BGP network missing mask

Hey guys,

I'm looking at a BGP config here and some of the network commands provide the mask and some don't. So for example it looks like this:

network 192.168.10.0 mask 255.255.255.0
network 192.168.11.0
network 192.168.12.0 mask 255.255.255.0


What is the significance of leaving out the mask?
«1

Comments

  • networker050184networker050184 Posts: 11,962Mod Mod
    If there is no mask it assumes the classful network.
    An expert is a man who has made all the mistakes which can be made.
  • notgoing2failnotgoing2fail Posts: 1,138Member
    If there is no mask it assumes the classful network.


    Thanks for the fast reply. So leaving out the mask would only fail if the network was subnetted?

    network 192.168.10.0 mask 255.255.255.224



    Now, if the IT guy got lazy, and left out the mask, then BGP would assume a full class C.

    network 192.168.10.0 mask 255.255.255.0

    And this would probably lead to undesired results.

    Would this be correct assumption?
  • networker050184networker050184 Posts: 11,962Mod Mod
    Yes you got it. For example, if you are trying to advertise 192.168.1.0/26 then leaving off the network mask won't match the prefix.
    An expert is a man who has made all the mistakes which can be made.
  • notgoing2failnotgoing2fail Posts: 1,138Member
    Yes you got it. For example, if you are trying to advertise 192.168.1.0/26 then leaving off the network mask won't match the prefix.


    Thank you much appreciated!

    One other quick question. Looking at this config I have, it's two routers, one each going to an ISP. Both belonging to the same AS. RouterA is the primary and RouterB is the secondary.

    A strange BGP configuration because the primary router has no "network" commands at all? But the secondary router has a bunch.
    Shouldn't the primary router have "network" commands as well?

    I guess what I'm getting at is, shouldn't the BGP configs mirror each other as close as possible?
  • networker050184networker050184 Posts: 11,962Mod Mod
    Thank you much appreciated!

    One other quick question. Looking at this config I have, it's two routers, one each going to an ISP. Both belonging to the same AS. RouterA is the primary and RouterB is the secondary.

    A strange BGP configuration because the primary router has no "network" commands at all? But the secondary router has a bunch.
    Shouldn't the primary router have "network" commands as well?

    I guess what I'm getting at is, shouldn't the BGP configs mirror each other as close as possible?

    If it were my set up, then yes they would match. There are other ways of getting the networks into BGP besides the network command though. You can use summaries or redistribution also.
    An expert is a man who has made all the mistakes which can be made.
  • notgoing2failnotgoing2fail Posts: 1,138Member
    If it were my set up, then yes they would match. There are other ways of getting the networks into BGP besides the network command though. You can use summaries or redistribution also.

    Understood. Thanks again!!
  • Forsaken_GAForsaken_GA Posts: 4,024Member
    Thank you much appreciated!

    One other quick question. Looking at this config I have, it's two routers, one each going to an ISP. Both belonging to the same AS. RouterA is the primary and RouterB is the secondary.

    A strange BGP configuration because the primary router has no "network" commands at all? But the secondary router has a bunch.
    Shouldn't the primary router have "network" commands as well?

    I guess what I'm getting at is, shouldn't the BGP configs mirror each other as close as possible?

    Well, it's hard to say what might be trying to be accomplished without taking a look at the configs for both routers, but it's not unfeasible that they're having one router announce the routes to the ISP so that all incoming traffic is forced down that particular pipe, and then configure all outbound traffic to go through the other router. I can't imagine a good reason for introducing asymetric routing on purpose, but like I said, without seeing the configs it's hard to divine any intent.
  • notgoing2failnotgoing2fail Posts: 1,138Member
    Well, it's hard to say what might be trying to be accomplished without taking a look at the configs for both routers, but it's not unfeasible that they're having one router announce the routes to the ISP so that all incoming traffic is forced down that particular pipe, and then configure all outbound traffic to go through the other router. I can't imagine a good reason for introducing asymetric routing on purpose, but like I said, without seeing the configs it's hard to divine any intent.


    Both routers are accepting incoming traffic, but from what I've been told, outgoing traffic is only going through the primary router.

    I'll have to ask my supervisor again if this is really how it works. Is it possible that the primary router(the one that is not announcing any networks via BGP) is having the ISP that it is connected to, doing all of the announcing?


    What is the difference between "set local-preference 100" and "set weight 100"?
  • mkomonmkomon Posts: 37Member ■■□□□□□□□□
    What is the difference between "set local-preference 100" and "set weight 100"?

