Re: [c-nsp] BGP Community Problem (I think)
Hi, Are you using soft-reconfigure on the routers? That will cause this kind of behavior. // Olof On Wed, Nov 18, 2009 at 8:05 AM, Ben Steele illcrit...@gmail.com wrote: As Hobbs mentioned do a sh ip bgp neighbor your bgp peer and look for the prefix activity part which will tell you about prefixes that didn't get sent to that peer for various reasons. Have you looked at the communities attached to the prefixes you have learnt from your other peer that you aren't advertising?, do they have either no-advertise/no-export/local-as etc. on them? is the peer your receiving the feed from iBGP or eBGP? and is the peer your sending them to iBGP or eBGP? On Wed, Nov 18, 2009 at 5:40 PM, Skeeve Stevens ske...@eintellego.netwrote: But, the router isn't even sending them to the next router... between tagging them and re-sending them, they just aren't there so I would assume the neighbour they are being sent to is nothing to do with it? ...Skeeve -- Skeeve Stevens, CEO/Technical Director eintellego Pty Ltd - The Networking Specialists ske...@eintellego.net / www.eintellego.net Phone: 1300 753 383, Fax: (+612) 8572 9954 Cell +61 (0)414 753 383 / skype://skeeve www.linkedin.com/in/skeeve ; facebook.com/eintellego -- NOC, NOC, who's there? Not sure off-hand, but you can do show ip bgp neighbor and far down in the output you will see a section showing stats about why prefixes were dropped (route-map, dist-list, etc). What does it say? ___ cisco-nsp mailing list cisco-...@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-...@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-...@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] BGP Community Problem (I think)
On Tue, Nov 17, 2009 at 11:40 PM, Skeeve Stevens ske...@eintellego.netwrote: But, the router isn't even sending them to the next router... between tagging them and re-sending them, they just aren't there so I would assume the neighbour they are being sent to is nothing to do with it? Between tagging them and re-sending them is exactly where this command can be useful :) ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] BGP Community Problem (I think)
Hey all, I am confused as to why a BGP feed I take and take with a community and redistribute are some 50k routes different. Details follow: Platform is: SYD-A-BDR-A#sh ver Cisco IOS Software, 7200 Software (C7200-ADVIPSERVICESK9-M), Version 12.4(15)T1, RELEASE SOFTWARE (fc2) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2007 by Cisco Systems, Inc. Compiled Wed 18-Jul-07 13:29 by prod_rel_team ROM: System Bootstrap, Version 12.3(4r)T3, RELEASE SOFTWARE (fc1) BOOTLDR: Cisco IOS Software, 7200 Software (C7200-BOOT-M), Version 12.4(15)T1, RELEASE SOFTWARE (fc2) SYD-A-BDR-A uptime is 1 year, 43 weeks, 4 days, 20 hours, 26 minutes System returned to ROM by Reload Command at 08:32:21 UTC Mon Jan 8 2001 System restarted at 16:49:17 AEST Thu Jan 17 2008 System image file is disk2:c7200-advipservicesk9-mz.124-15.T1.bin - Inbound full route feed 114.x.x.65 4 4xxx 26710538 2546241 13026870900 9w1d 302167 114.x.x.66 4 4xxx 25400126 1834326 13026870910 2w5d 302163 - Tagged with community route-map PRI-IN permit 10 match as-path 50 set weight 80 set community 17xxx:2000 additive ! route-map PRI-IN permit 12 match as-path 52 set weight 90 set community 17xxx:2002 additive ! route-map PRI-IN permit 20 match as-path 2 set weight 80 set community 17xxx:2001 additive - Relevant config ip as-path access-list 2 permit .* ip as-path access-list 50 permit ^4xxx$ ip as-path access-list 52 permit ^4xxx_7xx_1xxx ! ip community-list 200 permit 17xxx:2000 ip community-list 201 permit 17xxx:2001 ip community-list 202 permit 17xxx:2002 - Now, this all seems to work. SYD-A-BDR-A#show ip bgp neighbors 114.x.x.66 received-routes | i Total Total number of prefixes 302163 SYD-A-BDR-A#show ip bgp community-list 201 | redirect tftp://x.x.x.x/dump/20091118.txt [r...@dump]# more 20091118.txt | grep 193.66 | wc -l 301542 [r...