BGP - distribute-list - extended ACL

Discussion in 'Cisco' started by davidh@wmis.net, Oct 13, 2004.

  1. Guest

    Hello -
    Say I have the following blocks.

    192.168.192.0/20
    10.1.1.0/24
    10.1.2.0/24

    I have a distribute-list out on one of our uplinks
    access-list 150 permit ip host 10.1.1.0 host 255.255.255.0
    access-list 150 permit ip host 10.1.2.0 host 255.255.255.0

    This tells the uplink that these ip blocks can be received through it.

    Is it possible to split up the /20 though?

    I tried adding
    access-list 150 permit ip host 192.168.194.0 host 255.255.255.0

    this does not work though. show ip bgp nei uplink-ip adver does not show 192.168.194.0/24 ... and there are no matches...

    any ideas?
    David
    , Oct 13, 2004
    #1
    1. Advertising

  2. MC Guest

    I think /20 would be a 255.255.240.0 mask
    <> wrote in message
    news:...
    > Hello -
    > Say I have the following blocks.
    >
    > 192.168.192.0/20
    > 10.1.1.0/24
    > 10.1.2.0/24
    >
    > I have a distribute-list out on one of our uplinks
    > access-list 150 permit ip host 10.1.1.0 host 255.255.255.0
    > access-list 150 permit ip host 10.1.2.0 host 255.255.255.0
    >
    > This tells the uplink that these ip blocks can be received through it.
    >
    > Is it possible to split up the /20 though?
    >
    > I tried adding
    > access-list 150 permit ip host 192.168.194.0 host 255.255.255.0
    >
    > this does not work though. show ip bgp nei uplink-ip adver does not show

    192.168.194.0/24 ... and there are no matches...
    >
    > any ideas?
    > David
    >
    MC, Oct 13, 2004
    #2
    1. Advertising

  3. Guest

    MC <> wrote:
    > I think /20 would be a 255.255.240.0 mask


    Yes, you are correct. But I don't want to announce the whole /20.
    I just want to announce a single /24 from that /20.

    > <> wrote in message
    > news:...
    >> Hello -
    >> Say I have the following blocks.
    >>
    >> 192.168.192.0/20
    >> 10.1.1.0/24
    >> 10.1.2.0/24
    >>
    >> I have a distribute-list out on one of our uplinks
    >> access-list 150 permit ip host 10.1.1.0 host 255.255.255.0
    >> access-list 150 permit ip host 10.1.2.0 host 255.255.255.0
    >>
    >> This tells the uplink that these ip blocks can be received through it.
    >>
    >> Is it possible to split up the /20 though?
    >>
    >> I tried adding
    >> access-list 150 permit ip host 192.168.194.0 host 255.255.255.0
    >>
    >> this does not work though. show ip bgp nei uplink-ip adver does not show

    > 192.168.194.0/24 ... and there are no matches...
    >>
    >> any ideas?
    >> David
    >>

    >
    >
    , Oct 13, 2004
    #3
  4. In article <>, wrote:

    > Hello -
    > Say I have the following blocks.
    >
    > 192.168.192.0/20
    > 10.1.1.0/24
    > 10.1.2.0/24
    >
    > I have a distribute-list out on one of our uplinks
    > access-list 150 permit ip host 10.1.1.0 host 255.255.255.0
    > access-list 150 permit ip host 10.1.2.0 host 255.255.255.0
    >
    > This tells the uplink that these ip blocks can be received through it.
    >
    > Is it possible to split up the /20 though?
    >
    > I tried adding
    > access-list 150 permit ip host 192.168.194.0 host 255.255.255.0
    >
    > this does not work though. show ip bgp nei uplink-ip adver does not show
    > 192.168.194.0/24 ... and there are no matches...
    >
    > any ideas?


    Do you have a route for 192.168.194.0/24 in your configuration? BGP
    won't advertise a prefix that doesn't exist in its routing table.

    You also need a "network 192.168.194.0 mask 255.255.255.0" statement in
    your BGP configuration, or a redistribute statement to redistribute from
    wherever the /24 route comes from.

