9 Replies Latest reply: Dec 9, 2019 8:23 AM by aghufran RSS

    BGP Aggregate Attribute Map - IP Prefix List

    aghufran

      Hello,

       

      I recently came across a configuration where an IP prefix-list was being used, under the route-map, used for setting bgp aggregate attributes.

       

      Configuration is something as follows:

       

      !------------------------------------------------------------------------------------------!

      router bgp 64512

      !

      address-family ipv4

        aggregate-address 100.100.0.0 255.255.0.0 attribute-map Connected-Aggregate

        redistribute connected

        redistribute static

      !

      route-map Connected-Aggregate permit 10

      match ip address prefix-list Connected-Aggregate

      set metric 2000

      set community 64512:100

      set weight 65535

      !

      ip prefix-list Connected-Aggregate seq 5 permit 100.100.0.0/16

       

      !------------------------------------------------------------------------------------------!

      BGP/Routing Table Output:

       

      Pe-3#sh bgp ipv4 unicast 100.100.0.0/16    

      BGP routing table entry for 100.100.0.0/16, version 232

      Paths: (1 available, best #1, table default)

        Advertised to update-groups:

           2        

        Refresh Epoch 1

        Local, (aggregated by 64512 10.10.10.3)

          0.0.0.0 from 0.0.0.0 (10.10.10.3)

            Origin IGP, metric 2000, localpref 100, weight 65535, valid, aggregated, local, atomic-aggregate, best

            Community: 64512:100

            rx pathid: 0, tx pathid: 0x0

       

       

      Pe-3#sh ip route 100.100.0.0 255.255.0.0

      Routing entry for 100.100.0.0/16

        Known via "bgp 64512", distance 200, metric 2000, type locally generated

        Routing Descriptor Blocks:

        * directly connected, via Null0

            Route metric is 2000, traffic share count is 1

            AS Hops 0

            MPLS label: none

       

      !------------------------------------------------------------------------------------------!


      I am not sure I fully understand the use of this "match ip address prefix-list Connected-Aggregate" under the route-map. The attributes for aggregate are usually set just using the "set" commands, without using anything for matching ip addresses. If I remove the "match ip address prefix-list Connected-Aggregate", it still gives the same result.


      I was thinking perhaps something like this could be used to make the attribute setting conditional to the presence of a specific prefix, however here the route-map is matching the aggregate that is being generated as a result of the bgp aggregate command.


      Please note that the aggregate attributes set under route-map are for example purposes and do not represent anything from a production environment.


      Also there are specifics from under 100.100.0.0/16 within the bgp/routing table as a result of redistribute connected/static, spread across other Pe iBGP peers as well.


      !------------------------------------------------------------------------------------------!


      Pe-3#sh ip route 100.100.0.0 255.255.0.0 longer-prefixes

      ..

      Gateway of last resort is not set

       

            100.0.0.0/8 is variably subnetted, 13 subnets, 3 masks

      B        100.100.0.0/16 [200/2000], 00:18:15, Null0

      C        100.100.101.0/24 is directly connected, Loopback101

      L        100.100.101.1/32 is directly connected, Loopback101

      C        100.100.102.0/24 is directly connected, Loopback102

      L        100.100.102.1/32 is directly connected, Loopback102

      C        100.100.103.0/24 is directly connected, Loopback103

      L        100.100.103.1/32 is directly connected, Loopback103

      B        100.100.104.0/24 [200/0] via 10.10.10.4, 02:02:12

      B        100.100.105.0/24 [200/0] via 10.10.10.4, 02:02:12

      B        100.100.106.0/24 [200/0] via 10.10.10.4, 02:02:12

      B        100.100.107.0/24 [200/0] via 10.10.10.5, 02:01:04

      B        100.100.108.0/24 [200/0] via 10.10.10.5, 02:01:04

      B        100.100.109.0/24 [200/0] via 10.10.10.5, 02:01:04


      !------------------------------------------------------------------------------------------!


      Any help would be most appreciated.


      Thanks and regards,


      Abid Ghufran         

        • 1. Re: BGP Aggregate Attribute Map - IP Prefix List
          Martin

          first of all, make sure u do clear ip bgp * soft  after the change and every-time u wish to see change

           

          without match ip prefix line only 100.100.0.0/16 gets attributes; none of others networks withing range of /16 , ie 100.100.0.x/24  gets them - make sense

           

          with match ip prefix and prefix list other then 100.100.0.0/16, none of attributes shows up.

          with match ip prefix and prefix list matching 1 00.100.0.0/16,still ,  none of attributes shows up.

