ccie blog

BGP Conditional Advertisement

This feature can be used in a network that is multihomed to two ISP’s.  In this lab, it enables the 100.100.100.0/30 prefix inside of AS3 to be advertised only to AS2, under the condition that AS2 has connection to its transit provider (R4).  If not, we will advertise this prefix to the backup service provider (R1). The idea is that it will force external traffic that is destined to this prefix to go via the primary ISP. Only if the path via primary ISP fails, then external users will start using the backup ISP to reach it.  Let’s take a look at an example.

BGP Conditional Advertisement1

I have pre-configured all IP addresses, BGP peerings, and BGP network statements.

We are AS3.  I’m going to configure our router so that we conditionally advertise the 100.100.100.0/30 network to AS2.  The condition is:

  • We will only advertise this prefix to AS2 so long as we are receiving the prefix of 200.200.200.0/30 from AS2.
  • If we don’t receive this prefix in a BGP update from AS2, we will stop advertising our prefix to R2.  Instead, we will advertise it to AS1.

Let’s see how we configure this!  Just dead quick before I do anything, take a look at R1’s BGP table for our 100.100.100.0/30 prefix:

R1#sh ip bgp 100.100.100.0
BGP routing table entry for 100.100.100.0/30, version 5
Paths: (2 available, best #2, table Default-IP-Routing-Table)
Flag: 0x820
  Advertised to update-groups:
     1
  4 2 3
    14.14.14.2 from 14.14.14.2 (4.4.4.4)
      Origin IGP, localpref 100, valid, external
  3
    13.13.13.2 from 13.13.13.2 (3.3.3.3)
      Origin IGP, metric 0, localpref 100, valid, external, best

Right.  Let’s put the config on R3 and check this baby out.

R3#conf t
R3(config)#ip prefix-list our_prefix seq 5 permit 100.100.100.0/30
R3(config)#ip prefix-list primary_isp_prefix seq 5 permit 200.200.200.0/30
R3(config)#
R3(config)#ip community-list 1 permit 4:2
R3(config)#
R3(config)#route-map AS4_prefix permit 10
R3(config-route-map)#match community 1
R3(config-route-map)#match ip address prefix-list primary_isp_prefix
R3(config-route-map)#exit
R3(config)#
R3(config)#route-map our_prefix_to_AS1 permit 10
R3(config-route-map)#match ip address prefix-list our_prefix
R3(config-route-map)#exit
R3(config)#
R3(config)#router bgp 3
R3(config-router)#neighbor 13.13.13.1 advertise-map our_prefix_to_AS1 non-exist-map AS4_prefix
R3(config-router)#neighbor 23.23.23.2 route-map set_community in
R3(config-router)#exit
R3(config)#route-map set_community permit 10
R3(config-route-map)#set community 4:2
R3(config-route-map)#end
R3#
R3#clear ip bgp 23.23.23.2 in
R3#clear ip bgp 13.13.13.1 out

I needed a way to check that the 200.200.200.0/30 network was sent from AS2 (as opposed to AS1) so that I know AS 2 has lost internet connectivity if this prefix wasn’t sent directly from AS2 to us.  To do this I’ve tagged routes from AS2 with a community of 4:2.  In that chunky advertise map statement I’ve then said, if 200.200.200.0/30 wasn’t sent by AS2 directly to us (i.e. it doesn’t exist in our BGP table), then advertise our prefix to AS1.  Let’s check that this is working by ensuring R1 is now only learning the 100.100.100.0/30 prefix via AS4.

R1#sh ip bgp 100.100.100.0
BGP routing table entry for 100.100.100.0/30, version 12
Paths: (1 available, best #1, table Default-IP-Routing-Table)
Flag: 0x820
  Advertised to update-groups:
     1
  4 2 3
    14.14.14.2 from 14.14.14.2 (4.4.4.4)
      Origin IGP, localpref 100, valid, external, best

Good.  So R1 now receives our prefix via AS4 only!  If I now just shutdown the interface connecting AS2, it should break the condition, that is; we are no longer receiving the 200.200.200.0/30 network via AS2, and make R3 advertise our prefix to AS1 instead. R1 should then advertise our prefix out to the internet.  Let’s check.

R2(config)#int fa0/1 
R2(config-if)#shut

R1#sh ip bgp 100.100.100.0
BGP routing table entry for 100.100.100.0/30, version 16
Paths: (1 available, best #1, table Default-IP-Routing-Table)
Flag: 0x820
  Not advertised to any peer
  3
    13.13.13.2 from 13.13.13.2 (3.3.3.3)
      Origin IGP, metric 0, localpref 100, valid, external, best

Success! 🙂

7 Comments

sourabhFebruary 22nd, 2018 at 12:19 pm

wow… what a gr8 example… too good.. thanks for sharing….

mahexhwariNovember 19th, 2018 at 8:02 am

can i get the complete lab of this scenairo.

mahexhwariNovember 19th, 2018 at 8:34 am

can i get the complete lab of this scenario.

majepigaDecember 5th, 2018 at 3:33 pm

Fast and clear explanation

majepigaDecember 5th, 2018 at 3:33 pm

Fast and clear explanation, thank you!

Nav ChatrathMarch 28th, 2019 at 2:08 pm

Nice Examle.. But better if design could have been shown using complete ip addressing scheme… Thanks for knowledge sharing via nice Blog !!

StephenGarbettApril 24th, 2019 at 10:09 pm

thanks for the comments. @ mahexhwari, sorry I don’t stlil have the lab.

Leave a comment

Your comment