Hi Randy , I couldn't understand what you mean with a local-route ? Could you explain little more ?
Burak On Sun, Mar 22, 2009 at 1:09 AM, <[email protected]> wrote: > > Hi Burak, > Ask ISP-A to announce the infrastructure /24 to router# as a local-route > via a network statement 192.168.x.0 mask 255.255.255.0. They may not want to > do the same via redistribute-connected(if rtr-ISP-1 is also used for > peerring with other customers) > > ./Randy > > > > *Burak Dikici <[email protected]>* > Sent by: [email protected] > > 03/21/2009 03:34 PM > To > [email protected] cc > [email protected], [email protected], > [email protected] > Subject > Re: [c-nsp] BGP conditional advertisemet - NON-EXIST route > map'saccess-list problem > > > > > > Hi Randy , > > I have missied the point. I am going to talk this subject with the ISP-1. > Kind Regards. > > Burak Dikici > > > > > On Sat, Mar 21, 2009 at 8:12 PM, <[email protected]> wrote: > > > > > Hi Burak, > > > > I had replied with the *fix* some days ago - > > You can still use the ISP-1 infrastructrure /24. You have to have the > ISP-1 > > router announce the /24 to router# > > As you probably realise, this announcement is not required for the > peering > > session *itself* to be up. > > > > The annoucement by ISP-1 router of this /24 will cause it to appear in > > router#'s bgp table which you can then use as the tracked prefix. > > > > Router#'s routing table will always install only the *connected*(d-0) > > version of this /24 which is what you want! The eBGP version(d-20) will > > exist only in the bgp table as a valid prefix you can track. > > > > Hope this helps. > > ./Randy > > > > > > > > *Burak Dikici <[email protected]>* > > Sent by: [email protected] > > > > 03/21/2009 08:19 AM > > To > > [email protected], [email protected] cc > > [email protected], [email protected] > > Subject > > Re: [c-nsp] BGP conditional advertisemet - NON-EXIST route > > map'saccess-list problem > > > > > > > > > > > > Hello , > > > > The main problem is which prefix should i track ? I can't use the > > infrastructe subnet between my router and ISP-1 router , because it is > > directly connected and it is in the routing table , not in the bgp table. > > I was thinking on that , then i have decided to use reliable root DNS > > servers subnets to track with acl or prefix-list , for example ; > > > > access-list 20 permit 198.41.0.0 0.0.0.255 /* a.root-servers.net */ > > access-list 20 permit 192.228.79.0 0.0.0.255 /* b.root-servers.net */ > > access-list 20 permit 192.33.4.0 0.0.0.255 /* c.root-servers.net */ > > access-list 20 permit 128.8.0.0 0.0.255.255 /* d.root-servers.net */ > > > > what do you think about this idea ? > > > > Burak Dikici > > > > > > > > > > On Thu, Mar 19, 2009 at 2:48 PM, Burak Dikici <[email protected]> wrote: > > > > > Sorry about my late reply. I am very busy these days with another > > project. > > > I am going to test your recommendations in a few days , and going to > > reply > > > back to you. Thank you all. Kind Regards... > > > > > > Burak Dikici > > > > > > > > > > > > On Wed, Mar 18, 2009 at 12:04 AM, <[email protected]> wrote: > > > > > >> > > >> The prefix-list within the Non-Exist clause also has to *exactly* > match > > >> the prefix in the bgp table.. > > >> Regards, > > >> ./Randy > > >> > > >> > > >> > > >> > > >> *"Ivan Pepelnjak" <[email protected]>* > > >> Sent by: [email protected] > > >> > > >> 03/17/2009 02:20 PM > > >> To > > >> "'Dale Shaw'" > > >> <[email protected]<dale.shaw%[email protected]> > <dale.shaw%[email protected] <dale.shaw%[email protected]>> > > <dale.shaw%[email protected] <dale.shaw%[email protected]> < > dale.shaw%[email protected] <dale.shaw%[email protected]>>>>, > > > > > > >> "'Burak Dikici'" <[email protected]> cc > > >> [email protected] Subject > > >> Re: [c-nsp] BGP conditional advertisemet - NON-EXIST route > > >> map'saccess-list problem > > >> > > >> > > >> > > >> > > >> > > >> Did some tests on the NON-EXIST-MAP with 12.2SRC. I was spreading > wrong > > >> rumors, time to fix them: > > >> > > >> * The route-map checks the routes in the BGP table (_not_ in the IP > > >> routing > > >> table). Dale was right. > > >> * It can take a while for the routes to be advertised/withdrawn; the > > >> non-exist-map is checked only at the BGP scan intervals (60 seconds by > > >> default, can be adjusted). > > >> * You can use a combination of an access-list and AS-path access-list > in > > >> the > > >> route-map. > > >> > > >> The