Continuing from our last post, we will now see how Exist Map and NonExist Map works.
5) Exist Map:-
Let's look at the scenario shown in the diagram below.
The users are connected with router R1 and they need to access the servers in the DC. R4,R2 and R1 have EBGP neighbourship between them.
R4=AS40
R2=AS20
R1=AS10
R4 receives the prefix 155.10.0.0/16 from the DC through BGP. R4 then advertises subnet 155.10.0.0/16 and a default route originated via neighbour command on R2. R2 filters the update for the subnet 155.10.0.0/16 and only passes the default route to R1.
R1 also has an EIGRP neighborship with R3 from which it receives a default route. Due to the lower admin distance, R1 uses the route received via R2 through EBGP.
Now if the link between R4 and the DC goes down, R4 will stop receiving the specific subnet (155.10.0.0/16) and will stop passing this to R2. However it will keep advertising the default route to R2 which will then pass it to R1.
Our aim is that in the event of the link failure between R4 and the DC, R1 should automatically use the default route received via EIGRP as the backup path. The problem is that the default route is originated on R4 by using the "neighbor" command so even though it's link to the DC is down, it will keep advertising the default route.
One of the solutions to this problem is if R2 can stop passing the default route to R1 when it doesn't receive the prefix 155.10.0.0/16 from R4. This can be done by using the Exist Map.
Let's first look at the output from R1
we can see in the EIGRP toplogy table that R1 does receive a default route from EIGRP but installed the E-BGP route in the routing table so any traffic towards the DC will go to R2.
Let's check R2's BGP table.
We can see the prefix 155.10.0.0/16 and default route received from R4.
We want to do conditional advertisement i.e. we only want to advertise the default route to R1 if the prefix 155.10.0.0/16 is present in the routing table of R2.
To achieve this, we will configure a prefix list on R2 which matches the subnet 155.10.0.0/16 and match it in a route-map.
We will also have to create a prefix list which matches the default route and match it in a route-map.
Now under the neighbour statement towards R1, we have to apply this route-maps using the advertise-map and Exist-map.
We have applied the route-map "ADVERT" to advertise-map which matches the default route and applied the route-map CONDITION to the exist-map.
This basically means that R2 will only advertise the default-route to R1 if the prefix 155.10.0.0/16 is received via R4.
We can test this by stop advertising the prefix 155.10.0.0/16 to R2.
Let's check if this made any difference on R1
R1 has stopped received the default route from BGP and installed default route from EIGRP in the routing table.
Just to clarify that the "exist-map" is just one of the many ways to resolve the problem. There can be other alternatives to address such a situation.
6) NonExist-Map:-
Let's assume that we control R1 and we are multihoming to two different ISPs (R2 and R3). R1 (AS 10) has EBGP peering with R2 (AS 20) and R3 (AS 30). We have a network range 1.1.1.0/24 which we advertise by using network command.
We want to make sure that we use the ISP 1 (R2) as the primary path for inbound and outbound traffic. We can use AS_PREPEND and advertise the prefix through R3 with higher prepend value, however there is still no guarantee that other ISPs will see the path through R2 as the best route to reach 1.1.1.0/24.
To be absolutely sure we can only advertise the prefix via R2 only and if our link to R2 goes down then we have to do manual failover and start advertising this route to R3.
There is a better way of doing this in BGP by using nonexist-map.
On R1 we are receiving a prefix 10.1.24.0/30 from R2, if we stop receiving this then we can assume that there is a problem with the link between R1 and R2 and then start advertising the subnet 1.1.1.0/24 to R3.
First we will configure a prefix-list which includes the subnet we want to advertise and match it with a route-map on R1.
Now we will configure a new prefix list for the subnet 10.1.24.0/30 and match it with a route-map.
Now in the neighbour statement towards R3, we will apply the route-map ADVERT to advertise-map and route-map CONDITION to nonexist-map.
This statement says that if I stop receiving the prefix 10.1.24.0/30 then I will start advertising 1.1.1.0/24 to R3.
Let's see this in action.
At the moment, we can see that we receive the prefix 10.1.24.0/30 from R2.
We have advertised the prefix 1.1.1.0/24 by using network statement on R1 however we don't see that in R3's BGP table.
Now, we will stop advertising the network 10.1.24.0/30 from R2.
It's not in R1's BGP table now. Let's check R3's BGP table.
