BGP Conditional Advertisement

Published by Joe Conklin on

What is conditional advertisement and why to use it?

Normally, routes are propagated regardless of the existence of a different path. The BGP conditional advertisement feature uses the non-exist-map and the advertise-map keywords of the neighbor advertise-map command in order to track routes by the route prefix. If a route prefix is not present in output of the non-exist-map command, then the route specified by the advertise-map command is announced. This feature is useful for multihomed networks, in which some prefixes are advertised to one of the providers only if information from the other provider is not present (this indicates a failure in the peering session or partial reachability).

In the example below we will configure one router but I have staged four additional Internet routers and two computer devices for testing purposes. The configuration of R1 must prefer the primary service provider ISP1 at all times and not become a transit router on the Internet. In the event the primary ISP network becomes unreachable BGP must failover to the backup service provider, ISP2. At that time R1 must advertise the 1.1.1.0/30 address space. If the primary service provider's network is stable the 1.1.1.0/30 address space must not be advertised to the backup service provider.

Steps to conditional advertisement

Step 1: Configure all applicable router interfaces.

R1(config)#interface FastEthernet0/0
R1(config-if)#ip address 1.1.1.1 255.255.255.252
!
R1(config)#interface FastEthernet0/1
R1(config-if)#ip address 2.2.2.2 255.255.255.252
!
R1(config)#interface FastEthernet1/0
R1(config-if)#ip address 3.3.3.2 255.255.255.252

Step 2: Enable a BGP routing process with each router having a unique AS number, enable BGP routing on all applicable IP networks, and configure static neighbors.

R1(config)#router bgp 101
R1(config-router)#bgp log-neighbor-changes
R1(config-router)#network 1.1.1.0 mask 255.255.255.252
R1(config-router)#network 2.2.2.0 mask 255.255.255.252
R1(config-router)#network 3.3.3.0 mask 255.255.255.252
R1(config-router)#neighbor 2.2.2.1 remote-as 102
R1(config-router)#neighbor 3.3.3.1 remote-as 103

Step 3: Configure a higher local preference for routes from the neighbor R3 over the primary ISP.

R1(config)#route-map LOCALPREF permit 10
R1(config-route-map)#set local-preference 500
R1(config-route-map)#router bgp 101
R1(config-router)#neighbor 3.3.3.1 route-map LOCALPREF in

Step 4: Configure a distribute list so only our networks are advertised and our router does not become a transit router.

R1(config)#router bgp 101
R1(config-router)#neighbor 3.3.3.1 distribute-list 1 out
R1(config-router)#neighbor 2.2.2.1 distribute-list 1 out
!
R1(config)#access-list 1 permit 1.1.1.0 0.0.0.3

Step 5: Configure a prefix-list, community-list and route-map to only advertise the 1.1.1.0/30 address space when 4.4.4.0/30 is unreachable from a BGP perspective.

R1(config)#ip prefix-list PL-MY-NETWORK seq 5 permit 1.1.1.0/30
R1(config)#ip prefix-list PL-ISP1-NETWORK seq 5 permit 4.4.4.0/30
!
R1(config)#ip community-list 1 permit 104:103
!
R1(config)#route-map RM-AS104 permit 10
R1(config-route-map)#match community 1
R1(config-route-map)#match ip address prefix-list PL-ISP1-NETWORK
!
R1(config)#route-map RM-TO-AS102 permit 10
R1(config-route-map)#match ip address prefix-list PL-MY-NETWORK
!
R1(config)#router bgp 101
R1(config-router)#neighbor 2.2.2.1 advertise-map RM-TO-AS102 non-exist-map RM-AS104
R1(config-router)#neighbor 3.3.3.1 route-map set_community in
!
R1(config)#route-map set_community permit 10
R1(config-route-map)#set community 104:103

Verify the configuration

Now that the configuration is finished lets verify our neighbors and routes. Using the show ip bgp summary and show ip route commands you can verify the remote routers to which your router has formed and adjacency and verify the expected routes are being advertised. Use the ping command to verify connectivity. Upon reviewing the routing table on R1 we can see ISP was the preferred path for all networks more than 1 hop away.

On R3 if we review the routing table we will see 1.1.1.0/30 is advertised only out of the ISP1 network.

Lastly, let's test failover. If we simulate a link failure between R1 and R3 the 4.4.4.0/30 network will become unavailable. After a period of time BGP will remove the network from the routing table and advertise the 1.1.1.0/30 network to R2. If we bring the link between R1 and R3 back up R1 will cease advertising 1.1.1.0/30 to R2 and ISP1 will be the preferred path once again.

Categories: Cisco NetworkingCisco RoutingDynamic RoutingInternet Routing

Related Posts

Cisco Networking

BGP Load Sharing

Load balancing with BGP is not possible in a multihomed environment with two ISPs. BGP selects only the single best path to a destination among the BGP paths that are learned from different ASs, which Read more…

Cisco Firewall

Configuring Dynamic Multipoint VPN and Zone Based Firewall

DMVPN provides the capability for creating a dynamic-mesh VPN network without having to pre-configure (static) all possible tunnel end-point peers, including IPsec (Internet Protocol Security) and ISAKMP (Internet Security Association and Key Management Protocol) peers. Read more…

Cisco Networking

Configuring Layer 2 MPLS VPN

Layer 2 VPNs are a type of Virtual Private Network (VPN) that uses MPLS labels to transport data. The communication occurs between routers that are known as Provider Edge routers (PEs), as they sit on Read more…