Advertise a specific subnet to a BGP neighbour out of an aggregate

Similar Messages

• BGP Conditional Advertisement With 2 Subnets

  Is it possible to trigger conditional advertisement of a Border Gateway Protocol (BGP) prefix based upon the non-existence of two subnets? I can only get this to work with one subnet.
  My customer has parallel links to a provider (one BGP session).
  The command reference mentions one subnet in the description of the non-exist-map.
  Perhaps I should just identify one network from this Internet Service Provider (ISP) to focus on as the indicator of the failure.

  An IP address match is mandatory for a non-exist-map. The access-list specified should be a simple access-list and contains only one prefix. If the condition requires multiple prefixes, multiple access-list can be used, for example:
  route-map ISP1-backbone permit 10
  match ip address 2 3 4

• BGP Advertisement to Specific AS Number

  HOw to setup BGP so it will not get advertised to specific AS.
  Example:
  My BGP AS 1000 and i peer with AS 2000 and 3000. I want to tell BGP AS 2000 not to advertise to AS 100, and 200. 
  Or i want to advertise my blocks to all internet but i want to make sure AS 100 and 200 wont have my prefix in the BGP table.
  thanks

  Hello,
   Create a "peer-group" where you will add those two AS to the peer-group. And apply "mhnedirli" solution above...
  and use : 
  neighbor <peer-group-name> route-map BLOCK out

• Can I restrict a specific subnet/host to specific server in CSS?

  I would like to restrict a specific subnet/host to access the same server. Can I do that?
  Thanks

  Hi,
  You can configure an ACL on the CSS. This should achieve what you are trying to do.
  For more details, check
  http://www.cisco.com/en/US/docs/app_ntwk_services/data_center_app_services/css11500series/v8.20/configuration/security/guide/Access.html#wp1133930
  I hope this helps
  Daniel

• RV325 advertises all connected subnets into RIP IPV4 Mode.

  Is it possible to config the RV 325 not to advertise all connected subnets into RIP?

  Duplicate posts.  :P
  Go here:  http://supportforums.cisco.com/discussion/12152321/rv325-advertises-all-connected-subnets-rip

• Pipe IP Addresses to filter specific subnets

  Dear all,
  I would like to write a script that will ping a list of computers and then returns in an output file, only computers that are answering within a list of specific subnets.
  Could you please give me a hand on this as I have some trouble finding the right way to do it.
  Thank you

  Hi Wawa11,
  Try this
  $subnets = '10.*','192.168.*','172.16.*'
  function SubnetMatch ($subs,$Ip){
  foreach ($subnet in $subs){
  if ($Ip -like $subnet) {
  return $true
  return $false
  get-content Computers.txt | ?{
  $IpAddress = [System.Net.Dns]::GetHostEntry($_).AddressList[0].IPAddressToString;
  SubnetMatch $Subnets $ipAddress
  } | out-file filteredComputers.txt
  Good luck,
  Shane
  Don't forget to ping as well.
  Don't retire TechNet! -
  (Don't give up yet - 13,085+ strong and growing)

• Where is the Download Booster for the Samsung Galaxy S5?  It's advertised in your pamphlets your stores are handing out...

  Where is the Download Booster for the Samsung Galaxy S5?  It's advertised in your pamphlets your stores are handing out but yet the software feature appears to be hidden or worse yet stripped out of the phone altogether .  This blatant false advertising...Please advise!

  It is (My Guess) something in the fine print that says "Subject to change without notice" VZW did some similar things with the S4 and customers were very unhappy with that as well.  With those features I think some we enabled later when they sent out a software update and said nothing about it.  They also added a feature which they said nothing about and that feature was enabled for everyone as default and if you used it past the trial period they started charging you for it.  Now that is very deceptive so I really think VZW is very deceptive to its customers and they won't even keep a straight face about it.  They just keep that pretty little smile and we just turn away and walk.  Good luck with your endeavor though.

• Why a specific subnet in RTP?

  Hello,
  I am reading one tutorial which would allow me to broadcast audio but i am not understanding this thing :
  An RTP MediaLocator conforms to the
  following form, which looks like a typical URL:
  rtp://address:port/content-type
  Let's look at each piece of the above URL specification:
  &#8226; address is the address to which the media will be transmitted. To transmit in unicast mode
  (to one specific IP address), the address should be the IP address of the intended
  receiving machine. To transmit in broadcast mode (to all machines within a subnet), the
  address should be the subnet address with 255 as the last section. For example, if I were
  on the subnet denoted as 192.168.1 and I wanted to broadcast to all nodes, I could
  specify 192.168.1.255 as the address; this would enable each node in the subnet to
  listen to the broadcast media.
  &#8226; port must be a port that has been agreed upon by both transmitters and receivers.
  &#8226; content-type is the type of streamed media. In our case this will always be audio.Why should ip address be 192.168.1.255? that means i can broadcast for addresses from 192.168.1.0 to 192.168.1.255? And why is this lan based? I want to broadcast live audio to all computers in world. Then what should i do ? Am i reading wrong tutorial? or why there is such silly constraint?

