From: Paul Crist (pcrist@xxxxxxxxxxx)
Date: Fri Aug 17 2001 - 08:58:21 GMT-3
Russell,
A second option to allow only the aggregate address would be to use a prefix
list.
Paul Crist
----- Original Message -----
From: "John Hever" <john.hever@tangent-services.demon.co.uk>
To: "'Stephen Oliver'" <stevie_oliver@hotmail.com>;
<Russell.Fear@capgemini.co.uk>; <ccielab@groupstudy.com>
Sent: Friday, August 17, 2001 7:27 AM
Subject: RE: BGP filter
> Russell/Stevie,
>
> My understanding (please correct me if I am wrong) is that you are using
and
> extended acccess list to permit an aggregate route and deny the specific
> routes?
>
> Therefore I believe that the statement should be:
>
> Access-list 103 permit ip 192.201.48.0 0.0.3.255 255.255.252.0 0.0.0.0
>
> As the second address/mask pair will indicate the mask size, not
destination
> address and mask as in a normal extended access list.
>
> So the first address/mask pair define the address prefix (which both the
> aggergate and the specific routes will match) and the second address/mask
> pair define the mask length (which only the aggregate route will match).
>
> HTH
>
>
> John
>
>
> -----Original Message-----
> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com]On Behalf Of
> Stephen Oliver
> Sent: 17 August 2001 10:07
> To: Russell.Fear@capgemini.co.uk; ccielab@groupstudy.com
> Subject: Re: BGP filter
>
>
> Try
>
> Access-list 103 permit ip 192.201.48.0 0.0.3.255 any
>
> Stevie.
>
>
>
> >From: "Fear, Russell H" <Russell.Fear@capgemini.co.uk>
> >Reply-To: "Fear, Russell H" <Russell.Fear@capgemini.co.uk>
> >To: "'ccielab@groupstudy.com'" <ccielab@groupstudy.com>
> >Subject: BGP filter
> >Date: Fri, 17 Aug 2001 09:34:09 +0100
> >
> >Can someone in the group tell me where I'm going wrong here ?
> >
> >I have networks 194.201.48.0/24 - 194.201.51.0/24 plus the aggregate of
> >194.201.48.0/22 being advertised by a BGP speaker. I am trying various
> >kinds
> >of filters and the one I cannot get to work is the following.
> >
> >neighbour 172.168.16.1 distribute-list 103 out
> >
> >access-list 103 permit ip host 194.201.48.0 host 255.255.252.0
> >
> >The aggregate does not even reach the BGP table in the second router.I've
> >checked the syntax and I think that this should let the aggregate only
> >through.
> >
> >
> >Any obvious mistakes ?
> >
> >
> >Russell
> >
> >
>
>***************************************************************************
> *****************
> >" This message contains information that may be privileged or
confidential
> >and
> >is the property of the Cap Gemini Ernst & Young Group. It is intended
only
> >for
> >the person to whom it is addressed. If you are not the intended
recipient,
> >you
> >are not authorized to read, print, retain, copy, disseminate, distribute,
> >or use
> >this message or any part thereof. If you receive this message in error,
> >please
> >notify the sender immediately and delete all copies of this message ".
>
>***************************************************************************
> *****************
> >**Please read:http://www.groupstudy.com/list/posting.html
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:31:52 GMT-3