BGP Conditional Advertisement

Introduction

In all the previous BGP posts, route advertisements have been static – you configure a network statement or redistribution, and the route is advertised continuously to configured neighbors. But what if you need advertisements to be dynamic, appearing and disappearing based on network conditions?

That’s what BGP Conditional Advertisement solves.

Conditional advertisement allows you to say: “Only advertise route X to neighbor Y if route Z exists in the BGP table” (or conversely, “if route Z does NOT exist”). This enables sophisticated scenarios like:

Backup path advertisement: Advertise a backup route only when the primary fails
Traffic engineering: Change advertisements based on upstream connectivity
Multihoming policies: Advertise prefixes conditionally to different providers
Disaster recovery: Automatically shift traffic during failures

The feature uses two key commands:

advertise-map: Specifies which routes to conditionally advertise
exist-map or non-exist-map: Specifies the condition (route presence or absence)

Understanding Conditional Advertisement

The Concept

Traditional BGP advertisement:

router bgp 2000
 network 192.168.1.0 mask 255.255.255.0

Result: Route ALWAYS advertised to all neighbors (subject to filters)

Conditional advertisement:

router bgp 2000
 neighbor 10.1.1.1 advertise-map ROUTES-TO-ADVERTISE exist-map CONDITION

Result: Routes in ROUTES-TO-ADVERTISE are ONLY advertised when 
        routes matching CONDITION exist in the BGP table

Two Variants

exist-map (positive condition):

neighbor X advertise-map A exist-map B

Meaning: Advertise routes in map A to neighbor X 
         ONLY IF routes matching map B exist in BGP table

non-exist-map (negative condition):

neighbor X advertise-map A non-exist-map B

Meaning: Advertise routes in map A to neighbor X 
         ONLY IF routes matching map B do NOT exist in BGP table

The Processing Logic

1. BGP checks if condition map (exist-map or non-exist-map) matches any routes
   ↓
2. If condition is TRUE:
     Advertise routes matched by advertise-map
   If condition is FALSE:
     Withdraw routes matched by advertise-map (if previously advertised)
   ↓
3. Re-evaluate periodically (default: 60 seconds) or on BGP table changes

The periodic re-evaluation means there’s a built-in delay – routes won’t appear/disappear instantly, but within the scan interval.

Lab Topology

Same topology from previous BGP posts:

AS 2000: R7, R8, R9 (iBGP mesh, R9 is route reflector)
- R7: eBGP to R4 (AS 1000)
- R8: eBGP to R4 (AS 1000)
- R9: eBGP to R11 (AS 110)
AS 110: R11
AS 1000: R4

In this scenario:

R9 receives routes 111.0.0.0/8 and 112.112.112.0/24 from R11 (AS 110)
Both R7 and R8 receive these routes via iBGP and advertise them to R4
We want R8 to advertise these routes to R4 only when R7 is unavailable

Example: Backup Path Advertisement

Requirement

R8 should advertise the 111.0.0.0/8 and 112.112.112.0/24 networks only if R7 is unreachable. R7 is unreachable if the 10.77.77.0/24 network is not reachable on R8.

Translation:

Primary path: R7 advertises to R4 (preferred)
Backup path: R8 advertises to R4 (only when R7 is down)
Detection mechanism: Monitor presence of 10.77.77.0/24 in R8’s BGP table

This creates a clean failover: R4 sees routes via R7 normally, but if R7 fails (detected by absence of 10.77.77.0/24), R8 automatically takes over advertisement.

Configuration

R7 (advertise tracking network):

interface Loopback77
 ip address 10.77.77.77 255.255.255.0

router bgp 2000
 network 10.77.77.0 mask 255.255.255.0

R7 advertises 10.77.77.0/24, which propagates via iBGP throughout AS 2000. This network serves as R7’s “heartbeat” – its presence signals R7 is operational.

R8 (conditional advertisement):

ip prefix-list PL-MISSING permit 10.77.77.0/24

ip prefix-list PL-AMAP permit 111.0.0.0/8
ip prefix-list PL-AMAP permit 112.112.112.0/24

route-map MISSING permit 10
 match ip address prefix-list PL-MISSING

route-map AMAP permit 10
 match ip address prefix-list PL-AMAP

router bgp 2000
 neighbor 192.1.48.4 advertise-map AMAP non-exist-map MISSING

Breaking it down:

Prefix lists:

PL-MISSING: Matches the tracking route (10.77.77.0/24)
PL-AMAP: Matches the routes to conditionally advertise (111.0.0.0/8 and 112.112.112.0/24)

Route maps:

MISSING: References PL-MISSING (the condition to check)
AMAP: References PL-AMAP (the routes to advertise)

Conditional advertisement:

neighbor 192.1.48.4 advertise-map AMAP non-exist-map MISSING

Logic: Advertise routes matched by AMAP (111.0.0.0/8 and 112.112.112.0/24)
       to neighbor 192.1.48.4 (R4)
       ONLY IF routes matched by MISSING (10.77.77.0/24) 
       do NOT exist in R8's BGP table

Why non-exist-map? We want R8 to advertise when R7 is DOWN. When R7 is up, 10.77.77.0/24 exists in R8’s BGP table (via iBGP). When R7 is down, 10.77.77.0/24 disappears. So we use non-exist-map – advertise when the tracking route is absent.

