Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

Route filtering help

I'm currently building a config to multi-home my organization. My goals are to only accept default + local routes from my providers, and to stop any transit traffic through my network. The expression I plan to use is as follows:

neighbor x.x.x.x filter-list 1 out

!

ip as-path access-list 1 permit ^$

I know this will accomplish the 'no transit' part, but does it also allow me to accept only default and local routes? It's applied outbound so I'm thinking no.

Any help would be appreciated.

/rls

1 ACCEPTED SOLUTION

Accepted Solutions
Hall of Fame Super Gold

Re: Route filtering help

rls

You are quite right that the filter list that you post will be very effective in making sure that you do not become transit. But it will do nothing to control what you learn. You would want an inbound filter list to control what you learn. If one of your upstream providers were AS 123 then you might want a filter list that looks something like this:

neighbor x.x.x.x filter-list 5 in

!

ip as-path access-list 1 permit ^123$

this will permit only prefixes with exactly one AS number in the path and that number must be 123.

HTH

Rick

4 REPLIES
Bronze

Re: Route filtering help

Here's a link that may help you accomplish your goal. If you need any additional clarification let us know

http://www.cisco.com/en/US/tech/tk365/technologies_configuration_example09186a008009456d.shtml

Hall of Fame Super Gold

Re: Route filtering help

rls

You are quite right that the filter list that you post will be very effective in making sure that you do not become transit. But it will do nothing to control what you learn. You would want an inbound filter list to control what you learn. If one of your upstream providers were AS 123 then you might want a filter list that looks something like this:

neighbor x.x.x.x filter-list 5 in

!

ip as-path access-list 1 permit ^123$

this will permit only prefixes with exactly one AS number in the path and that number must be 123.

HTH

Rick

Community Member

Re: Route filtering help

Thank you Rick, that is exactly what I was looking for. Since I sent out my message I've researched and added the same configs on both of my routers filtering the appropriate AS numbers on each.

Thanks again.

/rls

Hall of Fame Super Gold

Re: Route filtering help

rls

I am glad that your issue is resolved and that my suggestions were helpful. Thank you for using the rating system to indicate that your issue was resolved (and thanks for the rating). It makes the forum more useful when people can read an issue and can know that there were resonses which did resolve the issue.

The forum is an excellent place to learn about Cisco networking. I encourage you to continnue your participation in the forum.

HTH

Rick

106
Views
5
Helpful
4
Replies
CreatePlease to create content