This topic is to discuss the following lesson:
What is the use of the null0, I learned that is the trash can of the packets but never fully understand when will I use it.
When you send something to the null interface then those packets are discarded. It can be useful if you want to advertise something that you don’t have.
When you create a static route you need a valid next hop or it can’t be installed in the routing table. Because of this, using the null interface as next hop will help.
It’s also useful when you create summary routes. With a summary, it’s possible that you receive traffic for networks that you don’t have. In this case the packets can be discarded to the null interface.
will I need to advertise the internal routing network into BGP
for example internal EIGRP is using subnet 22.214.171.124/26
It depends what you want to achieve. If you want 126.96.36.199/26 to be reachable from the outside world, then yes. If you are a transit AS then there might be no reason for others to know about some of your internal networks.
HI Rene ,
Thanks for your answers in all departments they really do help !
one question -
if for example I was using subnet 172.16.16.0/24 for all of my internal EIGRP routing
would i need to add that subnet to the network statement under the BGP feature in order for a BGP neighbour to route packets to hosts in the 188.8.131.52 /24 network ?
I think that makes sense !!
do you offer any of your time to look at configs / topolgys??
If a remote BGP neighbor should access 172.16.16.0 /24 then yes, you should advertise it. You can use the network command in BGP or you could redistribute things from EIGRP into BGP.
I’m afraid I don’t look at specific configs or topologies, I would love to but it’s way too time consuming…
Thank you Rene.
Getting back to Alfred0’s question regarding null routes, why would someone need to advertise a prefix which is not existing in their local AS? Yes, it does make sense to use null route(s) with route summarization. I think there is one more case where you need null route, namely when you don’t want your public (peering) IP to be advertised upstream in BGP.
There’s a couple of good reasons. For example, let’s say the ISP has the entire 184.108.40.206/8 range but at the moment they are only using a small part of this address space, just a few subnets:
You could advertise just these subnets in BGP and be done with it but advertising your entire address space might be a better idea:
Stability of routing updates is important in BGP. If one of your interfaces that has a subnet that is advertised in BGP is flapping then this will trigger a routing update. When you use a static route (to the null interface) then this route will always be advertised…it doesn’t matter what your interfaces are doing. This will greatly improve the stability of BGP routing.
The second thing to consider is that you are the only one using the 220.127.116.11/8 address space so you might as well advertise it right away. This also improves stability since you won’t be advertising (and removing) new subnets all the time. It also helps to reduce the size of routing tables.
Hope this helps!
Thank you Rene.
Excellent! So let’s make sure I understand your logic. If I was the ISP and I owe the entire 18.104.22.168/8 subnet (utilizing/advertizing only 22.214.171.124/24, 126.96.36.199/24, and 188.8.131.52/24) then I will manually configure ip route 184.108.40.206 255.0.0.0 null 0 so to contribute for my AS stability and reduce the size of the routing table. Am I correct?
That’s right, you got it.
Can you shed any light on the default information originate and it’s use in BGP.
There are three cases that must be considered for your question. I will answer your question directly first, and then mention the other two cases.
Think of “default-information originate” as a safety check. Suppose there was some careless BGP admin that told a router to redistribute some other protocol’s routes into BGP, say EIGRP. If that admin didn’t use a route-map or some other filter, and he didn’t think about that EIGRP was advertising a default route, the consequences could be really bad. You might not want all of your BGP peers to learn a default route from you! As a precaution against this, if you redistribute other routes into BGP and you really intended the default to be included, you must additionally type in “default-information originate.” So in other words, “default-information originate” really has no meaning with BGP unless it is paired with a “redistribute” statement.
(config-router)#neighbor 220.127.116.11 default default-originate
What this does is advertise a default route to a specific neighbor. BGP will do this even if it doesn’t have a default route itself (so this is an exception to the rule where you can only advertise networks that are in your routing table).
The last case is advertising the default network explicitly like this
(config-router)#network 0.0.0.0 mask 0.0.0.0
Doing this will cause BGP to advertise a default network, but only if you already have the default network in your routing table.
Thanks that helps to clear it up!
What if behind R1 - on the left side - we have a cloud and then 18.104.22.168/8. How R2 will ever be capable to send traffic to this net, through R1?
Because R1 has:
ip route 22.214.171.124 255.0.0.0 null 0
which will sink to null 0 every packet, right?!
One solution would be: if R1 will have more specific routes to subnets of 126.96.36.199/8, traffic to those subnets will reach its destination because of the longest match rule.
With a static route like this, everything that matches 188.8.131.52/8 will be discarded unless there is a more specific route. For example, if R1 has 184.108.40.206/16 pointing to another router then any packed with destination 1.1.x.x would match that second static route.
If there was a router with networks that match 220.127.116.11/8 behind R1 then you should change the next hop from null0 to the IP address of the router behind R1
I have seen some documents that they advertise a network in BGP without using mask like below:
router bgp 1 network 18.104.22.168
Just wondering as you said the exact mask has to be added in network command, why bgp process accepts this without mask?
- If no mask is specified, default mask is used, that is /8 in your example.
- When Rene said “exact mask has to be added in network command” meant that if we have a prefix in routing table (say 192.168.1.0/25), and we want this prefix to be injected in bgp with network command we should use
router bgp 1 network 192.168.1.0 255.255.255.128
in our config.
If we are going to use:
router bgp 1 network 192.168.1.0
, router will assume an implicit mask (255.255.255.0).
So 192.168.1.0/24 prefix will not enter bgp table because we do not have 192.168.1.0/24 in routing table. We have 192.168.1.0/25 but not 192.168.1.0/24.
Briefly, if we have 192.168.1.0/25 in r. table, we should use EXACT prefix (of course) and mask (!) in network statement
network 192.168.1.0 255.255.255.128
Hope it helps.
Thank you so much for the answer, now it is clear for me.
How do I advertise public IP to a peer? for example, my server 10.123.10.50 should NAT to <public-IP> and routed to neighbor.
The router only knows the 10.123.10.0/24 network as connected.