Initial State (Before Configuration)

R4 sees both paths:

R4#sh ip bgp 111.0.0.0    
BGP routing table entry for 111.0.0.0/8, version 41
Paths: (2 available, best #2, table default)
  Advertised to update-groups:
     1          2         
  2000 110
    192.1.48.8 from 192.1.48.8 (88.8.8.8)
      Origin IGP, localpref 100, valid, external
  2000 110
    192.1.47.7 from 192.1.47.7 (77.7.7.7)
      Origin IGP, localpref 100, valid, external, best

R4#sh ip bgp 112.112.112.0
BGP routing table entry for 112.112.112.0/24, version 42
Paths: (2 available, best #2, table default)
  Advertised to update-groups:
     1          2         
  2000 110
    192.1.48.8 from 192.1.48.8 (88.8.8.8)
      Origin IGP, localpref 100, valid, external
  2000 110
    192.1.47.7 from 192.1.47.7 (77.7.7.7)
      Origin IGP, localpref 100, valid, external, best

R4 has two paths for both networks:

Via R8 (192.1.48.8)
Via R7 (192.1.47.7) – currently best

Both paths are available simultaneously. This is the problem – we want R8’s path to appear ONLY when R7 fails.

State 1: R7 Up and Running (Normal Operation)

After applying the conditional advertisement on R8:

R8 sees the tracking route:

R8#sh ip bgp 10.77.77.0
BGP routing table entry for 10.77.77.0/24, version 25
Paths: (1 available, best #1, table default)
  Advertised to update-groups:
     3         
  Local
    10.7.7.7 (metric 30) from 10.9.9.9 (99.9.9.9)
      Origin IGP, metric 0, localpref 100, valid, internal, best
      Originator: 77.7.7.7, Cluster list: 99.9.9.9

R8 has 10.77.77.0/24 in its BGP table (via iBGP from R7, through route reflector R9). This means:

Condition in non-exist-map MISSING: FALSE (route exists, not non-existent)
Result: Do NOT advertise routes matched by AMAP to R4

R4 now sees only one path:

R4#sh ip bgp 111.0.0.0
BGP routing table entry for 111.0.0.0/8, version 41
Paths: (1 available, best #1, table default)
  Advertised to update-groups:
     1          2         
  2000 110
    192.1.47.7 from 192.1.47.7 (77.7.7.7)
      Origin IGP, localpref 100, valid, external, best

R4#sh ip bgp 112.112.112.0
BGP routing table entry for 112.112.112.0/24, version 42
Paths: (1 available, best #1, table default)
  Advertised to update-groups:
     1          2         
  2000 110
    192.1.47.7 from 192.1.47.7 (77.7.7.7)
      Origin IGP, localpref 100, valid, external, best

Perfect! R4 only sees the path via R7. The path via R8 is now suppressed by conditional advertisement.

State 2: R7 Down (Failure Scenario)

R7 goes offline (interface down, router failure, etc.).

R8 no longer sees the tracking route:

R8#sh ip bgp 10.77.77.0
% Network not in table

10.77.77.0/24 is gone from R8’s BGP table (R7 stopped advertising it). This means:

Condition in non-exist-map MISSING: TRUE (route does not exist)
Result: Advertise routes matched by AMAP to R4

R4 now sees the path via R8:

R4#sh ip bgp 111.0.0.0    
BGP routing table entry for 111.0.0.0/8, version 52
Paths: (1 available, best #1, table default)
  Advertised to update-groups:
     1          2         
  2000 110
    192.1.48.8 from 192.1.48.8 (88.8.8.8)
      Origin IGP, localpref 100, valid, external, best

R4#sh ip bgp 112.112.112.0
BGP routing table entry for 112.112.112.0/24, version 53
Paths: (1 available, best #1, table default)
  Advertised to update-groups:
     1          2         
  2000 110
    192.1.48.8 from 192.1.48.8 (88.8.8.8)
      Origin IGP, localpref 100, valid, external, best

Excellent! R4 now only sees the path via R8. Automatic failover achieved!

State 3: R7 Returns (Recovery)

R7 comes back online and starts advertising 10.77.77.0/24 again.

R4 initially sees both paths:

R4#sh ip bgp 112.112.112.0
BGP routing table entry for 112.112.112.0/24, version 53
Paths: (2 available, best #2, table default)
  Advertised to update-groups:
     1          2         
  2000 110
    192.1.47.7 from 192.1.47.7 (77.7.7.7)
      Origin IGP, localpref 100, valid, external
  2000 110
    192.1.48.8 from 192.1.48.8 (88.8.8.8)
      Origin IGP, localpref 100, valid, external, best

Wait – why does R4 still see R8’s path? Shouldn’t the conditional advertisement suppress it immediately?

Answer: There’s a built-in delay. The conditional advertisement is evaluated periodically (default: 60 seconds). R7 has just come back up, but R8 hasn’t run its next conditional advertisement scan yet.

After a couple of minutes (next scan cycle):

R4#sh ip bgp 112.112.112.0
BGP routing table entry for 112.112.112.0/24, version 55
Paths: (1 available, best #1, table default)
  Advertised to update-groups:
     1          2         
  2000 110
    192.1.47.7 from 192.1.47.7 (77.7.7.7)
      Origin IGP, localpref 100, valid, external, best

Now R4 only sees R7’s path again. The conditional advertisement scan on R8 detected that 10.77.77.0/24 exists again, and R8 withdrew its advertisement to R4.

Result: Clean failback to primary path after recovery (with a delay).

my DevOps Odyssey

“Σα βγεις στον πηγαιμό για την Ιθάκη, να εύχεσαι να ‘ναι μακρύς ο δρόμος, γεμάτος περιπέτειες, γεμάτος γνώσεις.” - Kavafis’ Ithaka.

BGP Conditional Advertisement: Event-Driven Route Control

2026-02-20

Series:lab

Categories:Networking

Tags:#bgp, #conditional advertisement, #network, #route-control, #ccnp

BGP Conditional Advertisement: