MED value in the default route advertised from Remote Network to Branch changes from 100000 to 100 when "Don't Advertise Prisma Access Routes" is enabled
5380
Created On 08/31/23 09:02 AM - Last Modified 11/01/24 02:36 AM
Symptom
- Remote Network configuration has a single EBGP Peer for Branch Site.
- In the configuration, the Advertise Default Route is disabled.
- The MED value in the default route advertised from Remote Network to Branch changes from 100000 to 100.
> show routing protocol bgp rib-out-detail peer
VIRTUAL ROUTER: default (id 1)
Prefix: 0.0.0.0/0
Nexthop: x.x.x.x
Peer: yyyyyyy
Advertise status: advertised
Aggregation status: no aggregate
Originator ID: 0.0.0.0
AS Path: 65534
Origin: N/A
MED: 100000
Local Preference: 0
Atomic aggregate: no
Aggregator AS: 0
Aggregator ID: 0.0.0.0
----------
- Here is the rib-out table when the Advertise Default Route is Enabled. Note that the MED is now 100.
> show routing protocol bgp rib-out-detail peer GPCS-EBGP-Site-194711
VIRTUAL ROUTER: default (id 1)
Prefix: 0.0.0.0/0
Nexthop: x.x.0.5
Peer: GPCS-EBGP-Site-194711 (id 1)
Advertise status: advertised
Aggregation status: no aggregate
Originator ID: 0.0.0.0
AS Path: 65534
Origin: N/A
MED: 100
Local Preference: 0
Atomic aggregate: no
Aggregator AS: 0
Aggregator ID: 0.0.0.0
Environment
- Prisma Access for Remote Networks
- Version below 10.1.4
- EBGP configured
Cause
- Software Issue.
- The MED value of the Remote Network should be set as follows regardless of the setting "Don't Advertise Prisma Access Routes":
| Single BGP/IPSec tunnel configured | 100000 |
| Secondary BGP/IPSec tunnel configured, primary tunnel | 100 |
| Secondary BGP/IPSec tunnel configured, secondary tunnel | 200 |
Resolution
- The issue is fixed under 10.1.4
- If the issue is seen in later versions, Open a support case.
Additional Information
Issue ID: CYR-21819