BGP Essentials: Advertising public IP prefixes into the Internet

The routing information you source into the public Internet with BGP should be as accurate and stable as possible. The best way to achieve this goal is to statically configure the IP prefixes you’ve been allocated on your core routers and advertise them into BGP:

  • BGP will only advertise an IP prefix if a matching entry is found in the IP routing table. To ensure the IP prefix you want to advertise is always present, configure an IP static route to null interface, unless you're advertising a connected interface (example: Internet edge router on a DMZ segment).
  • Most public IP prefixes advertised today do not fall on the classful network boundary. To advertise a classless prefix, you have to configure the prefix and the mask in the BGP routing process.

Important: In large networks you should advertise your IP prefixes from your core routers, not from the edges of your network. If an edge router loses its upstream link to the network core but still advertises your IP address space, all the traffic attracted by it will be blackholed. In enterprise networks using BGP for Internet multihoming, it might be safe to advertise directly connected interfaces on Internet edge routers.

You can set additional BGP attributes on the IP prefix you’re advertising with a route-map attached to the network statement. For example, the following configuration could be used on one of your core routers to advertise IP prefix 172.16.128.0/18 and attach a BGP community to it:

ip route 172.16.128.0 255.255.192.0 Null0
!
router bgp 65001
 network 172.16.128.0 mask 255.255.192.0 route-map SetCommunity
!
route-map SetCommunity permit 10
 set community 65001:101 additive

If you're looking for more in-depth BGP knowledge, try our Configuring BGP on Cisco Routers e-learning solution. If you just need to enhance your hands-on skill, the BGP Remote Lab Bundle is the perfect choice.

3 comments:

  1. why not use an aggregate-address under BGP?

    aggregate-address x.x.x.x 255.255.240.0 summary-only

    summary only will keep the more specific contributing routes from getting advertised.

    ReplyDelete
  2. If you already have more specific routes in the BGP table, aggregate-address command might not be a bad option. Without more specific routes, it will not generate the desired summary prefix.

    If you don't have more specific routes, then it's simpler to use my solution than to insert a more specific route into the BGP table and generate a summary based on it.

    ReplyDelete
  3. Thanks you very much for this useful post!!!!!!!!!

    ReplyDelete

You don't have to log in to post a comment, but please do provide your real name/URL. Anonymous comments might get deleted.

Ivan Pepelnjak, CCIE#1354, is the chief technology advisor for NIL Data Communications. He has been designing and implementing large-scale data communications networks as well as teaching and writing books about advanced technologies since 1990. See his full profile, contact him or follow @ioshints on Twitter.