From: Jim Brown (Jim.Brown@xxxxxxxxxxxxx)
Date: Fri Aug 17 2001 - 12:27:31 GMT-3
Here is my breakdown of possible solutions. Someone please jump in a correct
me if I'm off base.
access-list 103 permit ip 194.201.48.0 0.0.3.255 any
access-list 1 permit ip 194.201.48.0 0.0.3.255
ip prefix-list 1 permit 194.1.48.0/22 le 24
Any of these statements allow the aggregate and any of the more specific
routes.
access-list 103 permit ip host 194.201.48.0 host 255.255.252.0
prefix-list 1 permit 194.1.48.0/22
These statements only allow the aggregate route.
Another possible solution is this command under the bgp process
(for aggregate only without more specific)
aggregate-address 194.1.48.0 255.255.252.0 summary only
(for aggregate and specifics)
aggregate-address 194.1.48.0 255.255.252.0
(for aggregate and some specifics)
aggregate-address 194.1.48.0 255.255.252.0 suppress-map RouteMapNameHere
The extended access-lists are a little different in regards to BGP. Normally
they match a source and destination when applied anywhere else except for
BGP. Here the source portion actually matches the route and the destination
actually matches the route mask.
It is a little confusing at first and I've yet to locate a good reference on
access-lists for BGP or prefix lists for BGP. Tinkering with combinations
was my tutor.
-----Original Message-----
From: Jason Gardiner [mailto:gardiner@sprint.net]
Sent: Friday, August 17, 2001 7:35 AM
To: Fear, Russell H
Cc: 'ccielab@groupstudy.com'
Subject: Re: BGP filter
Okay,
First off, is there an international version of IOS? I've never seen
"neighbour" but rather "neighbor" :)
I've never setup a dist list with an extended access-list , but it
appears that you are permitting from 194.201.48.0 with a mask of
255.255.255.255 to host 255.255.252.0 with a mask of 255.255.255.255.
Try this:
access-list 103 permit ip 194.201.48.0 0.0.3.255 any
"Fear, Russell H" wrote:
>
> Can someone in the group tell me where I'm going wrong here ?
>
> I have networks 194.201.48.0/24 - 194.201.51.0/24 plus the aggregate of
> 194.201.48.0/22 being advertised by a BGP speaker. I am trying various
kinds
> of filters and the one I cannot get to work is the following.
>
> neighbour 172.168.16.1 distribute-list 103 out
>
> access-list 103 permit ip host 194.201.48.0 host 255.255.252.0
>
> The aggregate does not even reach the BGP table in the second router.I've
> checked the syntax and I think that this should let the aggregate only
> through.
>
> Any obvious mistakes ?
>
> Russell
>
>
****************************************************************************
****************
> " This message contains information that may be privileged or confidential
and
> is the property of the Cap Gemini Ernst & Young Group. It is intended only
for
> the person to whom it is addressed. If you are not the intended recipient,
you
> are not authorized to read, print, retain, copy, disseminate, distribute,
or use
> this message or any part thereof. If you receive this message in error,
please
> notify the sender immediately and delete all copies of this message ".
>
****************************************************************************
****************
> **Please read:http://www.groupstudy.com/list/posting.html
-- Thanks,Jason Gardiner Supervisor, Engineering Services Sprint E|Solutions
"You can swim all day in the Sea of Knowledge and still come out completely dry. Most people do."
- Norton Juster **Please read:http://www.groupstudy.com/list/posting.html **Please read:http://www.groupstudy.com/list/posting.html
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:31:52 GMT-3