BGP Conditional Route Injection

As long as there is a component route (the more specific route) in the BGP table, the aggregate route (the less specific route) can be advertised to BGP neighbors. This article, however, focuses on the oppositexf concept –  De-aggregation. This feature allows to reconstruct a component route from a received aggregated prefix and is accomplished by BGP Conditional Route Injection.

What is BGP Conditional Route Injection?

Conditional Route Injection is a technique that injects a route based on a condition and the  already existing route. The injected route is usually the more specific (component) route, which is conditionally inserted into the BGP table and advertised to the neighbor. The component route does not have to be in the routing table, instead, it is generated by a router when the injection-map is applied. However, the aggregate route must be present in the BGP table in order to inject the component route into the local BGP table.

The command for conditional route injection consists of two route-maps.

router bgp 64500
 bgp inject-map map1 exist-map map2

The condition here is represented by exist-map. The map contains two statements that should be matched in order to inject a component route. Those are the aggregated prefix and the route-source. The route-source consists of the prefix-list matching the advertising source address of the aggregated route. It is the IP address of a BGP neighbor with the prefix length /32.

route-map AGGREGATE-EXIST permit 10
 match ip address prefix-list AGGREGATE-ROUTE
 match ip route-source prefix-list NEIGHBOR

The inject-map contains a sequence matching a single or more injected routes.

route-map INJECT permit 10
 set ip address prefix-list INJECTED-ROUTE

BGP Conditional Route Injection Configuration

Let’s discuss the configuration of the conditional route injection using the network topology depicted in Picture 1. The Customer Edge (CE) router is in AS64500 and has a multi-homed connection to ISP-A (AS64501) and ISP-B (AS64502). ISP-A is configured to advertise the 172.16.0.0/24 and 172.16.1.0/24 prefixes as a single aggregate prefix 172.16.0.0/14. Similarly, the ISP-B router advertises prefixes 172.16.2.0/24 and 172.16.3.0/24 as a single aggregated prefix 172.16.0.0/14.

Picture 1: Network Topology

The CE router has installed the aggregate-route 172.16.0.0/14 route into its BGP table (Picture 2), with the the best path via a next-hop 10.0.0.2 (ISP-A).

Picture 2: BGP Table of CE

Let’s say that a customer wants to send traffic to 172.16.0.0/24 and 172.16.1.0/24 via ISP-A and traffic to 172.16.2.0/24 and 172.16.3.0/24 via ISP-B. Sure, he might ask providers to advertise the component routes. However, if such a scenario should be configured locally on a CE router, BGP conditional route injection can be used to install all component routes into the BGP table of the router CE, based on the presence of the received aggregate route 172.16.0.0/14.

1. ISP-A Configuration

interface GigabitEthernet0/0 
 description link to CE 
 Ip address 10.0.0.2 255.255.255.252

Component routes must be presented in a routing table of ISP-A in order to advertise them via eBGP.

ip route 172.16.0.0 255.255.255.0 Null0 
ip route 172.16.1.0 255.255.255.0 Null0

For the purpose of demonstration, we will only advertise an aggregate route. Therefore we suppress the advertisement of the component routes with a keyword summary-only.

irouter bgp 64501 
 network 172.16.0.0 mask 255.255.255.0 
 network 172.16.1.0 mask 255.255.255.0 
 aggregate-address 172.16.0.0 255.252.0.0 summary-only 
 neighbor 10.0.0.1 remote-as 64500

2.ISP-B Configuration

interface GigabitEthernet0/01
 description link to CE 
 Ip address 10.0.0.6 255.255.255.252

ip route 172.16.2.0 255.255.255.0 Null0 
ip route 172.16.3.0 255.255.255.0 Null0

router bgp 64502 
 network 172.16.2.0 mask 255.255.255.0 
 network 172.16.3.0 mask 255.255.255.0 
 aggregate-address 172.16.0.0 255.252.0.0 summary-only 
 neighbor 10.0.0.5 remote-as 64500

3. CE Configuration

interface GigabitEthernet0/0 
 description Link to ISP-A 
 ip address 10.0.0.1 255.255.255.252 

interface GigabitEthernet0/1 
 description Link to ISP-B 
 ip address 10.0.0.5 255.255.255.252

First, we will configure BGP and conditional route injection.

router bgp 64500 
 neighbor 10.0.0.2 remote-as 64501  
 neighbor 10.0.0.6 remote-as 64502
 bgp inject-map INJECT-ISP-A exist-map AGGREGATE-ISP-A 
 bgp inject-map INJECT-ISP-B exist-map AGGREGATE-ISP-B

3.1 Exist-map

Now, we need to define both exist-maps. The maps contain prefix-lists matching the aggregate-prefix and the neighbor’s IP address.

route-map AGGREGATE-ISP-A permit 10 
 match ip address prefix-list AGGREGATE-ROUTE 
 match ip route-source prefix-list ISP-A-IP

route-map AGGREGATE-ISP-B permit 10 
 match ip address prefix-list AGGREGATE-ROUTE 
 match ip route-source prefix-list ISP-B-IP

Once we have created the exist-maps we can go further and specify a prefix-list matching the aggregate prefix and two prefix-lists, each matching the neighbor’s IP address.

ip prefix-list AGGREGATE-ROUTE seq 10 permit 172.16.0.0/14
ip prefix-list ISP-A-IP seq 10 permit 10.0.0.2/32
ip prefix-list ISP-B-IP seq 10 permit 10.0.0.6/32

3.2 Injection-map

Create an injection-map for each ISP. The maps contain a prefix-list that matches the injected routes. The route-maps set community local-AS that prevents the advertisement of the injected routes outside of AS 64500. It effectively avoids routing loops as the injected routes are not advertised to ISPs.

route-map INJECT-ISP-A permit 10
 set ip address prefix-list INJECTED-ROUTE-A
 set community local-AS

route-map INJECT-ISP-B permit 10
 set ip address prefix-list INJECTED-ROUTE-B
 set community local-AS

The prefix-list INJECTED-ROUTE-A matches the component routes that are injected into the BGP table of CE with the next-hop IP 10.0.0.2 (ISP-A).

ip prefix-list INJECTED-ROUTE-A seq 10 permit 172.16.0.0/24
ip prefix-list INJECTED-ROUTE-A seq 20 permit 172.16.1.0/24

Similarly, the prefix-list INJECTED-ROUTE-B matches the component routes that are injected into the BGP table of CE with the next-hop IP 10.0.0.6 (ISP-A).

ip prefix-list INJECTED-ROUTE-B seq 10 permit 172.16.2.0/24
ip prefix-list INJECTED-ROUTE-B seq 20 permit 172.16.3.0/24

4. Verification

Now let’s inspect the BGP table on the CE router. There is the aggregate-route 172.16.0.0/14 learned from both ISPs along with the four locally generated injected routes.

CE# show ip bgp | begin Network

Picture 3: BGP Table of CE

The injected routes can be checked with the command below.

CE# show ip bgp injected-paths | begin Network

Picture 4: Checking Injected Paths

Conclusion:

The BGP Conditional Route Injection feature injects more specific prefixes into a BGP routing table over the less specific prefixes that were selected through a normal route aggregation. The outbound traffic can now be routed using the more specific prefixes over individual uplinks. This improves routing accuracy as the more specific routing information is used and we do not need to rely on a single aggregate route.