Community discussions

MikroTik App
 
hkusulja
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 75
Joined: Fri Apr 13, 2012 1:14 am

How to control BGP sending out subnets?

Tue Feb 22, 2022 12:13 pm

Hello,
I do have two local subnets that i need to announce/send to my intranet BGP peer as ONE network 172.17.52.0/23 and not TWO networks.
This seems used to work, but after upgrade from RouterOS 6 to RouterOS 7.1.3 (stable) seems not working and I need reconfiguration?

Here is part of config:
/ip address
add address=172.17.52.1/24 interface=lan
add address=172.17.53.1/24 interface=mgmt

/ip firewall address-list
add address=172.17.52.0/23 list=bgp-networks

/routing filter rule
add chain=chain-out disabled=no rule="if (dst == 172.17.52.0/23) { set bgp-path-prepend 2; set bgp-communities XXXX:100; accept; }"
add chain=chain-out disabled=no rule="if (dst in 0.0.0.0/0 && dst-len in 0-128) { reject; }"

/routing bgp connection
add as=XXX cisco-vpls-nlri-len-fmt=auto-bits connect=yes disabled=no input.filter=chain-in listen=yes local.address=10.98.10.57 .role=ebgp name=MyCon nexthop-choice=force-self output.filter-chain=chain-out .network=bgp-networks .no-client-to-client-reflection=yes remote.address=10.98.10.58/32 .as=YYYY router-id=172.17.52.1 routing-table=main
In this case, no routes are sent.
In case I do modify ip firewall address-list and routing filter route, mentioning two subnets - then both are sent.
I need to send only one/bigger route/subnet 172.17.52.0/23. How to achieve this with RouterOS 7 ?

Thank you
 
User avatar
mrz
MikroTik Support
MikroTik Support
Posts: 7042
Joined: Wed Feb 07, 2007 12:45 pm
Location: Latvia
Contact:

Re: How to control BGP sending out subnets?

Fri Feb 25, 2022 12:40 pm

There must be IGP route "172.17.52.0/23" in the routing table for networks to be advertised.
https://help.mikrotik.com/docs/display/ ... figuration
 
hkusulja
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 75
Joined: Fri Apr 13, 2012 1:14 am

Re: How to control BGP sending out subnets?

Fri Feb 25, 2022 2:29 pm

Thank you, the resolution was to modify filter and access list, but also add a route with
/ip route add dst-address=172.17.52.0/23 type=blackhole

Thank you

Who is online

Users browsing this forum: No registered users and 16 guests