BGP: Rejected Incoming Prefix

BGP: Rejected Incoming Prefix

3142
Created On 05/10/22 04:07 AM - Last Modified 06/06/24 04:39 AM


Question


What is BGP's rejected incoming prefix

Environment


  • PAN-OS
  • BGP

Answer


TOPOLOGY:


Topology-BGP.png

Take note that there are two prefixes announced to FW_2:

  1. 10.10.10.0/24 has a BGP next-hop attribute of 192.168.1.1, which is a host directly connected to one of FW_2's interface
  2. 10.10.20.0/24 has a BGP next-hop attribute of 172.16.1.1, a host route that FW_2 is unaware of.


FW_2's TABLE RESULT:


BGP-local-rib-details.png

The above shows FW_2's BGP table. Comparing the two routes received and installed in the BGP table:

  1. Prefix 10.10.10.0/24 has an asterisk next to it, and it would mean that the prefix has been verified to pass the route verification process, which is to do a route recursion of the next-hop attribute.
  2. Prefix 10.10.20.0/24 has failed the route recursion lookup of its next-hop attribute since FW_2 has no route leading to 172.16.1.1



 

BGP-rejected.png
The above shows FW_2's BGP summary table. Highlighted in Incoming Prefix is the Rejected count number.



BGP-routing-table.png
Due to the route recursion lookup failure for prefix 10.10.20.0/24, which leads to the BGP table rejecting it, the routing table won't be able to learn and install the said prefix.  
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000CpVeCAK&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail