Mailing List Archive: [nsp] whats wrong in prefix list & as-path list

[nsp] whats wrong in prefix list & as-path list

Sep 27, 2002, 12:37 AM

Post #1 of 3 (1830 views)

Hi all,
This is my bgp configuration, But I have some problems.
Here I dont want to receive any routes from my provider, and want to announce only few routes.
1) Here I have configured as-path access list for not to receive any routes, but still than I am receiving my providers
routes which he announced to his provider using network statement.
Is my filter list ok for not to receive any route or Should I user regex * only instead of .*

2) In network statement I am announcing 192.168.64.0/19 , and using route-map I am filtering for only 192.168.80.0/24 . But
still than my provider receiving 192.168.64.0/19 too.
Whats wrong in my config??
(Note: Here in email public ips are replaced by dummy private ips)

!
router bgp 11111
no synchronization
network 192.168.80.0
network 192.168.64.0 mask 255.255.224.0
neighbor 10.10.10.10 remote-as 12222
neighbor 10.10.10.10 ebgp-multihop 4
neighbor 10.10.10.10 update-source Loopback0
neighbor 10.10.10.10 route-map OUT out
neighbor 10.10.10.10 filter-list 1 in
no auto-summary
!
ip as-path access-list 1 deny .*
!
ip prefix list test seq 5 permit 192.168.80.0/24
!
route-map OUT permit 10
match ip address prefix-list test
!

Thanks
paku

RE: [nsp] whats wrong in prefix list & as-path list [ In reply to ]

JohnWong at crimsonlogic

Sep 27, 2002, 8:18 PM

Post #2 of 3 (1757 views)

Permalink

Hi,

> 1) Here I have configured as-path access list for not to
> receive any routes, but still than I am receiving my providers
> routes which he announced to his provider using network statement.
> Is my filter list ok for not to receive any route or Should I
> user regex * only instead of .*

Why don't u use a prefix-list to deny all prefixes? I kinda think
filter-list is more for filtering AS numbers.

> 2) In network statement I am announcing 192.168.64.0/19 ,
> and using route-map I am filtering for only 192.168.80.0/24 . But
> still than my provider receiving 192.168.64.0/19 too.
> Whats wrong in my config??

A recommendation by Philip Smith for using the various
BGP filtering :-

prefix-lists to filter prefixes
filter-lists to filter ASNs
route-maps to apply policy

I've been following this rule and have not had any problems
with advertising & filtering prefixes. Maybe u wanna try this
style?

!
router bgp 11111
no synchronization
network 192.168.80.0
network 192.168.64.0 mask 255.255.224.0
neighbor 10.10.10.10 remote-as 12222
neighbor 10.10.10.10 ebgp-multihop 4
neighbor 10.10.10.10 update-source Loopback0
neighbor 10.10.10.10 prefix-list From-Provider in
neighbor 10.10.10.10 prefix-list To-Provider out
no auto-summary
!
ip prefix-list From-Provider seq 5 deny 0.0.0.0/0 le 32
ip prefix-list To-Provider seq 5 permit 192.168.64.0/19 le 24
ip prefix-list To-Provider seq 10 deny 0.0.0.0/0 le 32

Good luck...

Re: [nsp] whats wrong in prefix list & as-path list [ In reply to ]

pakucable at nettaxi

Sep 28, 2002, 12:38 AM

Post #3 of 3 (1759 views)

Permalink

Hi all,

Its working ok.

I think I forgot to clear bgp session after chagnes.

Thanks
paku

----- Original Message -----
From: "pakucable" <pakucable@nettaxi.com>
To: <cisco-nsp@puck.nether.net>
Sent: Friday, September 27, 2002 1:07 PM
Subject: [nsp] whats wrong in prefix list & as-path list

> Hi all,
> This is my bgp configuration, But I have some problems.
> Here I dont want to receive any routes from my provider, and want to announce only few routes.
> 1) Here I have configured as-path access list for not to receive any routes, but still than I am receiving my providers
> routes which he announced to his provider using network statement.
> Is my filter list ok for not to receive any route or Should I user regex * only instead of .*
>
> 2) In network statement I am announcing 192.168.64.0/19 , and using route-map I am filtering for only 192.168.80.0/24 .
But
> still than my provider receiving 192.168.64.0/19 too.
> Whats wrong in my config??
> (Note: Here in email public ips are replaced by dummy private ips)
>
> !
> router bgp 11111
> no synchronization
> network 192.168.80.0
> network 192.168.64.0 mask 255.255.224.0
> neighbor 10.10.10.10 remote-as 12222
> neighbor 10.10.10.10 ebgp-multihop 4
> neighbor 10.10.10.10 update-source Loopback0
> neighbor 10.10.10.10 route-map OUT out
> neighbor 10.10.10.10 filter-list 1 in
> no auto-summary
> !
> ip as-path access-list 1 deny .*
> !
> ip prefix list test seq 5 permit 192.168.80.0/24
> !
> route-map OUT permit 10
> match ip address prefix-list test
> !
>
>
> Thanks
> paku
>
> _______________________________________________
> cisco-nsp mailing list real_name)s@puck.nether.net
> http://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>