Previous | Table of Contents | Next |
Default, Primary, and Backup Plus Partial Routing
This example shows how traffic can be manipulated in a situation where the AS is accepting partial routing from a single provider and running defaults toward the provider. Partial routes are usually the provider's local routes and its customers' routes. Figure 11-4 shows AS3 running IBGP internally and running EBGP at two different locations with its provider AS1. The following policies should apply:
Figure 11-4 Default, primary, and backup plus partial routing.
The following partial configurations are needed for the BGP configuration in RTA and RTF:
RTA configuration:
router bgp 3 no synchronization network 172.16.1.0 mask 255.255.255.0 network 172.16.10.0 mask 255.255.255.0 network 172.16.65.0 mask 255.255.255.192 network 172.16.220.0 mask 255.255.255.0 neighbor 172.16.1.2 remote-as 3 neighbor 172.16.1.2 update-source Loopback0 neighbor 172.16.1.2 next-hop-self neighbor 172.16.20.1 remote-as 1 neighbor 172.16.20.1 route-map SET_OUTBOUND_TRAFFIC in neighbor 172.16.20.1 route-map SET_INBOUND_TRAFFIC out neighbor 172.16.20.1 filter-list 10 out no auto-summary ip route 0.0.0.0 0.0.0.0 193.78.0.0 ip as-path access-list 10 permit ^$ ip as-path access-list 4 permit ^1 6$ ip as-path access-list 4 permit ^1$ access-list 2 permit 172.16.220.0 0.0.0.255 access-list 101 permit ip 193.78.0.0 0.0.255. 255 255.255.0.0 0.0.0.0 route-map SET_OUTBOUND_TRAFFIC permit 10 match ip address 101 set local-preference 200 route-map SET_OUTBOUND_TRAFFIC permit 20 match as-path 4 set local-preference 300 route-map SET_INBOUND_TRAFFIC permit 10 match ip address 2 set metric 200 route-map SET_INBOUND_TRAFFIC permit 20 set metric 300
RTF configuration:
router bgp 3 no synchronization network 172.16.1.0 mask 255.255.255.0 network 172.16.10.0 mask 255.255.255.0 network 172.16.65.0 mask 255.255.255.192 network 172.16.220.0 mask 255.255.255.0 neighbor 172.16.2.254 remote-as 3 neighbor 172.16.2.254 next-hop-self neighbor 192.68.5.2 remote-as 1 neighbor 192.68.5.2 route-map SET_OUTBOUND_TRAFFIC in neighbor 192.68.5.2 route-map SET_INBOUND_TRAFFIC out neighbor 192.68.5.2 filter-list 10 out no auto-summary ip route 0.0.0.0 0.0.0.0 193.78.0.0 ip as-path access-list 10 permit ^$ ip as-path access-list 4 permit ^1 6$ ip as-path access-list 4 permit ^1$ access-list 101 permit ip 193.78.0.0 0.0.255.255 255.255.0.0 0.0.0.0 route-map SET_OUTBOUND_TRAFFIC permit 10 match ip address 101 set local-preference 250 route-map SET_OUTBOUND_TRAFFIC permit 20 match as-path 4 set local-preference 250 route-map SET_INBOUND_TRAFFIC permit 10 set metric 250
The preceding configuration of RTA shows the following:
Notes:
Instead of listing all the customers of AS1 one by one as we did in as-path access-list 4, a regular expression of the form ^1 ?[0-9]*$ could have been used to identify all the AS_paths that start with 1 and of length 2that is, AS1 and its direct customers. The form of the access list would have been: ip as-path access-list 4 permit ^1 ?[0-9]*$ (to enter the "?" press CTRL-V first). Careful: In the case where AS1 is directly connected to another major provider with a direct link (rather than via a NAP), the preceding regular expression would also give you the local routes of that second provider.
RTA's BGP table would have the following entries:
RTA#sh ip bgp BGP table version is 19, local router ID is 172.16.2.254 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path * i172.16.1.0/24 172.16.1.2 0 100 0 i *> 0.0.0.0 0 32768 i * i172.16.10.0/24 172.16.1.2 0 100 0 i *> 172.16.1.2 20 32768 i * i172.16.65.0/26 172.16.1.2 0 100 0 i *> 172.16.1.2 20 32768 i * i172.16.220.0/24 172.16.1.2 20 100 0 i *> 0.0.0.0 0 32768 i *> 192.68.10.0 172.16.20.1 300 0 1 i *> 192.68.11.0 172.16.20.1 0 300 0 1 i *> 192.68.40.0 172.16.20.1 300 0 1 6 i *>i193.78.0.0/16172.16.1.2 250 0 1 7 8 i * 172.16.20.1 200 0 1 7 8 i
Previous | Table of Contents | Next |