Guest

Preview Tool

Cisco Bug: CSCvu40167 - More specific route creates less specific aggregate in OMP

Last Modified

Aug 17, 2020

Products (2)

  • Cisco vEdge Router
  • Cisco vEdge Router Model

Known Affected Releases

18.4.4 19.2.2

Description (partial)

Symptom:
vEdge with aggregate.

SDWAN-bofele-vedge-001# show bgp routes vpn 10
 
                     INFO                      LOCAL                      AS                                
VPN  PREFIX          ID    NEXTHOP     METRIC  PREF   WEIGHT  ORIGIN      PATH   PATH STATUS          TAG  
------------------------------------------------------------------------------------------------------------
10   3.3.3.3/32      0     0.0.0.0     1000    50     0       incomplete  Local  valid,best           0    
10   10.0.11.0/24    0     10.0.11.12  0       500    0       incomplete  Local  valid,best,internal  0    
10   10.0.20.0/23    0     0.0.0.0     1000    50     0       incomplete  Local  valid,best           1111 
10   10.0.30.0/23    0     0.0.0.0     1000    50     0       incomplete  Local  valid,best           1111 
10   10.0.221.0/24   0     0.0.0.0     1000    50     0       incomplete  Local  valid,best           0    
10   10.0.221.6/32   0     0.0.0.0     1000    50     0       incomplete  Local  valid,best           0    
10   10.0.231.0/24   0     0.0.0.0     1000    50     0       incomplete  Local  valid,best           0    
10   11.11.11.11/32  0     10.0.11.12  0       500    0       incomplete  Local  valid,best,internal  0    
10   11.11.12.12/32  0     10.0.11.12  0       500    0       incomplete  Local  valid,best,internal  0    
10   11.11.13.0/26   0     10.0.11.12  0       500    0       incomplete  Local  valid,best,internal  0     <---------------- This one coming from BGP
 
 
 
SDWAN-bofele-vedge-001# show omp routes vpn 10
Code:
C   -> chosen
I   -> installed
Red -> redistributed
Rej -> rejected
L   -> looped
R   -> resolved
S   -> stale
Ext -> extranet
Inv -> invalid
Stg -> staged
U   -> TLOC unresolved
 
                                            PATH                      ATTRIBUTE                                                      
VPN    PREFIX              FROM PEER        ID     LABEL    STATUS    TYPE       TLOC IP          COLOR            ENCAP  PREFERENCE 
--------------------------------------------------------------------------------------------------------------------------------------
10     3.3.3.3/32          10.0.0.14        12     1002     C,I,R     installed  10.0.3.102       biz-internet     ipsec  -          
                           10.0.0.14        15     1002     R         installed  10.0.3.103       biz-internet     ipsec  -          
                           10.0.0.14        17     1002     R         installed  10.0.3.103       mpls             ipsec  -          
10     10.0.11.0/24        0.0.0.0          69     1003     C,Red,R   installed  10.0.1.101       public-internet  ipsec  -          
                           0.0.0.0          75     1003     C,Red,R   installed  10.0.1.101       gold             ipsec  -          
10     10.0.20.0/23        10.0.0.14        7      1003     R         installed  10.0.1.102       gold             ipsec  -          
                           10.0.0.14        26     1003     C,I,R     installed  10.0.1.102       public-internet  ipsec  -          
10     10.0.30.0/23        10.0.0.14        9      1003     R         installed  10.0.1.103       gold             ipsec  -          
                           10.0.0.14        21     1003     R         installed  10.0.1.103       biz-internet     ipsec  -          
                           10.0.0.14        25     1003     C,I,R     installed  10.0.1.103       public-internet  ipsec  -          
10     10.0.221.0/24       10.0.0.14        10     1002     C,I,R     installed  10.0.3.101       biz-internet     ipsec  -          
                           10.0.0.14        11     1002     R         installed  10.0.3.101       mpls             ipsec  -          
                           10.0.0.14        13     1002     C,I,R     installed  10.0.3.102       biz-internet     ipsec  -          
10     10.0.221.6/32       10.0.0.14        19     1002     C,I,R     installed  10.0.3.102       biz-internet     ipsec  -          
10     10.0.231.0/24       10.0.0.14        14     1002     C,I,R     installed  10.0.3.103       biz-internet     ipsec  -          
                           10.0.0.14        16     1002     R         installed  10.0.3.103       mpls             ipsec  -          
10     11.11.11.11/32      0.0.0.0          69     1003     C,Red,R   installed  10.0.1.101       public-internet  ipsec  -          
                           0.0.0.0          75     1003     C,Red,R   installed  10.0.1.101       gold             ipsec  -          
10     11.11.12.12/32      0.0.0.0          69     1003     C,Red,R   installed  10.0.1.101       public-internet  ipsec  -          
                           0.0.0.0          75     1003     C,Red,R   installed  10.0.1.101       gold             ipsec  -          
10     11.11.13.0/26       0.0.0.0          69     1003     C,Red,R   installed  10.0.1.101       public-internet  ipsec  -           
                           0.0.0.0          75     1003     C,Red,R   installed  10.0.1.101       gold             ipsec  -          
10     11.11.13.0/29       255.255.255.255  197    1003     C,Red,R   installed  10.0.1.101       public-internet  ipsec  -           <---------- This is an aggregate in config
                           255.255.255.255  203    1003     C,Red,R   installed  10.0.1.101       gold             ipsec  -          
10     111.111.111.0/24    0.0.0.0          69     1003     C,Red,R   installed  10.0.1.101       public-internet  ipsec  -          
                           0.0.0.0          75     1003     C,Red,R   installed  10.0.1.101       gold             ipsec  -        
 
