ipv6 bgp neighbor and prefix-filter

Unanswered Question
Feb 20th, 2009

Hi,

we have a bgp peering session with our isp on ipv4 and are learning our default gateway through it. In parallel we have also an ipv6 peering session with the same ISP which allows us to learn the ipv6 default gateway.

But through this second bgp session we are also learning IPv4 prefixes which is not what we want (roughly 3100 ipv4 entries).

I tryed to implement some prefix-list filters without real success.

Does anyone has some insights on how to achieve this (filtering ipv4 address from ipv6 bgp neighbor annoucments).

Here our config:

router bgp 64555

no bgp log-neighbor-changes

neighbor 2991:f1f1:52:8000::5 remote-as 65186

neighbor 2991:f1f1:52:8000::5 description ISP1-IPV6

neighbor 192.168.1.33 remote-as 786

neighbor 192.168.1.33 description ISP1

!

address-family ipv4

neighbor 2991:f1f1:52:8000::5 activate

neighbor 192.168.1.33 activate

neighbor 192.168.1.33 send-community

neighbor 192.168.1.33 next-hop-self

neighbor 192.168.1.33 soft-reconfiguration inbound

neighbor 192.168.1.33 prefix-list DEFAULT in

neighbor 192.168.1.33 prefix-list CUSTOMER out

neighbor 192.168.1.33 route-map Peer-ISP-In in

neighbor 192.168.1.33 route-map Peer-ISP-Out out

no auto-summary

no synchronization

network 1.2.3.0

exit-address-family

!

address-family ipv6

neighbor 2991:f1f1:52:8000::5 activate

neighbor 2991:f1f1:52:8000::5 send-community

neighbor 2991:f1f1:52:8000::5 next-hop-self

neighbor 2991:f1f1:52:8000::5 soft-reconfiguration inbound

neighbor 2991:f1f1:52:8000::5 prefix-list DEFAULT6 in

neighbor 2991:f1f1:52:8000::5 prefix-list CUSTOMER6 out

neighbor 2991:f1f1:52:8000::5 route-map Peer-ISP6 out

network 2991:f1f1:55::/48

exit-address-family

!

....

ipv6 prefix-list DEFAULT6 seq 5 permit ::/0

!

ipv6 prefix-list CUSTOMER6 seq 5 permit 2991:f1f1:55::/48 le 64

route-map Peer-Janet6-Out permit 10

set community 65186:2

!

route-map Peer-ISP6-In permit 10

set local-preference 90

!

Any idea is welcome and will gratefully appreciated.

seb.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Loading.
Giuseppe Larosa Fri, 02/20/2009 - 09:40

Hello Sebastien,

I may be wrong but I would do the following

address-family ipv4

no neighbor 2991:f1f1:52:8000::5 activate

because now you have configured your BGP4+ or MP BGP to talk about ipv4 with the ipv6 neighbor.

there is a communication channel given by the two endpoints and then in the address-families you decide the arguments:

so if you want to receive only ipv6 routes from

neighbor 2991:f1f1:52:8000::5

you don't need to activate it in af ipv4 unicast

the neighbor will know you don't want to receive ipv4 routes during capabilities exchange at session setup

Hope to help

Giuseppe

Hope to help

Giuseppe

Harold Ritter Fri, 02/20/2009 - 15:34

Giuseppe,

You are correct. The IPv6 neighbor need to be deactivated under ipv4 unicast AF. The issue is that ipv4 unicast AF is activated by default as soon as you configured a neighbor in global mode. To avoid that the next time, you should configured "no bgp default ipv4-unicast", which will force you to activate the ipv4 unicast AF as it is the case with any other AFs.

Regards

s.barbereau Sat, 02/21/2009 - 01:26

Of course!!!!

You are completely right this immediatly solves the problem. I was so focused on the IPv6 section that I completely overlooked that line.

Thanks a lot,

Seb

Actions

This Discussion