handling of standard access-lists used in the "match ip address" > > >> route-map condition is a bit weird, though: > > >> > > >> * "permit any" does _NOT_ work. > > >> * "permit prefix 0.0.0.0" (which gets translated into "permit prefix" > in > > >> standard ACL) does _NOT_ work. > > >> * fancy wildcard tests (for example "permit 0.0.0.0 127.255.255.255) > do > > >> _NOT_ work > > >> > > >> It looks like: > > >> > > >> * the IP prefix in the BGP table must match the address in the ACL > > exactly > > >> (wildcard bits are ignored). > > >> * ... but you still need the wildcard bits (inverted netmask) for the > > >> match > > >> to work. > > >> > > >> For example: if you want to match 10.8.8.0/24, you have to use > "permit > > >> 10.8.8.0 0.0.0.255". "permit 10.8.8.0" or "permit 10.8.0.0 > 0.0.255.255" > > do > > >> _NOT_ work. > > >> > > >> Left to do: tests with the ip prefix-list instead of IP access list > (and > > >> no, > > >> I will NOT test extended ACL :). > > >> > > >> Hope this helps > > >> Ivan > > >> > > >> > -----Original Message----- > > >> > From: Dale Shaw > > [mailto:[email protected]<dale.shaw%[email protected]> > <dale.shaw%[email protected] <dale.shaw%[email protected]>> > > <dale.shaw%[email protected] <dale.shaw%[email protected]> < > dale.shaw%[email protected] <dale.shaw%[email protected]>>>] > > >> > > >> > Sent: Sunday, March 15, 2009 11:33 PM > > >> > To: Burak Dikici > > >> > Cc: [email protected] > > >> > Subject: Re: [c-nsp] BGP conditional advertisemet - NON-EXIST > > >> > route map'saccess-list problem > > >> > > > >> > Hi Burak, > > >> > > > >> > On Mon, Mar 16, 2009 at 12:06 AM, Burak Dikici > > >> > <[email protected]> wrote: > > >> > > i am trying to use > > >> > > BGP conditional advertisemet configuration. I have got a > > >> > problem with > > >> > > NON-EXIST route map's access-list. In the NON-EXIST router map i > am > > >> > > using the commands which is written below ; > > >> > > > >> > Here are some notes I made recently when playing with BGP > > >> > conditional advertising. I hope it helps. > > >> > > > >> > 1.) prefixes matched in advertise-map and exist/non-exist map > > >> > must exist (or not) in the *BGP* table > > >> > however: they do not need to be locally originated (e.g. R1 > > >> > can match routes received from R2 and advertise (or not) to R3 > > >> > and: the validity of the prefix in the BGP table (i.e. > > >> > RIB-failure) doesn't matter. if there's there, and using > > >> > exist-map, the condition is met. > > >> > > > >> > 2.) when using 'exist' map, prefixes matched by advertise-map > > >> > are advertised when exist-map condition is met > > >> > example: advertise 1.0.0.0/8 (advertise-map) from BGP table when > > >> > 3.20.20.0/24 (exist-map) exists in BGP table > > >> > > > >> > 3.) when exist 'non-exist' map, prefixes matched by > > >> > advertise-map are advertised when non-exist-map condition is met > > >> > example: advertise 1.0.0.0/8 (advertise-map) from BGP table when > > >> > 3.20.20.0/24 (non-exist-map) does NOT exist in BGP table > > >> > > > >> > 4.) prefixes matched in advertise-map are the only prefixes > > >> > affected -- other prefixes that may exist are advertised (or > > >> > not) as normal > > >> > > > >> > 5.) when dealing with conditional advertisement tasks, always > > >> > consider what will happen normally (without any config) > > >> > > > >> > I'd be happy to be corrected, but I think the first point is > > >> > contrary to what Ivan said. Also consider point #4 -- BGP > > >> > conditional advertising is not strictly a route filtering > > >> > mechanism, although it can be configured to achieve similar results. > > >> > > > >> > cheers, > > >> > Dale > > >> > > > >> > > > >> > > >> _______________________________________________ > > >> cisco-nsp mailing list [email protected] > > >> https://puck.nether.net/mailman/listinfo/cisco-nsp > > >> archive at http://puck.nether.net/pipermail/cisco-nsp/ > > >> > > >> > > > > > _______________________________________________ > > cisco-nsp mailing list [email protected] > > https://puck.nether.net/mailman/listinfo/cisco-nsp > > archive at http://puck.nether.net/pipermail/cisco-nsp/ > > > > > _______________________________________________ > cisco-nsp mailing list [email protected] > https://puck.nether.net/mailman/listinfo/cisco-nsp > archive at http://puck.nether.net/pipermail/cisco-nsp/ > > _______________________________________________ cisco-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
