Use the same topology and lab config from here
Can be applied to any point in the network as long as on sub-net is in the BGP table
Configured as aggregate-address [network] [mask] [arguments]
Arguments are
summary-only
suppress-map and usupressed-map
attribute-map | route-map
as-set
advertise-map
Task
On Network Edge routers R4,R6 and R2 advertise aggregate the loopback interface into BGP process useng its mask.
On router 3 advertise Lo of SW1 and SW3 into BGP'=
show ip bgp reg ^$
check it on bb3 if
On R2 generate the aggregate of all the 10 loop-back of all the routers so it using exact subnet mask.
show ip bgp | in 150.1
show ip bgp 150.1.0.0/20
End Result - BB2 show ip bgp - check for the attributes
BB2 - show ip bgp - chek for any suppress address
Network Next Hop Metric LocPrf Weight Path
*> 150.1.2.0/24 0.0.0.0 0 32768 i
R2
router bgp 200
network 150.1.2.0 mask 255.255.255.0
show ip bgp reg ^$
Network Next Hop Metric LocPrf Weight Path
*> 150.1.2.0/24 0.0.0.0 0 32768 i
R3
router bgp 300
bgp router-id 3.3.3.3
bgp log-neighbor-changes
network 150.1.3.0 mask 255.255.255.0
network 150.1.7.0 mask 255.255.255.0
network 150.1.9.0 mask 255.255.255.0
R2
router bgp 200
aggregate-address 150.1.0.0 255.255.240.0
show ip bgp reg ^$
Network Next Hop Metric LocPrf Weight Path
*> 150.1.0.0/20 0.0.0.0 32768 i
*> 150.1.2.0/24 0.0.0.0 0 32768 i
Rack1R2#show ip bgp 150.1.0.0/20
BGP routing table entry for 150.1.0.0/20, version 70
Paths: (1 available, best #1, table default)
Advertised to update-groups:
2
Refresh Epoch 1
Local, (aggregated by 200 2.2.2.2)
0.0.0.0 from 0.0.0.0 (2.2.2.2)
Origin IGP, localpref 100, weight 32768, valid, aggregated, local, atomic-aggregate, best
Verify on BB2
RS.1.1.BB2>show ip bgp 150.1.0.0/20
BGP routing table entry for 150.1.0.0/20, version 150
Paths: (1 available, best #1, table default)
Not advertised to any peer
Refresh Epoch 1
200, (aggregated by 200 2.2.2.2)
192.10.1.2 from 192.10.1.2 (2.2.2.2)
Origin IGP, metric 0, localpref 100, valid, external, atomic-aggregate, be
BB2 is still receiving other loopbacks address with /24 - see Summer-only to avoid this
"to stop advertising all the individual sub-nets other then the aggregated sub-net"
On R2 advertise only the aggregated address other neighbor
do show ip bgp on R2
do show ip bgp XXXX for the suppressed route
check on BB2
show ip bgp neighbors 192.10.23.254 advertised-routes check if you are advertising any suppressed routes.
On R2 advertise only the aggregated address to other neighbor
ISSUE 1 - ping R6lo and R4lo and R2lo form R5
check the IP route for R1 and R2 Lo from R5 (show ip router xxxx)
Check for the path its taking in the result of show ip router xxxx
SOLUTION - next section
router bgp 200
aggregate-address 150.1.0.0 255.255.240.0 summary-only
All the loopback address are supressed
Rack1R2#show ip bgp | include 150.1
*> 150.1.0.0/20 0.0.0.0 32768 i
s 150.1.1.0/24 155.1.0.1 0 400 100 i
s> 150.1.2.0/24 0.0.0.0 0 32768 i
s 150.1.3.0/24 155.1.0.3 0 400 300 i
s 150.1.4.0/24 155.1.0.5 0 400 100 i
s 150.1.5.0/24 155.1.23.3 0 300 400 ?
s 150.1.6.0/24 155.1.0.5 0 400 100 i
s 150.1.7.0/24 155.1.0.3 0 400 300 i
s 150.1.8.0/24 155.1.23.3 0 300 400 ?
s 150.1.9.0/24 155.1.0.3 0 400 300 i
s 150.1.10.0/24 155.1.23.3 0 300 400 ?
