Hello @jbhosle ,
Not naive at all. With some networking concepts, it can be difficult to wrap your head around it. Here is an example.
Imagine we have three routers: R1, R2, and R3. Connected in a triangle. Each router has its own AS. R1 has a loopback interface with 1.1.1.1/32, which we advertise as a 1.0.0.0/8 summary route.
Here are the configs:
hostname R1
!
interface Loopback0
ip address 1.1.1.1 255.255.255.255
!
interface GigabitEthernet0/0
ip address 192.168.12.1 255.255.255.0
!
interface GigabitEthernet0/1
ip address 192.168.13.1 255.255.255.0
!
router bgp 1
bgp router-id 1.1.1.1
network 1.1.1.1 mask 255.255.255.255
aggregate-address 1.0.0.0 255.0.0.0 summary-only
neighbor 192.168.12.2 remote-as 2
neighbor 192.168.13.3 remote-as 3
!
endhostname R2
!
interface GigabitEthernet0/0
ip address 192.168.12.2 255.255.255.0
!
interface GigabitEthernet0/1
ip address 192.168.23.2 255.255.255.0
!
router bgp 2
bgp router-id 2.2.2.2
neighbor 192.168.12.1 remote-as 1
neighbor 192.168.23.3 remote-as 3
!
endhostname R3
!
interface GigabitEthernet0/0
ip address 192.168.13.3 255.255.255.0
!
interface GigabitEthernet0/1
ip address 192.168.23.3 255.255.255.0
!
router bgp 3
bgp router-id 3.3.3.3
neighbor 192.168.13.1 remote-as 1
neighbor 192.168.23.2 remote-as 2
!
endHere is the BGP table of R2 and R3:
R2#show ip bgp
BGP table version is 5, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
t secondary path,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
* 1.0.0.0 192.168.23.3 0 3 1 i
*> 192.168.12.1 0 0 1 iR3#show ip bgp
BGP table version is 5, local router ID is 3.3.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
t secondary path,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
* 1.0.0.0 192.168.23.2 0 2 1 i
*> 192.168.13.1 0 0 1 iAs you can see, R2 and R3 both use their link to R1 to reach 1.1.1.1.
Now let’s make a change on R1:
R1(config)#route-map ADVERTISE_SPECIFIC_L0 permit 10
R1(config-route-map)#match ip address R1_L0
R1(config)#ip access-list standard R1_L0
R1(config-std-nacl)#permit host 1.1.1.1
R1(config)#router bgp 1
R1(config-router)#neighbor 192.168.12.2 unsuppress-map ADVERTISE_SPECIFIC_L0This tells R1 to advertise the specific route 1.1.1.1/32 to R2, next to the summary route.
Clear the BGP neighbor adjacency or do a soft reconfiguration:
R1# clear ip bgp * softNow look at R2 and R3 again:
R2#show ip bgp
BGP table version is 6, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
t secondary path,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
* 1.0.0.0 192.168.23.3 0 3 1 i
*> 192.168.12.1 0 0 1 i
*> 1.1.1.1/32 192.168.12.1 0 0 1 iR2 receives the summary route and the specific 1.1.1.1/32 prefix. All is good. Here is R3:
R3#show ip bgp
BGP table version is 6, local router ID is 3.3.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
t secondary path,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
* 1.0.0.0 192.168.23.2 0 2 1 i
*> 192.168.13.1 0 0 1 i
*> 1.1.1.1/32 192.168.23.2 0 2 1 iThis is not good. R3 uses R2 to get to 1.1.1.1 because this is a more specific route. R2 “leaks” that specific route to R3. Now imagine R3 belongs to a huge ISP and R2 is some small company…
I hope this helps!
Rene