Redistributing default route into EBGP and IBGP not working

Reply
L4 Transporter

Redistributing default route into EBGP and IBGP not working

I am trying to redistribute default route into EBGP peer it is not working.

 

1. Created Redistribute profile to redistribute default route

2. called redistribute profile under bgp redis rules

3. Checked allowed default routes to redistribute

3. created export policy to export 0.0.0.0/0  with action allow.

 

Looking at below command we see export policy is not getting hit.

 

show routing protocol bgp policy export specific to default route

 

any suggestions ?

 

 

L0 Member

Re: Redistributing default route into EBGP and IBGP not working

Hi @MandarKulkarni,

 

I would say all if the steps you have perform are correct. It would be good to see the actual config, because there are two "gotchas" you need to look at.

 

1. When creating redistribution profile you are defining a filter to match the routes from the routing table that you need to redistribute. Palo Alto gives you ability to build the filter based on three criteria: source type (how this route get to the routing table), destination (actual prefix), nexthop

 

The biggest disadvantages (at least for me) is that destination filter is actually matching any routes that are part of the destination prefix you enter. What I am trying to say is that -

Example: if you have  three static routes:

10.10.0.0/16

10.10.20.0/24

10.10.20.128/25

If you configure redist. profile with filter 10.10.0.0/16 it will actually match all three routes above (since they are all subnet of the /16.

 

So if you configure redist. profile with filter 0.0.0.0/0 type static, this will match all if your static routes (which should include default as well)

 

2. The BGP Export policy in contrast have an option to match exact prefix. Which means that FW will advertise the route only if it match exactly what you have typed.

 

Without looking at your actual configuration I only can suggest that:

- You redistribution rule is actually not matching the default (in best case, and in the worst it is matching a lot more that you intend)

- The BGP Export policy is matching 0.0.0.0/0 without the exact match enabled

 

One question - the default which want to redistribute. How did your FW receive it? Static, or from another dynamic protocol?

 

L4 Transporter

Re: Redistributing default route into EBGP and IBGP not working

Hi @AAstardzhiev 

 

the default which want to redistribute. How did your FW receive it? Static, or from another dynamic protocol?

 

I have static route pointing to ISP IP.

 

it exactly match route in routing table , redistribute rule and export statement.

 

Looking at show routing protocol bgp policy export I see it does not hit export policy rule

 

any specific debug comands we can run to check if 0.0.0.0 is getting advertised ?

 

@AAstardzhiev  Thanks a lot for your help

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!