From: Ramesh Ramasamy (ramesh_ramasamy@xxxxxxxxxxx)
Date: Thu Apr 26 2001 - 20:46:21 GMT-3
Thanks. Wrongly assumed 'not to use filter by ip add' ...
and started thinkin why not use as path which has no 'ip add'..
slowly getting used to terminologies.
so i should not use filter list - when they mention dont use ip add?
Regards,
Ramesh.
>From: Vladimir Shchutski <vshchutski@yahoo.com>
>To: Ramesh Ramasamy <ramesh_ramasamy@hotmail.com>, jhutches@cisco.com,
>malikm24@hotmail.com, ccielab@groupstudy.com
>Subject: Re: BGP filtering without IP address Filters
>Date: Thu, 26 Apr 2001 16:33:17 -0700 (PDT)
>
>The original task was "to filter the partucular
>address without using filter by ip address".
>That's why route-map with "set community no-export"
>was suggested.
>
>If the task is to prevent AS100 to be a transit AS, I
>would use "filter-list" instead.
>
>f.e I have to implement solution INSIDE of AS100:
>
>r1#
>router bgp 100
>neighbor 2.2.2.2 remote-as 200
>neighbor 2.2.2.2 filter-list 1 out
>ip as-path access-list 1 permit ^$
>
>or OUTSIDE of AS100:
>
>r2#
>router bgp 200
>neighbor 1.1.1.1 remote-as 100
>neighbor 1.1.1.1 filter-list 1 in
>ip as-path access-list 1 permit ^100$
>
>Regards,
>Vladimir
>
>--- Ramesh Ramasamy <ramesh_ramasamy@hotmail.com>
>wrote:
> > Vladimir,
> >
> > Excellant - great explantion.
> >
> > Pls correct me if am wrong:
> > IF we have access to the EBGP neighbor, could we
> > achieve the
> > same by - 'neighbor r2-IPadd route-map no-trans' and
> > rte-map
> > 'no-trans' having 'ip as-path 1 permit ^100$' --
> > this i hope
> > will only accept updates from r2/as100.
> >
> > Thanks,
> > Ramesh.
> >
> >
> > >From: Vladimir Shchutski <vshchutski@yahoo.com>
> > >Reply-To: Vladimir Shchutski <vshchutski@yahoo.com>
> > >To: Jerry Hutcheson <jhutches@cisco.com>,
> > Masood Malik
> > ><malikm24@hotmail.com>, "Chia Kim Seng,
> > Consultant, SCSNW-Sales"
> > ><chiaks@scsnetworks.scs.com.sg>, "Dean,
> > Justin"
> > ><Justin.Dean@nrtinc.com>, ccielab@groupstudy.com
> > >Subject: Re: BGP filtering without IP address
> > Filters
> > >Date: Wed, 25 Apr 2001 11:01:44 -0700 (PDT)
> > >
> > >Will try to make it clear.
> > >
> > >r1#
> > >router bgp 100
> > >neighbor 1.1.1.1 remote-as 100 #IBGP to r2
> > >neighbor 2.2.2.2 remote-as 200 #EBGP to r3
> > >neighbor 1.1.1.1 send-community
> > >neighbor 2.2.2.2 send-community
> > >
> > >route-map SET_NO_EXPORT permit 10
> > >match ip address 1
> > >set community no-export
> > >route-map SET_NO_EXPORT permit 10
> > >
> > >access-list 1 ..........
> > >
> > >1) R1 won't pass the the route to R3
> > >neighbor 1.1.1.1 route-map SET_NO_EXPORT in
> > >
> > >2) __Only__ R2 won't pass the route to other AS
> > >neighbor 1.1.1.1 route-map SET_NO_EXPORT out
> > >
> > >3) The route won't be sent out of AS100
> > >neighbor 2.2.2.2 route-map SET_NO_EXPORT in
> > >
> > >4) __ASK___ AS200 not to pass the route to other AS
> > >neighbor 2.2.2.2 route-map SET_NO_EXPORT out
> > >
> > >Regards,
> > >Vladimir
> > >
> > >--- Jerry Hutcheson <jhutches@cisco.com> wrote:
> > > > Massod,
> > > >
> > > > If the requirement is to not allow your own
> > local AS
> > > > (100) to be a transit AS, and you use the
> > community
> > > > no export would you use a send-community out or
> > in,
> > > > at the ebgp peer (R2)? I have heard it both ways
> > it
> > > > seems to me that it should be a send community
> > in.
