I’ve got a route learned from an internal peer that won’t propagate to an external peer:
[user@bdr01.pop] > /ip route print detail where dst-address=10.200.124.0/22
Flags: X - disabled, A - active, D - dynamic, C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme,
B - blackhole, U - unreachable, P - prohibit
0 ADb dst-address=10.200.124.0/22 gateway=10.0.47.10 gateway-status=10.0.47.10 recursive via 10.18.167.236 e02-core distance=200 scope=40
target-scope=30 bgp-as-path="65198,65198,65198,65198,65198,65198" bgp-local-pref=100 bgp-med=0 bgp-origin=igp received-from=gw.pop
1 Db dst-address=10.200.124.0/22 gateway=10.50.138.141 gateway-status=10.50.138.141 inactive distance=20 scope=40 target-scope=10
bgp-as-path="64782,2914,174,55229,65198" bgp-origin=igp received-from=transit00
The first entry is from the internal peer and the second from the external peer. Since the first entry is best and active, it should propagate to the external peer (see RFC4271 section 9), but it isn’t:
[user@bdr01.pop] > /routing bgp advertisements print where peer=transit00
PEER PREFIX NEXTHOP AS-PATH ORIGIN LOCAL-PREF
transit00 10.0.32.0/20 10.50.138.142 incomplete
transit00 10.67.80.0/20 10.50.138.142 igp
transit00 10.41.211.0/24 10.50.138.142 incomplete
transit00 10.18.160.0/20 10.50.138.142 incomplete
transit00 10.40.84.0/24 10.50.138.142 65357 igp
transit00 10.5.0.0/16 10.50.138.142
Here’s the peer config and relevant route filters for reference:
[user@bdr01.pop] > /routing bgp peer print detail where remote-address=10.50.138.141
Flags: X - disabled, E - established
0 E name="transit00" instance=default remote-address=10.50.138.141 remote-as=64782 tcp-md5-key="" nexthop-choice=default multihop=no
route-reflect=no hold-time=3m ttl=default in-filter=as64782-in out-filter=as64782-out address-families=ip default-originate=never
remove-private-as=no as-override=no passive=no use-bfd=no
[user@bdr01.pop] > /routing filter print where chain=as64782-out
Flags: X - disabled
16 chain=as64782-out match-chain=internal-prefixes invert-match=no action=accept set-bgp-prepend-path=""
17 chain=as64782-out match-chain=customer-prefixes invert-match=no action=accept set-bgp-prepend-path=""
18 chain=as64782-out invert-match=no action=jump jump-target=reject-all set-bgp-prepend-path=""
[user@bdr01.pop] > /routing filter print where chain=internal-prefixes
Flags: X - disabled
0 chain=internal-prefixes prefix=10.18.160.0 prefix-length=20 invert-match=no action=accept set-bgp-prepend-path=""
1 chain=internal-prefixes prefix=10.0.32.0 prefix-length=20 invert-match=no action=accept set-bgp-prepend-path=""
2 chain=internal-prefixes prefix=10.67.80.0 prefix-length=20 invert-match=no action=accept set-bgp-prepend-path=""
set-bgp-communities=3356:80
[user@bdr01.pop] > /routing filter print where chain=customer-prefixes
Flags: X - disabled
3 chain=customer-prefixes prefix=10.41.211.0 prefix-length=24 invert-match=no action=accept set-bgp-prepend-path=""
4 chain=customer-prefixes prefix=10.5.0.0 prefix-length=16 invert-match=no action=accept set-bgp-prepend-path=""
5 chain=customer-prefixes prefix=10.40.80.0/20 prefix-length=20-24 invert-match=no action=accept set-bgp-prepend-path=""
6 chain=customer-prefixes prefix=10.200.120.0/21 prefix-length=21-24 match-chain="" invert-match=no action=accept
set-bgp-prepend-path=""
[user@bdr01.pop] > /routing filter print where chain=reject-all
Flags: X - disabled
15 chain=reject-all invert-match=no action=reject set-bgp-prepend-path=""
I’ve tried adjusting entry 6 to explictly match the prefix instead of the range to no effect.
Am I missing something or is this a bug?