From: Sal Nathoo (snathoo2001@xxxxxxxxx)
Date: Wed Aug 08 2001 - 12:27:05 GMT-3
Hi Guys,
Sorry for not being clear.
I wanted to know the bgp commands to allow only a
minimum 100 and maximum 500 routes in the routing
table from my EBGP neighbor. Not using prefix lists or
access lists. These routes that are coming into my
topology are from different networks and subnets.
Thanks,
Saleem
--- Jason Gardiner <gardiner@sprint.net> wrote:
> This is just off the top of my head; I haven't run
> through it, yet. But
> you show:
>
> > ip prefix-list NAMEONE {permit|deny}
> 192.168.160.0/16 le 19
>
> Isn't 192.168.160.0/16 a part of 192.168.0.0?
>
>
> It should be ip prefix-list NAMEONE {permit|deny}
> 192.168.160.0/19 le 19
>
>
> The number after the le only indicates the length of
> the subnets allowed
> to be announced out of the aggregate block. It
> would only allow the /19
> to get through, not, say 192.168.161.0/24. This is
> how many of the
> larger providers work to reduce the size of the
> global routing table.
>
>
>
>
>
> Jon Carmichael wrote:
> >
> > It sounds as if you are asking for a filter of a
> range of NLRI when you say
> > "range of routes." In all cases, when I'm
> thinking of a "range" I must go
> > back to the binary, --frequently I draw two
> numbers in binary on a scratch
> > paper and a line where I think the mask would go,
> and then I can see the
> > range. -And why? Because I'm going to write a
> access-list and I need to
> > figure out the proper wildcard mask. --So I
> would take your example, --of
> > say 100 to 500, --but 500 does not fit in
> anybody's eight bit octet. How
> > about 160 to 192, because it's easy to see... So
> draw both numbers on a
> > piece of paper like this....
> >
> > 1010000 --binary 160
> > 1100000 --binary 192
> >
> > and then I draw a vertical line with my simulated
> pencil here, this line is
> > where the mask would go, --say..
> >
> > |
> > 101|00000
> > 110|00000
> > |
> > 000|11111
> >
> > And then I invert that as 00011111, which is
> decimal 31, and for a range of
> > NLRI of say 192.168.160.0 thru 192.168.192.0 I can
> write my access list for
> > a route filter as ..
> >
> > access-list 1 {permit|deny} 192.168.160.0
> 0.0.31.255
> >
> > I think I do this almost once every day.
> >
> > Prefix lists are still a little elusive to me tho,
> --so I play with those a
> > little more lately, --where if I wanted to do
> exactly the same
> > thing, --perhaps someone will jump in and help us
> out here....
> >
> > ip prefix-list NAMEONE {permit|deny}
> 192.168.160.0/16 le 19
> >
> > That does not work, --when you go back and do a
> "show ip prefix-list" it
> > looks like 192.168.0.0/16 le 19. Can anybody
> tell us how to do the same
> > thing with a prefix-list?
> >
> > JONC
> >
> > -----Original Message-----
> > From: nobody@groupstudy.com
> [mailto:nobody@groupstudy.com]On Behalf Of
> > Sal Nathoo
> > Sent: Tuesday, August 07, 2001 2:56 PM
> > To: ccielab@groupstudy.com
> > Subject: BGP filtering
> >
> > Hi Guys,
> >
> > Can someone tell me commands are used to filter a
> > range of routes (ex. between 100 to 500) from EBGP
> > neighbors?
> >
> > Thanks in advance
> >
> > Saleem
> >
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:31:47 GMT-3