Reset Search
 

 

Article

How To Filter Incomming and Outgoing BGP Routes on an S-Series

« Go Back

Information

 
TitleHow To Filter Incomming and Outgoing BGP Routes on an S-Series
Objective
  • The config advertises only 198.51.100.0/.24 and filters all incoming routes except 10.0.0.0/8 and 0.0.0.0/0.Use of two prefix lists is required to distinguish between routes that are allowed and those that are disallowed.
  • Only one route-map can be applied per direction to each neighbor, which means we need to configure two sequence numbers to the route-maps. The first sequence number allows traffic and the second one denies it.
  • There are two route-maps in and out named for the direction in which they filter routes. Each has two sequence numbers. The permit sequence five is routes that are allowed and the deny sequence ten is the routes that are filtered for both the in and out route-map.
Environment
S-Series
Procedure
!
route-map bgp in permit 5
  match prefix-list inallow
  exit
route-map bgp in deny 10
  match prefix-list indeny
  exit
route-map bgp out permit 5
  match prefix-list allow
  exit
route-map bgp out deny 10
  match prefix-list deny
  exit


!
router bgp 65302
  bgp router-id 3.3.3.3
  log-up-down
  neighbor 192.0.2.1 remote-as 1234
  neighbor 192.0.2.1 route-map out out
  neighbor 192.0.2.1 route-map in in
  network 198.51.100.0/24
  exit
!
ip prefix-list allow seq 5  permit 198.51.100.0/24 
ip prefix-list deny seq 25  permit 0.0.0.0/0 le 32
ip prefix-list inallow seq 5  permit 0.0.0.0/0 
ip prefix-list inallow seq 10  permit 10.0.0.0/8 
ip prefix-list indeny seq 20  deny 0.0.0.0/0 le 32

 
Additional notes
Verify the  incoming routes are filtered
su->show ip route bgp

IP Route Table for the base topology in VRF global
Codes: C-connected, S-static, R-RIP, B-BGP, O-OSPF, IA-OSPF interarea
       N1-OSPF NSSA external type 1, N2-OSPF NSSA external type 2
       E1-OSPF external type 1, E2-OSPF external type 2,
       i-IS-IS, L1-IS-IS level-1, L2-IS-IS level-2

B      0.0.0.0/0           [20/0]       via       192.0.2.1        vlan.0.192          1d04h00m36s

B      10.0.0.0/8          [20/0]       via       192.0.2.1        vlan.0.192             5h10m37s
Number of routes = 2

Verify  the outgoing routes being advertised

(su)->show ip bgp peer 192.0.2.1 advertised-routes
Route status codes: adv - advertised, sup - suppressed, pw - pending w/drawal, wd - w/drawn
Route aggregation codes:
1 - Route is not aggregating or aggregated
2 - Route is aggregating
3 - Route is unsuppressed aggregated
4 - Route is suppressed aggregated

Stat Aggr    Network                  Next Hop        Rib MED Local-Pref Origin AS Path
adv  1       198.51.100.0/24            192.0.2.2        U   0      0      IGP     65302


How To Filter Some BGP Routes and Allow all Others on S-Series, and 7100-Series





 

Feedback

 

Was this article helpful?


   

Feedback

Please tell us how we can make this article more useful.

Characters Remaining: 255