 
 
 
SDWAN-bofele-vedge-001# show running-config vpn 10 omp
vpn 10
omp
  advertise bgp
  advertise connected
  advertise network 11.11.1.1/32
  advertise aggregate 11.11.1.0/24 aggregate-only
  advertise aggregate 11.11.2.0/24 aggregate-only
  advertise aggregate 11.11.13.0/29 aggregate-only
!
!

SDWAN-bofele-vedge-001# show internal omp aggregate
 
================================
            AGGREGATE DB
================================
 
VPN: 0
 
VPN: 10
   Aggregate: 11.11.1.0/24 aggregate-only
     Timer: Enabled (e: 4 v: 5 c: 5)
   Aggregate: 11.11.2.0/24 aggregate-only
     Timer: Enabled (e: 4 v: 5 c: 5)
   Aggregate: 11.11.13.0/29 aggregate-only
     Timer: Enabled (e: 1 v: 5 c: 5)
     Aggregates:
       11.11.13.0/29 -> (0x7f5b4cd50a00) Peer: Aggregate-Peer, TLOC: 10.0.1.101 : public-internet : ipsec Path-ID: 197
       11.11.13.0/29 -> (0x7f5b4cd774c0) Peer: Aggregate-Peer, TLOC: 10.0.1.101 : gold : ipsec Path-ID: 203
     Components:
       11.11.13.0/26 -> (0x7f5b4cd507c0) Peer: Local-Peer, TLOC: 10.0.1.101 : public-internet : ipsec Path-ID: 69
       11.11.13.0/26 -> (0x7f5b4cd76e00) Peer: Local-Peer, TLOC: 10.0.1.101 : gold : ipsec Path-ID: 75
 



On remote vEdge:

SDWAN-bofele-vedge-002# show ip routes vpn 10 omp
Codes Proto-sub-type:
  IA -> ospf-intra-area, IE -> ospf-inter-area,
  E1 -> ospf-external1, E2 -> ospf-external2,
  N1 -> ospf-nssa-external1, N2 -> ospf-nssa-external2,
  e -> bgp-external, i -> bgp-internal
Codes Status flags:
  F -> fib, S -> selected, I -> inactive,
  B -> blackhole, R -> recursive
 
                                            PROTOCOL  NEXTHOP     NEXTHOP          NEXTHOP                                                   
VPN    PREFIX              PROTOCOL         SUB TYPE  IF NAME     ADDR             VPN      TLOC IP          COLOR            ENCAP  STATUS 
---------------------------------------------------------------------------------------------------------------------------------------------
10     0.0.0.0/0           omp              -         -           -                -        10.0.1.101       public-internet  ipsec  F,S    
10     10.0.11.0/24        omp              -         -           -                -        10.0.1.101       public-internet  ipsec  F,S    
10     11.11.11.11/32      omp              -         -           -                -        10.0.1.101       public-internet  ipsec  F,S    
10     11.11.12.12/32      omp              -         -           -                -        10.0.1.101       public-internet  ipsec  F,S    
10     11.11.13.0/29       omp              -         -           -                -        10.0.1.101       public-internet  ipsec  F,S    <-- This one

Conditions:
Having a less specific route and a more specific aggregate configured in OMP. With summary-only remote vEdges only receive a smaller aggregate and not larger.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.