BGP Aggregate Conditional advertisement

Hello Guys,
I am studying for my CCIE R&S written.
I am doing a lab where i want to advertise BGP aggregate prefix to my EBGP peer,only if i have particular specifics in my BGP table.

I used the neighbor advertise-map exist-map for this.

But i am only able to specify 1 prefix as the condition to advertise the aggregate.
Cant i specify more than 1 prefix to be present in the BGP table as my condition to advertise the Aggregate?

Thanks.

Find more posts tagged with

Save $250 on 2025 certification boot camps from Infosec!

Book now with code EOY2025

Button

Comments

cisco_trooper

My initial thought on this without looking at the command syntax in the IOS Config Guide is that since this command utilizes route-maps you SHOULD be able to specify multiple prefixes to be matched within those route-maps. Can you show us your configuration?

blueyesdude

I used a route map lab permit 10
match ip address prefix-list 1 2

I wanted to use 'AND' condition as shown above and thus match 2 prefixes, one in each prefix-list.

But unfortunately, it only takes in consideration the 1st prefix list, i.e '1'

Here are some configs:
20.0.0.2 is the ebgp neighbor.

neighbor 20.0.0.2 advertise-map advertise exist-map exist

route-map advertise permit 10
match ip address prefix-list 3
!
!
route-map exist permit 10
match ip address prefix-list 1 2

ip prefix-list 1 seq 10 permit 10.0.0.100/32
!
ip prefix-list 2 seq 10 permit 10.0.0.200/32
!
ip prefix-list 3 seq 10 permit 10.0.0.0/8

Thus i want to advertise the 10.0.0.0/8 aggregate only if 10.0.0.100/32 and 10.0.0.200/32 are in the bgp table.

But in this case,it checks only 10.0.0.100/32 as the condition(to be in the bgp table) and ignores the 10.0.0.200/32 prefix.

cisco_trooper

blueyesdude wrote:

I used a route map lab permit 10
match ip address prefix-list 1 2

There is where your problem lies, this is an OR condition. It only has to match one of these to be permitted. If you want an AND condition you need to do this:

route-map lab permit 10
match ip address prefix-list 1
match ip address prefix-list 2

Hope that helps you out.

blueyesdude

match ip address prefix-list 1
match ip address prefix-list 2

this is same as:

match ip address prefix-list 1 2

When you do
match ip address prefix-list 1
match ip address prefix-list 2.

Router automatically converts it into
match ip address prefix-list 1 2

This i an AND condition.

cisco_trooper

Wowsers. I just labbed that up and you are right. Separate match statements are SUPPOSED to be an "AND" but I just did separate match statements for two separate ACLs and it DID combine them into one, forming the OR. W T F!?!?

Now IIIIIII am curious. Anyone else have any input? Where is DT?

To be continued.......

cisco_trooper

http://www.cisco.com/en/US/docs/ios/12_2/iproute/command/reference/1rfindp1.html#wpxref41157

Like matches in the same route map subblock are filtered with "or" semantics. If any one match clause is matched in the entire route map subblock, this match is treated as a successful match. Dissimilar match clauses are filtered with "and" semantics. So dissimilar matches are filtered logically.

Looks like this is by design....but there still has got to be a creative way to solve this problem.

blueyesdude

nice find trooper.
Thx a lot.

dtlokee

you didn't post the entire configuration that you are running, are you using the aggragate-address command or did you add 10.0.0.0/8 into the bgp table some other way?

blueyesdude

I used the aggregate-address summary-only command for 10.0.0.0/8