> > > >
> > > > thanks,
> > > >
> > > > jerry
> > > >
> > > > and At 09:04 AM 4/25/2001 +1000, Masood Malik
> > > > wrote:
> > > > >RE: BGP filtering without IP address FiltersHi,
> > > > >
> > > > >The main difference between no-export and
> > > > no-advertise is as follows.
> > > > >
> > > > >When no-export community is set in an AS for a
> > > > route it will be passed through
> > > > >all the routers in the same AS (IBGP) and also
> > to
> > > > the next neighbour AS
> > > > >(EBGP). However, this neighbour AS will not
> > pass it
> > > > to its up stream AS.
> > > > >
> > > > >Thus no-exports cannot work in the same AS.
> > > > >
> > > > >When you set no-advertise community on a router
> > in
> > > > any AS, the route will not
> > > > >be advertised to any neighbour AS whether it is
> > > > same (IBGP) or different
> > > > >(EBGP).
> > > > >
> > > > >e.g. if you have following scenario
> > > > >
> > > > >R1 (AS100)---R2
> > (AS100)----R3(AS200)------R4(AS300)
> > > > >
> > > > >If no-export community is set on a route
> > entering
> > > > R1. You will see the route
> > > > >in R2 and R3 but not in R4.
> > > > >
> > > > >If no-advertise community is set on a route
> > > > entering R1. The route will be
> > > > >missing in R2, R3 or R4.
> > > > >
> > > > >Note: In order for all this to work correctly,
> > > > ensure setting send-community
> > > > >to the neighour AS peers in each router.
> > > > >
> > > > >regards
> > > > >Masood
> > > > > ----- Original Message -----
> > > > > From: Chia Kim Seng, Consultant, SCSNW-Sales
> > > > > To: 'Masood Malik' ; Vladimir Shchutski ;
> > Dean,
> > > > Justin ;
> > > > >ccielab@groupstudy.com
> > > > > Sent: Tuesday, April 24, 2001 11:46 AM
> > > > > Subject: RE: BGP filtering without IP address
> > > > Filters
> > > > >
> > > > >
> > > > > Can I use no-export community instead?
> > > > >
> > > > > Regards
> > > > > Chia Kim Seng
> > > > >
> > > > > SCS Networks Pte Ltd
> > > > > 7 Bedok South Road
> > > > > Singapore 469272
> > > > > Tel : 065-2403164
> > > > > Fax: 065-2403110
> > > > >
> > > > >
> > > > >
> > > > > -----Original Message-----
> > > > > From: Masood Malik
> > [mailto:malikm24@hotmail.com]
> > > > > Sent: Tuesday, April 24, 2001 6:21 AM
> > > > > To: Vladimir Shchutski; Dean, Justin;
> > > > ccielab@groupstudy.com
> > > > > Subject: Re: BGP filtering without IP address
> > > > Filters
> > > > >
> > > > >
> > > > >
> > > > > set no-advertise community for 1.1.1.1 on R2
> > > > >
> > > > > regards
> > > > > Masood
> > > > >
> > > > > ----- Original Message -----
> > > > > From: "Vladimir Shchutski"
> > <vshchutski@yahoo.com>
> > > > > To: "Dean, Justin" <Justin.Dean@nrtinc.com>;
> > > > <ccielab@groupstudy.com>
> > > > > Sent: Tuesday, April 24, 2001 7:42 AM
> > > > > Subject: Re: BGP filtering without IP address
> > > > Filters
> > > > >
> > > > >
> > > > >
> > > > > > try community names.
> > > > > >
> > > > > > Regards,
> > > > > > Vladimir.
> > > > > >
> > > > > > --- "Dean, Justin" <Justin.Dean@nrtinc.com>
> > > > wrote:
> > > > > > > I am trying to have R2 filter the 1.1.1.1
> > > > from being
> > > > > > > advertised to R3. The
> > > > > > > requirement is that you cannot filter by
> > ip
> > > > address.
> > > > > > > I thought I could tag
> > > > > > > it with a route-map at R1 then match tag
> > at
> > > > R2 and
> > > > > > > dump it, but I get an
> > > > > > > error trying to put the set tag in the
> > > > route-map and
> > > > > > > apply it to the
> > > > > > > neighbor outbound. I also tried to
> > prepend
> > > > as's, but
> > > > > > > since R1 and R2 are in
> > > > > > > same as the route shows as "i". Any
> > Ideas?
> >
>=== message truncated ===
>
>
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:29:58 GMT-3