@dump]# more 20091118.txt | grep 193.65 | wc -l 301543 Now... there is a small difference which can be attributed to a variety of things... nothing I'm worried about since it is so close (500 routes). Next: route-map BNEA-OUT permit 10 match ip address prefix-list US-SEND-BNE-BLOCKS ! (Just local routes) ! route-map BNEA-OUT permit 20 match community 201 ! route-map BNEA-OUT permit 30 description Community 17xxx:250 mapped to CL 125 ! (Redistributing peering routes) match community 125 ! So.. we're tagging 301k routes inbound and examining the community list seems to be showing that is working fine, and then we are, using Community List 201 - sending that 301k + Local + Peering (7900 routes) to another PoP. But... SYD-A-BDR-A#show ip bgp neighbors 203.x.x.6 advertised-routes | i Total Total number of prefixes 250915 So this is missing about 51k routes + Peering routes of about 8k... but the peering routes seem to be there, so that makes it about 60k transit routes that are missing that are not being sent 'in router' onto the next neighbour. I hope I've included most significant information... if this doesn't make sense, let me know and I will explain in more detail? ...Skeeve -- Skeeve Stevens, CEO/Technical Director eintellego Pty Ltd - The Networking Specialists ske...@eintellego.net / www.eintellego.net Phone: 1300 753 383, Fax: (+612) 8572 9954 Cell +61 (0)414 753 383 / skype://skeeve www.linkedin.com/in/skeeve ; facebook.com/eintellego -- NOC, NOC, who's there? Disclaimer: Limits of Liability and Disclaimer: This message is for the named person's use only. It may contain sensitive and private proprietary or legally privileged information. You must not, directly or indirectly, use, disclose, distribute, print, or copy any part of this message if you are not the intended recipient. eintellego Pty Ltd and each legal entity in the Tefilah Pty Ltd group of companies reserve the right to monitor all e-mail communications through its networks. Any views expressed in this message are those of the individual sender, except where the message states otherwise and the sender is authorised to state them to be the views of any such entity. Any reference to costs, fee quotations, contractual transactions and variations to contract terms is subject to separate confirmation in writing signed by an authorised representative of eintellego. Whilst all efforts are made to safeguard inbound and outbound e-mails, we cannot guarantee that attachments are! virus-free or compatible with your systems and do not accept any liability in respect of viruses or computer problems experienced. ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] BGP Community Problem (I think)
On Tue, Nov 17, 2009 at 9:05 PM, Skeeve Stevens ske...@eintellego.netwrote: Hey all, I am confused as to why a BGP feed I take and take with a community and redistribute are some 50k routes different. Details follow: Platform is: SYD-A-BDR-A#sh ver Cisco IOS Software, 7200 Software (C7200-ADVIPSERVICESK9-M), Version 12.4(15)T1, RELEASE SOFTWARE (fc2) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2007 by Cisco Systems, Inc. Compiled Wed 18-Jul-07 13:29 by prod_rel_team ROM: System Bootstrap, Version 12.3(4r)T3, RELEASE SOFTWARE (fc1) BOOTLDR: Cisco IOS Software, 7200 Software (C7200-BOOT-M), Version 12.4(15)T1, RELEASE SOFTWARE (fc2) SYD-A-BDR-A uptime is 1 year, 43 weeks, 4 days, 20 hours, 26 minutes System returned to ROM by Reload Command at 08:32:21 UTC Mon Jan 8 2001 System restarted at 16:49:17 AEST Thu Jan 17 2008 System image file is disk2:c7200-advipservicesk9-mz.124-15.T1.bin - Inbound full route feed 114.x.x.65 4 4xxx 26710538 2546241 13026870900 9w1d 302167 114.x.x.66 4 4xxx 25400126 1834326 13026870910 2w5d 302163 - Tagged with community route-map PRI-IN permit 10 match as-path 50 set weight 80 set community 17xxx:2000 additive ! route-map PRI-IN permit 12 match as-path 52 set weight 90 set community 17xxx:2002 additive ! route-map PRI-IN permit 20 match as-path 2 set weight 80 set community 17xxx:2001 additive - Relevant config ip as-path access-list 2 permit .* ip as-path access-list 50 permit ^4xxx$ ip as-path access-list 52 permit ^4xxx_7xx_1xxx ! ip community-list 200 permit 17xxx:2000 ip community-list 201 permit 17xxx:2001 ip community-list 202 permit 17xxx:2002 - Now, this all seems to work. SYD-A-BDR-A#show ip bgp neighbors 114.x.x.66 received-routes | i Total Total number of prefixes 302163 SYD-A-BDR-A#show ip bgp community-list 201 | redirect tftp://x.x.x.x/dump/20091118.txt [r...@dump]# more 20091118.txt | grep 193.66 | wc -l 301542 [r...