Sometimes a small configuration error in BGP can create havoc in network and especially in service provider network affecting large set of customers. Hence, it becomes imperative for network administrators and implementers to understand small changes in filtering/advertisement and the changes caused in learnt routes.
In this scenario we will understand what happens when incorrect Access List name is given while using Distribute List for selectively advertising routes to BGP neighbour. In other words , an incorrect Access list is called by Distribute list which is not created on the BGP Router. Below is the scenario giving more clarity –
Router R1 and R2 connected to each other directly and forming eBGP neighborship to each other .R1 is advertising 2 Loopbacks (1.1.1.0/2 and 1.1.2.0/24) while R2 is advertising 1 Loopback (2.2.2.0/24).
(R1 Configuration)
ip address 1.1.1.1 255.255.255.0
!
interface Loopback2
ip address 1.1.2.1 255.255.255.0
!
interface FastEthernet0/0
ip address 192.168.12.1 255.255.255.0
!
router bgp 1
no synchronization
network 1.1.1.0 mask 255.255.255.0
network 1.1.2.0 mask 255.255.255.0
network 192.168.12.0
neighbor 192.168.12.2 remote-as 2
neighbor 192.168.12.2 soft-reconfiguration inbound
ip address 2.2.2.2 255.255.255.0
!
interface FastEthernet0/0
ip address 192.168.12.2 255.255.255.0
!
router bgp 2
no synchronization
network 2.2.2.0 mask 255.255.255.0
network 192.168.12.0
neighbor 192.168.12.1 remote-as 1
neighbor 192.168.12.1 soft-reconfiguration inbound
BGP table version is 7, local router ID is 1.1.2.1
Status codes: s suppressed, d damped, h history, * valid, > best, i – internal,r RIB-failure, S Stale
Origin codes: i – IGP, e – EGP, ? – incompleteNetwork Next Hop Metric LocPrf Weight Path
*> 1.1.1.0/24 0.0.0.0 0 32768 i
*> 1.1.2.0/24 0.0.0.0 0 32768 i
*> 2.2.2.0/24 192.168.12.2 0 0 2 i
*> 192.168.12.0 0.0.0.0 0 32768 i
* 192.168.12.2 0 0 2 i
BGP table version is 17, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i – internal,r RIB-failure, S Stale
Origin codes: i – IGP, e – EGP, ? – incompleteNetwork Next Hop Metric LocPrf Weight Path
*> 1.1.1.0/24 192.168.12.1 0 0 1 i
*> 1.1.2.0/24 192.168.12.1 0 0 1 i
*> 2.2.2.0/24 0.0.0.0 0 32768 i
* 192.168.12.0 192.168.12.1 0 0 1 i
*> 0.0.0.0 0 32768 i
R1(config-std-nacl)#deny 1.1.2.0 0.0.0.255
R1(config-std-nacl)#permit anyR1(config)#router bgp 1
R1(config-router)#neighbor 192.168.12.2 distribute-list NET2 out
BGP routing output is shown below when incorrect Access list is called out by distribute list –
BGP table version is 17, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i – internal,r RIB-failure, S Stale
Origin codes: i – IGP, e – EGP, ? – incompleteNetwork Next Hop Metric LocPrf Weight Path
*> 1.1.1.0/24 192.168.12.1 0 0 1 i
*> 1.1.2.0/24 192.168.12.1 0 0 1 i
*> 2.2.2.0/24 0.0.0.0 0 32768 i
* 192.168.12.0 192.168.12.1 0 0 1 i
*> 0.0.0.0 0 32768 i
Now, we will call out the correct Distribute/Access list ie NET1 on BGP Router R1 as below –
R1(config-router)#no neighbor 192.168.12.2 distribute-list NET2 out
R1(config-router)#neighbor 192.168.12.2 distribute-list NET1 out
BGP table version is 18, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i – internal,r RIB-failure, S Stale
Origin codes: i – IGP, e – EGP, ? – incompleteNetwork Next Hop Metric LocPrf Weight Path
*> 1.1.1.0/24 192.168.12.1 0 0 1 i
*> 2.2.2.0/24 0.0.0.0 0 32768 i
* 192.168.12.0 192.168.12.1 0 0 1 i
*> 0.0.0.0 0 32768 i
ABOUT THE AUTHOR
I am here to share my knowledge and experience in the field of networking with the goal being – “The more you share, the more you learn.”
I am a biotechnologist by qualification and a Network Enthusiast by interest. I developed interest in networking being in the company of a passionate Network Professional, my husband.
I am a strong believer of the fact that “learning is a constant process of discovering yourself.”
– Rashmi Bhardwaj (Author/Editor)
Great blog, thank you for sharing!