Rt updating bgp 0 0 0 0 0
R1, having installed the aggregate advertised from AS 30, would see AS 30 as a less-specific but valid path to the subnet, and route traffic to R3.
R3, no longer having the more-specific route back to R1, drops the traffic, creating a black hole.
I am again curious to know how to you take those capture do you actually take them from a PC running a sniffer, I would think against.
I think you use either the 'capture' command on dynamips or something similar.
On R4 we can see how the AS path appears in the BGP table: Analyzing the BGP traffic on the wire, we can see R3's aggregate route update packet (packet 15 in the provided capture) has an AS path composed of both an AS sequence (30) and an AS set ().
Also of interest here is the command to specify a route-map used to match subnets.
Inspecting the BGP table on R4, we can see four routes each from AS 10 and 20.
We can suppress all the summarized routes by recreating the aggregate route, this time appending the What's dangerous about the aggregate route advertised by R3?You can reach him by email or follow him on Twitter.This happens because the RIB already has a better entry for those routes (via the directly connected interfaces). You actually don't need to include the 10.0.0.x/30 networks in BGP at all, so the RIB failure in this case shouldn't hurt anything.I would appreciate if you can discuss the techniques that you use for these writeups, it would be interesting & [email protected], I use GNS3 (on Linux) for most of my labs, and I use "real" hardware where necessary (typically when advanced switching is involved).I generate most of the packet captures using GNS3's capture ability, which dumps traffic between the virtual devices to a PCAP file, which I then tidy up with Wireshark.Hi Strech, Nice writeup, I am really impressed with your articles.