           

          my guess is that match ip prefix list does not apply to attribute map, only "set"  options do;  Or,  your aggregate-address x.x.x.x  attribute-map Connected-Aggregate  is missing something ,

          • 2. Re: BGP Aggregate Attribute Map - IP Prefix List
            Parvesh


            If I remove the "match ip address prefix-list Connected-Aggregate", it still gives the same result.


            I was thinking perhaps something like this could be used to make the attribute setting conditional to the presence of a specific prefix, however here the route-map is matching the aggregate that is being generated as a result of the bgp aggregate command.


             

             

            Hi,

            One thing from route maps - If a match command is not present, all routes match the clause. That means of the prefix list is removed, it will not impact.



            Second part is interesting - conditional attribute assignment per availability of a specific prefix for the aggregate-address: as aggregate-address will be advertised even if one of the subnet is present in RIB, it may not ignore base rule set (for specific subnet) and focus on only one subnet.


            • 3. Re: BGP Aggregate Attribute Map - IP Prefix List
              Martin

              match in route  map did not do anything in case with attribute map ; it probably does not apply in such case

              Or my IOS version has bug in it

              • 4. Re: BGP Aggregate Attribute Map - IP Prefix List
                aghufran

                Hi Martin,

                 

                From what I have seen, if anything else is placed under the prefix-list, aggregate does not get the attributes. For some reason, the attributes only show up if I match the aggregate itself. This is basically the same as not "matching" anything at all. So am not sure what purpose does matching the aggregate itself serve.

                 

                Thanks and regards,

                 

                Abid Ghufran

                • 5. Re: BGP Aggregate Attribute Map - IP Prefix List
                  aghufran

                  Hi Parvesh,

                   

                  Conditionality for an aggregate being generated is satisfied with there being a subnet present in the BGP table. In order to associate/modify attributes associated with the aggregate, a route-map (attribute-map) without any match (prefix-list) is sufficient. I am therefore not sure I see the purpose of there being a match (prefix-list) under the route-map.

                   

                  Thanks and regards,

                   

                  Abid Ghufran

                  • 6. Re: BGP Aggregate Attribute Map - IP Prefix List
                    aghufran

                    Hi Martin,

                     

                    I am inclined towards the same conclusion that it does not make any difference. However, I am thinking if there is a way to only generate the aggregate if a specific subnet appears under the BGP table. It may be possible to filter specific subnets into the BGP table but do not think if it is possible to use any of the aggregate command options with/without a route-map.

                     

                    Thanks and regards,

                     

                    Abid Ghufran

                    • 7. Re: BGP Aggregate Attribute Map - IP Prefix List
                      Parvesh

                      Hi aghufran,

                       

                      The purpose can be futuristic ( minimal efforts for a change might have been planned) - the match with a prefix-list can allow you to restrict a particular subnet rather may not be of use for now. Refer permit and deny statements in prefix-list.

                       

                      -

                      Parvesh

                      • 8. Re: BGP Aggregate Attribute Map - IP Prefix List
                        jh

                        Advertise-map acts as a filter, it takes a route-map matching networks whose presence you require to generate the aggregate. You can also combine with as-set, to set the attributes from the matched component prefixes to the aggregate.

                        When both an aggregate-map and attribute-map, the attribute-map's values should take preference.

                        • 9. Re: BGP Aggregate Attribute Map - IP Prefix List
                          aghufran

                          Hi All,

                           

                          The confusion here was by the prefix-list being used under attribute-map route-map. With some further testing, I believe to understand it better than before. First of all, the prefix-list matches the aggregates themselves. Secondly, any aggregates which matches the route-map, used under attribute-map, gets the "set" attributes. Those which do not get matched will still be generated but will not get the "set" attributes. The fundamental principle of how and when an aggregate is generated has to be already there in the background. The prefix-list under the attribute-map route-map, is there to make an exclusion on which aggregates pick up the attributes being "set" and which do not. Please note that this all in the absence of an "as-set" keyword. The route-map (and the prefix-list) used under attribute-map do not control when aggregates are generated. The aggregates get generated if there is a specific subnet falling under the aggregate prefix. If you take away the prefix-list, making the route-map mach ALL aggregates, they will all get the "set" attributes. If used with a prefix-list, only those aggregates which match will get the "set" attributes.

                           

                          Hope this helps.

                           

                          Thanks and regards,

                           

                          Abid Ghufran