BB2
BB2 only has the aggrigated route not the /24 loopback routs aymore
Network Next Hop Metric LocPrf Weight Path
*> 28.119.16.0/24 192.10.1.2 0 200 400 100 54 i
*> 28.119.17.0/24 192.10.1.2 0 200 400 100 54 i
*> 112.0.0.0 192.10.1.2 0 200 400 100 54 50 60 i
*> 113.0.0.0 192.10.1.2 0 200 400 100 54 50 60 i
*> 114.0.0.0 192.10.1.2 0 200 400 100 54 i
*> 115.0.0.0 192.10.1.2 0 200 400 100 54 i
*> 116.0.0.0 192.10.1.2 0 200 400 100 54 i
*> 117.0.0.0 192.10.1.2 0 200 400 100 54 i
*> 118.0.0.0 192.10.1.2 0 200 400 100 54 i
*> 119.0.0.0 192.10.1.2 0 200 400 100 54 i
*> 150.1.0.0/20 192.10.1.2 0 0 200 i
*> 205.90.31.0 0.0.0.0 0 32768 ?
Network Next Hop Metric LocPrf Weight Path
*> 220.20.3.0 0.0.0.0 0 32768 ?
*> 222.22.2.0 0.0.0.0 0 32768 ?
R2
show bgp neighbor summery
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
155.1.0.5 4 400 94 103 82 0 0 01:10:30 19
155.1.23.3 4 300 101 109 82 0 0 01:11:48 19
192.10.1.254 4 254 84 108 82 0 0 01:12:15 3
Rack1R2#
see what R2 is advertising to its neighbor - missing /24 loopbacks
Rack1R2#show ip bgp neighbors 192.10.1.254 adv
Rack1R2#show ip bgp neighbors 192.10.1.254 advertised-routes
BGP table version is 82, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*> 28.119.16.0/24 155.1.0.5 0 400 100 54 i
*> 28.119.17.0/24 155.1.0.5 0 400 100 54 i
*> 112.0.0.0 155.1.0.5 0 400 100 54 50 60 i
*> 113.0.0.0 155.1.0.5 0 400 100 54 50 60 i
*> 114.0.0.0 155.1.0.5 0 400 100 54 i
*> 115.0.0.0 155.1.0.5 0 400 100 54 i
*> 116.0.0.0 155.1.0.5 0 400 100 54 i
*> 117.0.0.0 155.1.0.5 0 400 100 54 i
*> 118.0.0.0 155.1.0.5 0 400 100 54 i
*> 119.0.0.0 155.1.0.5 0 400 100 54 i
*> 150.1.0.0/20 0.0.0.0 32768 i
*> 205.90.31.0 192.10.1.254 0 0 254 ?
*> 220.20.3.0 192.10.1.254 0 0 254 ?
Network Next Hop Metric LocPrf Weight Path
*> 222.22.2.0 192.10.1.254 0 0 254 ?
Route two loopback still must have the reachability from all the routers lo as source.
Do the same aggregation on R1
Rack1R1#show ip bgp 155.1.13.3
% Network not in table
Rack1R1#show ip bgp nei 155.1.13.3 adv
BGP table version is 86, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*>i 28.119.16.0/24 204.12.1.254 0 100 0 54 i
*>i 28.119.17.0/24 204.12.1.254 0 100 0 54 i
*>i 112.0.0.0 204.12.1.254 0 100 0 54 50 60 i
*>i 113.0.0.0 204.12.1.254 0 100 0 54 50 60 i
*>i 114.0.0.0 204.12.1.254 0 100 0 54 i
*>i 115.0.0.0 204.12.1.254 0 100 0 54 i
*>i 116.0.0.0 204.12.1.254 0 100 0 54 i
*>i 117.0.0.0 204.12.1.254 0 100 0 54 i
*>i 118.0.0.0 204.12.1.254 0 100 0 54 i
*>i 119.0.0.0 204.12.1.254 0 100 0 54 i
*> 150.1.0.0/20 0.0.0.0 32768 i
*> 205.90.31.0 155.1.13.3 0 300 200 254 ?
*> 220.20.3.0 155.1.13.3 0 300 200 254 ?
*> 222.22.2.0 155.1.13.3 0 300 200 254 ?
