From: Michael Davis (miked@xxxxxxxxxx)
Date: Fri Mar 02 2001 - 15:15:57 GMT-3
The problem with that approach is that you won't have connectivity beyond
your AS. Local-AS refers means the route is a local as-route that will be
sent to other confederations within an as, but not to external ASes. Also,
using a no-export community has almost the same effect except that your
neighbor ASes could use yours as a transit, even though the rest of the
internet could not.
The best approach is via route-map or filter-list that allows outbound
distribution only of locally originated routes. This way all other BGP
speakers see your AS but not as an intermediate step to some other AS.
ip as-path access-list 1 permit ^$
http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/ip_c
/ipcprt2/1cdbgp.htm#7870
----- Original Message -----
From: "Alan Basinger" <abasinge@swbell.net>
To: "Mark Salmon" <masalmon@cisco.com>; <ccielab@groupstudy.com>
Sent: Friday, March 02, 2001 12:05 PM
Subject: RE: BGP problem
> I was working on communities last night with my study partner and we also
> looked at using the
> "set community local-AS". The local-AS command will only let local routes
> out of the AS so you cannot become a transit if I am not mistaken in my
> reading this should work.
>
> Any thoughts on using this instead.
>
>
> neighbor 199.100.1.7 remote-as 2
> neighbor 199.100.1.7 route-map community in
> neighbor 172.66.1.5 remote-as 1
> neighbor 172.66.1.5 send-community
>
> route-map community permit 10
> set community local-AS
>
>
> Alan Basinger
> Systems Engineer
> SBC DataComm
> Houston Texas
> abasinge@swbell.net
>
> | |
> ||| |||
> .|||||. .|||||.
> .:|||||||||:.:|||||||||:.
> C i s c o S y s t e m s
> Certified Gold Partner
>
>
>
> -----Original Message-----
> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com]On Behalf Of
> Mark Salmon
> Sent: Friday, March 02, 2001 8:42 AM
> To: ccielab@groupstudy.com
> Subject: BGP problem
>
>
> I have a BGP issue I want to bring to the group.
>
>
> as500 --------ebgp------as600
> | |
> | |
> ebgp ebgp
> | |
> | |
> r1:as1100--------ibgp-----r2:as1100
>
>
> I need r1 to use as500 exclusively as its exit and entrance as well as
> r2 must use as600 exclusively as its entrance and exit. However, if the
> links between r1 and as500 is lost, it must reroute through r2 to
> as600. The same applies to r2. No load balancing is necessary. That
> is not the problem, I am OK with setting up local preferences etc.
>
> The problem is, I do not want as1100 to be a transit as for Internet
> routes.
>
> My idea is to use community lists and no export option from r1 to as500
> as well as r2 to as600. I used ip as-path access lists and that is
> where the problem starts. I do not see the as1100 routes on as500 or
> as600 routers
>
> Here is my config on one router (it is virtually identical on the other
> router):
>
> . router bgp 1100
> network 192.168.1.0
> network 192.168.3.0
> neighbor 192.168.2.2 remote-as 1100
> neighbor 192.168.25.2 remote-as 500
> neighbor 192.168.25.2 send-community
> neighbor 192.168.25.2 route-map nointernet out
> !
> ip classless
> ip as-path access-list 1 permit _1100_
>
> route-map nointernet permit 10
> match as-path 1
> set community no-export
>
>
> --
>
>
>
> Mark Salmon
> Network Support Engineer - SBC OP HQ
> Cisco Systems Inc
> 8735 W. Higgins Road Suite 300
> Chicago IL 60631
> Phone:773-695-8235
> Pager:800-365-4578
> email: masalmon@cisco.com
> Empowering The Internet Generation.
>
>
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:29:18 GMT-3