BGP Auto-Summary (V)
BGP automatically summarizes routes to classful network boundaries when this command is enabled. Route summarization is used to reduce the amount of routing information in routing tables. Automatic summarization applies to connected, static, and redistributed routes. Please note that auto-summary
is disabled by default on Cisco devices.
The following examples are based on the above diagram. Here in our example, HQ-01 is in AS 1000, ENT-01 is in AS 2000, and there are two intermediary ISP routers in AS 100. These ISP routers will establish an iBGP session between each other to pass along BGP routes. Here is a routing table from HQ-01.
#HQ-01
12.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 12.12.12.0/24 is directly connected, GigabitEthernet1
L 12.12.12.1/32 is directly connected, GigabitEthernet1
100.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 100.100.0.0/16 is directly connected, Loopback1
L 100.100.1.1/32 is directly connected, Loopback1
Scenario 1 - auto-summary disabled (default)
For the first example, HQ-01 advertises the prefix 100.100.0.0/16
to its eBGP peer ISP-01 using the network 100.100.0.0 mask 255.255.0.0
command. Everything looks good and we can see the prefix 100.100.0.0/16
in the BGP table.
#HQ-01
router bgp 1000
bgp log-neighbor-changes
network 100.100.0.0 mask 255.255.0.0
neighbor 12.12.12.2 remote-as 100
#HQ-01
Network Next Hop Metric LocPrf Weight Path
*> 100.100.0.0/16 0.0.0.0 0 32768 i
Now, if we go and remove the mask
parameter from the network
statement and use a classful subnet of 100.0.0.0
let's see what happens.
#HQ-01
router bgp 1000
bgp log-neighbor-changes
network 100.0.0.0
neighbor 12.12.12.2 remote-as 100
#HQ-01
HQ-01#show ip bgp
HQ-01#
Hmm, now the BGP table is empty, why? Well, because BGP will go and look at the routing table and see if there is an exact match for the prefix 100.0.0.0/8
(Classful network). But there isn't any so, the prefix will not be added to the BGP table.
network
command, there must be an identical network prefix already present in the router's routing table. This means the prefix, along with its subnet mask or prefix length, must match precisely an entry in the routing table that is reachable.Scenario 2 - auto-summary enabled
Let's go ahead and enable auto-summary
and see what happens.
#HQ-01
HQ-01#show run | sec bgp
router bgp 1000
bgp log-neighbor-changes
network 100.0.0.0
neighbor 12.12.12.2 remote-as 100
auto-summary
#HQ-01
HQ-01#show ip bgp
Network Next Hop Metric LocPrf Weight Path
*> 100.0.0.0 0.0.0.0 0 32768 i
Okay, now the prefix shows up again on the BGP table as a classful network even though we don't have the exact match on the routing table. If I go to the ENT-01 on the far right and check the BGP table and routing table, we should also see the classful network (not the /16
)
#ENT-01
ENT-0101#show ip bgp
Network Next Hop Metric LocPrf Weight Path
*> 100.0.0.0 31.31.31.2 0 100 1000 i
#ENT-01
ENT-01#show ip route bgp
Gateway of last resort is not set
B 100.0.0.0/8 [20/0] via 31.31.31.2, 00:04:05
Scenario 3 - auto-summary enabled and mask configured
Let's look at the behaviour of having both auto-summary
and mask
configured under BGP.
#HQ-01
router bgp 1000
bgp log-neighbor-changes
network 100.100.0.0 mask 255.255.0.0
neighbor 12.12.12.2 remote-as 100
auto-summary
#HQ-01
HQ-01#show ip bgp
Network Next Hop Metric LocPrf Weight Path
*> 100.100.0.0/16 0.0.0.0 0 32768 i
As you can see above, there are no effect if we use auto-summary
with the mask
parameter. The router is still advertising the /16
prefix.
Scenario 4 - Redistribution auto-summary disabled
Let's focus on redistribution for this example. I'm going to remove both auto-summary
and the network
statement from BGP and add redistribute connected
statement. Please note that the 100.100.0.0/16
prefix belongs to the Loopback interface which is indeed a connected route/subnet.
#HQ-01
router bgp 1000
bgp log-neighbor-changes
redistribute connected
neighbor 12.12.12.2 remote-as 100
#HQ-01
HQ-01#show ip bgp
BGP table version is 10, local router ID is 100.100.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*> 100.100.0.0/16 0.0.0.0 0 32768 ?
This is what we would expect to see right? We can see the BGP entry for the prefix 100.100.0.0/16
I could also go into one of the other routers and check the BGP table too.
#ENT-01
ENT-01#show ip bgp
Network Next Hop Metric LocPrf Weight Path
*> 100.100.0.0/16 31.31.31.2 0 100 1000 ?
Everything looks goo and we are seeing the /16
prefix throughout.
Scenario 5 - Redistribution auto-summary enabled
Let's go and add auto-summary
to the previous configuration and see what happens.
#HQ-01
router bgp 1000
bgp log-neighbor-changes
redistribute connected
neighbor 12.12.12.2 remote-as 100
auto-summary
#HQ-01
HQ-01#show ip bgp
*> 100.0.0.0 0.0.0.0 0 32768 ?
So, now HQ-01 advertises the Classful network (/8
instead of /16
). If I check the route table on ENT-01, I should see the same.
#ENT-01
ENT-01#show ip route bgp
B 100.0.0.0/8 [20/0] via 31.31.31.2, 00:18:42
So, what can we learn from this?
- By default,
auto-summary
is disabled in BGP - If
auto-summary
is disabled andmask
parameter is omitted in thenetwork
statement, BGP will look for the exact classful route in the routing table. - If both
auto-summary
andmask
parameter is configured with thenetwork
statement, there are no effects on the way this prefix is advertised. - If
auto-summary
is configured andmask
parameter is omitted, the router advertises the classful network only if either of these is true.- The exact classful prefix is in the routing table
- Any subset of prefixes of that classful network is in the routing table.
- If
auto-summary
is configured andredistribution
is in use, BGP will always advertise the classful network.
Why auto-summary is disabled by default in BGP?
If you're wondering why BGP has auto-summary turned off by default (in Cisco devices at least), consider this example. Suppose on your router, you have a few connected subnets like 100.100.1.0/24
and 100.100.2.0/24
When you redistribute these connected routes into BGP with auto-summary enabled, BGP would advertise a broader, classful network of 100.0.0.0/8
to its peers.
However, it's very likely you don't actually control all subnets within the 100.x.x.x
range; you might only have a few of them. Advertising a classful network when you only possess a fraction of its addresses could lead to problematic or unintended routing behaviours. This is because peers might send traffic to your network that you're not expected to handle, expecting you to route any address within that classful boundary. Here is an explanation on this Cisco website if you are interested.