Hi @Chin Chang ,

The route 10.136.0.0/16 comes from EIGRP through redistribution in BGP and it's normal to be present in the BGP table because of the way the access-list toGCP is constructed. The first line in the access-list:

10 permit 10.136.0.0 0.0.127.255

permits all networks in the range 10.136.0.0 - 10.136.127.255 which includes the 10.136.0.0/16 because the standard access-list doesn't match the network mask.

If 10.136.0.0/16 is not needed to be redistributed in BGP, I would recommend changing the toGCP access-list to an extended ACL which offers the possibility to match the network mask as well:

ip access-list extended toGCP
10 permit host 10.136.0.0 host 0.0.127.255
20 permit host 10.136.128.0 host 0.0.127.255
30 permit host 128.231.0.0 host 0.0.31.255
40 permit host 128.231.32.0 host 0.0.31.255

In this way you can be sure that only the specified networks get redistributed in BGP.

Hope this helps.

Hello,

I have recreated your setup in a lab, I do not see the /16 advertised at all. Can you post the full running config as well as the routing table of ISR 4431 ?

R2#sh ip bgp neighbors 2.2.2.2 advertised-routes
BGP table version is 5, local router ID is 20.20.20.20
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

Network Next Hop Metric LocPrf Weight Path
*> 10.136.0.0/17 1.1.1.1 130816 32768 ?
*> 10.136.128.0/17 1.1.1.1 130816 32768 ?
*> 128.231.0.0/19 1.1.1.1 130816 32768 ?
*> 128.231.32.0/19 1.1.1.1 130816 32768 ?