ISSUE -
R5
Rack1R5#show ip bgp 150.1.0.0/20
BGP routing table entry for 150.1.0.0/20, version 30
Paths: (4 available, best #4, table default)
Advertised to update-groups:
5 6
Refresh Epoch 1
100, (aggregated by 100 1.1.1.1)
155.1.45.4 from 155.1.45.4 (4.4.4.4)
Origin IGP, localpref 100, valid, external, atomic-aggregate
Refresh Epoch 3
100, (aggregated by 100 1.1.1.1)
155.1.0.1 from 155.1.0.1 (1.1.1.1)
Origin IGP, metric 0, localpref 100, valid, external, atomic-aggregate
Refresh Epoch 2
300 200, (aggregated by 200 ping 150.2)
155.1.0.3 from 155.1.0.3 (3.3.3.3)
Origin IGP, localpref 100, valid, external, atomic-aggregate
Refresh Epoch 2
200, (aggregated by 200 2.2.2.2)
155.1.0.2 from 155.1.0.2 (2.2.2.2)
Origin IGP, metric 0, localpref 100, valid, external, atomic-aggregate, best
Rack1R5#
R1 lo is miss-routed as R5
Rack1R5#
Rack1R5#ping 150.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 150.1.1.1, timeout is 2 seconds:
U.U.U
Success rate is 0 percent (0/5)
Rack1R5#
SOLUTION
Configure in a way the external peers are only seeing the summery - See the nest section - Supress-map for the solution.
"which of the individual sub-nets we do not want to advertise"
On R1 advertise only aggregated route to R4 and R6 and individual sub-nets to to R3 and R5
Hint - remover the summery-only first
R4 and R6 will only receive the aggregated summery but not the subsets
R3 and R5 will receive the lo of R1, R4, R6 with the aggregated route.
use prefix list and route-map
check for the withdraw massage on R4 and R6
once done do show ip bgp neighbor 150.28.6.6 advertised-routes
RSOLUTION of ISSUE 1 - NOW ping R4 and R6 and R1lo from R5
ISSUE - 2- R2 has formed a discard route to null0 for aggregated route.
Solution 2 - Use Table-map to filter out the discard route from routing table.
R1
router bgp 100
aggregate-address 150.1.0.0 255.255.240.0
Rack1R1#show ip bgp neighbors 150.1.6.6 adv
Rack1R1#show ip bgp neighbors 150.1.6.6 advertised-routes
BGP table version is 97, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*> 150.1.0.0/20 0.0.0.0 32768 i
*> 205.90.31.0 155.1.13.3 0 300 200 254 ?
*> 220.20.3.0 155.1.13.3 0 300 200 254 ?
*> 222.22.2.0 155.1.13.3 0 300 200 254 ?
Only aggregated address is advertised to R6 and R4 /20 not /24 address are advertised
R1 is still advertising /24 subnets to R5
Rack1R1#show ip bgp neighbors 150.1.5.5 advertised-routes
% No such neighbor or address family
Rack1R1#show ip bgp neighbors 155.1.0.5 advertised-routes
BGP table version is 97, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*>i 28.119.16.0/24 204.12.1.254 0 100 0 54 i
*>i 28.119.17.0/24 204.12.1.254 0 100 0 54 i
*>i 112.0.0.0 204.12.1.254 0 100 0 54 50 60 i
*>i 113.0.0.0 204.12.1.254 0 100 0 54 50 60 i
*>i 114.0.0.0 204.12.1.254 0 100 0 54 i
*>i 115.0.0.0 204.12.1.254 0 100 0 54 i
*>i 116.0.0.0 204.12.1.254 0 100 0 54 i
*>i 117.0.0.0 204.12.1.254 0 100 0 54 i
*>i 118.0.0.0 204.12.1.254 0 100 0 54 i
*>i 119.0.0.0 204.12.1.254 0 100 0 54 i
*> 150.1.0.0/20 0.0.0.0 32768 i
*> 150.1.1.0/24 0.0.0.0 0 32768 i
*> 150.1.3.0/24 155.1.13.3 0 0 300 i
*> 150.1.4.0/24 155.1.146.4 11 32768 i
*> 150.1.5.0/24 155.1.0.5 0 0 400 ?
Network Next Hop Metric LocPrf Weight Path
*> 150.1.6.0/24 155.1.146.6 11 32768 i
*> 150.1.7.0/24 155.1.13.3 409600 0 300 i
*> 150.1.8.0/24 155.1.0.5 409600 0 400 ?
*> 150.1.9.0/24 155.1.13.3 409856 0 300 i
*> 150.1.10.0/24 155.1.0.5 435200 0 400 ?
*> 205.90.31.0 155.1.13.3 0 300 200 254 ?
*> 220.20.3.0 155.1.13.3 0 300 200 254 ?
*> 222.22.2.0 155.1.13.3 0 300 200 254 ?
