BGP : Blocking a route entry to the Aggregating Address

Posted in NETWORKING/IP ROUTING by edeguzman on October 8, 2007

Suppose that there’s a route entry that has a community attribute of no_export or should I say that there’s a route entry that you don’t want to be part of the aggregating address. There’s a lot of reason on why you might consider a route entry to be not a part of the aggregating address. One reason is a route entry can have a different attribute that you want to preserve, like in an instant a route entry can have a community attribute of no_export in which this attribute is essential because it tells the router that a route entry having no_export should not be advertise in different AS. That’s why its not a good idea having that route entry to be part of the aggregating address.

Below is the sample configuration during my laboratory. I also observed the packet in the wire.

router bgp 200

aggregate-address 192.168.192.0 255.255.248.0 as-set summary-only advertise-map AllowRoute

neighbor 192.168.1.10 remote-as 500

neighbor 192.168.1.230 remote-as 400

neighbor 192.168.1.250 remote-as 300

neighbor 192.168.1.254 remote-as 100

!

ip classless

no ip http server

!

access-list 1 deny 192.168.197.0

access-list 1 permit any

route-map AllowRoute permit 10

match ip address 1

!

Observe that in my configuration there is an access-list in which it denies the route entry of 192.168.197.0 and permit any route entry other than 192.168.197.0. Basically this is the route entry 192.168.197.0 is the one that I don’t want to be part of the aggregating address.

There is also a route-map in my configuration, because this route-map is being called in the BGP process, if you see the advertise-map AllowRoute that is the calling function for the route-map. Basically in the route-map it just matches the access-list for all the routes that is being advertised for the neighboring peer. Now if there’s a route entry for 192.168.197.0 this will be blocked in access-list and not be advertised. This is just a simple way of doing it. There is a lot of ways of doing it especially to a large scale network.

Advertisements

Aggregating Routes on BGP

Posted in NETWORKING/IP ROUTING by edeguzman on October 3, 2007

This configuration shows the different ways of advertsing an aggregate routes to a peer. This configuration is placed in a border gateway of a AS. Below is the basic configuration on the applying of the aggregate route.

router eigrp 100
!
network 192.168.199.0
!
router bgp 100
network 192.168.192.0 mask 255.255.248.0
neighbor 192.168.1.253 remote-as 200
!
ip route 192.168.192.0 255.255.248.0 Null0

The network 192.168.192.0 mask 255.255.248.0 simply advertise the aggregate route to its peer. There is also a static entry in the configuration which its pointing to a Null0, this will static entry simply serve as black hole for the border gateway. Whenever a route matches the aggregate address 192.168.192.0 (take note that this 192.168.192.0 is the more-specific route in the border gateway’s routing table, so this will be the basis for summarization or aggregation of every route passing to the border gateway) it will be forwarded to the border gateway and the border gateway will check to its routing table the more-specific address that will match the route. If there is a match it will forward the packet to the destination but if there’s no match for the route then the route will be match to the static entry and this will go to the Null0 to be drop.

Below is another way of doing the aggregation.

router eigrp 100
passive-interface Serial0/0
network 192.168.199.0
no auto-summary
!
router bgp 100
bgp log-neighbor-changes
aggregate-address 192.168.192.0 255.255.248.0 summary-only
redistribute eigrp 100
neighbor 192.168.1.253 remote-as 200
!

aggregate-address 192.168.192.0 255.255.248.0 summary-only this command will advertise a aggregate address to its peer. The summary-only command makes the other routes suppressed, only the aggregate address is being advertised to its peer.