Keywords: BGP Community Set as-path prepend
Working on chapter 2: A Case Study in BGP of CCIE Lab Practice Kit, there is one wonderful question, the question #46: Under no circumstances can AS100 be used as a transit network for AS200 to reach AS300. To accomplish this, no additional configuations should be added to any router other than R2.
To my surprise, the instruction come with the book altered the configuation of R3 to accomplish this! Sure what we want to do is preventing R3 from advertising routes learned from AS300 to AS200, is there a way to do this only change the configuration of R2?
Since R3 have to learne those routes, R2 can mark the routes with LOCAL_AS community, but for the COMMUNITY attribute to propagate, you have to add a statement 'neighbor x.x.x.x send-communtiy' to R2's configuration, so does R1. Maybe we shouldn't count on the Community attribute to control route distribute because the attribute is not propagated to internal or external BGP neighbors by default, be there one configuration error on the IBGP chain, the route would be advertised to other AS since the Community attribute is lossed.
My solution is: mark the routes learn from AS300 as if they were from AS200, so they will be rejected by AS200 routers because a loop detected when they exam the AS-PATH attribute. isn't it cool?
R2:
router bgp 100
neighbor 152.1.9.2 remote-as 100
neighbor 152.1.11.2 route-map i300 in
...
!
ip as-path access-list 1 permit ^300$
route-map i300 permit 10
match as-path 1
set as-path prepend 200
...
Two other problems encountered in this lab were caused by my poor English. :-) One is Question #47:' AS200 and AS300 should pass the network 152.1.9.0', I take it as 'no traffics from AS300 or AS300 should use the link 152.1.9.0', in fact, it means that AS200 and AS300 should not advertise this network to its EBGP peers. Another one is #42:' AS100 should accept a default route from AS300 in case of link failure between AS200 and AS100', I take it as 'AS100 should accept a default route from AS300 only when the link between AS200 and AS100 failed', although this could be done, the instruction come with the book simply accept the default route from AS300.