BGP, route-map continue and AS-PREPEND

Started by TheGreatDoc, January 10, 2016, 03:36:54 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions

TheGreatDoc

January 10, 2016, 03:36:54 AM
Hi again to everybody!

This is my second topic and is way more interesting (at least for me) than the other one.

I've already posted this on the Cisco community supports forums about a year ago, with no reply.

Im doing it in GNS3 Lab with 7200 advipservices, but the real scenario is with an ASR1002X.

Ok, lets go; I want to load-balance between 2 uplinks with the "continue" statment of a route-map.

Topology:



Configuration:

AS10 is publishing all those prefixes
Code Select
ip prefix-list Half1_Out seq 10 permit 100.154.19.0/24
ip prefix-list Half1_Out seq 15 permit 100.232.18.0/23
ip prefix-list Half1_Out seq 25 permit 100.76.154.0/24
ip prefix-list Half1_Out seq 100 deny 0.0.0.0/0 le 32
!
ip prefix-list Half2_Out seq 30 permit 100.156.86.0/24
ip prefix-list Half2_Out seq 35 permit 100.156.91.0/24
ip prefix-list Half2_Out seq 40 permit 100.29.68.0/22
ip prefix-list Half2_Out seq 55 permit 100.69.8.0/22
ip prefix-list Half2_Out seq 100 deny 0.0.0.0/0 le 32

With this route-maps:

Code Select
route-map AS30-OUT permit 10
match ip address prefix-list Half2_Out
continue 20
!
route-map AS30-OUT permit 20
match ip address prefix-list Half1_Out
set as-path prepend 10 10 10
!
route-map AS20-OUT permit 10
match ip address prefix-list Half1_Out
continue 20
!
route-map AS20-OUT permit 20
match ip address prefix-list Half2_Out
set as-path prepend 10 10 10

Configured as:

Code Select
neighbor 10.10.10.2 activate
  neighbor 10.10.10.2 next-hop-self
  neighbor 10.10.10.2 route-map AS20-OUT out
  neighbor 20.20.20.2 activate
  neighbor 20.20.20.2 next-hop-self
  neighbor 20.20.20.2 route-map AS30-OUT out

In the AS40 in the first moment I recieve the routing table as I want:

Code Select
*> 100.154.19.0/24    30.30.30.1                             0 20 10 i
*> 100.232.18.0/23  30.30.30.1                             0 20 10 i
*> 100.76.154.0/24  30.30.30.1                             0 20 10 i
*> 100.156.86.0/24  40.40.40.1                             0 30 10 i
*                   30.30.30.1                             0 20 10 10 10 10 i
*> 100.156.91.0/24   40.40.40.1                             0 30 10 i
*                   30.30.30.1                             0 20 10 10 10 10 i
*> 100.29.68.0/22   40.40.40.1                             0 30 10 i
*                   30.30.30.1                             0 20 10 10 10 10 i
*> 100.69.8.0/22    40.40.40.1                             0 30 10 i
*                   30.30.30.1                             0 20 10 10 10 10 i

After a while, the bgp table changes to that:
Code Select
*> 100.154.19.0/24    30.30.30.1                             0 20 10 i
*> 100.232.18.0/23   30.30.30.1                             0 20 10 i
*> 100.76.154.0/24   30.30.30.1                             0 20 10 i
*> 100.156.86.0/24  40.40.40.1                             0 30 10 i
*> 100.156.91.0/24  40.40.40.1                             0 30 10 i
*> 100.29.68.0/22   40.40.40.1                             0 30 10 i
*> 100.69.8.0/22    40.40.40.1                             0 30 10 i

I've readed about how the continue works, and as I have configured It never should work as intended, but why for the first seconds it works and then change?
a.k.a. Daniel.
I dont have any cert, just learned all by my self.

wintermute000

#1
January 10, 2016, 03:47:58 AM
You don't need continue or next hop self and just turn in debug ip routing and debug ip bgp updates, should see the change immediately

wintermute000

#2
January 22, 2016, 03:21:27 AM
so what was the debug?

TheGreatDoc

#3
January 25, 2016, 03:34:48 AM
Hi and Sorry for late answer!!!

I've changed prefixes to 192.168.x.0 (x from 0 to 5) with same configuration.

Attached are the txt with the debug, one who I cant really understand!
a.k.a. Daniel.
I dont have any cert, just learned all by my self.

wintermute000

#4
January 25, 2016, 03:52:33 AM Last Edit: January 25, 2016, 04:14:34 AM by wintermute000
*Jan 25 09:16:41.235: BGP(0): 30.30.30.1 rcv UPDATE about 192.168.3.0/24 -- DENIED due to: AS-PATH contains our own AS;

AS20 is sending something with AS40 in the path back to AS40.


You have to figure out why this circular behaviour is happening. Also don't forget BGP is event driven - something is sending those routes back round again, its not a flood or periodic event.


Random guess: put route maps that are permit any any on all the outbound peerings on AS20,30 and 40. Is the problem still there?
otherwise post full configs (use attachments)

TheGreatDoc

#5
January 26, 2016, 01:10:01 AM Last Edit: January 26, 2016, 01:12:00 AM by TheGreatDoc
Found the problem, as I set for lab as-prepend several times (as you can see, the prepend is 10 10 10) it was making a loop due to not filtering routes in the other routers.

By the way, why I have not to set "next-hop-self" and why I dont set the continue? I cant find the documentation right now, but I really remember reading that if in the first statement of the route-map a match happens, it will stop processing the second statement, for that the continue.

For the next-hop-self, both of my actual providers told me to set it on my bgp session.

Edit: I will try to setup this today on production and lets see what happens.
a.k.a. Daniel.
I dont have any cert, just learned all by my self.

wintermute000

#6
January 26, 2016, 02:10:01 AM
Ebgp is nhs by default.... Your route map statement one only matches half your routes.
Print
Go Up Pages1
User actions