On 10/06/2024 11:20, Saku Ytti wrote:
I don't think there is enough information here to understand the
problem.
Since you asked:
Router B is exaBGP sending announcements to router A (128.139.220.90).
192.0.2.1 is a GigE interface on router A. I want to null0 all traffic
which is easy to do but I also want a record of every attempt someone
tried to reach one of these null0 routes. Think of something like:
https://www.team-cymru.com/ty/cisco-router-traditional-bogons
So I want an ACL like:
ipv4 access-list log-traffic
10 permit ipv4 any any log
But an ACL can't be placed on a null0 interface nor on a loopback
interface so I created a fake VLAN and route the traffic there (to
192.0.2.1), and there I can install an ACL and log the traffic:
RP/0/RSP0/CPU0:2024 Jun 10 10:27:44 : ipv4_acl_mgr[343]:
%ACL-IPV4_ACL-6-IPACCESSLOGP : access-list log-traffic (10) deny udp
128.139.6.11(40652) -> 192.0.2.1(53), 1 packet
In any event, I solved it.
Thanks,
Hank
So you have
RouterA - RouterB
RouterA is 192.0.2.1/24 RouterB is 128.139.197.146
RouterB advertises bunch of /32s to routerA, with next-hop
192.0.2.1?
This seems nonsensical to me, where is routerA supposed to send the
packets? So I must be misunderstanding what you're doing.
But you probably can look at the disappeared routers in adjRIB for
some clue, or turn on debugging on BGP, to see why they are
invalidated.
I'm expecting invalid next-hop, next-hop loop or BGP session itself
has the most-specific route to the BGP session over the BGP session.
On Mon, 10 Jun 2024 at 11:09, Hank Nussbacher via cisco-nsp
<cisco-nsp@puck.nether.net> wrote:
I have a simple iBGP peer defined as follows:
neighbor 128.139.197.146 remote-as 378 update-source Loopback0
address-family ipv4 unicast
I have a GigE interface defined as:
interface GigabitEthernet0/0/0/43.1 ipv4 address 192.0.2.1
255.255.255.0 encapsulation dot1q 1
This iBGP peer feeds me /32s with nexthop set as 192.0.2.1/32.
Problem is all routes disappear.
Neighbor Spk AS MsgRcvd MsgSent TblVer InQ OutQ
Up/Down St/PfxRcd 128.139.197.146 0 378 10437 627880
10060119 0 0 00:15:41 0
If the feed sets the IP to 192.0.2.2 then the BGP routes appear in
the routing table. If I then change the IP address on interface
GigabitEthernet0/0/0/43.1 to 192.0.2.2 then the routes disappear as
well after having made it into the routing table.
I am obviously missing something very simple. Clue-bat welcome.
Thanks,
Hank
_______________________________________________ cisco-nsp mailing
list cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp archive at
http://puck.nether.net/pipermail/cisco-nsp/
_______________________________________________
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
