Unsuppress-Map

Test BGP unsuppress-map functionality. When aggregate-address is configured with summary-only, the more specific routes are suppressed and only the aggregate is advertised. The unsuppress-map command allows selectively leaking specific routes to a particular neighbor while keeping them suppressed for other neighbors. This is useful when you want to advertise both the aggregate and certain more-specific routes to selected peers, for example to provide more granular routing to preferred customers while giving others only the summary route.

Test iBGP - Summary-only suppresses specific routes

Description

Baseline test showing that aggregate-address summary-only suppresses specific routes. DUT0 has routes 192.168.1.0/24 and 192.168.2.0/24 and creates an aggregate 192.168.0.0/16. With summary-only, DUT1 should receive only the aggregate, not the specific /24 routes.

Scenario

Step 1: Set the following configuration in DUT0 :

set interfaces dummy dum0 address 192.168.1.1/24
set interfaces dummy dum1 address 192.168.2.1/24
set interfaces ethernet eth0 address 10.10.0.100/24
set protocols bgp 20 aggregate-address 192.168.0.0/16 summary-only
set protocols bgp 20 neighbor peer remote-address 10.10.0.200
set protocols bgp 20 neighbor peer remote-as 20
set protocols bgp 20 redistribute connected
set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'

Step 2: Set the following configuration in DUT1 :

set interfaces ethernet eth0 address 10.10.0.200/24
set protocols bgp 20 neighbor peer remote-address 10.10.0.100
set protocols bgp 20 neighbor peer remote-as 20
set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'

Attention

Verify iBGP session establishes between DUT0 and DUT1.

Step 3: Run command protocols bgp show ip summary at DUT0 and check if output matches the following regular expressions:

10.10.0.200.*Established

Show output

IPv4 Unicast Summary:
BGP router identifier 192.168.2.1, local AS number 20 VRF default vrf-id 0
BGP table version 4
RIB entries 6, using 768 bytes of memory
Peers 1, using 24 KiB of memory

Neighbor        LocalAddr       V         AS   MsgRcvd   MsgSent   TblVer  InQ OutQ  Up/Down        State   PfxRcd   PfxSnt Desc
10.10.0.200     10.10.0.100     4         20         3         6        4    0    0 00:00:01  Established        0        2 FRRouting/10.4.1

Total number of neighbors 1

Attention

Verify DUT1 receives only the aggregate route 192.168.0.0/16.

Step 4: Run command protocols bgp show ip at DUT1 and check if output matches the following regular expressions:

192.168.0.0/16

Show output

BGP table version is 2, local router ID is 10.10.0.200, vrf id 0
Default local pref 100, local AS 20
local address -
Status codes:  s suppressed, d damped, h history, u unsorted, * valid, > best, = multipath,
               i internal, r RIB-failure, S Stale, R Removed
Nexthop codes: @NNN nexthop's vrf id, < announce-nh-self
Origin codes:  i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

     Network          Next Hop            Metric LocPrf Weight Path
 *ui 10.10.0.0/24     10.10.0.100              0    100      0 ?
 *ui 192.168.0.0/16   10.10.0.100              0    100      0 ?

Displayed 2 routes and 2 total paths

---

Test iBGP - Unsuppress-map leaks specific routes

Description

Test BGP unsuppress-map which selectively leaks suppressed routes to a neighbor. DUT0 has aggregate-address summary-only configured, but also an unsuppress-map that permits 192.168.1.0/24. DUT1 should receive both the aggregate 192.168.0.0/16 AND the specific route 192.168.1.0/24, while 192.168.2.0/24 remains suppressed.

Scenario

Step 1: Set the following configuration in DUT0 :

set interfaces dummy dum0 address 192.168.1.1/24
set interfaces dummy dum1 address 192.168.2.1/24
set interfaces ethernet eth0 address 10.10.0.100/24
set protocols bgp 20 aggregate-address 192.168.0.0/16 summary-only
set protocols bgp 20 neighbor peer remote-address 10.10.0.200
set protocols bgp 20 neighbor peer remote-as 20
set protocols bgp 20 neighbor peer unsuppress-map UNSUPPRESS
set protocols bgp 20 redistribute connected
set protocols ip prefix-list LEAK-NET1 rule 1 action permit
set protocols ip prefix-list LEAK-NET1 rule 1 prefix 192.168.1.0/24
set protocols route-map UNSUPPRESS rule 1 action permit
set protocols route-map UNSUPPRESS rule 1 match ip address prefix-list LEAK-NET1
set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'

Step 2: Set the following configuration in DUT1 :

set interfaces ethernet eth0 address 10.10.0.200/24
set protocols bgp 20 neighbor peer remote-address 10.10.0.100
set protocols bgp 20 neighbor peer remote-as 20
set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'

Attention

Verify iBGP session establishes between DUT0 and DUT1.

Step 3: Run command protocols bgp show ip summary at DUT0 and check if output matches the following regular expressions:

10.10.0.200.*Established

Show output

IPv4 Unicast Summary:
BGP router identifier 192.168.2.1, local AS number 20 VRF default vrf-id 0
BGP table version 4
RIB entries 6, using 768 bytes of memory
Peers 1, using 24 KiB of memory

Neighbor        LocalAddr       V         AS   MsgRcvd   MsgSent   TblVer  InQ OutQ  Up/Down        State   PfxRcd   PfxSnt Desc
10.10.0.200     10.10.0.100     4         20         3         6        4    0    0 00:00:02  Established        0        3 FRRouting/10.4.1

Total number of neighbors 1

Attention

Verify DUT1 receives the aggregate route 192.168.0.0/16 and specific route 192.168.1.0/24 (unsuppressed by unsuppress-map).

Step 4: Run command protocols bgp show ip at DUT1 and check if output matches the following regular expressions:

192.168.0.0/16 [\s\S]*192.168.1.0/24

Show output

BGP table version is 3, local router ID is 10.10.0.200, vrf id 0
Default local pref 100, local AS 20
local address -
Status codes:  s suppressed, d damped, h history, u unsorted, * valid, > best, = multipath,
               i internal, r RIB-failure, S Stale, R Removed
Nexthop codes: @NNN nexthop's vrf id, < announce-nh-self
Origin codes:  i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

     Network          Next Hop            Metric LocPrf Weight Path
 *ui 10.10.0.0/24     10.10.0.100              0    100      0 ?
 *ui 192.168.0.0/16   10.10.0.100              0    100      0 ?
 *ui 192.168.1.0/24   10.10.0.100              0    100      0 ?

Displayed 3 routes and 3 total paths

---