SOLUTION for above section
Now Ping the R1 from R5
Rack1R5#ping 150.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 150.1.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 18/19/20 ms
Rack1R5#
ISSUE
R2
Gateway of last resort is not set
28.0.0.0/24 is subnetted, 2 subnets
B 28.119.16.0 [20/0] via 155.1.0.5, 02:10:45
B 28.119.17.0 [20/0] via 155.1.0.5, 02:10:45
B 112.0.0.0/8 [20/0] via 155.1.0.5, 02:10:45
B 113.0.0.0/8 [20/0] via 155.1.0.5, 02:10:45
B 114.0.0.0/8 [20/0] via 155.1.0.5, 02:10:45
B 115.0.0.0/8 [20/0] via 155.1.0.5, 02:10:45
B 116.0.0.0/8 [20/0] via 155.1.0.5, 02:10:45
B 117.0.0.0/8 [20/0] via 155.1.0.5, 02:10:45
B 118.0.0.0/8 [20/0] via 155.1.0.5, 02:10:45
B 119.0.0.0/8 [20/0] via 155.1.0.5, 02:10:45
150.1.0.0/16 is variably subnetted, 12 subnets, 3 masks
B 150.1.0.0/20 [200/0] via 0.0.0.0, 01:06:37, Null0
B 150.1.1.0/24 [20/0] via 155.1.0.1, 00:23:45
C 150.1.2.0/24 is directly connected, Loopback0
L 150.1.2.2/32 is directly connected, Loopback0
B 150.1.3.0/24 [20/0] via 155.1.23.3, 01:06:37
B 150.1.4.0/24 [20/0] via 155.1.0.1, 00:21:19
B 150.1.5.0/24 [20/0] via 155.1.0.5, 01:06:37
B 150.1.6.0/24 [20/0] via 155.1.0.1, 00:20:41
B 150.1.7.0/24 [20/409600] via 155.1.23.3, 01:06:37
B 150.1.8.0/24 [20/409600] via 155.1.0.5, 01:06:37
B 150.1.9.0/24 [20/409856] via 155.1.23.3, 01:06:37
B 150.1.10.0/24 [20/435200] via 155.1.0.5, 01:06:37
155.1.0.0/16 is variably subnetted, 4 subnets, 2 masks
C 155.1.0.0/24 is directly connected, Serial1/0.1
L 155.1.0.2/32 is directly connected, Serial1/0.1
C 155.1.23.0/24 is directly connected, Serial1/1
L 155.1.23.2/32 is directly connected, Serial1/1
192.10.1.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.10.1.0/24 is directly connected, Ethernet0/0
L 192.10.1.2/32 is directly connected, Ethernet0/0
B 205.90.31.0/24 [20/0] via 192.10.1.254, 02:13:29
B 220.20.3.0/24 [20/0] via 192.10.1.254, 02:13:29
B 222.22.2.0/24 [20/0] via 192.10.1.254, 02:13:29
This means R2 will not use any default to reach anything inside the aggregate.
This can be filtered out useing Table-map
"to choose which of the suppressed route will be advertised as unsurpressed routes to which neighbor"
"when there are less peers that you to send the subsets, then u do want to send the aggregate , then we cud use the unsurpress map."
-Remove route-map on R1
-Configure the summery only on R1
-Opposit of suppress map
-Used to choose some supressed routes to send to other router useg prefix-list and route map and using unsuppress-map command on neighbor statement.
On R1 advertise only the aggregated address other neighbor
From R1 send the unsurpassed routes to R3 and R5, send lo of R1,R4 and R6 to R3 and only R1 lo to R5.
Now both R2 and R1 are aggregating /20 aggrigated address to the external links
ISSUE - 3 - from AS 400 and AS 300 R6 and R4 may or may not be reachable.
Test 5
For R3
Create the prifix list for R1, R4, R6 lo on R1
Creat routemap for above prifix list
go to R3 Neighbor statment and apply routemap out useing unsupress
For R5
Creat a prifix list only for R1lo
apply same ways as above for R5 using unsupress statment
clear ip bgp * out
show ip bgp R3 XXXX advertise
compare
show ip bgp R5 XXXX advertise
-End Result - effects traffic flow
On SW2 Tracroute R6 lo source local lo
On SW2 Tracroute R4 lo from source local lo
It will choose longar match - which is from R3 AS300
----------------------------------------------------------------------
if you need all prefix to be suppressed - summery only
if there less prefix that need to suppressed - use suppress map
if you want les prifix tha need to be unsupress - unsupress map