    One manipulates the local preference - an attribute that can affect the path that traffic leaving your AS takes.
    The other manipulates the weight - a Cisco specific attribute that only affects the local router, not the whole AS.

    As for the Cisco BGP best path selection:
    BGP Best Path Selection Algorithm [IP Routing] - Cisco Systems
  • Ryan82Ryan82 Posts: 428Member
    Like mkoman stated, the local preference attribute is passed to other routers in your AS to influence their outbound decision making outside of the AS.

    Weight is an attribute only local to that router and affects only its outbound decision.

    Weight is looked at before local preference in the order of things.
  • notgoing2failnotgoing2fail Posts: 1,138Member
    Thanks guys for your take on local preference and weight. I understand now.

    Is there a way to confirm that traffic is indeed going out the primary router? Is there some kind of SHOW command that you can do to check?
  • networker050184networker050184 Posts: 11,962Mod Mod
    Thanks guys for your take on local preference and weight. I understand now.

    Is there a way to confirm that traffic is indeed going out the primary router? Is there some kind of SHOW command that you can do to check?

    Get on one of your devices and look at the route. Same way you would verify any other routing direction.
    An expert is a man who has made all the mistakes which can be made.
  • notgoing2failnotgoing2fail Posts: 1,138Member
    Get on one of your devices and look at the route. Same way you would verify any other routing direction.


    lol simple enough. I had thought maybe since I have 2 routers communicating with each other via iBGP, that there were some kind of stats that would indicate that traffic is indeed going out the primary with the higher local preference...
  • deth1kdeth1k Posts: 312Member
    Use netflow to check what is going where

    under interfaces:

    ip route cache-flow

    and to check:

    sh ip cache flow
  • networker050184networker050184 Posts: 11,962Mod Mod
    lol simple enough. I had thought maybe since I have 2 routers communicating with each other via iBGP, that there were some kind of stats that would indicate that traffic is indeed going out the primary with the higher local preference...

    You can do a show ip bgp x.x.x.x and see where the primary route is.
    An expert is a man who has made all the mistakes which can be made.
  • notgoing2failnotgoing2fail Posts: 1,138Member
    Thank you gentlemen I will try both suggestions.


    Here's another quick general question for you guys.

    Is eBGP only between your edge network to the ISP? Let's say you are a service provider and you have clients that have their own AS.

    If they are hanging off your internal equipment. Would your "BGP" to them be considered iBGP or eBGP? I know that iBGP is only within the same AS and since your AS would be different from the customer's AS, I assume it is eBGP but can you have eBGP behind your network?

    Or is "everything" that is behind your network considered iBGP?
  • Forsaken_GAForsaken_GA Posts: 4,024Member
    Thank you gentlemen I will try both suggestions.


    Here's another quick general question for you guys.

    Is eBGP only between your edge network to the ISP? Let's say you are a service provider and you have clients that have their own AS.

    If they are hanging off your internal equipment. Would your "BGP" to them be considered iBGP or eBGP? I know that iBGP is only within the same AS and since your AS would be different from the customer's AS, I assume it is eBGP but can you have eBGP behind your network?

    Or is "everything" that is behind your network considered iBGP?

    It depends on how you design it. Simply put, if the neighboring AS is different than your own, it'll be an eBGP connection. If it's the same, it's an iBGP connection (until you get into Confederations anyway)
  • notgoing2failnotgoing2fail Posts: 1,138Member
    It depends on how you design it. Simply put, if the neighboring AS is different than your own, it'll be an eBGP connection. If it's the same, it's an iBGP connection (until you get into Confederations anyway)


    Thanks, I had assumed that anytime you get two different AS's connecting, you will get eBGP.

    I just wasn't sure if eBGP is still considered eBGP when inside your network.

    The customers AS is *not* inside my AS, it's hanging off of it, and then is routed out our primary router....
  • Forsaken_GAForsaken_GA Posts: 4,024Member
    Thanks, I had assumed that anytime you get two different AS's connecting, you will get eBGP.

    I just wasn't sure if eBGP is still considered eBGP when inside your network.

    The customers AS is *not* inside my AS, it's hanging off of it, and then is routed out our primary router....

    You're probably over thinking it. BGP is a pretty simple protocol in operation. It's logic as to whether or not it considers a connection ebgp or ibgp is pretty binary - does the AS number match? if yes, ibgp, if no, ebgp. There are a few tricks that fudge with those rules, but I don't think you're quite there yet.

    If you've got a customer that's connecting to you via eBGP, then as far as BGP is concerned, that's not part of your network, it's someone elses network, even if the gear is housed in your data center. So their network does whatever it wants inside of itself to route traffic to you over your eBGP connection, then within your network, you do whatever you want until it finally hits an egress router who hands it off to someone else's network who then does the same until it finally reaches it's destination. With someone else's AS hanging off your network, you're basically functioning as a service provider.

    BGP is more about routing by policy than routing by shortest/best path

    You can use ibgp or ebgp within your own network as needed. I've seen folks setup ebgp connections internally using private AS numbers in order to avoid the route reflector/confederation infrastructure. I wouldn't really recommend it, but it works pretty well, as long as you strip the private AS numbers from the path before you propagate it to the rest of the world.
  • notgoing2failnotgoing2fail Posts: 1,138Member
    You're probably over thinking it. BGP is a pretty simple protocol in operation. It's logic as to whether or not it considers a connection ebgp or ibgp is pretty binary - does the AS number match? if yes, ibgp, if no, ebgp. There are a few tricks that fudge with those rules, but I don't think you're quite there yet.

    If you've got a customer that's connecting to you via eBGP, then as far as BGP is concerned, that's not part of your network, it's someone elses network, even if the gear is housed in your data center. So their network does whatever it wants inside of itself to route traffic to you over your eBGP connection, then within your network, you do whatever you want until it finally hits an egress router who hands it off to someone else's network who then does the same until it finally reaches it's destination. With someone else's AS hanging off your network, you're basically functioning as a service provider.

    BGP is more about routing by policy than routing by shortest/best path

    You can use ibgp or ebgp within your own network as needed. I've seen folks setup ebgp connections internally using private AS numbers in order to avoid the route reflector/confederation infrastructure. I wouldn't really recommend it, but it works pretty well, as long as you strip the private AS numbers from the path before you propagate it to the rest of the world.


    Thank you, what you explained is exactly what I was trying to describe.

    "Overthinking" is definitley a quality of mine. :D
    I'm not entirely sure if that's a good thing or bad thing. Sometimes it really helps me to understand the fundamentals, but sometimes it gets me into trouble as you've said about how BGP functions as a whole.

    The way I'm going to see it moving forward is that as long as the two routers connecting are different AS's, then you have eBGP.

    Don't even want to get into private AS numbers/router reflector/confederation as that is beyond where I am right now. Good thing I don't have to deal with any of that right now!!!

    I've been reading the Cisco docs on BGP, sometimes they can be dry so it's helpful to get a "human" interpretation and input on things...
  • jason_lundejason_lunde Posts: 567Member
    If your having to deal with BGP at work, its probably worth your time to pick up Internet Routing Architectures and give it a read. The cisco docs are a bit antiquated, and the book will give you a pretty good grasp on BGP.
  • notgoing2failnotgoing2fail Posts: 1,138Member
    If your having to deal with BGP at work, its probably worth your time to pick up Internet Routing Architectures and give it a read. The cisco docs are a bit antiquated, and the book will give you a pretty good grasp on BGP.


    I have that book. :D

    And what happened was I started reading it, then got pulled into other projects and haven't really been able to dig deep into it. Now I am thrown into the BGP issue that I have to look into. But luckily (knock on wood) I can take my time......

    If another project comes along, it takes precedence of this issue....
  • notgoing2failnotgoing2fail Posts: 1,138Member
    Ok guys I'd like to hit you up with another general question.

    static routes take precedence over any routes learned from an IGP correct?

    What I am seeing here in my config is that there are a bunch of static routes. We also have the "network" command within BGP.

    We have 20 static routes.

    Five of the static routes all point to one interface for its destination. And in our BGP, our network command is advertising these exact 5 networks.

    So for example:


    router bgp 100
    network 192.168.10.0
    network 192.168.20.0
    network 192.168.30.0
    network 192.168.40.0
    network 192.168.50.0


    ip classless
    ip route 192.168.10 255.255.255.0 10.10.10.10
    ip route 192.168.20 255.255.255.0 10.10.10.10
    ip route 192.168.30 255.255.255.0 10.10.10.10
    ip route 192.168.40 255.255.255.0 10.10.10.10
    ip route 192.168.50 255.255.255.0 10.10.10.10

    ......more static routes going to different interfaces .....etc.....




    So I guess my question is this. Why, out of 20 routes, were 5 used in the BGP "network" command? Why were not all 20 static routes also advertised in the "network" command?

    Since I have static routes, what is the consequences of removing them from the "network" command?
  • networker050184networker050184 Posts: 11,962Mod Mod
    Do you think we are psychic or something? No way to know any of what you are asking with the information provided. A config would help, but without knowledge of your set up its hard to know for sure.
    An expert is a man who has made all the mistakes which can be made.
  • Forsaken_GAForsaken_GA Posts: 4,024Member
    So I guess my question is this. Why, out of 20 routes, were 5 used in the BGP "network" command? Why were not all 20 static routes also advertised in the "network" command?

    Since I have static routes, what is the consequences of removing them from the "network" command?

    That's a quesiton for whoever designed the network. The network command is used to announce routes to other BGP peers, but BGP won't put a route into the BGP table unless it has a valid next hop.

    So let's say I announce 131.12.16.0/24, but I don't have that route in my routing table. I won't announce it to my peers. Why? because I do not have a valid next hop for that route.

    So if I create the static route, I now have it in my routing table, and I can advertise it to my peers.

    The consequences of removing them from the network statement section of BGP is that I will not announce them to my peers anymore. Pretty simple.

    As to why only 5 of 20 static routes have BGP network commands, I'd guess that whoever set it up only wanted to announce those 5 routes via BGP. I can't tell you why, because I didn't design the network. In past networks which I have designed, I only announce the routes via BGP that I want my peers to actually get, which is usually the routes that I'm taking external traffic on. My external peers have absolutely no need to get my internal routes, so I would not announce those networks via BGP.

    You have to remember that BGP is not an IGP. It's purpose is not to distribute all of your routes to everything. BGP is all about telling traffic how to get out of your network, and telling the rest of the world how to get into your network. BGP routes are like exits on the highway, you follow the highway until you see a sign that gives you an exit number of where you want to go. Then when you get off the highway, you follow the smaller roads (the networks IGP) until you finally reach your destination.
  • notgoing2failnotgoing2fail Posts: 1,138Member
    Thank you dude, that explains it very well. Sometimes I get a little lost in BGP since I'm trying to figure it out on the fast track. Although I know BGP is an exterior protocol. I think I did begin to confuse it with an IGP since there is iBGP setup. We have iBGP configured in a triangular fashion.

    So two edge routers each going to a separate ISP. And they connect to our core switch (L3) which is also running iBGP so it's a full mesh.

    After reviewing the config with the network commands, I see that the only ones advertised (the 5 out of 20) were networks that were directly connected to the router.

    The other ones were not. So I suppose that was the purpose to advertise them.

    Can you advertise a network that isn't directly connected to your router?
  • jason_lundejason_lunde Posts: 567Member

    Can you advertise a network that isn't directly connected to your router?

    Yep, as long as its in your ip routing table you can advertise it.
  • notgoing2failnotgoing2fail Posts: 1,138Member
    Yep, as long as its in your ip routing table you can advertise it.


    Would there be any risk of having both edge routers advertise a specific internal network? Obviously the routing would be different on each router, but I'm wondering if it would cause any kind of looping issues?
  • notgoing2failnotgoing2fail Posts: 1,138Member
    Ok, I have another question for you guys.

    The production routers appear to learn the default routes from BGP.

    But in my GNS simulation, that doesn't seem to be the case between my edge routers and ISP routers.

    Since I don't know how the ISP routers are configured, I assume I may be missing something on that end? I do have eBGP working between the two routers, but they are basic.

    When I do a SH IP ROUTE on the edge router, it points to the ISP router. There is no "ip route 0.0.0.0 0.0.0.0 ISP-ADDRESS" in the config anywhere.

    Doing a SH IP ROUTE BGP shows that the default route is learned from BGP.

    All of this from the production router.

    But in GNS, when I type "SH IP BGP" I get no results......
  • jason_lundejason_lunde Posts: 567Member
    They are probably sending you the default...if thats what your getting at. There are numerous ways to do this in bgp...just for example

    ip route 0.0.0.0 0.0.0.0 null0

    ip prefix-list NULL permit 0.0.0.0/0

    route-map THROWDEFAULT permit 10
    match ip address prefix NULL

    router bgp [as]
    neighbor x.x.x.x route-map THROWDEFAULT out

    This will hand that neighbor the default and nothing else. Like I mentioned...there are a couple other ways to do this. Depends on who configured it, and what routes they want to hand off. Also, both routers can advertise the same route; again depend on your situation and whoever designed the network. As other have said, this is not an IGP. The basis around BGP is that YOU dicatate your routing policys. Noone else can dictate how another AS routes their traffic...they can make suggestions, but you dont have to listen to them. Hope this helps man.
Sign In or Register to comment.