  LaalaPanchal wrote:
  Ok friend,
  but still my last question would be why is the rpt address so awkward?Because that's how the standard works?
  why do we need to specify the address of the destination :d? why not the address of the source? The sender has to specify the address of the destination so the RTP session knows who to send to. This is how all networking works.
  The receiver has to specify the address of the source, to let the RTP session knows that he wants to receive a stream from that address. This works a lot like a TV...
  Imagine a server application that receives RTP streams from different clients. He specifies to the RTP stack which IP address he wants the stream from, and that's how the RTP handler knows which stream to return...just like your TV receives a bunch of channels and you tell it which one you want to watch. Same deal.
  So, there are a handful of reasons... to pick the stream from multiple sources, so that you can't be "forced" to receive a stream from an unauthorized source (Imagine if you wrote an application designed to receive educational videos for children, and a porn website started streaming porn to your application....if you couldn't pick and choose which streams to play based on who's sending them...you'd be showing porn to kids trying to do their math homework), etc...
  clients can connect to the broadcaster.Things like that are handled by some handshake protocol you write yourself. RTP's only job is to physically transport data from one place to another. It doesn't do any of the handshaking, and that's the way it was designed. You implement your own handshake, and then use RTP to stream the data.
  Now you tell me friend, if i want to do video conferencing with whosoever visits the site and clicks on "conference" then what should i do? according to the address i should know the address of the client beforehand? which is not the case everytime.You're expected to perform some kind of handshake. For a video conference application, perhaps you have an operator service running that allows clients to connect, authenticates them as people you're okay with talking to, sets up the variables (addresses & ports) necessary for the RTP session, and then kicks off the actual RTP session. That's the use-case scenerio that RTP was designed to be used under...
  And thirdly, does anybody really use JMF? i mean it's 10 years old technology and no advancement has been done since then. Yes, people do really use JMF... and yes, JMF is old, and there are some open-source alternatives to it (Specifically FMJ)...
  What do sites like ustream.com and such use? I don't think they use applets and use JMF?I don't know what that specific site uses, but... Adobe Flash allows for AV capture and streaming, so some people use that. I would imagine most commercial web sites have their own ActiveX components that have full implementations of the RTP protocol, or some other streaming protocol...
  But unless you have a full staff of programmers ready to implement the nuts and bolts of the video conferencing software, you're stuck with:
  1) JMF, which works just fine despite being old
  2) Adobe Flex, which is free but only streams through a Flash server (or a Red5 server, which is an open-source free equivolent of a Flash server)
  3) Waiting for Silverlight / JavaFX to implement capture, transcoding, and streaming...
  4) Using some 3rd party library like FMJ to handle it for you

• BGP Neighbour Issues

  Hi all,
  I'm having problems establishing an adjacency between a 3750-x running bgp and a remote (directly connected) router. The adjacency is failing with the error: ADJ-3-RESOLVE_REQ: Adj resolve request: Failed to resolve 10.44.163.171 Vlan212 (10.44.163.171 is a HSRP address), I can see this in the ARP cache on the switch and the address is pingable. Switch is running 15.2(SE7). 
  Basic BGP config on the switch:
  router bgp xxxx
  neighbor 10.44.163.169 remote-as xxxx
  I can ping the .169 (and .171 address).
  Any insights would be appreciated before I speak to the 3rd party maintaining the remote router.
  Thanks.

  Pete
  If you are using the HSRP VIP on your side and that is what they have configured as the neighbor IP address in their BGP configuration then you probably won't be able to initiate the connection
  This is because if you start the connection your switch uses the source IP of the physical interface and that doesn't match the neighbor IP they have configured on their device.
  If you want to use the HSRP VIP then the remote device needs to initiate the connection and you need to make your end passive ie. it does not try to open the connection.
  This should work because the initial connection is to the HSRP VIP and so the response comes from that IP as well although we did have a discussion a while back as to how well this works if HSRP fails over in terms time taken to bring up a new BGP session.
  Try adding this to your configuration and then have the other side try to initiate the connection -
  "neighbor 10.144.163.169  transport connection-mode passive"
  obviously the remote device can't also be using HSRP and can't be using the above command or it will never work.
  Jon