We can see that as expected R1 has started advertising the prefix to R3.
In the next post, we will see the remaining two maps.
R4=AS40
R2=AS20
R1=AS10
R4 receives the prefix 155.10.0.0/16 from the DC through BGP. R4 then advertises subnet 155.10.0.0/16 and a default route originated via neighbour command on R2. R2 filters the update for the subnet 155.10.0.0/16 and only passes the default route to R1.
R1 also has an EIGRP neighborship with R3 from which it receives a default route. Due to the lower admin distance, R1 uses the route received via R2 through EBGP.
Now if the link between R4 and the DC goes down, R4 will stop receiving the specific subnet (155.10.0.0/16) and will stop passing this to R2. However it will keep advertising the default route to R2 which will then pass it to R1.
Our aim is that in the event of the link failure between R4 and the DC, R1 should automatically use the default route received via EIGRP as the backup path. The problem is that the default route is originated on R4 by using the "neighbor" command so even though it's link to the DC is down, it will keep advertising the default route.
One of the solutions to this problem is if R2 can stop passing the default route to R1 when it doesn't receive the prefix 155.10.0.0/16 from R4. This can be done by using the Exist Map.
Let's first look at the output from R1
we can see in the EIGRP toplogy table that R1 does receive a default route from EIGRP but installed the E-BGP route in the routing table so any traffic towards the DC will go to R2.
Let's check R2's BGP table.
We can see the prefix 155.10.0.0/16 and default route received from R4.
We want to do conditional advertisement i.e. we only want to advertise the default route to R1 if the prefix 155.10.0.0/16 is present in the routing table of R2.
To achieve this, we will configure a prefix list on R2 which matches the subnet 155.10.0.0/16 and match it in a route-map.
We will also have to create a prefix list which matches the default route and match it in a route-map.
Now under the neighbour statement towards R1, we have to apply this route-maps using the advertise-map and Exist-map.
We have applied the route-map "ADVERT" to advertise-map which matches the default route and applied the route-map CONDITION to the exist-map.
This basically means that R2 will only advertise the default-route to R1 if the prefix 155.10.0.0/16 is received via R4.
We can test this by stop advertising the prefix 155.10.0.0/16 to R2.
Let's check if this made any difference on R1
R1 has stopped received the default route from BGP and installed default route from EIGRP in the routing table.
Just to clarify that the "exist-map" is just one of the many ways to resolve the problem. There can be other alternatives to address such a situation.
6) NonExist-Map:-
Let's assume that we control R1 and we are multihoming to two different ISPs (R2 and R3). R1 (AS 10) has EBGP peering with R2 (AS 20) and R3 (AS 30). We have a network range 1.1.1.0/24 which we advertise by using network command.
We want to make sure that we use the ISP 1 (R2) as the primary path for inbound and outbound traffic. We can use AS_PREPEND and advertise the prefix through R3 with higher prepend value, however there is still no guarantee that other ISPs will see the path through R2 as the best route to reach 1.1.1.0/24.
To be absolutely sure we can only advertise the prefix via R2 only and if our link to R2 goes down then we have to do manual failover and start advertising this route to R3.
There is a better way of doing this in BGP by using nonexist-map.
On R1 we are receiving a prefix 10.1.24.0/30 from R2, if we stop receiving this then we can assume that there is a problem with the link between R1 and R2 and then start advertising the subnet 1.1.1.0/24 to R3.
First we will configure a prefix-list which includes the subnet we want to advertise and match it with a route-map on R1.
Now we will configure a new prefix list for the subnet 10.1.24.0/30 and match it with a route-map.
Now in the neighbour statement towards R3, we will apply the route-map ADVERT to advertise-map and route-map CONDITION to nonexist-map.
This statement says that if I stop receiving the prefix 10.1.24.0/30 then I will start advertising 1.1.1.0/24 to R3.
Let's see this in action.
At the moment, we can see that we receive the prefix 10.1.24.0/30 from R2.
We have advertised the prefix 1.1.1.0/24 by using network statement on R1 however we don't see that in R3's BGP table.
Now, we will stop advertising the network 10.1.24.0/30 from R2.
It's not in R1's BGP table now. Let's check R3's BGP table.
We can see that as expected R1 has started advertising the prefix to R3.
In the next post, we will see the remaining two maps.
No comments:
Post a Comment