I have a bgp config with a single router connected to two service providers. One provider appears to be sending me about 29000 routes - I'm only receiving 1407 of them - the other is sending me about 571 routes - I'm receiving 32 of them. I can see this info by issuing the sh ip bgp neigh received-route, sh ip bgp neigh x.x.x.x routes, and sh bgp neigh commands.
Below is my partial config:
router bgp 12345
network 22.214.171.124 mask 255.255.255.0
timers bgp 30 90
neighbor 126.96.36.199 remote-as 5678
neighbor 188.8.131.52 description ISP_A Peering
neighbor 184.108.40.206 soft-reconfiguration inbound
neighbor 220.127.116.11 route-map ISP_A in
neighbor 18.104.22.168 route-map localonly out
neighbor 22.214.171.124 remote-as 91011
neighbor 126.96.36.199 description ISP_B Peering
neighbor 188.8.131.52 soft-reconfiguration inbound
neighbor 184.108.40.206 route-map ISP_B in
neighbor 220.127.116.11 route-map localonly out
ip as-path access-list 10 permit ^$
ip as-path access-list 20 permit ^5678$
ip as-path access-list 30 permit ^91011$
ip as-path access-list 30 permit ^12131$
route-map ISP_A permit 10
match as-path 20
route-map ISP_B permit 10
match as-path 30
route-map localonly permit 10
match as-path 10
From the sh ip bgp neigh x.x.x.x. received-routes command output, it appears as though there are more ASes associated with each of these service providers than I have listed in the as-path access-lists. Do I need to include all of the AS numbers associated with each service provider? Or is there an easier way to accomplish what I'm trying to do? The service providers are sending me their connected routes (partial routes, customer routes), and I want to filter accordingly.
According to the route-map applied inbound on your SP connections, you will only receive your SPs routes but not their customers. You would need an as-path access-list that looks something like this to recieve SP routes and directly connected customer routes:
ip as-path access-list 20 permit ^5678_[0-9]*$
ip as-path access-list 30 permit ^19011_[0-9]*$ <== I corrected the ASN since 91011 is not a valid ASN
ip as-path access-list 30 permit ^12131$ <== This is useless since this is not the address of your SP
Hope this helps,
Harold Ritter Sr. Technical Leader CCIE 4168 (R&S, SP) email@example.com México móvil: +52 1 55 8312 4915 Cisco México Paseo de la Reforma 222 Piso 19 Cuauhtémoc, Juárez Ciudad de México, 06600 México
This document gives several answers on frequently asked questions for PFRv3 channel state behavior.
Q1: What are all the channel operational states from a BR (border role) perspective and what are the rules/conditions to be in each st...
The need was to reach an host inside a LAN through a VPN connection managed by the LAN gateway (Cisco 1921).
The LAN gateway performs NAT and there was a dedicate nat rule for the host i wanted to reach through VPN.
I couldn't connect to the hos...
We have 3 identical switches configured by someone else and would like to claim some of the Gigabit ports(G1/G2/G3/G4) for use on servers. When we try to change the wiring and configuration, we run in to connectivity issues. Attached is a des...