• INMA Advertising Format Specification

  I  absolutely love Adobe products. AdobeCC is excellent for my business.
  I'm a designer and make my living as such and Adobe takes the hassle out of making web content.
  ....until a few days ago. Used a number of hours to create a nice responsive web banner with Adobe Edge Animate.
  Shipped it of for rotation on the preferred website and received a cold response a few days later.
  "We notice this banner is made with Adobe Edge! Please refer to our spec (link) and make sure that html5-banners in the future is hard coded with text edit.
  Any deviation from this, will make our website explode, and tablets within 5ft of your ridiculous make believe java script, melt."
  AAARRGG!!!
  As much as I would like to be able to hard code anything using any given programing language, I don't have the TIME!
  My clients don't give a crap about how their web banner came to be, and frankly, neither do I. I'm here to finish the task, make the money and move on!
  Give me a ******* brake!
  .....I'm sorry.... I just had to blow off some steam.
  Are Adobe Edge generated html5 and INMA-compliant ads really that far apart?
  Have any of you guys experienced something similar?

  I  absolutely love Adobe products. AdobeCC is excellent for my business.
  I'm a designer and make my living as such and Adobe takes the hassle out of making web content.
  ....until a few days ago. Used a number of hours to create a nice responsive web banner with Adobe Edge Animate.
  Shipped it of for rotation on the preferred website and received a cold response a few days later.
  "We notice this banner is made with Adobe Edge! Please refer to our spec (link) and make sure that html5-banners in the future is hard coded with text edit.
  Any deviation from this, will make our website explode, and tablets within 5ft of your ridiculous make believe java script, melt."
  AAARRGG!!!
  As much as I would like to be able to hard code anything using any given programing language, I don't have the TIME!
  My clients don't give a crap about how their web banner came to be, and frankly, neither do I. I'm here to finish the task, make the money and move on!
  Give me a ******* brake!
  .....I'm sorry.... I just had to blow off some steam.
  Are Adobe Edge generated html5 and INMA-compliant ads really that far apart?
  Have any of you guys experienced something similar?

• 3850 and amount of BGP neighbours

  Hi ,
  Does anyone know if there is a recommended maximum amount of iBGP neighbors that a 3850 can handle?
  Thanks,
  Lee.                  

  The 3850 supports 24k routes and has 4GB of DRAM.
  I don't think you would run into any problems with too many iBGP neighbors but if you have a lot I would consider moving to a Route Reflector setup.
  Daniel Dib
  CCIE #37149
  Please rate helpful posts.

• PS-script that can list all clients in a specific collection and if possible, point out direct members...

  CM2012Sp1Cu1 
  Need a powershell-function that can list all the clients in a specific collection, and then somehow define which of them are direct members. The most important thing for me is to list all the members but it would also be great if I could know which ones are
  direct / query members. 
  Very grateful for all the help I can get!
  TWP

  Here is a very simple example via PowerShell and WMI. It requires your collection id, site code and site server as input. It writes as output the collectionmember plus query, or direct.
  $CollectionId = ""
  $SiteCode = ""
  $SiteServer = ""
  $CollectionMembers = Get-WmiObject -Class SMS_FullCollectionMembership -Namespace root/SMS/site_$($SiteCode) -ComputerName $SiteServer -Filter "CollectionId='$CollectionId'"
  foreach ($Member in $CollectionMembers) {
  if ($Collection.IsDirect -eq "True"){
  $MembershipType = "Direct"
  } else {
  $MembershipType = "Query"
  Write-Host $Member.Name $MembershipType
  My Blog: http://www.petervanderwoude.nl/
  Follow me on twitter: pvanderwoude

• Setting advertisement / split horizon direction in EIGRP routing

  Hello all,
  I am trying to work out if I am being a bit rubbish or if split horizon is my new worst enemy.
  Below is a diagram of my (simplified) problem scenario using EIGRP.
  The solution I am looking for is that Router R3 learns of the 10.0.0.0/8 network from both R1 and R2, then does not advertise it to either. Simple with split horizon enabled.
  But when either R1 or R2 are rebooted, a decision somehow takes place, and may well determine that R3 should advertise 10/8 to the new (rebooted) neighbour, at which point split horizon prevents it from being advertised back again. This means the topology table on R3 doesn't contain this route for this neighbour and is slow to converge if the other neighbour is lost.
  Is there a way to control in which direction routes are advertised first on a neighbour link? and then I can let split horizon do its thing
  Or is there something I am not thinking of...
  many thanks,
  Paul

