×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

Filter port by ASN

Unanswered Question
Jun 19th, 2009
User Badges:

Hi,

I have a issue for block the port 25 to all network from Yahoo. I knew all the ASN:


I have two routers 7204vxr with three peers bgp and I want put a only filter.


How can I configurate this filter?


Thank You,

Best Regards

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Giuseppe Larosa Fri, 06/19/2009 - 11:13
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

Hello Luis,

if I understood you correctly you would like to filter SMTP traffic (TCP 25) if the destination or source address is in a IP network that is originated in some specific BGP AS numbers.


As far as I know you cannot do this.


However you can use the BGP ASN numbers knowledge top find all ip prefixes that have last ASnumber = AS X


you can use the following regular expression

sh ip bgp regexp ASX$

find out all ip prefixes

then you can build an ip extended access-list with the necessary entries like


access-list 111 deny tcp any ip-addr wild-card eq 25


or

access-list 111 deny tcp ip-addr wild-card any eq 25


one or more lines are needed a last

permit ip any any that can be needed or some more specific permit statements (or all traffic will be denied).

the acl can be applied outbound or inbound on a border router interface.


Actually you can use a route-map to manipulate route attributes like the BGP next hop so that you could trigger black holing but you cannot combine this with specific TCP ports on live user traffic.



Hope to help

Giuseppe


server-online Sat, 06/20/2009 - 01:22
User Badges:

Hello Giuseppe,


Thank you by reply.


I tried it and "set interface" isn't allow in bgp sessions. I am searching any solution that block a port from ASN, because I not want going IP range in IP range.


Thank you,

Best regards

Actions

This Discussion