I was hoping you would ask that
@Reid!
Muahahahah!
(I don't know why the evil laugh, just felt like it)
So first you need to set up a Routing Filter (you'll find that under the Authority). Your Routing Filter will tell the 128T which routes you want to exclude. Here is a sample one that matches any address in 10.0.0.0/8.
config
authority
routing
filter match-private-addresses type prefix-filter
rule match-private-addresses
filter accept
prefix 10.0.0.0/8
exit
exitNext, you want to apply that filter to a Routing Policy (also under Authority). The Routing Policy will be set to reject any matching addresses from our filter.
policy drop-private-addresses
statement drop-private-addresses
policy reject
condition address-prefix-filter-condition
prefix-filter match-private-addresses
exit
exit
statement accept-rest
exit
exit
exit
Note, there are 2 statements in this policy. 1 to reject our addresses that match and the second to "accept-rest." Routing Policies have an implicit "drop rest" behavior, so you need to add a second statement to say allow all other routes. There does not need to be any conditions or actions for this second statement.
Lastly, you just need to apply this policy to the redistributed settings:
type default-instance
routing-protocol bgp
type bgp
redistribute service
protocol service
policy drop-private-addresses
exit
exitLet me know if that makes sense and if it works.
------------------------------
Justin Melloni
Documentation/Training Specialist
MA
------------------------------
Original Message:
Sent: 01-28-2019 18:11
From: Reid Stidolph
Subject: Automatic service redistribution in to BGP?
Thanks @Vanya and @Justin. Would you have an example of how I might filter out certain service-routes from being advertised to my BGP peers? In my case the route has a handful of service-routes that are actually statically routing traffic TO the BGP router peer, so those ones I definitely wouldn't want to advertise. But for the peer service routes which are going elsewhere, I'd like to redistribute. An example of how I might accomplish that with routing filters and routing policies might get me headed in the right direction.
------------------------------
- Reid
Original Message:
Sent: 01-28-2019 11:54
From: Vanya Dasari
Subject: Automatic service redistribution in to BGP?
admin@conductor1.nycsite1
# show bgp router allMon 2019-01-28 16:47:07 UTC============= bostonsite1=============BGP table version is 39, local router ID is 3.3.3.128, vrf id 0Status codes: s suppressed, d damped, h history, * valid, > best, = multipath, i internal, r RIB-failure, S Stale, R RemovedNexthop codes: @NNN nexthop's vrf id, < announce-nh-selfOrigin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path*> 1.1.1.0/24 3.3.3.1 0 0 6000 i*> 2.2.2.0/24 3.3.3.1 0 0 100 100 100 100 6000 i*> 3.3.3.0/24 3.3.3.1 0 0 6000 i*> 128.128.128.1/32 0.0.0.0 65535 32768 ?*> 128.128.128.128/32 0.0.0.0 65535 32768 ?*> 172.26.128.0/30 0.0.0.0 0 32768 i*> 192.168.64.254/32 3.3.3.1 0 6000 100 iDisplayed 7 routes and 7 total paths
If you want to see if a route is redistributed (i.e., coming in from another router apart from the neighbor addresses) look for the ? sign at the end of the route in the output of "show bgp router <>".
------------------------------
Vanya Dasari
Technical Support Engineer
Original Message:
Sent: 01-28-2019 10:45
From: Justin Melloni
Subject: Automatic service redistribution in to BGP?
Hey @Reid,
Have you tried turning on the BGP Route Redistribution setting on the 128T? It's local data (router specific) and is configured under `routing protocol bgp`
type default-instancerouting-protocol bgp type bgp redistribute service protocol service exitexit
Basically, it does exactly as you described, it takes whatever protocol you select and redistributes it into BGP. Your options for protocol are:
- service
- connected
- static
- ospf
One thing to be aware of is that when selecting your protocol, there is no way to say which service routes you want redistributed into BGP. However, with routing filters and routing policies, you can set up rules to determine which routes you want to redistribute.
I hope that helps.
------------------------------
Justin Melloni
Documentation/Training Specialist
MA
Original Message:
Sent: 01-27-2019 13:44
From: Reid Stidolph
Subject: Automatic service redistribution in to BGP?
I've got an authority with roughly 40 services, and more being added all the time. Within my topology of 128T routers, I'm using service-routing to send traffic to where it needs to go, and it is working great.
However, several of my 128T routers are peering with BGP neighbors beyond which are tenants consuming services on the 128T network. In these routers, I'm finding I have a BGP config with a growing number of network statements, correlating with my various service addresses. The challenge I'm having is keeping track of the relationship between these network prefixes needing advertised to BGP peers, and my service addresses. As I change/add/delete service addresses, maintaining the correlating BGP network prefixes has been cumbersome and error prone. Also, when I view my BGP config it is very "detached" from my services. i.e. I see this long list of prefixes and I have no idea which services each one belongs to, without cross-referencing each one with my list of services.
I'm curious if others have found a better way to manage this? Also are there any features I could leverage to automate a kind of redistribution of service addresses into BGP?
#4.0
------------------------------
- Reid
------------------------------