  This is what i think would work.
  Two assuptions i'm making -
  1)  R1 and R2 have full routes in terms of the remote branch subnets which from what we have talked about seems to be the case.
  2) R1 will advertise the specific subnets it is primary for (see below) to R3 which then advertises them to R2 and R2 will do the same for it's primary subnets.
  R1 is primary for 32 - 63 summary address 192.168.32.0 255.255.224.0
  R2 is primary for 64 - 95 summary address 192.168.64.0 255.255.224.0
  Each router is secondary for the other router's primary subnets.
  on R1 configure a summary address for R2's subnets on the interface connecting to R3 -
  ip summary-address eigrp <AS no> 192.168.64.0 255.255.224.0
  on R2 do the same for R1's subnets -
  ip summary-address eigrp <AS no> 192.168.32.0 255.255.224.0
  So now -
  R1 points to R3 and R3 points to R2 for 192.168.32.0/19
  R2 points to R3 and R3 points to R1 for 192.168.64.0/19
  Because you have used a summary address this suppresses the advertisement of the more specific routes within that summary range.
  R1 will therefore advertises it's specific subnets for which it is primary to R3 and a summary address only for R2's subnets.
  And R2 does the same ie. it advertises it's specific subnets and a summary for R1's.
  R3 then obviously passes these summaries via EIGRP to R1 and R2.
  R3's routing table will have specific branch routes pointing to the respective
  primary router but only a summary route for the same subnets pointing to the secondary router.
  Because a router will always pick the longest match it will use the more specific subnets unless there isn't a matching route.
  Which means no need to use metrics to load balance traffic.
  In addition the summary route is already in the routing table so no need for either R1 or R2 to send a query to R3 if one of their branch links fail.
  I may well have overlooked something so let me know whether you think this will work for you or not.
  Jon

• BGP announce only to specific neighbor

  Hello forum,
  is there a method for create a specific announce only for one neighbor on BGP session ? A possible solution can be filter in / out for neighbors but if is possible I won't avoid modifications on actual neighbors' configuration. 
  The problem is that I want diffentiate announce for neigbors but in BGP is usable only one session.
  Maybe the solution can be "BGP peer groups"......
  I wish that I explained well the problem.
  Thank you for your help, and best wishes for new year.

  Just to add to John's reply.
  You can use a filter but you would need to apply it to all neighbors as you say. A BGP peer group could help but it would mean you having to reconfigure all the existing neighborships so it is disruption ie. if all the neighbors that you did not want to receive the route were in the same peer group you could apply just the one filter to that peer group and it would apply to all neighbors.
  But as i say that would mean more config than simply adding a filter to each neighbor to not advertise the specific route.
  Jon

• Sh bgp: received & advertised routes

  Dear all:
  In reference at the commands:
  - sh bgp neighbor A.B.C.D
  - sh bgp neighbor A.B.C.D received routes
  - sh bgp neighbor A.B.C.D advertised-routes
  For example:
  ROUTER#sh bgp neighbor A.B.C.D
    Policy for incoming advertisements is PEERING-IN
    Policy for outgoing advertisements is PEERING-OUT
    1 accepted prefixes, 0 are bestpaths
    Cumulative no. of prefixes denied: 8974070. 
      No policy: 0, Failed RT match: 0
      By ORF policy: 0, By policy: 8974070
    Prefix advertised 77, suppressed 0, withdrawn 2
  In output this command we have # Prefixes: 
  1 accepted & 0 are bestpaths (after policy) 
  advertised 77, suppressed 0, withdrawn 2 (after policy)
  8974070 prefix are deny
  But, when you execute the next command:
  ROUTER#sh bgp neighbor A.B.C.D received routes 
  Processed 503233 prefixes, 503233 paths
  In output this command we have# Prefixes = 503233 
  And when you execute the next command:
  ROUTER#sh bgp neighbor A.B.C.D advertised-routes
  Processed 73 prefixes, 73 paths
  In output this command we have:
  73 prefixes advertised at peer
  The question is:
  What's the different between  counter 8974070  and 503233 (prefix received before apply policy)?
  What's the different between  counter 77 (or 75 = 77 - 2 withdrawn) and  73 (prefix advertised before apply policy)?
  Exist only one command that help at see total prefix received/advertised (different a sh bgp neighbor A.B.C.D received routes) ?
  Thanks.

  Not really because OSPF does not advertise routes it sends LSAs to it's peers.
  So you need to look at the OSPF database ie. -
  "sh ip ospf database"
  which will show you all the LSAs the router is aware of.
  In terms of all the LSAs the router has received it will show all of those but it will also show you LSAs that were generated by the router itself although the advertising router IP will point to that being the case.
  In terms of all the LSAs the router advertises again it depends on the area and how that has been configured.
  So for example an ABR might well have external LSAs (which aren't tied to any area in the OSPF database) but that doesn't necessarily mean it is advertising them to peers within an area as it could have been configured not to.
  So it gives you a good idea but you need to also work out a few things for yourself as well.
  Jon