route-map confusion? what am i doing wrong?

Unanswered Question
Jul 28th, 2010
User Badges:

Hi Guru's,

Im trying to block a particular subnet from coming into my router from an ebgp peer.  I want to accept all else and mark as a community 1:10.  But for some reason i cant seem to block it.

My configuration


neighbor route-map Import-BGP in

##ROUTE-MAP and Access-List##

ip access-list standard Deny-Address
route-map Import-BGP deny 5
match ip address Deny-Address
route-map Import-BGP permit 10
set community 1:10


what seems to happen is that the address is still coming in when i run the "show bgp all nei received-routes" command but compared to all the othe incoming prefixes, doesnt seemed to be marked with community 1:10.

How do i block this one prefix from coming into my router completely?

Thanks in advance!

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
chanukavitanachy Thu, 07/29/2010 - 00:14
User Badges:

Ok Solved...

Everythig i was doing was right.

But.. few things to know.

the "show bpg all neighbor x.x.x.x received-routes" command shows you all incoming routes prior to applying the route map.

You need to view the actual route table to ensure that the route is not installed.  so you may see this:

ROUTER#show ip bgp vpnv4 vrf BOB
BGP routing table entry for 64xx1:, version 2657
Paths: (2 available, no best path)
  Not advertised to any peer
  64xx2, (received-only)
    192.168.1.x from 192.168.1.x
      Origin incomplete, metric 1, localpref 100, valid, external
  64xx2, (received-only)
    192.168.1.x from 192.168.1.x
      Origin incomplete, metric 1, localpref 100, valid, external

This command seems to display the entire BGP database.  You will notice that the entry of the route im blocking only appears to show (received  only).  This tells us that the route is received but was not installed due to my route map deny.  All other routes not matching were successfully installed with the correct community set.  So all is good again.

To see if the route is installed, always best to you the show ip route command.

ROUTER#show ip route vrf BOB

Routing Table: MEDIA
% Subnet not in tabl

Perhaps a guru may be able to confirm this.


This Discussion