From: Mark Salmon (masalmon@xxxxxxxxx)
Date: Fri Mar 02 2001 - 14:06:38 GMT-3
That looks to work. Thanks.
Vikas Gupta wrote:
> Mark,
>
> For modifying policy to exit, use LP
> For modifying policy to infulence entrance points into
> your AS, and maintain automatic failover send MED's
> out, i.e metric of routes which you are advertising to
> AS500 from R1 should have lower value than the one
> from R2 and vice-versa on the other IBGP router within
> your AS. But make sure that you send all your internal
> AS routes from both R1 and R2, but with different
> metrics. This will make sure that AS500 and AS600
> routers have two entries for each network.
>
> For making your AS non-transit, when you modify
> metrics on outgoing route-map on neighbor statements
> to AS500 and AS600, any other routes for which you are
> not modifying metrics will be denied automatically,
> since there is a implicit deny at the end of every
> route-map.
>
> In your case, you should actually set the community of
> the routes coming into your AS as no-export, not going
> out. Make sure that you send-community to R2 and
> vice-versa.
>
> HTH
>
> Vikas
>
> --- "David T. Absalom" <dabsalom@lucent.com> wrote:
> > I believe you could use a outgoing route map for the
> > ebgp sessions on r1 and
> > r2 to only allow local routes be advertised, i.e.
> >
> > ip as-patch access-list 1 permit ^$
> >
> > route-map notransit permit 10
> > match as-path 1
> >
> >
> > This would only allow routes from AS1100 to be
> > advertised via ebgp.
> >
> > Hope this helps...
> >
> > dave
> >
> > -----Original Message-----
> > From: nobody@groupstudy.com
> > [mailto:nobody@groupstudy.com]On Behalf Of
> > Mark Salmon
> > Sent: Friday, March 02, 2001 9:42 AM
> > To: ccielab@groupstudy.com
> > Subject: BGP problem
> >
> >
> > I have a BGP issue I want to bring to the group.
> >
> >
> > as500 --------ebgp------as600
> > | |
> > | |
> > ebgp ebgp
> > | |
> > | |
> > r1:as1100--------ibgp-----r2:as1100
> >
> >
> > I need r1 to use as500 exclusively as its exit and
> > entrance as well as
> > r2 must use as600 exclusively as its entrance and
> > exit. However, if the
> > links between r1 and as500 is lost, it must reroute
> > through r2 to
> > as600. The same applies to r2. No load balancing
> > is necessary. That
> > is not the problem, I am OK with setting up local
> > preferences etc.
> >
> > The problem is, I do not want as1100 to be a transit
> > as for Internet
> > routes.
> >
> > My idea is to use community lists and no export
> > option from r1 to as500
> > as well as r2 to as600. I used ip as-path access
> > lists and that is
> > where the problem starts. I do not see the as1100
> > routes on as500 or
> > as600 routers
> >
> > Here is my config on one router (it is virtually
> > identical on the other
> > router):
> >
> > . router bgp 1100
> > network 192.168.1.0
> > network 192.168.3.0
> > neighbor 192.168.2.2 remote-as 1100
> > neighbor 192.168.25.2 remote-as 500
> > neighbor 192.168.25.2 send-community
> > neighbor 192.168.25.2 route-map nointernet out
> > !
> > ip classless
> > ip as-path access-list 1 permit _1100_
> >
> > route-map nointernet permit 10
> > match as-path 1
> > set community no-export
> >
> >
> > --
> >
> >
> >
> > Mark Salmon
> > Network Support Engineer - SBC OP HQ
> > Cisco Systems Inc
> > 8735 W. Higgins Road Suite 300
> > Chicago IL 60631
> > Phone:773-695-8235
> > Pager:800-365-4578
> > email: masalmon@cisco.com
> > Empowering The Internet Generation.
> >
> >
> >
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:29:18 GMT-3