13: External BGP 447
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 128.107.1.0/24 10.1.1.66 3 32768 ?
*> 128.107.2.0/24 10.1.1.66 3 32768 ?
*> 128.107.3.0/24 10.1.1.66 3 32768 ?
The two show commands following the configuration list the IP routes that should match
the redistribution configuration, and the resulting BGP table entries. The show ip route
128.107.0.0 255.255.224.0 longer-prefixes command lists all three IP routes in the public
address range in this case. The show ip bgp 128.107.0.0/19 longer-prefixes command
shows the same range, listing the three BGP table entries created by the redistribute ospf
command. These BGP table entries list the same next-hop IP addresses listed in the OSPF
routes in the IP routing table, with the same metrics.
Left as is, this configuration results in Router E1 advertising all three BGP routes to the
ISPs. However, to reach the goal of advertising only a single route for the entire public prefix
128.107.0.0/19, another step must be taken, typically one of the following:
■ Use IGP route summarization to create the route for the entire prefix.
■ Configure a null static route (a discard route) for the entire prefix on the Internet-connected
router.
■ Configure BGP route summarization to make BGP advertise only the entire prefix.
The first two would cause E1 to list a route for the entire public prefix–128.107.0.0/19 in
this case–in its IP routing table. The redistribution configuration could then be changed
so that only that exact prefix would be redistributed. (For example, removing the le 32 parameter
from the ip prefix-list 128-107 permit 128.107.0.0/19 le 32 command would
make this command match only the exact route.)
The third option would be to use BGP route summarization, telling Router E1 that when
any subnet routes of 128.107.0.0/19 exists in the BGP table, advertise only 128.107.0.0/19
but none of the subset routes. Example 13-11 shows this last option.
Example 13-11 The BGP aggregate-address Command to Advertise the Entire Public IP
Address Prefix
E1# conf t
Enter configuration commands, one per line. End with CNTL/Z.
E1(config)# router bgp 11
E1(config-router)#aggregate-address 128.107.0.0 255.255.224.0 summary-only
E1(config-router)#^Z
E1# show ip bgp 128.107.0.0/19 longer-prefixes
BGP table version is 15, local router ID is 11.11.11.11
www.CareerCert.info
448 CCNP ROUTE 642-902 Official Certification Guide
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 128.107.0.0/19 0.0.0.0 32768 i
s> 128.107.1.0/24 10.1.1.66 3 32768 ?
s> 128.107.2.0/24 10.1.1.66 3 32768 ?
s> 128.107.3.0/24 10.1.1.66 3 32768 ?
Note that with the addition of the aggregate-address command, the BGP table now also
has a route for 128.107.0.0/19, which will be advertised to E1’s neighbors at the two ISPs.
Also, the summary-only keyword in the aggregate-address command tells IOS to suppress
the advertisement the subset routes, as noted by the code “s” beside the other three
routes listed at the end of the example.
No comments:
Post a Comment