    --
    Barry Margolin,
    Arlington, MA
    *** PLEASE post questions in newsgroups, not directly to me ***
    Barry Margolin, Oct 14, 2004
    #4
  5. David Hill Guest

    Barry Margolin wrote:
    > In article <>, wrote:
    >
    >
    >>Hello -
    >>Say I have the following blocks.
    >>
    >>192.168.192.0/20
    >>10.1.1.0/24
    >>10.1.2.0/24
    >>
    >>I have a distribute-list out on one of our uplinks
    >>access-list 150 permit ip host 10.1.1.0 host 255.255.255.0
    >>access-list 150 permit ip host 10.1.2.0 host 255.255.255.0
    >>
    >>This tells the uplink that these ip blocks can be received through it.
    >>
    >>Is it possible to split up the /20 though?
    >>
    >>I tried adding
    >>access-list 150 permit ip host 192.168.194.0 host 255.255.255.0
    >>
    >>this does not work though. show ip bgp nei uplink-ip adver does not show
    >>192.168.194.0/24 ... and there are no matches...
    >>
    >>any ideas?

    >
    >
    > Do you have a route for 192.168.194.0/24 in your configuration? BGP
    > won't advertise a prefix that doesn't exist in its routing table.
    >
    > You also need a "network 192.168.194.0 mask 255.255.255.0" statement in
    > your BGP configuration, or a redistribute statement to redistribute from
    > wherever the /24 route comes from.
    >


    Is it ok to have

    neighbor 192.168.192.0 mask 255.255.240.0
    neighbot 192.168.194.0 mask 255.255.255.0

    or should I split the /20 up into 16 class C blocks so there is no
    overlapping?

    - David
    David Hill, Oct 14, 2004
    #5
  6. In article <>,
    David Hill <> wrote:

    > Barry Margolin wrote:
    > > In article <>, wrote:
    > >
    > >
    > >>Hello -
    > >>Say I have the following blocks.
    > >>
    > >>192.168.192.0/20
    > >>10.1.1.0/24
    > >>10.1.2.0/24
    > >>
    > >>I have a distribute-list out on one of our uplinks
    > >>access-list 150 permit ip host 10.1.1.0 host 255.255.255.0
    > >>access-list 150 permit ip host 10.1.2.0 host 255.255.255.0
    > >>
    > >>This tells the uplink that these ip blocks can be received through it.
    > >>
    > >>Is it possible to split up the /20 though?
    > >>
    > >>I tried adding
    > >>access-list 150 permit ip host 192.168.194.0 host 255.255.255.0
    > >>
    > >>this does not work though. show ip bgp nei uplink-ip adver does not show
    > >>192.168.194.0/24 ... and there are no matches...
    > >>
    > >>any ideas?

    > >
    > >
    > > Do you have a route for 192.168.194.0/24 in your configuration? BGP
    > > won't advertise a prefix that doesn't exist in its routing table.
    > >
    > > You also need a "network 192.168.194.0 mask 255.255.255.0" statement in
    > > your BGP configuration, or a redistribute statement to redistribute from
    > > wherever the /24 route comes from.
    > >

    >
    > Is it ok to have
    >
    > neighbor 192.168.192.0 mask 255.255.240.0
    > neighbot 192.168.194.0 mask 255.255.255.0


    I assume you meant "network" when you wrote "neighbor" :)

    >
    > or should I split the /20 up into 16 class C blocks so there is no
    > overlapping?


    Ideally, you should minimize the number of prefixes that you advertise,
    which may require overlapping. For instance, if you want one /24 to
    prefer ISP A, and everything else to use ISP B, then you would use the
    two statements above -- only 2 prefixes are advertised rather than
    wasting space in everyone's routing table with 16 prefixes.

    --
    Barry Margolin,
    Arlington, MA
    *** PLEASE post questions in newsgroups, not directly to me ***
    Barry Margolin, Oct 15, 2004
    #6
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Reinhard

    Cisco - Distribute-List and eigrp

    Reinhard, May 28, 2004, in forum: Cisco
    Replies:
    2
    Views:
    8,251
    Reinhard
    Jun 1, 2004
  2. Shad T
    Replies:
    0
    Views:
    578
    Shad T
    Jun 29, 2004
  3. Rob
    Replies:
    6
    Views:
    9,233
    Ivan OstreŇ°
    Jan 13, 2005
  4. Replies:
    0
    Views:
    2,101
  5. German R
    Replies:
    6
    Views:
    1,436
    John Agosta
    Oct 10, 2006
Loading...

Share This Page