BGP advertising

Answered Question
Nov 22nd, 2006

I'm recieving a full bgp table from a neighbor which is hosted at an upstream provider on my 7200 router. I have another router 7500 which shares the same bgp as as the 7200. However I would not like the recieved routes from this neighbor to be transfered to the 7500 router. Am I correct when saying i need a route-map?

I have this problem too.
0 votes
Correct Answer by royalblues about 7 years 5 months ago

Hi Keith

you can do that..

Alternatively you can also deny the route-map and use permit access-list

HTH, rate if it does

Narayan

  • 1
  • 2
  • 3
  • 4
  • 5
Average Rating: 4 (2 ratings)
royalblues Wed, 11/22/2006 - 20:25

Hi friend,

There are lot of ways to achieve this but route map is the preferred option as it offers a lot of features.

All you have to do is to configure a route map with an access-list permitting the networks you want to advertise.

access-list 1 permit y.y.y.y

route-map adv-to-7500 permit 10

match ip address 1

router bgp 100

neighbor x.x.x.x route-map adv-to-7500 out

HTH, rate if it does

Narayan

keithgoodlip Wed, 11/22/2006 - 23:39

I do not want any of this bgp table to be advertised onto other routers. this 7200 is my default gateway for my internal network.

In your sample config would this acl accomplish this?

access-list 1 deny any any

Thanks,

Keith

Correct Answer
royalblues Thu, 11/23/2006 - 00:26

Hi Keith

you can do that..

Alternatively you can also deny the route-map and use permit access-list

HTH, rate if it does

Narayan

mark.edwards@o2.com Thu, 11/23/2006 - 00:45

Hi Keith,

I would use as-path filters in this scenario as there are more flexable. The below config achieves this. The deny statement in the AS path filter shoule be set to the AS number of the peer you want to block (I've used 65001 as an example). This setup will allow other BGP routes to be sent from the 7200 to the 7500 if this is a requirement.

router bgp 65000

no synchronization

bgp log-neighbor-changes

neighbor <7500 address> remote-as 65000

neighbor <7500 address> filter-list 1 out

ip as-path access-list 1 deny permit ^65001_([0-9]*)$

ip as-path access-list 1 permit .*

Actions

Login or Register to take actions

This Discussion

Posted November 22, 2006 at 12:44 PM
Stats:
Replies:4 Avg. Rating:4
Views:175 Votes:0
Shares:0
Tags: No tags.

Discussions Leaderboard