Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

How do I stop BGP from sending full routing tables to my provider?

I currently have 2 3725s multi-homed to 2 different ISPs. Everything's been working fine, but recently one of the ISPs had me change their session for a hardware upgrade. They require that I NOT send the full routing tables from my router, but they can't/don't feel like telling me how to properly configure the filter. I'm pretty green when it comes to BGP, so I'm trying to figure out how to keep the router from sending the routing table to my provider. I created a filter for our IP block, but that didn't seem to work. Do I need to do anything else? Should I create a "deny" filter for everything else? Can anyone enlighten me?

Thanks.

6 REPLIES
Gold

Re: How do I stop BGP from sending full routing tables to my pro

BGP has lots of ways to do the same thing.

You could match a aspath of ^$ which means you orginated them

You could match the address ranges with a route-map.

You could set the community on the routes as they cam in from the providers to no-export so they do not get sent out.

There are probably more

Silver

Re: How do I stop BGP from sending full routing tables to my pro

In addition to Tim's post. Check below link for the samples.

http://www.cisco.com/en/US/tech/tk365/technologies_configuration_example09186a008009456d.shtml

Please post your config if there is still the problem. Let's help to troubleshoot it.

Hope this helps.

Re: How do I stop BGP from sending full routing tables to my pro

Just create a simple route-map and advertise the required subnets to the upstream

access-list 1 permit

route-map permit 10 filter-block

match ip address 1

router bgp 100

neighbor x.x.x.x remote-as 200

neighbor x.x.x.x route-map filter-block out

HTH

Narayan

New Member

Re: How do I stop BGP from sending full routing tables to my pro

I'd suggest a two-pronged approach - use filter-lists to control which ASes you advertise out and use distribute-lists to control which subnets to advertise out.

It avoids the strangest of routing issues from cropping up (which probably won't in your setup) - for example, if you hear about one of your customer networks via another AS then the subnet will match the distribute list but not be originated from you.

Here's an example:

router bgp X

neighbor 1.2.3.4 remote-as 1234 distribute-list ANNOUNCE-TRANSIT out

neighbor 1.2.3.4 remote-as 1234 filter-list 10 out

!

ip as-path access-list 10 permit ^$

ip as-path access-list 10 deny .*

ip access-list standard ANNOUNCE-TRANSIT

permit 10.0.0.0 0.0.0.255

permit 10.0.10.0 0.0.0.255

!

This way you lock down which subnets you're announcing and originating from.

You can check what you're announcing by using "show ip bgp nei adv".

New Member

Re: How do I stop BGP from sending full routing tables to my pro

Remove the redistribute command under BGP.

add a static route to null0 of the route you want to advertise to the ISP

add a network statement to BGP with the route and mask you want to advertise to the ISP.

EXAMPLE:::

ip route 207.1.0.0 255.255.0.0 null0

router bgp 1111

network 207.1.0.0 mask 255.255.0.0

no redistribute

New Member

Re: How do I stop BGP from sending full routing tables to my pro

All these ways should work, but there is one more thing. BGP doesn't send updates/withdraw routes when you change your policies!

i.e. after configuring one of the above mentioned filters and assigning it to the appropriate neighbor, you also have to

'clear ip bgp x.x.x.x'

where x.x.x.x is the BGP neighbour addr.

Try to add 'soft out' first!

Mike

1048
Views
6
Helpful
6
Replies