@dump]# more 20091118.txt | grep 193.65 | wc -l 301543 Now... there is a small difference which can be attributed to a variety of things... nothing I'm worried about since it is so close (500 routes). Next: route-map BNEA-OUT permit 10 match ip address prefix-list US-SEND-BNE-BLOCKS ! (Just local routes) ! route-map BNEA-OUT permit 20 match community 201 ! route-map BNEA-OUT permit 30 description Community 17xxx:250 mapped to CL 125 ! (Redistributing peering routes) match community 125 ! So.. we're tagging 301k routes inbound and examining the community list seems to be showing that is working fine, and then we are, using Community List 201 - sending that 301k + Local + Peering (7900 routes) to another PoP. But... SYD-A-BDR-A#show ip bgp neighbors 203.x.x.6 advertised-routes | i Total Total number of prefixes 250915 So this is missing about 51k routes + Peering routes of about 8k... but the peering routes seem to be there, so that makes it about 60k transit routes that are missing that are not being sent 'in router' onto the next neighbour. I hope I've included most significant information... if this doesn't make sense, let me know and I will explain in more detail? ...Skeeve -- Skeeve Stevens, CEO/Technical Director eintellego Pty Ltd - The Networking Specialists ske...@eintellego.net / www.eintellego.net Phone: 1300 753 383, Fax: (+612) 8572 9954 Cell +61 (0)414 753 383 / skype://skeeve www.linkedin.com/in/skeeve ; facebook.com/eintellego -- NOC, NOC, who's there? Disclaimer: Limits of Liability and Disclaimer: This message is for the named person's use only. It may contain sensitive and private proprietary or legally privileged information. You must not, directly or indirectly, use, disclose, distribute, print, or copy any part of this message if you are not the intended recipient. eintellego Pty Ltd and each legal entity in the Tefilah Pty Ltd group of companies reserve the right to monitor all e-mail communications through its networks. Any views expressed in this message are those of the individual sender, except where the message states otherwise and the sender is authorised to state them to be the views of any such entity. Any reference to costs, fee quotations, contractual transactions and variations to contract terms is subject to separate confirmation in writing signed by an authorised representative of eintellego. Whilst all efforts are made to safeguard inbound and outbound e-mails, we cannot guarantee that attachments are! virus-free or compatible with your systems and do not accept any liability in respect of viruses or computer problems experienced. ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ Not sure off-hand, but
Re: [c-nsp] BGP Community Problem (I think)
But, the router isn't even sending them to the next router... between tagging them and re-sending them, they just aren't there so I would assume the neighbour they are being sent to is nothing to do with it? ...Skeeve -- Skeeve Stevens, CEO/Technical Director eintellego Pty Ltd - The Networking Specialists ske...@eintellego.net / www.eintellego.net Phone: 1300 753 383, Fax: (+612) 8572 9954 Cell +61 (0)414 753 383 / skype://skeeve www.linkedin.com/in/skeeve ; facebook.com/eintellego -- NOC, NOC, who's there? Not sure off-hand, but you can do show ip bgp neighbor and far down in the output you will see a section showing stats about why prefixes were dropped (route-map, dist-list, etc). What does it say? ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] BGP Community Problem (I think)
As Hobbs mentioned do a sh ip bgp neighbor your bgp peer and look for the prefix activity part which will tell you about prefixes that didn't get sent to that peer for various reasons. Have you looked at the communities attached to the prefixes you have learnt from your other peer that you aren't advertising?, do they have either no-advertise/no-export/local-as etc. on them? is the peer your receiving the feed from iBGP or eBGP? and is the peer your sending them to iBGP or eBGP? On Wed, Nov 18, 2009 at 5:40 PM, Skeeve Stevens ske...@eintellego.netwrote: But, the router isn't even sending them to the next router... between tagging them and re-sending them, they just aren't there so I would assume the neighbour they are being sent to is nothing to do with it? ...Skeeve -- Skeeve Stevens, CEO/Technical Director eintellego Pty Ltd - The Networking Specialists ske...@eintellego.net / www.eintellego.net Phone: 1300 753 383, Fax: (+612) 8572 9954 Cell +61 (0)414 753 383 / skype://skeeve www.linkedin.com/in/skeeve ; facebook.com/eintellego -- NOC, NOC, who's there? Not sure off-hand, but you can do show ip bgp neighbor and far down in the output you will see a section showing stats about why prefixes were dropped (route-map, dist-list, etc). What does it say? ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
