RE: BGP problem

From: Arthayuth.B@xxxxxxxxxxxxxxxxxx
Date: Fri Mar 02 2001 - 23:29:55 GMT-3

• Next message: Darren Ward: "NTP Authentication"
• Previous message: Erick B.: "Re: Originating a default route with RIP"
• Maybe in reply to: Mark Salmon: "BGP problem"
• Next in thread: Alan Basinger: "RE: BGP problem"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

   
I think use as-filter ^$ for not be transit area or ip prefix-list permit
only local ip address to go ebgp. and case that backup link ebgp I think in
this case should use local preference because local preference is talk
within ibgp in this case Mask want R1 and R2 backup together with IBGP, type
to use local-preference with route-map and set metric for 2 ebgp not same.

Hope this help,

Arthayuth
CIP,CCNP,CCDP
-----¢éͤÇÒÁµé¹©ºÑº-----
¨Ò¡: Michael Davis [SMTP:miked@netrus.net]
        Êè§àÁ×èÍ: 3 ÁÕ¹Ò¤Á 2544 1:16
> ¶Ö§: Alan Basinger; Mark Salmon; ccielab@groupstudy.com
> àÃ×èͧ: Re: BGP problem
>
> The problem with that approach is that you won't have connectivity beyond
> your AS. Local-AS refers means the route is a local as-route that will be
> sent to other confederations within an as, but not to external ASes.
> Also,
> using a no-export community has almost the same effect except that your
> neighbor ASes could use yours as a transit, even though the rest of the
> internet could not.
>
> The best approach is via route-map or filter-list that allows outbound
> distribution only of locally originated routes. This way all other BGP
> speakers see your AS but not as an intermediate step to some other AS.
>
> ip as-path access-list 1 permit ^$
>
> http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/ip
> _c
> /ipcprt2/1cdbgp.htm#7870
>
> ----- Original Message -----
> From: "Alan Basinger" <abasinge@swbell.net>
> To: "Mark Salmon" <masalmon@cisco.com>; <ccielab@groupstudy.com>
> Sent: Friday, March 02, 2001 12:05 PM
> Subject: RE: BGP problem
>
>
> > I was working on communities last night with my study partner and we
> also
> > looked at using the
> > "set community local-AS". The local-AS command will only let local
> routes
> > out of the AS so you cannot become a transit if I am not mistaken in my
> > reading this should work.
> >
> > Any thoughts on using this instead.
> >
> >
> > neighbor 199.100.1.7 remote-as 2
> > neighbor 199.100.1.7 route-map community in
> > neighbor 172.66.1.5 remote-as 1
> > neighbor 172.66.1.5 send-community
> >
> > route-map community permit 10
> > set community local-AS
> >
> >
> > Alan Basinger
> > Systems Engineer
> > SBC DataComm
> > Houston Texas
> > abasinge@swbell.net
> >
> > | |
> > ||| |||
> > .|||||. .|||||.
> > .:|||||||||:.:|||||||||:.
> > C i s c o S y s t e m s
> > Certified Gold Partner
> >
> >
> >
> > -----Original Message-----
> > From: nobody@groupstudy.com [mailto:nobody@groupstudy.com]On Behalf Of
> > Mark Salmon
> > Sent: Friday, March 02, 2001 8:42 AM
> > To: ccielab@groupstudy.com
> > Subject: BGP problem
> >
> >
> > I have a BGP issue I want to bring to the group.
> >
> >
> > as500 --------ebgp------as600
> > | |
> > | |
> > ebgp ebgp
> > | |
> > | |
> > r1:as1100--------ibgp-----r2:as1100
> >
> >
> > I need r1 to use as500 exclusively as its exit and entrance as well as
> > r2 must use as600 exclusively as its entrance and exit. However, if the
> > links between r1 and as500 is lost, it must reroute through r2 to
> > as600. The same applies to r2. No load balancing is necessary. That
> > is not the problem, I am OK with setting up local preferences etc.
> >
> > The problem is, I do not want as1100 to be a transit as for Internet
> > routes.
> >
> > My idea is to use community lists and no export option from r1 to as500
> > as well as r2 to as600. I used ip as-path access lists and that is
> > where the problem starts. I do not see the as1100 routes on as500 or
> > as600 routers
> >
> > Here is my config on one router (it is virtually identical on the other
> > router):
> >
> > . router bgp 1100
> > network 192.168.1.0
> > network 192.168.3.0
> > neighbor 192.168.2.2 remote-as 1100
> > neighbor 192.168.25.2 remote-as 500
> > neighbor 192.168.25.2 send-community
> > neighbor 192.168.25.2 route-map nointernet out
> > !
> > ip classless
> > ip as-path access-list 1 permit _1100_
> >
> > route-map nointernet permit 10
> > match as-path 1
> > set community no-export
> >
> >
> > --
> >
> >
> >
> > Mark Salmon
> > Network Support Engineer - SBC OP HQ
> > Cisco Systems Inc
> > 8735 W. Higgins Road Suite 300
> > Chicago IL 60631
> > Phone:773-695-8235
> > Pager:800-365-4578
> > email: masalmon@cisco.com
> > Empowering The Internet Generation.
> >
> >

• Next message: Darren Ward: "NTP Authentication"
• Previous message: Erick B.: "Re: Originating a default route with RIP"
• Maybe in reply to: Mark Salmon: "BGP problem"
• Next in thread: Alan Basinger: "RE: BGP problem"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:29:18 GMT-3