BGP Aggregate Conditional advertisement

blueyesdude · November 2008

Hello Guys,
I am studying for my CCIE R&S written.
I am doing a lab where i want to advertise BGP aggregate prefix to my EBGP peer,only if i have particular specifics in my BGP table.

I used the neighbor advertise-map exist-map for this.

But i am only able to specify 1 prefix as the condition to advertise the aggregate.
Cant i specify more than 1 prefix to be present in the BGP table as my condition to advertise the Aggregate?

Thanks.

cisco_trooper · November 2008

My initial thought on this without looking at the command syntax in the IOS Config Guide is that since this command utilizes route-maps you SHOULD be able to specify multiple prefixes to be matched within those route-maps. Can you show us your configuration?

blueyesdude · November 2008

I used a route map lab permit 10
match ip address prefix-list 1 2

I wanted to use 'AND' condition as shown above and thus match 2 prefixes, one in each prefix-list.

But unfortunately, it only takes in consideration the 1st prefix list, i.e '1'

Here are some configs:
20.0.0.2 is the ebgp neighbor.

neighbor 20.0.0.2 advertise-map advertise exist-map exist

route-map advertise permit 10
match ip address prefix-list 3
!
!
route-map exist permit 10
match ip address prefix-list 1 2

ip prefix-list 1 seq 10 permit 10.0.0.100/32
!
ip prefix-list 2 seq 10 permit 10.0.0.200/32
!
ip prefix-list 3 seq 10 permit 10.0.0.0/8

Thus i want to advertise the 10.0.0.0/8 aggregate only if 10.0.0.100/32 and 10.0.0.200/32 are in the bgp table.

But in this case,it checks only 10.0.0.100/32 as the condition(to be in the bgp table) and ignores the 10.0.0.200/32 prefix.

cisco_trooper · November 2008

blueyesdude wrote:

I used a route map lab permit 10
match ip address prefix-list 1 2

There is where your problem lies, this is an OR condition. It only has to match one of these to be permitted. If you want an AND condition you need to do this:

route-map lab permit 10
match ip address prefix-list 1
match ip address prefix-list 2

Hope that helps you out.

blueyesdude · November 2008

match ip address prefix-list 1
match ip address prefix-list 2

this is same as:

match ip address prefix-list 1 2

When you do
match ip address prefix-list 1
match ip address prefix-list 2.

Router automatically converts it into
match ip address prefix-list 1 2

This i an AND condition.

cisco_trooper · November 2008

Wowsers. I just labbed that up and you are right. Separate match statements are SUPPOSED to be an "AND" but I just did separate match statements for two separate ACLs and it DID combine them into one, forming the OR. W T F!?!?

Now IIIIIII am curious. Anyone else have any input? Where is DT?

To be continued.......

cisco_trooper · November 2008

http://www.cisco.com/en/US/docs/ios/12_2/iproute/command/reference/1rfindp1.html#wpxref41157

Like matches in the same route map subblock are filtered with "or" semantics. If any one match clause is matched in the entire route map subblock, this match is treated as a successful match. Dissimilar match clauses are filtered with "and" semantics. So dissimilar matches are filtered logically.

Looks like this is by design....but there still has got to be a creative way to solve this problem.

blueyesdude · November 2008

nice find trooper.
Thx a lot.

dtlokee · November 2008

you didn't post the entire configuration that you are running, are you using the aggragate-address command or did you add 10.0.0.0/8 into the bgp table some other way?

blueyesdude · November 2008

I used the aggregate-address summary-only command for 10.0.0.0/8

BGP Aggregate Conditional advertisement

Comments