In my company network we have an iBGP peering between two routers (R1 & R2). R2 also has a eBGP peer with an ISP. We advertise a public address range from R1 up to the ISP so public services are accessible on the internet.
Within R1 the iBGP config includes the ‘network’ statement covering the public address range. Within the eBGP config on R2 there is no ‘network’ statement. Just a prefix-list filtering what gets advertised to R3. The public address range is successfully advertised to the ISP though.
With this in mind, I’m trying to understand the use of the ‘network’ command and where it’s needed (to advertise) a network and where it isn’t.
I read somewhere that to advertise an iBGP learned route to eBGP, it isn’t necessary to use the ‘network’ statement.
Can someone verify that?
Network command by default will match only on exactly the same prefix and its mask in a global routing table and if it does not match anything from that table no routes will be placed into BGP table.
If a mask command is omitted from the network command the prefix in the table would have to be a classful network.
If auto-summary is used and mask was omitted from the network command, not only does the classful network has to be in the routing table but you also require at least one subnet of this classful route.
BGP advertises routes (one best route per prefix only , even if we use maximum-path command there is always going to be one best path) from its BGP Table rather than the routing table itself.
Also do not forget about the next-hop-self neighbor command that you can use in case no one is advertising that link between you and an ISP, else it will be unreachable I guess, unless there is like a default route pointing at the ISP (static routes are not great if there are multiple links in between and there probably would be, although I guess IP SLA could be used here). Just be careful if using EIGRP’s summary route as it has an AD of 5 and will replace an eBGP advertised default route
As far as I know you do not have to re-advertise already advertised route, this is probably the whole concept of BGP. As long as the reachability is maintained all you require is that the route is advertised by one BGP Speaker. Moreover an iBGP route can be freely advertised to any eBGP neighbor as “i” BGP learned route and the local AS will be prepended to an AS-SEQ of AS-PATH attribute and if I understand right it will also be added into AS-SET so it is much easier to prevent routing loop from occurring my friend and the next-hop address is another mandatory PA that has to be included.
Furthermore iBGP neighbors can not advertise iBGP learned route to their neighbours by default because this could lead to a routing loop, hence why we can use Route Reflectors / Confederations or Full Mesh (this last should not be used it is very troublesome I guess hehe).
HTH,
Kamil
p.s. This whole answer was a nice chance for me to do a little BGP reminder haha , thank you for this buddy
Kudos to @kamilkugler for that detailed reply. The only thing I can further stress is that when we use the network command in BGP it will only look at the routing table. If it finds the network that matches the network command EXACTLY (including subnet mask) it will then install it in the BGP table. If it’s in the BGP table, and no other configurations have been made, it will advertise it to BGP peers. This means that R2 will also receive it. Once again, if no filtering or other configs are applied to R2, then by default, it too will advertise the received network to its peers just like R2 does to the ISP.
