chiorean.calin,

Thanks for your reply.

I do want to have the peering made on the loopbacks, for scalability and redundancy.

Therefore I will need an IGP, makes sense..

I don't want to have the routes learned via ISIS to be passed to the GSR's..

How do you recommend blocking them??

Route-map on the exiting interface pointing to my GSR??

Let me know..

PR

Hi!

Why to block? Do no configure isis on the interfaces that you do not want to be advertised over isis.

That's it!

Good luck!

Cheers,

Calin

Thanks Again,

I came up with something similar...

We are not too off.. Here is mine.. Let me know what you think!!

@7609

======

neighbor aaa.bbb.ccc.ddd remote-as %%%%%

neighbor aaa.bbb.ccc.ddd description to 7609

neighbor aaa.bbb.ccc.ddd update-source Loopback0

neighbor aaa.bbb.ccc.ddd version 4

neighbor aaa.bbb.ccc.ddd next-hop-self

neighbor aaa.bbb.ccc.ddd send-community

neighbor aaa.bbb.ccc.ddd soft-reconfiguration-inbound

neighbor aaa.bbb.ccc.ddd prefix-list DENY-ALL in

ip prefix-list DENY-ALL: 1 entries

seq 10 deny 0.0.0.0/0 le 32

@GSR

=======

neighbor aaa.bbb.ccc.ddd remote-as %%%%%

neighbor aaa.bbb.ccc.ddd description 7609

neighbor aaa.bbb.ccc.ddd update-source Loopback0

neighbor aaa.bbb.ccc.ddd version 4

neighbor aaa.bbb.ccc.ddd next-hop-self

neighbor aaa.bbb.ccc.ddd send-community

neighbor aaa.bbb.ccc.ddd soft-reconfiguration -inbound

neighbor aaa.bbb.ccc.ddd prefix-list NODefault in

neighbor aaa.bbb.ccc.ddd prefix-list PASSDEFAULT out

ip prefix-list NODefault: 2 entries

seq 5 deny 0.0.0.0/0

seq 10 permit 0.0.0.0/1 le 32

ip prefix-list PASSDEFAULT description Permit only default

ip prefix-list default-only seq 5 permit 0.0.0.0/0

ip prefix-list default-only seq 10 deny 0.0.0.0/0 le 32

Essentially..

7609 --> GSR

Only the default route should be propagated down to 7609.

7609 should pass the whole Internal ISP table to GSR.

GSR should have the Full Internet Routing Table and Internal ISP Table (which was passed from the 7609)

1. In your example you had the activate command, I don't think that may be relevant is it? it just allows them to understand ipv6 prefixes correct?

2. Your suggestion "distribute-list DENY-ALL in" is similar to my "prefix-list DENY-ALL in" blocking all prefixes arriving from @GSR.. correct?

Please note that I have the "prefix-list NODefault in" because this was a migration project and we didn't want to pass the default to the GSR.

P.S. I have taken over the peering project from another one of my colleagues who I think didn't really do a good job..

Let me know, if I am on the right path..

MAV

Hey,

I just looked over my post and noticed a mixed the current config with the porposed config.

The way I posted it, I will block all routes to belearned via ibgp on the @7609...

"neighbor aaa.bbb.ccc.ddd distribute-list DENY-ALL in" on 7609 Will block everything including the default.. (sorry)

That is why I decided to remove it and have the GSR decide what to propagate..

putting the command.. "PASSDEFAULT out" @GSR should block all routes except the default to be learned via iBGP..

PR

sorry my bad

HI PR, [Pls RATE all Informative POST]

Thanks for your update & The configuration looks fine.

You are Welcome.

Plese Use the Cisco RATING System.

Best Regards,

Guru Prasad R